mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-08-03 20:44:14 -04:00
AB#2286 Return only primary IPs for instance metadata operations (#335)
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße
GitHub
parent
5c00dafe9b
commit
4151d365fb
21 changed files with 180 additions and 185 deletions
|
|
@ -253,7 +253,7 @@ func (c *JoinClient) startNodeAndJoin(ticket *joinproto.IssueJoinTicketResponse,
|
|||
}
|
||||
|
||||
if c.role == role.ControlPlane {
|
||||
if err := c.writeControlePlaneFiles(ticket.ControlPlaneFiles); err != nil {
|
||||
if err := c.writeControlPlaneFiles(ticket.ControlPlaneFiles); err != nil {
|
||||
return fmt.Errorf("writing control plane files: %w", err)
|
||||
}
|
||||
}
|
||||
|
|
@ -304,11 +304,12 @@ func (c *JoinClient) getNodeMetadata() error {
|
|||
}
|
||||
|
||||
var ips []net.IP
|
||||
for _, ip := range inst.PrivateIPs {
|
||||
ips = append(ips, net.ParseIP(ip))
|
||||
|
||||
if inst.VPCIP != "" {
|
||||
ips = append(ips, net.ParseIP(inst.VPCIP))
|
||||
}
|
||||
for _, ip := range inst.PublicIPs {
|
||||
ips = append(ips, net.ParseIP(ip))
|
||||
if inst.PublicIP != "" {
|
||||
ips = append(ips, net.ParseIP(inst.PublicIP))
|
||||
}
|
||||
|
||||
c.nodeName = inst.Name
|
||||
|
|
@ -346,8 +347,8 @@ func (c *JoinClient) getControlPlaneIPs() ([]string, error) {
|
|||
|
||||
ips := []string{}
|
||||
for _, instance := range instances {
|
||||
if instance.Role == role.ControlPlane {
|
||||
ips = append(ips, instance.PrivateIPs...)
|
||||
if instance.Role == role.ControlPlane && instance.VPCIP != "" {
|
||||
ips = append(ips, instance.VPCIP)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -355,7 +356,7 @@ func (c *JoinClient) getControlPlaneIPs() ([]string, error) {
|
|||
return ips, nil
|
||||
}
|
||||
|
||||
func (c *JoinClient) writeControlePlaneFiles(files []*joinproto.ControlPlaneCertOrKey) error {
|
||||
func (c *JoinClient) writeControlPlaneFiles(files []*joinproto.ControlPlaneCertOrKey) error {
|
||||
for _, cert := range files {
|
||||
if err := c.fileHandler.Write(
|
||||
filepath.Join(kubeconstants.KubernetesDir, kubeconstants.DefaultCertificateDir, cert.Name),
|
||||
|
|
|
|||
|
|
@ -40,9 +40,10 @@ func TestClient(t *testing.T) {
|
|||
workerSelf := metadata.InstanceMetadata{Role: role.Worker, Name: "node-1"}
|
||||
controlSelf := metadata.InstanceMetadata{Role: role.ControlPlane, Name: "node-5"}
|
||||
peers := []metadata.InstanceMetadata{
|
||||
{Role: role.Worker, Name: "node-2", PrivateIPs: []string{"192.0.2.8"}},
|
||||
{Role: role.ControlPlane, Name: "node-3", PrivateIPs: []string{"192.0.2.1"}},
|
||||
{Role: role.ControlPlane, Name: "node-4", PrivateIPs: []string{"192.0.2.2", "192.0.2.3"}},
|
||||
{Role: role.Worker, Name: "node-2", VPCIP: "192.0.2.8"},
|
||||
{Role: role.ControlPlane, Name: "node-3", VPCIP: "192.0.2.1"},
|
||||
{Role: role.ControlPlane, Name: "node-4", VPCIP: "192.0.2.2"},
|
||||
{Role: role.ControlPlane, Name: "node-5", VPCIP: "192.0.2.3"},
|
||||
}
|
||||
|
||||
testCases := map[string]struct {
|
||||
|
|
|
|||
|
|
@ -103,20 +103,17 @@ func (k *KubeWrapper) InitCluster(
|
|||
if err != nil {
|
||||
return nil, fmt.Errorf("retrieving own instance metadata failed: %w", err)
|
||||
}
|
||||
for _, ip := range instance.PrivateIPs {
|
||||
validIPs = append(validIPs, net.ParseIP(ip))
|
||||
if instance.VPCIP != "" {
|
||||
validIPs = append(validIPs, net.ParseIP(instance.VPCIP))
|
||||
}
|
||||
for _, ip := range instance.PublicIPs {
|
||||
validIPs = append(validIPs, net.ParseIP(ip))
|
||||
if instance.PublicIP != "" {
|
||||
validIPs = append(validIPs, net.ParseIP(instance.PublicIP))
|
||||
}
|
||||
nodeName = k8sCompliantHostname(instance.Name)
|
||||
providerID = instance.ProviderID
|
||||
if len(instance.PrivateIPs) > 0 {
|
||||
nodeIP = instance.PrivateIPs[0]
|
||||
}
|
||||
if len(instance.PublicIPs) > 0 {
|
||||
publicIP = instance.PublicIPs[0]
|
||||
}
|
||||
nodeIP = instance.VPCIP
|
||||
publicIP = instance.PublicIP
|
||||
|
||||
if len(instance.AliasIPRanges) > 0 {
|
||||
nodePodCIDR = instance.AliasIPRanges[0]
|
||||
}
|
||||
|
|
@ -253,9 +250,7 @@ func (k *KubeWrapper) JoinCluster(ctx context.Context, args *kubeadm.BootstrapTo
|
|||
}
|
||||
providerID = instance.ProviderID
|
||||
nodeName = instance.Name
|
||||
if len(instance.PrivateIPs) > 0 {
|
||||
nodeInternalIP = instance.PrivateIPs[0]
|
||||
}
|
||||
nodeInternalIP = instance.VPCIP
|
||||
}
|
||||
nodeName = k8sCompliantHostname(nodeName)
|
||||
|
||||
|
|
|
|||
|
|
@ -82,8 +82,8 @@ func TestInitCluster(t *testing.T) {
|
|||
SelfResp: metadata.InstanceMetadata{
|
||||
Name: nodeName,
|
||||
ProviderID: providerID,
|
||||
PrivateIPs: []string{privateIP},
|
||||
PublicIPs: []string{publicIP},
|
||||
VPCIP: privateIP,
|
||||
PublicIP: publicIP,
|
||||
AliasIPRanges: []string{aliasIPRange},
|
||||
},
|
||||
GetLoadBalancerIPResp: loadbalancerIP,
|
||||
|
|
@ -353,7 +353,7 @@ func TestJoinCluster(t *testing.T) {
|
|||
SelfResp: metadata.InstanceMetadata{
|
||||
ProviderID: "provider-id",
|
||||
Name: "metadata-name",
|
||||
PrivateIPs: []string{"192.0.2.1"},
|
||||
VPCIP: "192.0.2.1",
|
||||
},
|
||||
},
|
||||
CloudControllerManager: &stubCloudControllerManager{},
|
||||
|
|
@ -375,7 +375,7 @@ func TestJoinCluster(t *testing.T) {
|
|||
SelfResp: metadata.InstanceMetadata{
|
||||
ProviderID: "provider-id",
|
||||
Name: "metadata-name",
|
||||
PrivateIPs: []string{"192.0.2.1"},
|
||||
VPCIP: "192.0.2.1",
|
||||
},
|
||||
},
|
||||
CloudControllerManager: &stubCloudControllerManager{
|
||||
|
|
@ -399,7 +399,7 @@ func TestJoinCluster(t *testing.T) {
|
|||
SelfResp: metadata.InstanceMetadata{
|
||||
ProviderID: "provider-id",
|
||||
Name: "metadata-name",
|
||||
PrivateIPs: []string{"192.0.2.1"},
|
||||
VPCIP: "192.0.2.1",
|
||||
},
|
||||
},
|
||||
CloudControllerManager: &stubCloudControllerManager{},
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue