Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #128 from JoelSpeed/disable-cloud-routes-4.9
Bug 2004924: Enforce the cloud-route controller disabled across platforms
  • Loading branch information
openshift-merge-robot committed Sep 20, 2021
2 parents 44b32a9 + e973755 commit 2b9246c
Show file tree
Hide file tree
Showing 5 changed files with 32 additions and 6 deletions.
1 change: 1 addition & 0 deletions pkg/cloud/aws/assets/deployment.yaml
Expand Up @@ -33,6 +33,7 @@ spec:
exec /bin/aws-cloud-controller-manager \
--cloud-provider=aws \
--use-service-account-credentials=true \
--configure-cloud-routes=false \
--leader-elect=true \
--leader-elect-lease-duration=137s \
--leader-elect-renew-deadline=107s \
Expand Down
Expand Up @@ -76,8 +76,7 @@ spec:
--v=3 \
--cloud-config=$(CLOUD_CONFIG) \
--cloud-provider=azure \
--controllers=*,-cloud-node,-route \
--allocate-node-cidrs=false \
--controllers=*,-cloud-node \
--configure-cloud-routes=false \
--use-service-account-credentials=true \
--bind-address=127.0.0.1 \
Expand Down
Expand Up @@ -103,8 +103,7 @@ spec:
--v=6 \
--cloud-config=$(CLOUD_CONFIG) \
--cloud-provider=azure \
--controllers=*,-cloud-node,-route \
--allocate-node-cidrs=false \
--controllers=*,-cloud-node \
--configure-cloud-routes=false \
--use-service-account-credentials=true \
--bind-address=127.0.0.1 \
Expand Down
30 changes: 28 additions & 2 deletions pkg/cloud/cloud_test.go
Expand Up @@ -156,6 +156,7 @@ func TestPodSpec(t *testing.T) {

checkResourceRunsBeforeCNI(t, podSpec)
checkLeaderElection(t, podSpec)
checkCloudControllerManagerFlags(t, podSpec)
}
})
}
Expand Down Expand Up @@ -283,9 +284,34 @@ func checkLeaderElection(t *testing.T, podSpec corev1.PodSpec) {
continue
}

command := container.Command
assert.Len(t, command, 3, "Container Command should have 3 elements")

for _, flag := range []string{leaderElect, leaderElectLeaseDuration, leaderElectRenewDeadline, leaderElectRetryPeriod, leaderElectResourceNamesapce} {
command := container.Command
assert.Len(t, command, 3, "Container Command should have 3 elements")
assert.Contains(t, command[2], flag, "Container Command third (%q) element should contain flag %q", command[2], flag)
}
}
}

func checkCloudControllerManagerFlags(t *testing.T, podSpec corev1.PodSpec) {
const (
// This flag will disable the cloud route controller.
// The route controller is responsible for setting up inter pod networking
// using cloud networks, but this isn't required when you have an overlay
// network as is used within OpenShift.
configureCloudRoutes = "--configure-cloud-routes=false"
)

for _, container := range podSpec.Containers {
if container.Name != "cloud-controller-manager" {
// Only the cloud-controller-manager container needs these flags checking
continue
}

command := container.Command
assert.Len(t, command, 3, "Container Command should have 3 elements")

for _, flag := range []string{configureCloudRoutes} {
assert.Contains(t, command[2], flag, "Container Command third (%q) element should contain flag %q", command[2], flag)
}
}
Expand Down
1 change: 1 addition & 0 deletions pkg/cloud/openstack/assets/deployment.yaml
Expand Up @@ -64,6 +64,7 @@ spec:
--cloud-config=$(CLOUD_CONFIG) \
--cloud-provider=openstack \
--use-service-account-credentials=true \
--configure-cloud-routes=false \
--bind-address=127.0.0.1 \
--leader-elect=true \
--leader-elect-lease-duration=137s \
Expand Down

0 comments on commit 2b9246c

Please sign in to comment.