Only set cloud-provider as external if supported by the CSP

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2024-09-19 15:56:03 +00:00 · 2022-04-27 16:37:05 +02:00 · 2022-04-27 16:37:05 +02:00 · d9940fddae
commit d9940fddae
parent 2759af221c
6 changed files with 29 additions and 21 deletions
--- a/coordinator/core/cluster.go
+++ b/coordinator/core/cluster.go
@ -162,7 +162,7 @@ func (c *Core) JoinCluster(args *kubeadm.BootstrapTokenDiscovery, certKey string

 	c.zaplogger.Info("k8s Join data", zap.String("nodename", nodeName), zap.String("nodeIP", nodeIP), zap.String("nodeVPNIP", nodeVPNIP), zap.String("provid", providerID))
 	// we need to pass the VPNIP for another control-plane, otherwise etcd will bind itself to the wrong IP address and fails
-	if err := c.kube.JoinCluster(args, k8sCompliantHostname(nodeName), nodeIP, nodeVPNIP, providerID, certKey, peerRole); err != nil {
+	if err := c.kube.JoinCluster(args, k8sCompliantHostname(nodeName), nodeIP, nodeVPNIP, providerID, certKey, c.cloudControllerManager.Supported(), peerRole); err != nil {
 		c.zaplogger.Error("Joining Kubernetes cluster failed", zap.Error(err))
 		return err
 	}
@ -182,7 +182,7 @@ type Cluster interface {
 	// InitCluster bootstraps a new cluster with the current node being the master, returning the arguments required to join the cluster.
 	InitCluster(kubernetes.InitClusterInput) (*kubeadm.BootstrapTokenDiscovery, error)
 	// JoinCluster will join the current node to an existing cluster.
-	JoinCluster(args *kubeadm.BootstrapTokenDiscovery, nodeName, nodeIP, nodeVPNIP, providerID, certKey string, peerRole role.Role) error
+	JoinCluster(args *kubeadm.BootstrapTokenDiscovery, nodeName, nodeIP, nodeVPNIP, providerID, certKey string, ccmSupported bool, peerRole role.Role) error
 	// GetKubeconfig reads the kubeconfig from the filesystem. Only succeeds after cluster is initialized.
 	GetKubeconfig() ([]byte, error)
 	// GetKubeadmCertificateKey returns the 64-byte hex string key needed to join the cluster as control-plane. This function must be executed on a control-plane.
@ -202,7 +202,7 @@ func (c *ClusterFake) InitCluster(kubernetes.InitClusterInput) (*kubeadm.Bootstr
 }

 // JoinCluster will fake joining the current node to an existing cluster.
-func (c *ClusterFake) JoinCluster(args *kubeadm.BootstrapTokenDiscovery, nodeName, nodeIP, nodeVPNIP, providerID, certKey string, _ role.Role) error {
+func (c *ClusterFake) JoinCluster(args *kubeadm.BootstrapTokenDiscovery, nodeName, nodeIP, nodeVPNIP, providerID, certKey string, _ bool, _ role.Role) error {
 	return nil
 }

--- a/coordinator/core/cluster_test.go
+++ b/coordinator/core/cluster_test.go
@ -355,7 +355,7 @@ func (c *clusterStub) InitCluster(in kubernetes.InitClusterInput) (*kubeadm.Boot
 	return &c.initJoinArgs, c.initErr
 }

-func (c *clusterStub) JoinCluster(args *kubeadm.BootstrapTokenDiscovery, nodeName, nodeIP, nodeVPNIP, providerID, certKey string, _ role.Role) error {
+func (c *clusterStub) JoinCluster(args *kubeadm.BootstrapTokenDiscovery, nodeName, nodeIP, nodeVPNIP, providerID, certKey string, _ bool, _ role.Role) error {
 	c.joinClusterArgs = append(c.joinClusterArgs, joinClusterArgs{
 		args:       args,
 		nodeName:   nodeName,
--- a/coordinator/kubernetes/k8sapi/kubeadm_config.go
+++ b/coordinator/kubernetes/k8sapi/kubeadm_config.go
@ -16,7 +16,11 @@ const (

 type CoreOSConfiguration struct{}

-func (c *CoreOSConfiguration) InitConfiguration() KubeadmInitYAML {
+func (c *CoreOSConfiguration) InitConfiguration(externalCloudProvider bool) KubeadmInitYAML {
+	var cloudProvider string
+	if externalCloudProvider {
+		cloudProvider = "external"
+	}
 	return KubeadmInitYAML{
 		InitConfiguration: kubeadm.InitConfiguration{
 			TypeMeta: v1.TypeMeta{
@ -26,7 +30,7 @@ func (c *CoreOSConfiguration) InitConfiguration() KubeadmInitYAML {
 			NodeRegistration: kubeadm.NodeRegistrationOptions{
 				CRISocket: "/run/containerd/containerd.sock",
 				KubeletExtraArgs: map[string]string{
-					"cloud-provider": "external",
+					"cloud-provider": cloudProvider,
 					"network-plugin": "cni",
 				},
 			},
@ -47,7 +51,7 @@ func (c *CoreOSConfiguration) InitConfiguration() KubeadmInitYAML {
 			ControllerManager: kubeadm.ControlPlaneComponent{
 				ExtraArgs: map[string]string{
 					"flex-volume-plugin-dir": "/opt/libexec/kubernetes/kubelet-plugins/volume/exec/",
-					"cloud-provider":         "external",
+					"cloud-provider":         cloudProvider,
 					"configure-cloud-routes": "false",
 				},
 			},
@ -63,7 +67,11 @@ func (c *CoreOSConfiguration) InitConfiguration() KubeadmInitYAML {
 	}
 }

-func (c *CoreOSConfiguration) JoinConfiguration() KubeadmJoinYAML {
+func (c *CoreOSConfiguration) JoinConfiguration(externalCloudProvider bool) KubeadmJoinYAML {
+	var cloudProvider string
+	if externalCloudProvider {
+		cloudProvider = "external"
+	}
 	return KubeadmJoinYAML{
 		JoinConfiguration: kubeadm.JoinConfiguration{
 			TypeMeta: v1.TypeMeta{
@ -73,7 +81,7 @@ func (c *CoreOSConfiguration) JoinConfiguration() KubeadmJoinYAML {
 			NodeRegistration: kubeadm.NodeRegistrationOptions{
 				CRISocket: "/run/containerd/containerd.sock",
 				KubeletExtraArgs: map[string]string{
-					"cloud-provider": "external",
+					"cloud-provider": cloudProvider,
 				},
 			},
 			Discovery: kubeadm.Discovery{
--- a/coordinator/kubernetes/k8sapi/kubeadm_config_test.go
+++ b/coordinator/kubernetes/k8sapi/kubeadm_config_test.go
@ -38,11 +38,11 @@ func TestInitConfiguration(t *testing.T) {
 			}(),
 		},
 		"CoreOS init config can be created": {
-			config: coreOSConfig.InitConfiguration(),
+			config: coreOSConfig.InitConfiguration(true),
 		},
 		"CoreOS init config with all fields can be created": {
 			config: func() KubeadmInitYAML {
-				c := coreOSConfig.InitConfiguration()
+				c := coreOSConfig.InitConfiguration(true)
 				c.SetApiServerAdvertiseAddress("192.0.2.0")
 				c.SetNodeIP("192.0.2.0")
 				c.SetNodeName("node")
@ -92,11 +92,11 @@ func TestJoinConfiguration(t *testing.T) {
 			}(),
 		},
 		"CoreOS join config can be created": {
-			config: coreOSConfig.JoinConfiguration(),
+			config: coreOSConfig.JoinConfiguration(true),
 		},
 		"CoreOS join config with all fields can be created": {
 			config: func() KubeadmJoinYAML {
-				c := coreOSConfig.JoinConfiguration()
+				c := coreOSConfig.JoinConfiguration(true)
 				c.SetApiServerEndpoint("192.0.2.0:6443")
 				c.SetNodeIP("192.0.2.0")
 				c.SetNodeName("node")
--- a/coordinator/kubernetes/kubernetes.go
+++ b/coordinator/kubernetes/kubernetes.go
@ -24,8 +24,8 @@ type configReader interface {

 // configurationProvider provides kubeadm init and join configuration.
 type configurationProvider interface {
-	InitConfiguration() k8sapi.KubeadmInitYAML
-	JoinConfiguration() k8sapi.KubeadmJoinYAML
+	InitConfiguration(externalCloudProvider bool) k8sapi.KubeadmInitYAML
+	JoinConfiguration(externalCloudProvider bool) k8sapi.KubeadmJoinYAML
 }

 // KubeWrapper implements ClusterWrapper interface.
@ -48,7 +48,7 @@ func New(clusterUtil k8sapi.ClusterUtil, configProvider configurationProvider, c

 // InitCluster initializes a new Kubernetes cluster and applies pod network provider.
 func (k *KubeWrapper) InitCluster(in InitClusterInput) (*kubeadm.BootstrapTokenDiscovery, error) {
-	initConfig := k.configProvider.InitConfiguration()
+	initConfig := k.configProvider.InitConfiguration(in.SupportsCloudControllerManager)
 	initConfig.SetApiServerAdvertiseAddress(in.APIServerAdvertiseIP)
 	initConfig.SetNodeIP(in.NodeIP)
 	initConfig.SetNodeName(in.NodeName)
@ -104,8 +104,8 @@ func (k *KubeWrapper) InitCluster(in InitClusterInput) (*kubeadm.BootstrapTokenD
 }

 // JoinCluster joins existing Kubernetes cluster.
-func (k *KubeWrapper) JoinCluster(args *kubeadm.BootstrapTokenDiscovery, nodeName, nodeInternalIP, nodeVPNIP, providerID, certKey string, peerRole role.Role) error {
-	joinConfig := k.configProvider.JoinConfiguration()
+func (k *KubeWrapper) JoinCluster(args *kubeadm.BootstrapTokenDiscovery, nodeName, nodeInternalIP, nodeVPNIP, providerID, certKey string, ccmSupported bool, peerRole role.Role) error {
+	joinConfig := k.configProvider.JoinConfiguration(ccmSupported)
 	joinConfig.SetApiServerEndpoint(args.APIServerEndpoint)
 	joinConfig.SetToken(args.Token)
 	joinConfig.AppendDiscoveryTokenCaCertHash(args.CACertHashes[0])
--- a/coordinator/kubernetes/kubernetes_test.go
+++ b/coordinator/kubernetes/kubernetes_test.go
@ -74,11 +74,11 @@ type stubConfigProvider struct {
 	JoinConfig k8sapi.KubeadmJoinYAML
 }

-func (s *stubConfigProvider) InitConfiguration() k8sapi.KubeadmInitYAML {
+func (s *stubConfigProvider) InitConfiguration(_ bool) k8sapi.KubeadmInitYAML {
 	return s.InitConfig
 }

-func (s *stubConfigProvider) JoinConfiguration() k8sapi.KubeadmJoinYAML {
+func (s *stubConfigProvider) JoinConfiguration(_ bool) k8sapi.KubeadmJoinYAML {
 	s.JoinConfig = k8sapi.KubeadmJoinYAML{
 		JoinConfiguration: kubeadm.JoinConfiguration{
 			Discovery: kubeadm.Discovery{
@ -241,7 +241,7 @@ func TestJoinCluster(t *testing.T) {
 			require := require.New(t)

 			kube := New(&tc.clusterUtil, &stubConfigProvider{}, &client)
-			err := kube.JoinCluster(joinCommand, instanceName, nodeVPNIP, nodeVPNIP, coordinatorProviderID, "", role.Node)
+			err := kube.JoinCluster(joinCommand, instanceName, nodeVPNIP, nodeVPNIP, coordinatorProviderID, "", true, role.Node)
 			if tc.wantErr {
 				assert.Error(err)
 				return