/
cloudproviderconfig.go
74 lines (69 loc) · 3.19 KB
/
cloudproviderconfig.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
package azure
import (
"bytes"
"encoding/json"
)
//CloudProviderConfig is the azure cloud provider config
type CloudProviderConfig struct {
TenantID string
SubscriptionID string
GroupLocation string
ResourcePrefix string
NetworkResourceGroupName string
NetworkSecurityGroupName string
VirtualNetworkName string
SubnetName string
}
// JSON generates the cloud provider json config for the azure platform.
// managed resource names are matching the convention defined by capz
func (params CloudProviderConfig) JSON() (string, error) {
resourceGroupName := params.ResourcePrefix + "-rg"
config := config{
authConfig: authConfig{
Cloud: "AzurePublicCloud",
TenantID: params.TenantID,
SubscriptionID: params.SubscriptionID,
UseManagedIdentityExtension: true,
// The cloud provider needs the clientID which is only known after terraform has run.
// When left empty, the existing managed identity on the VM will be used.
// By leaving it empty, we don't have to create the identity before running the installer.
// We only need to know that there will be one assigned to the VM, and we control this.
// ref: https://github.com/kubernetes/kubernetes/blob/4b7c607ba47928a7be77fadef1550d6498397a4c/staging/src/k8s.io/legacy-cloud-providers/azure/auth/azure_auth.go#L69
UserAssignedIdentityID: "",
},
ResourceGroup: resourceGroupName,
Location: params.GroupLocation,
SubnetName: params.SubnetName,
SecurityGroupName: params.NetworkSecurityGroupName,
VnetName: params.VirtualNetworkName,
VnetResourceGroup: params.NetworkResourceGroupName,
RouteTableName: params.ResourcePrefix + "-node-routetable",
CloudProviderBackoff: true,
CloudProviderRateLimit: true,
// The default rate limits for Azure cloud provider are https://github.com/kubernetes/kubernetes/blob/f8d2b6b982bb06fc64979ac53ae668284d9c003c/staging/src/k8s.io/legacy-cloud-providers/azure/azure.go#L51-L56
// While the AKS recommends following rate limits for large clusters https://github.com/Azure/aks-engine/blob/0f6aa91fa1870d5be657c62374d11f7d6009121d/examples/largeclusters/kubernetes.json#L9-L15
// default AKS (large) Change
// cloudProviderBackoffRetries 6 6 NO
// cloudProviderBackoffJitter 1.0 1 NO
// cloudProviderBackoffExponent 1.5 1.5 NO
// cloudProviderBackoffDuration 5 6 YES to 6
// cloudProviderRateLimitQPS 3 3 YES to 6
// cloudProviderRateLimitBucket 5 10 YES to 10
CloudProviderBackoffDuration: 6,
CloudProviderRateLimitQPS: 6,
CloudProviderRateLimitQPSWrite: 6,
CloudProviderRateLimitBucket: 10,
CloudProviderRateLimitBucketWrite: 10,
UseInstanceMetadata: true,
//default to standard load balancer, supports tcp resets on idle
//https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-tcp-reset
LoadBalancerSku: "standard",
}
buff := &bytes.Buffer{}
encoder := json.NewEncoder(buff)
encoder.SetIndent("", "\t")
if err := encoder.Encode(config); err != nil {
return "", err
}
return buff.String(), nil
}