Merge pull request #573 from zalando-incubator/remove-senza

Remove Senza etcd code.

provisioner/aws.go

@@ -7,10 +7,6 @@ import (
 	"encoding/json"
 	"encoding/pem"
 	"fmt"
-	"io/ioutil"
-	"os"
-	"os/exec"
-	"path"
 	"strings"
 	"time"
 
@@ -469,152 +465,6 @@ func (a *awsAdapter) DeleteStack(parentCtx context.Context, stack *cloudformatio
 	return nil
 }
 
-// CreateOrUpdateEtcdStack creates or updates an etcd stack.
-func (a *awsAdapter) CreateOrUpdateEtcdStack(parentCtx context.Context, stackName string, stackDefinition []byte, kmsKeyARN, networkCIDR, vpcID string, cluster *api.Cluster) error {
-	bucketName := fmt.Sprintf("zalando-kubernetes-etcd-%s-%s", getAWSAccountID(cluster.InfrastructureAccount), cluster.Region)
-
-	if bucket, ok := cluster.ConfigItems[etcdBackupBucketConfigItem]; ok {
-		bucketName = bucket
-	}
-
-	hostedZone, err := getHostedZone(cluster.APIServerURL)
-	if err != nil {
-		return err
-	}
-
-	// check if stack exists
-	// this is a hack to avoid calling senza to generate the etcd stack
-	// which is only applied if the stack doesn't already exist
-	describeParams := &cloudformation.DescribeStacksInput{
-		StackName: aws.String(stackName),
-	}
-
-	resp, err := a.cloudformationClient.DescribeStacks(describeParams)
-	// Ignore the error because the error indicates that the stack is missing
-	if err == nil && len(resp.Stacks) == 1 {
-		return nil
-	}
-
-	encryptedScalyrKey, err := a.kmsEncryptForTaupage(kmsKeyARN, cluster.ConfigItems[etcdScalyrKeyConfigItem])
-	if err != nil {
-		return err
-	}
-
-	td, err := ioutil.TempDir("", "etcd-cluster")
-	if err != nil {
-		return err
-	}
-	defer os.RemoveAll(td)
-
-	stackDefinitionPath := path.Join(td, "etcd-cluster.yaml")
-	err = ioutil.WriteFile(stackDefinitionPath, stackDefinition, 0644)
-	if err != nil {
-		return err
-	}
-
-	args := []string{
-		"print",
-		stackDefinitionPath,
-		"etcd",
-		fmt.Sprintf("HostedZone=%s", hostedZone),
-		fmt.Sprintf("EtcdS3Backup=%s", bucketName),
-		fmt.Sprintf("NetworkCIDR=%s", networkCIDR),
-		fmt.Sprintf("VpcID=%s", vpcID),
-		fmt.Sprintf("InstanceType=%s", cluster.ConfigItems[etcdInstanceTypeConfigItem]),
-		fmt.Sprintf("InstanceCount=%s", cluster.ConfigItems[etcdInstanceCountConfigItem]),
-		fmt.Sprintf("KMSKey=%s", kmsKeyARN),
-		fmt.Sprintf("ScalyrAccountKey=%s", encryptedScalyrKey),
-	}
-
-	for _, ci := range []struct {
-		configItem    string
-		senzaArgument string
-		encrypt       bool
-	}{
-		{configItem: etcdClientCAConfigItem, senzaArgument: "ClientCACertificate", encrypt: true},
-		{configItem: etcdClientKeyConfigItem, senzaArgument: "ClientKey", encrypt: true},
-		{configItem: etcdClientCertificateConfigItem, senzaArgument: "ClientCertificate", encrypt: true},
-		{configItem: etcdClientTLSEnabledConfigItem, senzaArgument: "ClientTLSEnabled"},
-		{configItem: etcdImageConfigItem, senzaArgument: "EtcdImage"},
-	} {
-		if value, ok := cluster.ConfigItems[ci.configItem]; ok {
-			if ci.encrypt {
-				decoded, err := base64.StdEncoding.DecodeString(value)
-				if err != nil {
-					return err
-				}
-				encrypted, err := a.kmsEncryptForTaupage(kmsKeyARN, string(decoded))
-				if err != nil {
-					return err
-				}
-				value = encrypted
-			}
-			args = append(args, fmt.Sprintf("%s=%s", ci.senzaArgument, value))
-		}
-	}
-
-	for configItem, senzaArg := range map[string]string{
-		etcdClientCAConfigItem:          "CertificateExpiryCA",
-		etcdClientCertificateConfigItem: "CertificateExpiryNode",
-	} {
-		if value, ok := cluster.ConfigItems[configItem]; ok && value != "" {
-			// We store our certificates base64-encoded
-			decoded, err := base64.StdEncoding.DecodeString(value)
-			if err != nil {
-				return err
-			}
-			expiry, err := certificateExpiryTime(string(decoded))
-			if err != nil {
-				return err
-			}
-			args = append(args, fmt.Sprintf("%s=%s", senzaArg, expiry.UTC().Format(time.RFC3339)))
-		}
-	}
-
-	cmd := exec.Command(
-		"senza",
-		args...,
-	)
-
-	if a.dryRun {
-		cmd.Args = append(cmd.Args, "--dry-run")
-	}
-
-	enVars, err := a.getEnvVars()
-	if err != nil {
-		return err
-	}
-
-	cmd.Env = enVars
-
-	output, err := cmd.Output()
-	if err != nil {
-		if exitErr, ok := err.(*exec.ExitError); ok {
-			return fmt.Errorf("%v: %s", err, string(exitErr.Stderr))
-		}
-		return err
-	}
-
-	tags := map[string]string{
-		applicationTagKey: "kubernetes",
-		componentTagKey:   "etcd-cluster",
-	}
-
-	err = a.applyStack(stackName, string(output), "", tags, false, nil)
-	if err != nil {
-		return err
-	}
-
-	ctx, cancel := context.WithTimeout(parentCtx, maxWaitTimeout)
-	defer cancel()
-	err = a.waitForStack(ctx, waitTime, stackName)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
 func certificateExpiryTime(certificate string) (time.Time, error) {
 	block, _ := pem.Decode([]byte(certificate))
 	if block == nil {

provisioner/clusterpy.go

@@ -43,7 +43,6 @@ import (
 
 const (
 	providerID                         = "zalando-aws"
-	senzaEtcdStackFileName             = "etcd-cluster.yaml"
 	etcdStackFileName                  = "etcd-stack.yaml"
 	clusterStackFileName               = "cluster.yaml"
 	etcdStackName                      = "etcd-cluster-etcd"
@@ -295,21 +294,9 @@ func (p *clusterpyProvisioner) Provision(ctx context.Context, logger *log.Entry,
 
 	// create or update the etcd stack
 	if p.manageEtcdStack {
-		if cluster.ConfigItems["experimental_new_etcd_stack"] == "true" {
-			err = createOrUpdateEtcdStack(ctx, channelConfig, cluster, values, etcdKMSKeyARN, awsAdapter)
-			if err != nil {
-				return err
-			}
-		} else {
-			etcdStackDefinition, err := channelConfig.StackManifest(senzaEtcdStackFileName)
-			if err != nil {
-				return err
-			}
-
-			err = awsAdapter.CreateOrUpdateEtcdStack(ctx, "etcd-cluster-etcd", etcdStackDefinition.Contents, etcdKMSKeyARN, aws.StringValue(vpc.CidrBlock), aws.StringValue(vpc.VpcId), cluster)
-			if err != nil {
-				return err
-			}
+		err = createOrUpdateEtcdStack(ctx, channelConfig, cluster, values, etcdKMSKeyARN, awsAdapter)
+		if err != nil {
+			return err
 		}
 	}