UPSTREAM: 89885: revert: allow to read openstack cloud provider config from a secret #1389
Conversation
…g from a secret" This patch brings back the downstream changes that were introduced to allow reading openstack cloud provider config from a secret. They are available in release-4.4, but were reverted in master with openshift/origin#24719 This change includes: - Ability to read metadata values for kubelet. Since the service does not have access to the secret to read the configuration, but it needs data to download (e.g. hostname or flavor), we are trying to get it from the metadata server. - Deprecation of kubeConfig parameter. Now we read the file that was provided with --kubeconfig option. Origin-commit: f95edc26155a29769b3c5b80c03755a01a87b5fc UPSTREAM: 89885: legacy-cloud-provider/openstack: include / prefix in instance ID output When we want to read an instance ID from the metadata service, cloud provider doesn't include "/" prefix, which is required for successful parsing of provider the ID later. This commit adds the missing "/" prefix to the output. UPSTREAM: 89885: SQUASH: Fix Cinder provisioning crashing on nil cloud provider OpenStack cloud provider must not use nil when provisioning a Cinder volume. UPSTREAM: 89885: SQUASH: Report OpenStack cloud initialization errors openshift-rebase(v1.24):source=dbe70e455ee UPSTREAM: <carry>: Set informer for openstack Set informer for the openstack cloud provider to ensure it is properly initialized when reading config from a secret. Upstream 89885 was closed in favor of 96750. Co-authored-by: Hemant Kumar <hekumar@redhat.com> openshift-rebase(v1.24):source=d7ecbd903e2 UPSTREAM: 89885: SQUASH: Retry fetching clouds.conf The OpenStack secret is not guaranteed to be present at the time kube-controller-manager is initialised. Co-authored-by: Martin André <m.andre@redhat.com> Co-authored-by: Pierre Prinetti <pierreprinetti@redhat.com> openshift-rebase(v1.24):source=8bc9dd29ef0 UPSTREAM: 89885: Fix panic in openstack.InstanceExistsByProviderID() ... when provider is uninitialised. This is a fix to downstream-only code which was originally proposed upstream as kubernetes#89885 but did not merge. It is therefore not relevant upstream. Given that we will replace the openstack legacy cloud provider in 4.12 we will not re-propose kubernetes#89885 or this fix to it. Causes all openstack.Instances() methods which require more than the local metadata service to return NotImplemented instead of crashing if the provider is not initialised.
openshift-ci-robot
added
the
backports/unvalidated-commits
|
@mandre: the contents of this pull request could not be automatically validated. The following commits could not be validated and must be approved by a top-level approver:
Comment |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: JoelSpeed, mandre The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest |
1 similar comment
|
/retest |
|
@JoelSpeed @mandre can you ensure the ci/prow/e2e-openstack is green to ensure we don't break anything? |
|
/test e2e-openstack |
1 similar comment
|
/test e2e-openstack |
|
/hold This might be too soon to revert the carry patch. KCM enters a crash loop: |
openshift-ci
bot
added
the
do-not-merge/hold
|
We need openshift/library-go#1443 that we'll revendor in KCMO. |
|
/retest |
|
Do we need to fix the vendor verify before this will pass the E2E? |
|
I don't know about the vendor verify, perhaps this can be fixed by rebasing the PR. |
|
/retest |
|
@mandre: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
/close |
openshift-merge-robot
added
the
needs-rebase
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@mandre: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
This reverts commit 452539b as it is no longer needed after OCP 4.12, where the OpenStack platform switched to the out-of-tree cloud provider.
This patch brings back the downstream changes that were introduced to allow reading openstack cloud provider config from a secret. They are available in release-4.4, but were reverted in master with openshift/origin#24719
This change includes:
Ability to read metadata values for kubelet. Since the service does not have access to the secret to read the configuration, but it needs data to download (e.g. hostname or flavor), we are trying to get it from the metadata server.
Deprecation of kubeConfig parameter. Now we read the file that was provided with --kubeconfig option.
Origin-commit: f95edc26155a29769b3c5b80c03755a01a87b5fc
UPSTREAM: 89885: legacy-cloud-provider/openstack: include / prefix in instance ID output
When we want to read an instance ID from the metadata service, cloud provider doesn't include "/" prefix, which is required for successful parsing of provider the ID later.
This commit adds the missing "/" prefix to the output.
UPSTREAM: 89885: SQUASH: Fix Cinder provisioning crashing on nil cloud provider
OpenStack cloud provider must not use nil when provisioning a Cinder volume.
UPSTREAM: 89885: SQUASH: Report OpenStack cloud initialization errors
openshift-rebase(v1.24):source=dbe70e455ee
UPSTREAM: : Set informer for openstack
Set informer for the openstack cloud provider to ensure it is properly initialized when reading config from a secret.
Upstream 89885 was closed in favor of 96750.
Co-authored-by: Hemant Kumar hekumar@redhat.com
openshift-rebase(v1.24):source=d7ecbd903e2
UPSTREAM: 89885: SQUASH: Retry fetching clouds.conf
The OpenStack secret is not guaranteed to be present at the time kube-controller-manager is initialised.
Co-authored-by: Martin André m.andre@redhat.com
Co-authored-by: Pierre Prinetti pierreprinetti@redhat.com
openshift-rebase(v1.24):source=8bc9dd29ef0
UPSTREAM: 89885: Fix panic in openstack.InstanceExistsByProviderID()
... when provider is uninitialised.
This is a fix to downstream-only code which was originally proposed upstream as kubernetes#89885 but did not merge. It is therefore not relevant upstream. Given that we will replace the openstack legacy cloud provider in 4.12 we will not re-propose kubernetes#89885 or this fix to it.
Causes all openstack.Instances() methods which require more than the local metadata service to return NotImplemented instead of crashing if the provider is not initialised.