[Issue-7870] kops controller support for digital ocean #7961
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
|
Hi @srikiz. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
needs-ok-to-test
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
pkg/nodeidentity/do/identify.go
Outdated
| return string(bodyBytes), nil | ||
| } | ||
|
|
||
| // IdentifyNode queries OpenStack for the node identity information |
pkg/nodeidentity/do/identify.go
Outdated
| return token, nil | ||
| } | ||
|
|
||
| // New creates and returns a nodeidentity.Identifier for Nodes running on OpenStack |
pkg/nodeidentity/do/identify.go
Outdated
| "k8s.io/kops/pkg/nodeidentity" | ||
| ) | ||
|
|
||
| // nodeIdentifier identifies a node from EC2 |
pkg/nodeidentity/do/identify.go
Outdated
| func getMetadata(url string) (string, error) { | ||
| resp, err := http.Get(url) | ||
| if err != nil { | ||
| return "", err |
There was a problem hiding this comment.
We may want to annotate this error and the one one in line 112 to be able to distinguish the two; i.e., do something like
return "", fmt.Errorf("failed to get metadata URL %s: %v", url, err)here and similarly below.
pkg/nodeidentity/do/identify.go
Outdated
|
|
||
| instanceID := strings.TrimPrefix(providerID, "digitalocean://") | ||
| if strings.HasPrefix(instanceID, "/") { | ||
| instanceID = strings.TrimPrefix(instanceID, "/") |
There was a problem hiding this comment.
What's the reason we check for a leading slash here?
There was a problem hiding this comment.
i think this is copied from openstack. In openstack the instanceid is in format openstack:///[id] basically this supports both two and three slashes. No idea what is the format for do
There was a problem hiding this comment.
ah, interesting, thanks for sharing that bit of info @zetaab.
The provider ID is a parameter passed in by kubelet, so I think it depends on how it's configured in kops. In the managed Kubernetes product at DigitalOcean, we use the digitalocean://<id> format -- hoping that's an established convention for Kubernetes clusters running on DO infrastructure.
@srikiz you have much more familiar with the DO integration in kops than me -- could you tell (or look at an existing kops-managed cluster on DO)?
There was a problem hiding this comment.
I looked into it a little more and it looks like we use the digitalocean:// format.
This is not set in the KOPS code though - looks like this is set in the cloud-provider repo - https://github.com/kubernetes/cloud-provider/blob/master/cloud.go#L103.
The associated changes to cloud-controller-manager for DO is done here -https://github.com/digitalocean/digitalocean-cloud-controller-manager/pull/36/files
I have updated the code to use the same pattern.
There was a problem hiding this comment.
Thanks for digging, Sri.
pkg/nodeidentity/do/identify.go
Outdated
|
|
||
| func (i *nodeIdentifier) getInstanceGroup(instanceID string) (string, error) { | ||
|
|
||
| dropletID, err := strconv.Atoi(instanceID) |
There was a problem hiding this comment.
To me, this piece still belongs to the provider ID parsing functionality, so I'd move it into IdentifyNode. What do you think?
pkg/nodeidentity/do/identify.go
Outdated
|
|
||
| func (i *nodeIdentifier) getInstanceGroup(instanceID string) (string, error) { | ||
|
|
||
| dropletID, err := strconv.Atoi(instanceID) |
There was a problem hiding this comment.
The error still needs to be handled.
There was a problem hiding this comment.
Updated and moved this to IdentifyNode.
pkg/nodeidentity/do/identify.go
Outdated
| dropletID, err := strconv.Atoi(instanceID) | ||
| ctx := context.TODO() | ||
| droplet, _, err := i.doClient.Droplets.Get(ctx, dropletID) | ||
|
|
| func (i *nodeIdentifier) getInstanceGroup(instanceID string) (string, error) { | ||
|
|
||
| dropletID, err := strconv.Atoi(instanceID) | ||
| ctx := context.TODO() |
There was a problem hiding this comment.
Does it make sense to use a timeout-based context here to make sure we do not hang too long trying to fetch the droplet?
There was a problem hiding this comment.
There are lot of places where context.TODO is used. I'll create an issue to address that as a separate PR. Please suggest if that's Ok for you.
There was a problem hiding this comment.
Totally okay with that 👍
pkg/nodeidentity/do/identify.go
Outdated
| if strings.Contains(dropletTag, dropletTagInstanceGroupName) { | ||
| instancegrouptag := strings.SplitN(dropletTag, ":", 2) | ||
| if len(instancegrouptag) < 2 { | ||
| return "", fmt.Errorf("failed to retrieve droplet instance group tag = %s properly", dropletTag) |
There was a problem hiding this comment.
How about rephrasing this to something like
return "", fmt.Errorf("failed to parse droplet tag %q: expected colon-separated key/value pair", dropletTag)
pkg/nodeidentity/do/identify.go
Outdated
| } | ||
| } | ||
|
|
||
| return "", fmt.Errorf("Could not find tag 'kops-instancegroup' from instance metadata") |
There was a problem hiding this comment.
Should use errors.New here since the error message does not have any place holders.
k8s-ci-robot
added
the
needs-rebase
srikiz
force-pushed
the
DO-KOPS-Controller-Support
branch
from
59f3032
to
0cc3bc0
Compare
k8s-ci-robot
removed
the
needs-rebase
|
@timoreimann @zetaab - I have incorporated all the comments. Please have a look and approve if you are Ok. Thanks ! |
k8s-ci-robot
added
lgtm
|
not sure why tide is still waiting on approved and lgtm... /lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rifelpet, srikiz, zetaab The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/refresh |
1 similar comment
|
/refresh |
…pstream-release-1.16 Automated cherry pick of #7961: Initial work
This PR addresses the issue mentioned in #7870
for digital ocean cloud provider.
Added a kops-controller that updates the node labels. Tested it and it seems to be working as expected.
Please see the attached image.