Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IAM instance profile name should be marked as required if the Amazon cloud provider is selected #5517

Closed
catherineluse opened this issue Mar 24, 2022 · 5 comments · Fixed by #5860
Closed

IAM instance profile name should be marked as required if the Amazon cloud provider is selected #5517

catherineluse opened this issue Mar 24, 2022 · 5 comments · Fixed by #5860
Assignees
@markusewalker @codyrancher
Labels
area/form-validation area/provisioning-rke2 status/release-blocker team/area2 Hostbusters
Milestone
v2.6.5

Comments

@catherineluse
Copy link
Contributor

catherineluse commented Mar 24, 2022
edited
Loading

Currently, if you try to provision an EC2 cluster through Rancher, if you enable the Amazon cloud provider without selecting any instance profiles, the UI lets you complete the form but then the cluster gets stuck in provisioning. This is a bad user experience because there is no visual indication of what is wrong.

There is a tooltip explaining this, but it's too easy to miss, and it is still displayed as an optional field:
Screen Shot 2022-03-24 at 3 54 05 PM

  • When the Amazon cloud provider is selected, the instance profile dropdown should be marked required with a red asterisk.
  • The save button should be disabled if that info is not provided.

Note: We should see if only controlplane nodes need an instance profile.

Background/context: When you enable the Amazon cloud provider you're basically saying you want to give Kubernetes permission to provision new hardware on EC2 like load balancers, and the instance profile gives it the IAM permissions to do that.
@catherineluse catherineluse changed the title IAM instance profile name should be required if the Amazon cloud provider is selected IAM instance profile name should be marked as required if the Amazon cloud provider is selected Mar 24, 2022
@sowmyav27 sowmyav27 added this to the v2.6.5 milestone Apr 28, 2022
@gaktive
Copy link
Member

gaktive commented Apr 28, 2022

QA ran into this during testing.

@nwmac
Copy link
Member

nwmac commented Apr 29, 2022
edited
Loading

@sowmyav27 Is this a release blocker? Adding validation is more work and we want to do that in 2.6.6 for the whole form. This was not a regression.

@gaktive
Copy link
Member

gaktive commented Apr 29, 2022

Upon discussion with @sowmyav27, though it is not a regression, RKE2 GA starts with this release.

Not sure if we can do a bare minimum here until form validation comes in; will leave for an engineer to investigate and see what's quickly doable for 2.6.5.

@catherineluse
Copy link
Contributor Author

There's also some space under the cloud provider dropdown with some room to place a warning that an instance profile is needed. That might be easier in the short term
Screen Shot 2022-04-29 at 3 29 49 PM

@codyrancher codyrancher mentioned this issue May 6, 2022
Merged
codyrancher added a commit to codyrancher/dashboard that referenced this issue May 6, 2022
@codyrancher
Adding validation for the IAM Instance Profile Name which is required…
f0daf2f 
… when the amazon cloud provider is selected

fixes rancher#5517
@zube zube bot added [zube]: Done and removed [zube]: Review labels May 7, 2022
@github-actions github-actions bot reopened this May 7, 2022
@sowmyav27 sowmyav27 added the team/area2 Hostbusters label May 9, 2022
@markusewalker
Copy link

Verified in v2.6.5-rc8 that this is resolved:

ENVIRONMENT DETAILS

  • Ubuntu 18.04: Rancher HA
  • Ubuntu 20.04: RKE2 Cluster (3 etcd, 2cp, 3 workers)
  • Rancher version: v2.6.5-rc8
  • Browser: Chrome

TEST RESULT
PASS

VERIFICATION STEPS

  1. Setup Rancher and navigate to the Rancher UI in a browser.
  2. Created a standard user and logged in to Rancher as that user.
  3. Created an RKE2 downstream cluster with Amazon EC2.
  4. In the Cluster Configuration, set the Cloud Provider to be Amazon.
  5. Verified that in the Machine Pools that IAM Instance Profile Names has a red asterik indicating that it is now a mandated field.
  6. Toggled the Cloud Provider to None and External and verified that the IAM Instance Profile Name is not mandated:
    May-09-2022 09-56-28
  7. Switched the Cloud Provider back to Amazon, do not fill out the IAM Instance Profile Name and attempt to create a cluster; verified it fails:
    image

@zube zube bot removed the [zube]: Done label Aug 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@markusewalker markusewalker

@codyrancher codyrancher

Labels
area/form-validation area/provisioning-rke2 status/release-blocker team/area2 Hostbusters
Projects
None yet
Milestone
v2.6.5
6 participants
@nwmac @gaktive @catherineluse @sowmyav27 @markusewalker @codyrancher