-
Notifications
You must be signed in to change notification settings - Fork 138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check more indicators for EKS discovery #2615
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1 optional suggestion but lgtm
pkg/controller/utils/discovery.go
Outdated
return false, err | ||
} | ||
if cm != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see you're just copying this logic from the existing code so that's fine but it looks odd to me because presence of this configmap is indicated by err being IsNotFound. I don't think cm being nil is behavior that's meant to be relied on for anything.
Fine to merge as is or take a crack at refactoring, either is ok to me
if err != nil { | ||
if kerrors.IsNotFound(err) { | ||
return false, nil | ||
_, err := c.CoreV1().ConfigMaps("kube-system").Get(ctx, "aws-auth", metav1.GetOptions{}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would be nice for future readers to add some comments to this code explaining what we're checking. I'm not sure what "aws-auth" is, so it's hard to review whether or not this is an appropriate way to determine if we're running on EKS (e.g., as opposed to other AWS based Kubernetes providers).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One comment - basically, I think we should document what this code is trying to do with comments a bit better. Maybe with a link to details on what "aws-auth", "eks-certificates-controller" are.
I've put some comments in. Unfortunately eks-certificates-controller and the kube-dns label are not something I found any specific documentation about them. |
Description
We have found in testing that the provider is not being detected as EKS in setups that were detected as EKS before. Upon looking at our detection/discovery code and looking at some EKS clusters, there was and still isn't a great means of detecting an EKS cluster. This PR expands the detection a bit to include a couple more indicators.
For PR author
For PR reviewers
A note for code reviewers - all pull requests must have the following:
kind/bug
if this is a bugfix.kind/enhancement
if this is a a new feature.enterprise
if this PR applies to Calico Enterprise only.