Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-04-25 09:39:22 -04:00
Code Issues Packages Projects Releases Wiki Activity

metadata: don't use podCIDR for Azure CCM setup

Browse Source
This commit is contained in:
Leonard Cohnen 2022-11-02 13:06:07 +01:00 committed by 3u13r
parent d59dc82e56
commit 0cdc7886ee
6 changed files with 21 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
bootstrapper/internal/kubernetes/kubernetes.go
View File

@ -439,15 +439,13 @@ func getIPAddr() (string, error) {
// setupExtraVals create a helm values map for consumption by helm-install. // setupExtraVals create a helm values map for consumption by helm-install.
// Will move to a more dedicated place once that place becomes apparent. // Will move to a more dedicated place once that place becomes apparent.
func (k *KubeWrapper) setupExtraVals(ctx context.Context, initialMeasurementsJSON []byte, idkeydigest []byte, measurementSalt []byte, subnetworkCIDR string, cloudServiceAccountURI string) (map[string]any, error) { func (k *KubeWrapper) setupExtraVals(ctx context.Context, initialMeasurementsJSON []byte, idkeydigest []byte, measurementSalt []byte, subnetworkPodCIDR string, cloudServiceAccountURI string) (map[string]any, error) {
extraVals := map[string]any{ extraVals := map[string]any{
"join-service": map[string]any{ "join-service": map[string]any{
"measurements": string(initialMeasurementsJSON), "measurements": string(initialMeasurementsJSON),
"measurementSalt": base64.StdEncoding.EncodeToString(measurementSalt), "measurementSalt": base64.StdEncoding.EncodeToString(measurementSalt),
}, },
"ccm": map[string]any{ "ccm": map[string]any{},
"subnetworkCIDR": subnetworkCIDR,
},
} }
instance, err := k.providerMetadata.Self(ctx) instance, err := k.providerMetadata.Self(ctx)
@ -482,9 +480,10 @@ func (k *KubeWrapper) setupExtraVals(ctx context.Context, initialMeasurementsJSO
return nil, errors.New("invalid ccm values") return nil, errors.New("invalid ccm values")
} }
ccmVals["GCP"] = map[string]any{ ccmVals["GCP"] = map[string]any{
"projectID": projectID, "projectID": projectID,
"uid": uid, "uid": uid,
"secretData": string(rawKey), "secretData": string(rawKey),
"subnetworkPodCIDR": subnetworkPodCIDR,
} }
} }
case cloudprovider.Azure: case cloudprovider.Azure:
@ -506,7 +505,8 @@ func (k *KubeWrapper) setupExtraVals(ctx context.Context, initialMeasurementsJSO
return nil, errors.New("invalid ccm values") return nil, errors.New("invalid ccm values")
} }
ccmVals["Azure"] = map[string]any{ ccmVals["Azure"] = map[string]any{
"azureConfig": string(rawConfig), "azureConfig": string(rawConfig),
"subnetworkPodCIDR": subnetworkPodCIDR,
} }
joinVals, ok := extraVals["join-service"].(map[string]any) joinVals, ok := extraVals["join-service"].(map[string]any)

3
cli/internal/helm/charts/edgeless/constellation-services/charts/ccm/templates/azure-daemonset.yaml
View File

@ -22,12 +22,11 @@ spec:
- cloud-controller-manager - cloud-controller-manager
- --cloud-provider=azure - --cloud-provider=azure
- --leader-elect=true - --leader-elect=true
- --cluster-cidr={{ .Values.subnetworkCIDR }}
- -v=2 - -v=2
- --controllers=*,-cloud-node - --controllers=*,-cloud-node
- --cloud-config=/etc/azure/azure.json - --cloud-config=/etc/azure/azure.json
- --allocate-node-cidrs=false - --allocate-node-cidrs=false
- --configure-cloud-routes=true - --configure-cloud-routes=false
volumeMounts: volumeMounts:
- name: etckubernetes - name: etckubernetes
mountPath: /etc/kubernetes mountPath: /etc/kubernetes

2
cli/internal/helm/charts/edgeless/constellation-services/charts/ccm/templates/gcp-daemonset.yaml
View File

@ -22,7 +22,7 @@ spec:
- /cloud-controller-manager - /cloud-controller-manager
- --cloud-provider=gce - --cloud-provider=gce
- --leader-elect=true - --leader-elect=true
- --cluster-cidr={{ .Values.subnetworkCIDR }} - --cluster-cidr={{ .Values.GCP.subnetworkPodCIDR }}
- -v=2 - -v=2
- --use-service-account-credentials - --use-service-account-credentials
- --controllers=cloud-node,cloud-node-lifecycle,nodeipam,service,route - --controllers=cloud-node,cloud-node-lifecycle,nodeipam,service,route

13
cli/internal/helm/charts/edgeless/constellation-services/charts/ccm/values.schema.json
View File

@ -5,8 +5,8 @@
"description": "CSP to which the chart is deployed.", "description": "CSP to which the chart is deployed.",
"enum": ["Azure", "GCP", "AWS", "QEMU"] "enum": ["Azure", "GCP", "AWS", "QEMU"]
}, },
"subnetworkCIDR": { "subnetworkPodCIDR": {
"description": "CIDR for the subnetwork of the cluster", "description": "CIDR Range for Pods in cluster",
"type": "string", "type": "string",
"examples": ["192.0.2.0/24"], "examples": ["192.0.2.0/24"],
"pattern": "[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}/[0-9]{1,2}" "pattern": "[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}/[0-9]{1,2}"
@ -37,7 +37,8 @@
"image", "image",
"projectID", "projectID",
"uid", "uid",
"secretData" "secretData",
"subnetworkPodCIDR"
] ]
}, },
"Azure": { "Azure": {
@ -56,7 +57,8 @@
}, },
"required": [ "required": [
"image", "image",
"azureConfig" "azureConfig",
"subnetworkPodCIDR"
] ]
}, },
"AWS": { "AWS": {
@ -74,8 +76,7 @@
} }
}, },
"required": [ "required": [
"csp", "csp"
"subnetworkCIDR"
], ],
"allOf": [ "allOf": [
{ {

10
cli/internal/helm/loader_test.go
View File

@ -137,7 +137,7 @@ func prepareGCPValues(values map[string]any) error {
if !ok { if !ok {
return errors.New("missing 'ccm' key") return errors.New("missing 'ccm' key")
} }
ccmVals["subnetworkCIDR"] = "192.0.2.0/24" ccmVals["GCP"].(map[string]any)["subnetworkPodCIDR"] = "192.0.2.0/24"
ccmVals["GCP"].(map[string]any)["projectID"] = "42424242424242" ccmVals["GCP"].(map[string]any)["projectID"] = "42424242424242"
ccmVals["GCP"].(map[string]any)["uid"] = "242424242424" ccmVals["GCP"].(map[string]any)["uid"] = "242424242424"
ccmVals["GCP"].(map[string]any)["secretData"] = "baaaaaad" ccmVals["GCP"].(map[string]any)["secretData"] = "baaaaaad"
@ -158,7 +158,7 @@ func prepareAzureValues(values map[string]any) error {
if !ok { if !ok {
return errors.New("missing 'ccm' key") return errors.New("missing 'ccm' key")
} }
ccmVals["subnetworkCIDR"] = "192.0.2.0/24" ccmVals["Azure"].(map[string]any)["subnetworkPodCIDR"] = "192.0.2.0/24"
ccmVals["Azure"].(map[string]any)["azureConfig"] = "baaaaaad" ccmVals["Azure"].(map[string]any)["azureConfig"] = "baaaaaad"
return nil return nil
@ -172,11 +172,5 @@ func prepareQEMUValues(values map[string]any) error {
joinVals["measurements"] = "{'1':'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA','15':'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA='}" joinVals["measurements"] = "{'1':'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA','15':'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA='}"
joinVals["measurementSalt"] = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" joinVals["measurementSalt"] = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
ccmVals, ok := values["ccm"].(map[string]any)
if !ok {
return errors.New("missing 'ccm' key")
}
ccmVals["subnetworkCIDR"] = "192.0.2.0/24"
return nil return nil
} }

3
cli/internal/helm/testdata/Azure/constellation-services/charts/ccm/templates/azure-daemonset.yaml vendored
View File

@ -22,12 +22,11 @@ spec:
- cloud-controller-manager - cloud-controller-manager
- --cloud-provider=azure - --cloud-provider=azure
- --leader-elect=true - --leader-elect=true
- --cluster-cidr=192.0.2.0/24
- -v=2 - -v=2
- --controllers=*,-cloud-node - --controllers=*,-cloud-node
- --cloud-config=/etc/azure/azure.json - --cloud-config=/etc/azure/azure.json
- --allocate-node-cidrs=false - --allocate-node-cidrs=false
- --configure-cloud-routes=true - --configure-cloud-routes=false
resources: {} resources: {}
volumeMounts: volumeMounts:
- name: etckubernetes - name: etckubernetes