Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Get location and subscriptionID from IMDS when useInstanceMetadata is true #81500

Merged
merged 1 commit into from
Aug 17, 2019
Merged

Get location and subscriptionID from IMDS when useInstanceMetadata is true #81500

merged 1 commit into from
Aug 17, 2019
+97 −89

Conversation

feiskyer
Copy link
Member

@feiskyer feiskyer commented Aug 16, 2019
edited
Loading

What type of PR is this?

Uncomment only one /kind <> line, hit enter to put that in a new line, and remove leading whitespaces from that line:

/kind api-change
/kind bug
/kind cleanup
/kind design
/kind documentation
/kind failing-test
/kind feature
/kind flake

/kind bug

What this PR does / why we need it:

PR #77906 allows Kubelet to run with no Azure identity:

Kubelet could be run with no Azure identity now. A sample cloud provider configure is: {"vmType": "vmss", "useInstanceMetadata": true, "subscriptionId": "<subscriptionId>"}

But actually, subscriptionId could also be got from IMDS.

Also, when getting availability zones, location from IMDS should be used instead of cloud-config file:

kubernetes/staging/src/k8s.io/legacy-cloud-providers/azure/azure_zones.go

Lines 75 to 77 in 2974adf

return cloudprovider.Zone{
FailureDomain: zone,
Region: az.Location,

This PR fixes those issues by getting location and subscriptionId from IMDS.

Which issue(s) this PR fixes:

Fixes #81496
Fixes kubernetes-sigs/cloud-provider-azure#219

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

Kubelet could be run with no Azure identity without subscriptionId configured now.
A sample cloud provider configure is: '{"vmType": "vmss", "useInstanceMetadata": true}'.

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

/sig cloud-provider
/priority important-soon
/area provider/azure

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/bug Categorizes issue or PR as related to a bug. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. sig/cloud-provider Categorizes an issue or PR as relevant to SIG Cloud Provider. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. area/provider/azure Issues or PRs related to azure provider labels Aug 16, 2019
@feiskyer
Copy link
Member Author

/assign @andyzhangx

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: feiskyer

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. area/cloudprovider labels Aug 16, 2019
@feiskyer
Copy link
Member Author

/test pull-kubernetes-e2e-aks-engine-azure

@feiskyer
Copy link
Member Author

/retest

andyzhangx
andyzhangx reviewed Aug 16, 2019
View reviewed changes
staging/src/k8s.io/legacy-cloud-providers/azure/azure_instance_metadata.go
@@ -111,7 +113,7 @@ func (ims *InstanceMetadataService) getInstanceMetadata(key string) (interface{}

q := req.URL.Query()
q.Add("format", "json")
q.Add("api-version", "2017-12-01")
q.Add("api-version", "2019-03-11")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

where is this 2019-03-11 version from?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

from IMDS documentation, https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service

staging/src/k8s.io/legacy-cloud-providers/azure/azure_instances.go

// Compose instanceID based on nodeName for standard instance.
if az.VMType == vmTypeStandard {
return az.getStandardMachineID(resourceGroup, nodeName), nil
if metadata.Compute.VMScaleSetName == "" {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why not use if az.VMType == vmTypeStandard?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this increase robustness, so that even vmtype is not configured, we could still figure out the right vmtype.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I did run into the issue with vmtype not being specified for scalesets, so great addition

andyzhangx
andyzhangx approved these changes Aug 16, 2019
View reviewed changes
Copy link
Member

@andyzhangx andyzhangx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 16, 2019
@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

@k8s-ci-robot k8s-ci-robot merged commit 667ea63 into kubernetes:master Aug 17, 2019
@k8s-ci-robot k8s-ci-robot added this to the v1.16 milestone Aug 17, 2019
@feiskyer feiskyer deleted the fix-81496 branch August 17, 2019 12:18
@jim-minter jim-minter mentioned this pull request Dec 4, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mlushpenko mlushpenko mlushpenko left review comments

@andyzhangx andyzhangx andyzhangx approved these changes

@brendandburns brendandburns Awaiting requested review from brendandburns

@karataliu karataliu Awaiting requested review from karataliu

Assignees

@andyzhangx andyzhangx

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/cloudprovider area/provider/azure Issues or PRs related to azure provider cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/cloud-provider Categorizes an issue or PR as relevant to SIG Cloud Provider. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
v1.16
5 participants
@feiskyer @k8s-ci-robot @fejta-bot @mlushpenko @andyzhangx