From 8311ce18da32883d6911065b7a4db13fa172d721 Mon Sep 17 00:00:00 2001 From: Peter Rifel Date: Mon, 18 Dec 2023 21:41:14 -0600 Subject: [PATCH 1/3] Ignore cert-manager in LBC's webhooks LBC depends on cert-manager but kops can get in a circular dependency loop when applying these manifests on a new cluster. The cert-manager pods wont be created because the LBC webhook on "CREATE pods" isn't working yet, but LBC pod cant be created because it depends on a secret volume mount created by cert-manager --- .../k8s-1.19.yaml.template | 2 ++ 1 file changed, 2 insertions(+) diff --git a/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template b/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template index 60f1232d48..d287dfb24e 100644 --- a/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template +++ b/upup/models/cloudup/resources/addons/aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml.template @@ -1008,6 +1008,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" @@ -1039,6 +1040,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" From 25d0509e47e0b296421affb09695d571860f57c7 Mon Sep 17 00:00:00 2001 From: Peter Rifel Date: Mon, 18 Dec 2023 21:45:43 -0600 Subject: [PATCH 2/3] ./hack/update-expected.sh Signed-off-by: Peter Rifel --- ...-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content | 2 ++ .../aws_s3_object_minimal.example.com-addons-bootstrap_content | 2 +- ...-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content | 2 ++ .../aws_s3_object_minimal.example.com-addons-bootstrap_content | 2 +- ...-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content | 2 ++ .../aws_s3_object_minimal.example.com-addons-bootstrap_content | 2 +- ...-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content | 2 ++ .../aws_s3_object_minimal.example.com-addons-bootstrap_content | 2 +- ...-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content | 2 ++ .../aws_s3_object_minimal.example.com-addons-bootstrap_content | 2 +- ...-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content | 2 ++ .../aws_s3_object_minimal.example.com-addons-bootstrap_content | 2 +- ...-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content | 2 ++ ...s_s3_object_many-addons.example.com-addons-bootstrap_content | 2 +- 14 files changed, 21 insertions(+), 7 deletions(-) diff --git a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index d9b0327306..e34d5de691 100644 --- a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -1063,6 +1063,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" @@ -1094,6 +1095,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" diff --git a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 793b783c42..d368535405 100644 --- a/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/aws-lb-controller/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -148,7 +148,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 62e52a735ecf0a976a1ca912758a92ddb9ffbac09d4f7cd0e2331f1d3e702f89 + manifestHash: 1c7618e2ac4639ab78b8cab895782fc62d521f4fd208b4bff4a0558fa771afc3 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index d9b0327306..e34d5de691 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -1063,6 +1063,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" @@ -1094,6 +1095,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 79208e674c..86f07fd804 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -163,7 +163,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 62e52a735ecf0a976a1ca912758a92ddb9ffbac09d4f7cd0e2331f1d3e702f89 + manifestHash: 1c7618e2ac4639ab78b8cab895782fc62d521f4fd208b4bff4a0558fa771afc3 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index d9b0327306..e34d5de691 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -1063,6 +1063,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" @@ -1094,6 +1095,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index b90ea1dade..ed5c2d94ec 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa24/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -170,7 +170,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 62e52a735ecf0a976a1ca912758a92ddb9ffbac09d4f7cd0e2331f1d3e702f89 + manifestHash: 1c7618e2ac4639ab78b8cab895782fc62d521f4fd208b4bff4a0558fa771afc3 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index d9b0327306..e34d5de691 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -1063,6 +1063,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" @@ -1094,6 +1095,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index ca446a284b..d49bc22ba1 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa25/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -170,7 +170,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 62e52a735ecf0a976a1ca912758a92ddb9ffbac09d4f7cd0e2331f1d3e702f89 + manifestHash: 1c7618e2ac4639ab78b8cab895782fc62d521f4fd208b4bff4a0558fa771afc3 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index d9b0327306..e34d5de691 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -1063,6 +1063,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" @@ -1094,6 +1095,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" diff --git a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 09cb464c77..b59b646a13 100644 --- a/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm-irsa26/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -171,7 +171,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 62e52a735ecf0a976a1ca912758a92ddb9ffbac09d4f7cd0e2331f1d3e702f89 + manifestHash: 1c7618e2ac4639ab78b8cab895782fc62d521f4fd208b4bff4a0558fa771afc3 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index 141d4e22b6..4293a17bb2 100644 --- a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -1069,6 +1069,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" @@ -1100,6 +1101,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" diff --git a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content index 683f4104ee..aa2eb6e923 100644 --- a/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons-ccm/data/aws_s3_object_minimal.example.com-addons-bootstrap_content @@ -163,7 +163,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: 35f62f8f1ce737681494453c1ca84ebebcdde1baeefd414edeedb1f396e5dc3c + manifestHash: 4b7e10379beabe347fe4d72ddfc00ae77daab278c65251f5a8a56a6e91c2a907 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: diff --git a/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content b/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content index e3b62f49fd..aef25a991c 100644 --- a/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content +++ b/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-aws-load-balancer-controller.addons.k8s.io-k8s-1.19_content @@ -1069,6 +1069,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" @@ -1100,6 +1101,7 @@ webhooks: operator: NotIn values: - aws-load-balancer-controller + - cert-manager rules: - apiGroups: - "" diff --git a/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-bootstrap_content b/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-bootstrap_content index 3b8a615e8b..85ae398e71 100644 --- a/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-bootstrap_content +++ b/tests/integration/update_cluster/many-addons/data/aws_s3_object_many-addons.example.com-addons-bootstrap_content @@ -163,7 +163,7 @@ spec: version: 9.99.0 - id: k8s-1.19 manifest: aws-load-balancer-controller.addons.k8s.io/k8s-1.19.yaml - manifestHash: a2f8441f322c19711b1ea935c5eb21e9fa2a231e86c898f6eddf0279ad9c361c + manifestHash: ea17759bdf2e9ace58d6cd23a0f5f0697736eef8e52a25a30c3bbef8b77aaa48 name: aws-load-balancer-controller.addons.k8s.io needsPKI: true selector: From 7e78ef5bba5d468e508b6cafb1d1c8d21c6601aa Mon Sep 17 00:00:00 2001 From: Peter Rifel Date: Tue, 19 Dec 2023 18:36:44 -0600 Subject: [PATCH 3/3] Use amd64 for LBC test nodes --- tests/e2e/scenarios/aws-lb-controller/run-test.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/e2e/scenarios/aws-lb-controller/run-test.sh b/tests/e2e/scenarios/aws-lb-controller/run-test.sh index 4ae6fa2388..2f5b965150 100755 --- a/tests/e2e/scenarios/aws-lb-controller/run-test.sh +++ b/tests/e2e/scenarios/aws-lb-controller/run-test.sh @@ -25,8 +25,8 @@ NETWORKING="amazonvpc" OVERRIDES="${OVERRIDES-} --set=cluster.spec.cloudProvider.aws.loadBalancerController.enabled=true" OVERRIDES="${OVERRIDES} --set=cluster.spec.certManager.enabled=true" -OVERRIDES="${OVERRIDES} --master-size=t4g.medium --node-size=t4g.medium" -OVERRIDES="${OVERRIDES} --image=${INSTANCE_IMAGE:-099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-arm64-server-20230811}" +OVERRIDES="${OVERRIDES} --master-size=t3.medium --node-size=t3.medium" # Use amd64 because LBC's E2E suite uses single-arch amd64 test images +OVERRIDES="${OVERRIDES} --image=${INSTANCE_IMAGE:-099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20231208}" # shellcheck disable=SC2034 ZONES="eu-west-1a,eu-west-1b,eu-west-1c"