Make ClusterID required for AWS. #49215
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
k8s-github-robot
added
kind/api-change
rrati
force-pushed
the
aws-require-cluster-id
branch
from
f5d3987 to
dfd943a
Compare
There was a problem hiding this comment.
@spxtr: 12 new warning(s).
In response to this:
/lint
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
| @@ -111,6 +111,10 @@ func (f *FakeCloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []s | |||
| return nameservers, searches | |||
| } | |||
|
|
|||
| func (f *FakeCloud) HasClusterID() bool { | |||
There was a problem hiding this comment.
Golint comments: exported method FakeCloud.HasClusterID should have comment or be unexported. More info.
| @@ -956,6 +956,11 @@ func (c *Cloud) Routes() (cloudprovider.Routes, bool) { | |||
| return c, true | |||
| } | |||
|
|
|||
| // ClusterID returns true if the cluster has a clusterID | |||
There was a problem hiding this comment.
Golint comments: comment on exported method Cloud.HasClusterID should be of the form "HasClusterID ...". More info.
| @@ -466,6 +466,11 @@ func (os *Rackspace) ScrubDNS(nameservers, searches []string) (nsOut, srchOut [] | |||
| return nameservers, searches | |||
| } | |||
|
|
|||
| // ClusterID returns true if the cluster has a clusterID | |||
There was a problem hiding this comment.
Golint comments: comment on exported method Rackspace.HasClusterID should be of the form "HasClusterID ...". More info.
| @@ -382,6 +382,11 @@ func (az *Cloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []stri | |||
| return nameservers, searches | |||
| } | |||
|
|
|||
| // ClusterID returns true if the cluster has a clusterID | |||
There was a problem hiding this comment.
Golint comments: comment on exported method Cloud.HasClusterID should be of the form "HasClusterID ...". More info.
| if s.AllowUntaggedCloud == true { | ||
| glog.Warning("Detected a cluster without a ClusterID. A ClusterID will be required in the future. Please tag your cluster to avoid any future issues.") | ||
| } else { | ||
| return ControllerContext{}, fmt.Errorf("No ClusterID Found. A ClusterID is required for the cloud provider to function properly. This check can be bypassed by setting the allow-untagged-cloud option") |
There was a problem hiding this comment.
Golint errors: error strings should not be capitalized or end with punctuation or a newline. More info.
| @@ -409,6 +409,11 @@ func (gce *GCECloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut [] | |||
| return nameservers, srchOut | |||
| } | |||
|
|
|||
| // ClusterID returns true if the cluster has a clusterID | |||
| func (gce *GCECloud) HasClusterID() bool { | |||
There was a problem hiding this comment.
Golint naming: receiver name gce should be consistent with previous receiver name g for GCECloud. More info.
| @@ -134,6 +134,11 @@ func (v *OVirtCloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut [] | |||
| return nameservers, searches | |||
| } | |||
|
|
|||
| // ClusterID returns true if the cluster has a clusterID | |||
There was a problem hiding this comment.
Golint comments: comment on exported method OVirtCloud.HasClusterID should be of the form "HasClusterID ...". More info.
| @@ -120,6 +120,11 @@ func (cs *CSCloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []st | |||
| return nameservers, searches | |||
| } | |||
|
|
|||
| // ClusterID returns true if the cluster has a clusterID | |||
There was a problem hiding this comment.
Golint comments: comment on exported method CSCloud.HasClusterID should be of the form "HasClusterID ...". More info.
| @@ -702,6 +702,11 @@ func (vs *VSphere) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []st | |||
| return nameservers, searches | |||
| } | |||
|
|
|||
| // ClusterID returns true if the cluster has a clusterID | |||
There was a problem hiding this comment.
Golint comments: comment on exported method VSphere.HasClusterID should be of the form "HasClusterID ...". More info.
| @@ -539,6 +539,11 @@ func (pc *PCCloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut []st | |||
| return nameservers, searches | |||
| } | |||
|
|
|||
| // ClusterID returns true if the cluster has a clusterID | |||
There was a problem hiding this comment.
Golint comments: comment on exported method PCCloud.HasClusterID should be of the form "HasClusterID ...". More info.
rrati
force-pushed
the
aws-require-cluster-id
branch
from
dfd943a to
eac5939
Compare
|
/lint |
There was a problem hiding this comment.
@spxtr: 1 new warning(s).
In response to this:
/lint
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
| @@ -409,6 +409,11 @@ func (gce *GCECloud) ScrubDNS(nameservers, searches []string) (nsOut, srchOut [] | |||
| return nameservers, srchOut | |||
| } | |||
|
|
|||
| // HasClusterID returns true if the cluster has a clusterID | |||
| func (gce *GCECloud) HasClusterID() bool { | |||
There was a problem hiding this comment.
Golint naming: receiver name gce should be consistent with previous receiver name g for GCECloud. More info.
There was a problem hiding this comment.
This is not correct. What I have is consistent with existing code
There was a problem hiding this comment.
Or fix the other part of the file.
There was a problem hiding this comment.
I could rather do that cleanup as a part of a separate PR. It really isn't related to this PR.
|
@kubernetes/sig-aws-misc @justinsb |
|
/test pull-kubernetes-e2e-gce-etcd3 |
| @@ -134,6 +134,7 @@ func (s *CMServer) AddFlags(fs *pflag.FlagSet, allControllers []string, disabled | |||
| fs.BoolVar(&s.UseServiceAccountCredentials, "use-service-account-credentials", s.UseServiceAccountCredentials, "If true, use individual service account credentials for each controller.") | |||
| fs.StringVar(&s.CloudProvider, "cloud-provider", s.CloudProvider, "The provider for cloud services. Empty string for no provider.") | |||
| fs.StringVar(&s.CloudConfigFile, "cloud-config", s.CloudConfigFile, "The path to the cloud provider configuration file. Empty string for no configuration file.") | |||
| fs.BoolVar(&s.AllowUntaggedCloud, "allow-untagged-cloud", false, "Allow the cluster to run without the cluster-id on cloud instances. This is a legacy mode of operation and a cluster-id will be required in the future.") | |||
There was a problem hiding this comment.
Should we mark this flag as deprecated immediately?
There was a problem hiding this comment.
This flag seems pointless if it defaults to false. People either have to change their config to pass --allow-untagged-cloud or change their config to pass clusterID. If you are going to break compatibility, just force people to get to where they need to go. By allowing them to pass --allow-untagged-cloud and later removing the flag, aren't you just breaking compatibility twice?
There was a problem hiding this comment.
Whether to set the default to false or true is still being discussed in the AWS sig. However, imo, setting the flag to false forces the issue immediately and gives users time to do the labeling before the option goes away. The intent is for this option to only exist for a few releases. Having it default to false will inform the user while still allowing for an easy change to function in the old, but broken, behavior while they plan to do the required labeling.
There was a problem hiding this comment.
@roberthbailey I believe that is the plan, but would prefer aws-sig members weigh in.
There was a problem hiding this comment.
The thought behind the flag is that changing your infrastructure deployment tool to add the tags may be non-trivial.
So we are forcing people to add the tag, but we're also giving them a reasonable path to upgrade if they can't easily add that to their deployment tool.
I agree we can mark the flag deprecated right away.
There was a problem hiding this comment.
I marked the new flag as deprecated
| @@ -30,6 +30,7 @@ import ( | |||
| type CloudProviderOptions struct { | |||
| CloudConfigFile string | |||
| CloudProvider string | |||
| AllowUntagged bool | |||
There was a problem hiding this comment.
May be missing something, but is this one used?
There was a problem hiding this comment.
Nope, this shouldn't be there. I'll remove
|
Looks good from an AWS perspective. |
rrati
force-pushed
the
aws-require-cluster-id
branch
2 times, most recently
from
2660f72 to
458ad97
Compare
|
/test pull-kubernetes-e2e-gce-etcd3 |
|
/test pull-kubernetes-verify |
1 similar comment
|
/test pull-kubernetes-verify |
|
This needs a release note action required. |
mikedanese
added
release-note-action-required
|
@mikedanese There is a release note in the original PR text. It hasn't been showing up for some reason |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: deads2k, mikedanese, rrati Associated issue: 48954 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
k8s-github-robot
added
approved
rrati
force-pushed
the
aws-require-cluster-id
branch
from
458ad97 to
926f070
Compare
k8s-github-robot
removed
the
needs-rebase
|
/test all [submit-queue is verifying that this PR is safe to merge] |
|
@mikedanese Please re-lgtm |
|
Automatic merge from submit-queue |
Automatic merge from submit-queue (batch tested with PRs 16443, 16331) Require cluster id for AWS Backporting of: kubernetes/kubernetes#48612 kubernetes/kubernetes#49215 Plus changes in master-controller startup to look for the flag to allow untagged clouds or exit.
|
Can we remove HasClusterID from cloudprovider interface once we've finished the deprecation of untagged cloud for aws? |
Automatic merge from submit-queue Make ClusterID required for AWS. **What this PR does / why we need it**: Makes ClusterID required for AWS and provides a flag to run in un-tagged mode fixes kubernetes#48954 **Release note**: ```release-note A cluster using the AWS cloud provider will need to label existing nodes and resources with a ClusterID or the kube-controller-manager will not start. To run without a ClusterID pass --allow-untagged-cloud=true to the kube-controller-manager on startup. ```
|
Sorry to be commenting on a really old PR, but I don't think we followed up and deprecated the necessary flags. I'm not even sure what the state of ClusterID is at this point. Is it safe to remove the |
What this PR does / why we need it:
Makes ClusterID required for AWS and provides a flag to run in un-tagged mode
fixes #48954
Release note: