From 50776a7e9228d9ba8c44dc0c641941eb221b0ceb Mon Sep 17 00:00:00 2001 From: justinsb Date: Sat, 26 Aug 2023 08:36:30 -0400 Subject: [PATCH 1/2] Refactor ForAPIServer We instead return a list of the services we are supporting. We can in future split out internal and external apiserver services. --- pkg/commands/toolbox_enroll.go | 21 ++++++++---- pkg/model/awsmodel/api_loadbalancer.go | 16 +++++---- pkg/model/bootstrapscript.go | 33 ++++++++++++------- pkg/model/bootstrapscript_test.go | 2 +- pkg/model/domodel/api_loadbalancer.go | 16 ++++----- pkg/model/gcemodel/api_loadbalancer.go | 17 +++++++--- pkg/model/hetznermodel/loadbalancer.go | 3 ++ pkg/model/openstackmodel/servergroup.go | 15 +++------ pkg/model/openstackmodel/servergroup_test.go | 2 +- pkg/model/scalewaymodel/api_loadbalancer.go | 7 ++-- pkg/wellknownservices/wellknownservices.go | 27 +++++++++++++++ upup/pkg/fi/cloudup/apply_cluster.go | 9 ++--- .../cloudup/awstasks/classic_load_balancer.go | 16 ++++++--- .../cloudup/awstasks/network_load_balancer.go | 16 ++++++--- .../pkg/fi/cloudup/azuretasks/loadbalancer.go | 5 +-- upup/pkg/fi/cloudup/dotasks/loadbalancer.go | 28 +++++++++------- upup/pkg/fi/cloudup/gcetasks/address.go | 14 +++++--- .../fi/cloudup/hetznertasks/loadbalancer.go | 11 +++++-- .../fi/cloudup/openstacktasks/floatingip.go | 22 ++++++++----- .../pkg/fi/cloudup/openstacktasks/instance.go | 16 ++++++--- upup/pkg/fi/cloudup/openstacktasks/port.go | 4 ++- .../fi/cloudup/scalewaytasks/loadbalancer.go | 26 +++++++++------ upup/pkg/fi/has_address.go | 8 +++-- 23 files changed, 219 insertions(+), 115 deletions(-) create mode 100644 pkg/wellknownservices/wellknownservices.go diff --git a/pkg/commands/toolbox_enroll.go b/pkg/commands/toolbox_enroll.go index bde1a5afd1..254fa2959d 100644 --- a/pkg/commands/toolbox_enroll.go +++ b/pkg/commands/toolbox_enroll.go @@ -47,7 +47,9 @@ import ( "k8s.io/kops/pkg/client/simple" "k8s.io/kops/pkg/commands/commandutils" "k8s.io/kops/pkg/featureflag" + "k8s.io/kops/pkg/model" "k8s.io/kops/pkg/model/resources" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup" "k8s.io/kops/util/pkg/architectures" @@ -104,7 +106,8 @@ func RunToolboxEnroll(ctx context.Context, f commandutils.Factory, out io.Writer return err } - apiserverAdditionalIPs := []string{} + wellKnownAddresses := make(model.WellKnownAddresses) + { ingresses, err := cloud.GetApiIngressStatus(cluster) if err != nil { @@ -117,17 +120,21 @@ func RunToolboxEnroll(ctx context.Context, f commandutils.Factory, out io.Writer // apiserverAdditionalIPs = append(apiserverAdditionalIPs, ingress.Hostname) // } if ingress.IP != "" { - apiserverAdditionalIPs = append(apiserverAdditionalIPs, ingress.IP) + wellKnownAddresses[wellknownservices.KubeAPIServer] = append(wellKnownAddresses[wellknownservices.KubeAPIServer], ingress.IP) } } } - if len(apiserverAdditionalIPs) == 0 { + if len(wellKnownAddresses[wellknownservices.KubeAPIServer]) == 0 { // TODO: Should we support DNS? - return fmt.Errorf("unable to determine IP address for kops-controller") + return fmt.Errorf("unable to determine IP address for kube-apiserver") } - scriptBytes, err := buildBootstrapData(ctx, clientset, cluster, ig, apiserverAdditionalIPs) + for k := range wellKnownAddresses { + sort.Strings(wellKnownAddresses[k]) + } + + scriptBytes, err := buildBootstrapData(ctx, clientset, cluster, ig, wellKnownAddresses) if err != nil { return err } @@ -390,7 +397,7 @@ func (s *SSHHost) getHostname(ctx context.Context) (string, error) { return hostname, nil } -func buildBootstrapData(ctx context.Context, clientset simple.Clientset, cluster *kops.Cluster, ig *kops.InstanceGroup, apiserverAdditionalIPs []string) ([]byte, error) { +func buildBootstrapData(ctx context.Context, clientset simple.Clientset, cluster *kops.Cluster, ig *kops.InstanceGroup, wellknownAddresses model.WellKnownAddresses) ([]byte, error) { if cluster.Spec.KubeAPIServer == nil { cluster.Spec.KubeAPIServer = &kops.KubeAPIServerConfig{} } @@ -451,7 +458,7 @@ func buildBootstrapData(ctx context.Context, clientset simple.Clientset, cluster keysets[keyName] = keyset } - _, bootConfig, err := configBuilder.BuildConfig(ig, apiserverAdditionalIPs, keysets) + _, bootConfig, err := configBuilder.BuildConfig(ig, wellknownAddresses, keysets) if err != nil { return nil, err } diff --git a/pkg/model/awsmodel/api_loadbalancer.go b/pkg/model/awsmodel/api_loadbalancer.go index b5158ca6e0..620f1d01c4 100644 --- a/pkg/model/awsmodel/api_loadbalancer.go +++ b/pkg/model/awsmodel/api_loadbalancer.go @@ -25,6 +25,7 @@ import ( "k8s.io/klog/v2" "k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/wellknownports" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/awstasks" ) @@ -187,10 +188,10 @@ func (b *APILoadBalancerBuilder) Build(c *fi.CloudupModelBuilderContext) error { Listeners: nlbListeners, TargetGroups: make([]*awstasks.TargetGroup, 0), - Tags: tags, - ForAPIServer: true, - VPC: b.LinkToVPC(), - Type: fi.PtrTo("network"), + Tags: tags, + WellKnownServices: []wellknownservices.WellKnownService{wellknownservices.KubeAPIServer}, + VPC: b.LinkToVPC(), + Type: fi.PtrTo("network"), } clb = &awstasks.ClassicLoadBalancer{ @@ -222,8 +223,8 @@ func (b *APILoadBalancerBuilder) Build(c *fi.CloudupModelBuilderContext) error { Timeout: fi.PtrTo(int64(300)), }, - Tags: tags, - ForAPIServer: true, + Tags: tags, + WellKnownServices: []wellknownservices.WellKnownService{wellknownservices.KubeAPIServer}, } if b.Cluster.UsesNoneDNS() { @@ -536,6 +537,9 @@ func (b *APILoadBalancerBuilder) Build(c *fi.CloudupModelBuilderContext) error { ToPort: fi.PtrTo(int64(4)), }) if b.Cluster.UsesNoneDNS() { + nlb.WellKnownServices = append(nlb.WellKnownServices, wellknownservices.KopsController) + clb.WellKnownServices = append(clb.WellKnownServices, wellknownservices.KopsController) + c.AddTask(&awstasks.SecurityGroupRule{ Name: fi.PtrTo(fmt.Sprintf("kops-controller-elb-to-cp%s", suffix)), Lifecycle: b.SecurityLifecycle, diff --git a/pkg/model/bootstrapscript.go b/pkg/model/bootstrapscript.go index d8fa195da6..b7e8e8ac65 100644 --- a/pkg/model/bootstrapscript.go +++ b/pkg/model/bootstrapscript.go @@ -30,6 +30,7 @@ import ( "k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/apis/nodeup" "k8s.io/kops/pkg/model/resources" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/awsup" "k8s.io/kops/upup/pkg/fi/cloudup/scaleway" @@ -40,9 +41,12 @@ import ( ) type NodeUpConfigBuilder interface { - BuildConfig(ig *kops.InstanceGroup, apiserverAdditionalIPs []string, keysets map[string]*fi.Keyset) (*nodeup.Config, *nodeup.BootConfig, error) + BuildConfig(ig *kops.InstanceGroup, wellKnownAddresses WellKnownAddresses, keysets map[string]*fi.Keyset) (*nodeup.Config, *nodeup.BootConfig, error) } +// WellKnownAddresses holds known addresses for well-known services +type WellKnownAddresses map[wellknownservices.WellKnownService][]string + // BootstrapScriptBuilder creates the bootstrap script type BootstrapScriptBuilder struct { *KopsModelContext @@ -58,8 +62,9 @@ type BootstrapScript struct { ig *kops.InstanceGroup builder *BootstrapScriptBuilder resource fi.CloudupTaskDependentResource - // alternateNameTasks are tasks that contribute api-server IP addresses. - alternateNameTasks []fi.HasAddress + + // hasAddressTasks holds fi.HasAddress tasks, that contribute well-known services. + hasAddressTasks []fi.HasAddress // caTasks hold the CA tasks, for dependency analysis. caTasks map[string]*fitasks.Keypair @@ -76,9 +81,9 @@ var ( // kubeEnv returns the boot config for the instance group func (b *BootstrapScript) kubeEnv(ig *kops.InstanceGroup, c *fi.CloudupContext) (*nodeup.BootConfig, error) { - var alternateNames []string + wellKnownAddresses := make(WellKnownAddresses) - for _, hasAddress := range b.alternateNameTasks { + for _, hasAddress := range b.hasAddressTasks { addresses, err := hasAddress.FindAddresses(c) if err != nil { return nil, fmt.Errorf("error finding address for %v: %v", hasAddress, err) @@ -88,13 +93,17 @@ func (b *BootstrapScript) kubeEnv(ig *kops.InstanceGroup, c *fi.CloudupContext) klog.V(2).Infof("Task did not have an address: %v", hasAddress) continue } - for _, address := range addresses { - klog.V(8).Infof("Resolved alternateName %q for %q", address, hasAddress) - alternateNames = append(alternateNames, address) + + klog.V(8).Infof("Resolved alternateNames %q for %q", addresses, hasAddress) + + for _, wellKnownService := range hasAddress.GetWellKnownServices() { + wellKnownAddresses[wellKnownService] = append(wellKnownAddresses[wellKnownService], addresses...) } } - sort.Strings(alternateNames) + for k := range wellKnownAddresses { + sort.Strings(wellKnownAddresses[k]) + } keysets := make(map[string]*fi.Keyset) for _, caTask := range b.caTasks { @@ -105,7 +114,7 @@ func (b *BootstrapScript) kubeEnv(ig *kops.InstanceGroup, c *fi.CloudupContext) } keysets[name] = keyset } - config, bootConfig, err := b.builder.NodeUpConfigBuilder.BuildConfig(ig, alternateNames, keysets) + config, bootConfig, err := b.builder.NodeUpConfigBuilder.BuildConfig(ig, wellKnownAddresses, keysets) if err != nil { return nil, err } @@ -288,9 +297,9 @@ func (b *BootstrapScript) GetDependencies(tasks map[string]fi.CloudupTask) []fi. var deps []fi.CloudupTask for _, task := range tasks { - if hasAddress, ok := task.(fi.HasAddress); ok && hasAddress.IsForAPIServer() { + if hasAddress, ok := task.(fi.HasAddress); ok && len(hasAddress.GetWellKnownServices()) > 0 { deps = append(deps, task) - b.alternateNameTasks = append(b.alternateNameTasks, hasAddress) + b.hasAddressTasks = append(b.hasAddressTasks, hasAddress) } } diff --git a/pkg/model/bootstrapscript_test.go b/pkg/model/bootstrapscript_test.go index 26eadfc46c..da82df7bca 100644 --- a/pkg/model/bootstrapscript_test.go +++ b/pkg/model/bootstrapscript_test.go @@ -72,7 +72,7 @@ type nodeupConfigBuilder struct { cluster *kops.Cluster } -func (n *nodeupConfigBuilder) BuildConfig(ig *kops.InstanceGroup, apiserverAdditionalIPs []string, keysets map[string]*fi.Keyset) (*nodeup.Config, *nodeup.BootConfig, error) { +func (n *nodeupConfigBuilder) BuildConfig(ig *kops.InstanceGroup, wellKnownAddresses WellKnownAddresses, keysets map[string]*fi.Keyset) (*nodeup.Config, *nodeup.BootConfig, error) { config, bootConfig := nodeup.NewConfig(n.cluster, ig) return config, bootConfig, nil } diff --git a/pkg/model/domodel/api_loadbalancer.go b/pkg/model/domodel/api_loadbalancer.go index c8d9ae58f1..3fd2b24d6e 100644 --- a/pkg/model/domodel/api_loadbalancer.go +++ b/pkg/model/domodel/api_loadbalancer.go @@ -20,6 +20,7 @@ import ( "fmt" "k8s.io/kops/pkg/apis/kops" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/do" "k8s.io/kops/upup/pkg/fi/cloudup/dotasks" @@ -60,10 +61,11 @@ func (b *APILoadBalancerModelBuilder) Build(c *fi.CloudupModelBuilderContext) er // Create LoadBalancer for API LB loadbalancer := &dotasks.LoadBalancer{ - Name: fi.PtrTo(loadbalancerName), - Region: fi.PtrTo(b.Cluster.Spec.Networking.Subnets[0].Region), - DropletTag: fi.PtrTo(clusterMasterTag), - Lifecycle: b.Lifecycle, + Name: fi.PtrTo(loadbalancerName), + Region: fi.PtrTo(b.Cluster.Spec.Networking.Subnets[0].Region), + DropletTag: fi.PtrTo(clusterMasterTag), + Lifecycle: b.Lifecycle, + WellKnownServices: []wellknownservices.WellKnownService{wellknownservices.KopsController, wellknownservices.KubeAPIServer}, } if b.Cluster.Spec.Networking.NetworkID != "" { @@ -76,11 +78,5 @@ func (b *APILoadBalancerModelBuilder) Build(c *fi.CloudupModelBuilderContext) er c.AddTask(loadbalancer) - // Ensure the LB hostname is included in the TLS certificate, - // if we're not going to use an alias for it - if b.Cluster.UsesLegacyGossip() || b.Cluster.UsesPrivateDNS() || b.Cluster.UsesNoneDNS() { - loadbalancer.ForAPIServer = true - } - return nil } diff --git a/pkg/model/gcemodel/api_loadbalancer.go b/pkg/model/gcemodel/api_loadbalancer.go index a2e93e9574..5fecf77a17 100644 --- a/pkg/model/gcemodel/api_loadbalancer.go +++ b/pkg/model/gcemodel/api_loadbalancer.go @@ -23,6 +23,7 @@ import ( "golang.org/x/exp/slices" "k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/wellknownports" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/gce" "k8s.io/kops/upup/pkg/fi/cloudup/gcetasks" @@ -64,9 +65,10 @@ func (b *APILoadBalancerBuilder) createPublicLB(c *fi.CloudupModelBuilderContext c.AddTask(poolHealthCheck) ipAddress := &gcetasks.Address{ - Name: s(b.NameForIPAddress("api")), - ForAPIServer: true, - Lifecycle: b.Lifecycle, + Name: s(b.NameForIPAddress("api")), + + Lifecycle: b.Lifecycle, + WellKnownServices: []wellknownservices.WellKnownService{wellknownservices.KubeAPIServer}, } c.AddTask(ipAddress) @@ -86,6 +88,8 @@ func (b *APILoadBalancerBuilder) createPublicLB(c *fi.CloudupModelBuilderContext }, }) if b.Cluster.UsesNoneDNS() { + ipAddress.WellKnownServices = append(ipAddress.WellKnownServices, wellknownservices.KopsController) + c.AddTask(&gcetasks.ForwardingRule{ Name: s(b.NameForForwardingRule("kops-controller")), Lifecycle: b.Lifecycle, @@ -203,8 +207,9 @@ func (b *APILoadBalancerBuilder) createInternalLB(c *fi.CloudupModelBuilderConte IPAddressType: s("INTERNAL"), Purpose: s("SHARED_LOADBALANCER_VIP"), Subnetwork: subnet, - ForAPIServer: true, - Lifecycle: b.Lifecycle, + + WellKnownServices: []wellknownservices.WellKnownService{wellknownservices.KubeAPIServer}, + Lifecycle: b.Lifecycle, } c.AddTask(ipAddress) @@ -224,6 +229,8 @@ func (b *APILoadBalancerBuilder) createInternalLB(c *fi.CloudupModelBuilderConte }, }) if b.Cluster.UsesNoneDNS() { + ipAddress.WellKnownServices = append(ipAddress.WellKnownServices, wellknownservices.KopsController) + c.AddTask(&gcetasks.ForwardingRule{ Name: s(b.NameForForwardingRule("kops-controller-" + sn.Name)), Lifecycle: b.Lifecycle, diff --git a/pkg/model/hetznermodel/loadbalancer.go b/pkg/model/hetznermodel/loadbalancer.go index 5845980b82..8e82a7107b 100644 --- a/pkg/model/hetznermodel/loadbalancer.go +++ b/pkg/model/hetznermodel/loadbalancer.go @@ -23,6 +23,7 @@ import ( "github.com/hetznercloud/hcloud-go/hcloud" "k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/wellknownports" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/hetzner" "k8s.io/kops/upup/pkg/fi/cloudup/hetznertasks" @@ -63,6 +64,8 @@ func (b *LoadBalancerModelBuilder) Build(c *fi.CloudupModelBuilderContext) error Labels: map[string]string{ hetzner.TagKubernetesClusterName: b.ClusterName(), }, + + WellKnownServices: []wellknownservices.WellKnownService{wellknownservices.KubeAPIServer, wellknownservices.KopsController}, } c.AddTask(&loadbalancer) diff --git a/pkg/model/openstackmodel/servergroup.go b/pkg/model/openstackmodel/servergroup.go index d4aca7d2b7..b568f938f7 100644 --- a/pkg/model/openstackmodel/servergroup.go +++ b/pkg/model/openstackmodel/servergroup.go @@ -28,6 +28,7 @@ import ( "k8s.io/kops/pkg/model" "k8s.io/kops/pkg/truncate" "k8s.io/kops/pkg/wellknownports" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/openstack" "k8s.io/kops/upup/pkg/fi/cloudup/openstacktasks" @@ -240,7 +241,9 @@ func (b *ServerGroupModelBuilder) buildInstances(c *fi.CloudupModelBuilderContex } c.AddTask(t) if ig.Spec.Role == kops.InstanceGroupRoleControlPlane { - b.associateFIPToKeypair(t) + // Ensure the floating IP is included in the TLS certificate, + // if we're not going to use an alias for it + t.WellKnownServices = append(t.WellKnownServices, wellknownservices.KubeAPIServer, wellknownservices.KopsController) } instanceTask.FloatingIP = t } @@ -250,12 +253,6 @@ func (b *ServerGroupModelBuilder) buildInstances(c *fi.CloudupModelBuilderContex return nil } -func (b *ServerGroupModelBuilder) associateFIPToKeypair(fipTask *openstacktasks.FloatingIP) { - // Ensure the floating IP is included in the TLS certificate, - // if we're not going to use an alias for it - fipTask.ForAPIServer = true -} - func (b *ServerGroupModelBuilder) Build(c *fi.CloudupModelBuilderContext) error { clusterName := b.ClusterName() @@ -340,9 +337,7 @@ func (b *ServerGroupModelBuilder) Build(c *fi.CloudupModelBuilderContext) error } c.AddTask(lbfipTask) - if b.Cluster.UsesLegacyGossip() || b.Cluster.UsesPrivateDNS() || b.Cluster.UsesNoneDNS() { - b.associateFIPToKeypair(lbfipTask) - } + lbfipTask.WellKnownServices = append(lbfipTask.WellKnownServices, wellknownservices.KubeAPIServer) poolTask := &openstacktasks.LBPool{ Name: fi.PtrTo(fmt.Sprintf("%s-https", fi.ValueOf(lbTask.Name))), diff --git a/pkg/model/openstackmodel/servergroup_test.go b/pkg/model/openstackmodel/servergroup_test.go index 13417425cb..95f7eba800 100644 --- a/pkg/model/openstackmodel/servergroup_test.go +++ b/pkg/model/openstackmodel/servergroup_test.go @@ -1548,7 +1548,7 @@ func createBuilderForCluster(cluster *kops.Cluster, instanceGroups []*kops.Insta type nodeupConfigBuilder struct{} -func (n *nodeupConfigBuilder) BuildConfig(ig *kops.InstanceGroup, apiserverAdditionalIPs []string, keysets map[string]*fi.Keyset) (*nodeup.Config, *nodeup.BootConfig, error) { +func (n *nodeupConfigBuilder) BuildConfig(ig *kops.InstanceGroup, wellKnownAddresses model.WellKnownAddresses, keysets map[string]*fi.Keyset) (*nodeup.Config, *nodeup.BootConfig, error) { return &nodeup.Config{}, &nodeup.BootConfig{}, nil } diff --git a/pkg/model/scalewaymodel/api_loadbalancer.go b/pkg/model/scalewaymodel/api_loadbalancer.go index 063234e061..e50ddb7fdd 100644 --- a/pkg/model/scalewaymodel/api_loadbalancer.go +++ b/pkg/model/scalewaymodel/api_loadbalancer.go @@ -25,6 +25,7 @@ import ( "k8s.io/kops/pkg/apis/kops" "k8s.io/kops/pkg/dns" "k8s.io/kops/pkg/wellknownports" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/scaleway" "k8s.io/kops/upup/pkg/fi/cloudup/scalewaytasks" @@ -81,6 +82,7 @@ func (b *APILoadBalancerModelBuilder) Build(c *fi.CloudupModelBuilderContext) er c.AddTask(loadBalancer) + loadBalancer.WellKnownServices = append(loadBalancer.WellKnownServices, wellknownservices.KubeAPIServer) lbBackendHttps, lbFrontendHttps := createLbBackendAndFrontend("https", wellknownports.KubeAPIServer, zone, loadBalancer) lbBackendHttps.Lifecycle = b.Lifecycle c.AddTask(lbBackendHttps) @@ -88,10 +90,7 @@ func (b *APILoadBalancerModelBuilder) Build(c *fi.CloudupModelBuilderContext) er c.AddTask(lbFrontendHttps) if dns.IsGossipClusterName(b.Cluster.Name) || b.Cluster.UsesPrivateDNS() || b.Cluster.UsesNoneDNS() { - // Ensure the LB hostname is included in the TLS certificate, - // if we're not going to use an alias for it - loadBalancer.ForAPIServer = true - + loadBalancer.WellKnownServices = append(loadBalancer.WellKnownServices, wellknownservices.KopsController) lbBackendKopsController, lbFrontendKopsController := createLbBackendAndFrontend("kops-controller", wellknownports.KopsControllerPort, zone, loadBalancer) lbBackendKopsController.Lifecycle = b.Lifecycle c.AddTask(lbBackendKopsController) diff --git a/pkg/wellknownservices/wellknownservices.go b/pkg/wellknownservices/wellknownservices.go new file mode 100644 index 0000000000..36547a0980 --- /dev/null +++ b/pkg/wellknownservices/wellknownservices.go @@ -0,0 +1,27 @@ +/* +Copyright 2023 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package wellknownservices + +type WellKnownService string + +const ( + // KubeAPIServer is the service where kube-apiserver listens. + KubeAPIServer WellKnownService = "kube-apiserver" + + // KopsController is the service where kops-controller listens. + KopsController WellKnownService = "kops-controller" +) diff --git a/upup/pkg/fi/cloudup/apply_cluster.go b/upup/pkg/fi/cloudup/apply_cluster.go index 24811d15ce..0918894b1c 100644 --- a/upup/pkg/fi/cloudup/apply_cluster.go +++ b/upup/pkg/fi/cloudup/apply_cluster.go @@ -59,6 +59,7 @@ import ( "k8s.io/kops/pkg/model/scalewaymodel" "k8s.io/kops/pkg/templates" "k8s.io/kops/pkg/wellknownports" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/models" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/awsup" @@ -1346,7 +1347,7 @@ func NewNodeUpConfigBuilder(cluster *kops.Cluster, assetBuilder *assets.AssetBui } // BuildConfig returns the NodeUp config and auxiliary config. -func (n *nodeUpConfigBuilder) BuildConfig(ig *kops.InstanceGroup, apiserverAdditionalIPs []string, keysets map[string]*fi.Keyset) (*nodeup.Config, *nodeup.BootConfig, error) { +func (n *nodeUpConfigBuilder) BuildConfig(ig *kops.InstanceGroup, wellKnownAddresses model.WellKnownAddresses, keysets map[string]*fi.Keyset) (*nodeup.Config, *nodeup.BootConfig, error) { cluster := n.cluster if ig == nil { @@ -1449,7 +1450,7 @@ func (n *nodeUpConfigBuilder) BuildConfig(ig *kops.InstanceGroup, apiserverAddit } if hasAPIServer { - config.ApiserverAdditionalIPs = apiserverAdditionalIPs + config.ApiserverAdditionalIPs = wellKnownAddresses[wellknownservices.KubeAPIServer] } // Set API server address to an IP from the cluster network CIDR @@ -1457,7 +1458,7 @@ func (n *nodeUpConfigBuilder) BuildConfig(ig *kops.InstanceGroup, apiserverAddit switch cluster.Spec.GetCloudProvider() { case kops.CloudProviderAWS, kops.CloudProviderHetzner, kops.CloudProviderOpenstack: // Use a private IP address that belongs to the cluster network CIDR (some additional addresses may be FQDNs or public IPs) - for _, additionalIP := range apiserverAdditionalIPs { + for _, additionalIP := range wellKnownAddresses[wellknownservices.KubeAPIServer] { for _, networkCIDR := range append(cluster.Spec.Networking.AdditionalNetworkCIDRs, cluster.Spec.Networking.NetworkCIDR) { _, cidr, err := net.ParseCIDR(networkCIDR) if err != nil { @@ -1471,7 +1472,7 @@ func (n *nodeUpConfigBuilder) BuildConfig(ig *kops.InstanceGroup, apiserverAddit case kops.CloudProviderDO, kops.CloudProviderScaleway, kops.CloudProviderGCE, kops.CloudProviderAzure: // Use any IP address that is found (including public ones) - for _, additionalIP := range apiserverAdditionalIPs { + for _, additionalIP := range wellKnownAddresses[wellknownservices.KubeAPIServer] { controlPlaneIPs = append(controlPlaneIPs, additionalIP) } } diff --git a/upup/pkg/fi/cloudup/awstasks/classic_load_balancer.go b/upup/pkg/fi/cloudup/awstasks/classic_load_balancer.go index 45cb7ed98e..0b57b3450f 100644 --- a/upup/pkg/fi/cloudup/awstasks/classic_load_balancer.go +++ b/upup/pkg/fi/cloudup/awstasks/classic_load_balancer.go @@ -27,6 +27,7 @@ import ( "github.com/aws/aws-sdk-go/service/elb" "github.com/aws/aws-sdk-go/service/route53" "k8s.io/klog/v2" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/awsup" "k8s.io/kops/upup/pkg/fi/cloudup/terraform" @@ -67,11 +68,14 @@ type ClassicLoadBalancer struct { CrossZoneLoadBalancing *ClassicLoadBalancerCrossZoneLoadBalancing SSLCertificateID string - Tags map[string]string - ForAPIServer bool + Tags map[string]string // Shared is set if this is an external LB (one we don't create or own) Shared *bool + + // WellKnownServices indicates which services are supported by this resource. + // This field is internal and is not rendered to the cloud. + WellKnownServices []wellknownservices.WellKnownService } var _ fi.CompareWithID = &ClassicLoadBalancer{} @@ -229,7 +233,7 @@ func (e *ClassicLoadBalancer) Find(c *fi.CloudupContext) (*ClassicLoadBalancer, // Ignore system fields actual.Lifecycle = e.Lifecycle - actual.ForAPIServer = e.ForAPIServer + actual.WellKnownServices = e.WellKnownServices tagMap, err := cloud.DescribeELBTags([]string{*lb.LoadBalancerName}) if err != nil { @@ -341,8 +345,10 @@ func (e *ClassicLoadBalancer) Find(c *fi.CloudupContext) (*ClassicLoadBalancer, var _ fi.HasAddress = &ClassicLoadBalancer{} -func (e *ClassicLoadBalancer) IsForAPIServer() bool { - return e.ForAPIServer +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this address (likely attached to a load balancer). +func (e *ClassicLoadBalancer) GetWellKnownServices() []wellknownservices.WellKnownService { + return e.WellKnownServices } func (e *ClassicLoadBalancer) FindAddresses(context *fi.CloudupContext) ([]string, error) { diff --git a/upup/pkg/fi/cloudup/awstasks/network_load_balancer.go b/upup/pkg/fi/cloudup/awstasks/network_load_balancer.go index 6e5ff91fc1..9fc1a4a40a 100644 --- a/upup/pkg/fi/cloudup/awstasks/network_load_balancer.go +++ b/upup/pkg/fi/cloudup/awstasks/network_load_balancer.go @@ -28,6 +28,7 @@ import ( "github.com/aws/aws-sdk-go/service/elbv2" "github.com/aws/aws-sdk-go/service/route53" "k8s.io/klog/v2" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/awsup" "k8s.io/kops/upup/pkg/fi/cloudup/terraform" @@ -64,14 +65,17 @@ type NetworkLoadBalancer struct { IpAddressType *string - Tags map[string]string - ForAPIServer bool + Tags map[string]string Type *string VPC *VPC TargetGroups []*TargetGroup AccessLog *NetworkLoadBalancerAccessLog + + // WellKnownServices indicates which services are supported by this resource. + // This field is internal and is not rendered to the cloud. + WellKnownServices []wellknownservices.WellKnownService } var _ fi.CompareWithID = &NetworkLoadBalancer{} @@ -428,7 +432,7 @@ func (e *NetworkLoadBalancer) Find(c *fi.CloudupContext) (*NetworkLoadBalancer, } _ = actual.Normalize(c) - actual.ForAPIServer = e.ForAPIServer + actual.WellKnownServices = e.WellKnownServices actual.Lifecycle = e.Lifecycle klog.V(4).Infof("Found NLB %+v", actual) @@ -438,8 +442,10 @@ func (e *NetworkLoadBalancer) Find(c *fi.CloudupContext) (*NetworkLoadBalancer, var _ fi.HasAddress = &NetworkLoadBalancer{} -func (e *NetworkLoadBalancer) IsForAPIServer() bool { - return e.ForAPIServer +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this load balancer. +func (e *NetworkLoadBalancer) GetWellKnownServices() []wellknownservices.WellKnownService { + return e.WellKnownServices } func (e *NetworkLoadBalancer) FindAddresses(context *fi.CloudupContext) ([]string, error) { diff --git a/upup/pkg/fi/cloudup/azuretasks/loadbalancer.go b/upup/pkg/fi/cloudup/azuretasks/loadbalancer.go index bda71e0396..1d721c848f 100644 --- a/upup/pkg/fi/cloudup/azuretasks/loadbalancer.go +++ b/upup/pkg/fi/cloudup/azuretasks/loadbalancer.go @@ -55,8 +55,9 @@ func (lb *LoadBalancer) CompareWithID() *string { return lb.Name } -// IsForAPIServer for api server. -func (lb *LoadBalancer) IsForAPIServer() bool { +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this load balancer. +func (lb *LoadBalancer) GetWellKnownServices() bool { return lb.ForAPIServer } diff --git a/upup/pkg/fi/cloudup/dotasks/loadbalancer.go b/upup/pkg/fi/cloudup/dotasks/loadbalancer.go index 441cb1979b..45f22e8ef5 100644 --- a/upup/pkg/fi/cloudup/dotasks/loadbalancer.go +++ b/upup/pkg/fi/cloudup/dotasks/loadbalancer.go @@ -28,6 +28,7 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "k8s.io/klog/v2" "k8s.io/kops/pkg/wellknownports" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/do" "k8s.io/kops/util/pkg/vfs" @@ -39,13 +40,16 @@ type LoadBalancer struct { ID *string Lifecycle fi.Lifecycle - Region *string - DropletTag *string - IPAddress *string - VPCUUID *string - VPCName *string - NetworkCIDR *string - ForAPIServer bool + Region *string + DropletTag *string + IPAddress *string + VPCUUID *string + VPCName *string + NetworkCIDR *string + + // WellKnownServices indicates which services are supported by this resource. + // This field is internal and is not rendered to the cloud. + WellKnownServices []wellknownservices.WellKnownService } var readBackoff = wait.Backoff{ @@ -85,8 +89,8 @@ func (lb *LoadBalancer) Find(c *fi.CloudupContext) (*LoadBalancer, error) { VPCUUID: fi.PtrTo(loadbalancer.VPCUUID), // Ignore system fields - Lifecycle: lb.Lifecycle, - ForAPIServer: lb.ForAPIServer, + Lifecycle: lb.Lifecycle, + WellKnownServices: lb.WellKnownServices, }, nil } @@ -197,8 +201,10 @@ func (_ *LoadBalancer) RenderDO(t *do.DOAPITarget, a, e, changes *LoadBalancer) return nil } -func (lb *LoadBalancer) IsForAPIServer() bool { - return lb.ForAPIServer +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this load balancer. +func (lb *LoadBalancer) GetWellKnownServices() []wellknownservices.WellKnownService { + return lb.WellKnownServices } func (lb *LoadBalancer) FindAddresses(c *fi.CloudupContext) ([]string, error) { diff --git a/upup/pkg/fi/cloudup/gcetasks/address.go b/upup/pkg/fi/cloudup/gcetasks/address.go index 82e24053a8..4730680041 100644 --- a/upup/pkg/fi/cloudup/gcetasks/address.go +++ b/upup/pkg/fi/cloudup/gcetasks/address.go @@ -21,6 +21,7 @@ import ( compute "google.golang.org/api/compute/v1" "k8s.io/klog/v2" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/gce" "k8s.io/kops/upup/pkg/fi/cloudup/terraform" @@ -35,9 +36,12 @@ type Address struct { IPAddress *string IPAddressType *string Purpose *string - ForAPIServer bool Subnetwork *Subnet + + // WellKnownServices indicates which services are supported by this resource. + // This field is internal and is not rendered to the cloud. + WellKnownServices []wellknownservices.WellKnownService } var _ fi.CompareWithID = &ForwardingRule{} @@ -55,7 +59,7 @@ func (e *Address) Find(c *fi.CloudupContext) (*Address, error) { // Ignore system fields actual.Lifecycle = e.Lifecycle - actual.ForAPIServer = e.ForAPIServer + actual.WellKnownServices = e.WellKnownServices } return actual, err } @@ -109,8 +113,10 @@ func (e *Address) find(cloud gce.GCECloud) (*Address, error) { var _ fi.HasAddress = &Address{} -func (e *Address) IsForAPIServer() bool { - return e.ForAPIServer +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this address (likely attached to a load balancer). +func (e *Address) GetWellKnownServices() []wellknownservices.WellKnownService { + return e.WellKnownServices } func (e *Address) FindAddresses(context *fi.CloudupContext) ([]string, error) { diff --git a/upup/pkg/fi/cloudup/hetznertasks/loadbalancer.go b/upup/pkg/fi/cloudup/hetznertasks/loadbalancer.go index 9063b5c65f..fddae6eaf0 100644 --- a/upup/pkg/fi/cloudup/hetznertasks/loadbalancer.go +++ b/upup/pkg/fi/cloudup/hetznertasks/loadbalancer.go @@ -27,6 +27,7 @@ import ( "github.com/hetznercloud/hcloud-go/hcloud" "k8s.io/klog/v2" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/hetzner" "k8s.io/kops/upup/pkg/fi/cloudup/terraform" @@ -46,6 +47,10 @@ type LoadBalancer struct { Target string Labels map[string]string + + // WellKnownServices indicates which services are supported by this resource. + // This field is internal and is not rendered to the cloud. + WellKnownServices []wellknownservices.WellKnownService } var _ fi.CompareWithID = &LoadBalancer{} @@ -56,8 +61,10 @@ func (v *LoadBalancer) CompareWithID() *string { var _ fi.HasAddress = &LoadBalancer{} -func (e *LoadBalancer) IsForAPIServer() bool { - return true +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this load balancer. +func (e *LoadBalancer) GetWellKnownServices() []wellknownservices.WellKnownService { + return e.WellKnownServices } func (v *LoadBalancer) FindAddresses(c *fi.CloudupContext) ([]string, error) { diff --git a/upup/pkg/fi/cloudup/openstacktasks/floatingip.go b/upup/pkg/fi/cloudup/openstacktasks/floatingip.go index 35c16784c0..e0c76d311f 100644 --- a/upup/pkg/fi/cloudup/openstacktasks/floatingip.go +++ b/upup/pkg/fi/cloudup/openstacktasks/floatingip.go @@ -26,6 +26,7 @@ import ( l3floatingip "github.com/gophercloud/gophercloud/openstack/networking/v2/extensions/layer3/floatingips" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/klog/v2" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/openstack" "k8s.io/kops/util/pkg/vfs" @@ -33,12 +34,15 @@ import ( // +kops:fitask type FloatingIP struct { - Name *string - ID *string - LB *LB - IP *string - Lifecycle fi.Lifecycle - ForAPIServer bool + Name *string + ID *string + LB *LB + IP *string + Lifecycle fi.Lifecycle + + // WellKnownServices indicates which services are supported by this resource. + // This field is internal and is not rendered to the cloud. + WellKnownServices []wellknownservices.WellKnownService } var _ fi.HasAddress = &FloatingIP{} @@ -73,8 +77,10 @@ func findL3Floating(cloud openstack.OpenstackCloud, opts l3floatingip.ListOpts) return result, nil } -func (e *FloatingIP) IsForAPIServer() bool { - return e.ForAPIServer +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this address. +func (e *FloatingIP) GetWellKnownServices() []wellknownservices.WellKnownService { + return e.WellKnownServices } func (e *FloatingIP) FindAddresses(context *fi.CloudupContext) ([]string, error) { diff --git a/upup/pkg/fi/cloudup/openstacktasks/instance.go b/upup/pkg/fi/cloudup/openstacktasks/instance.go index 10d408e152..658d22c435 100644 --- a/upup/pkg/fi/cloudup/openstacktasks/instance.go +++ b/upup/pkg/fi/cloudup/openstacktasks/instance.go @@ -31,6 +31,7 @@ import ( "github.com/gophercloud/gophercloud/openstack/compute/v2/servers" "k8s.io/klog/v2" "k8s.io/kops/pkg/truncate" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/openstack" ) @@ -55,8 +56,11 @@ type Instance struct { ConfigDrive *bool Status *string - Lifecycle fi.Lifecycle - ForAPIServer bool + Lifecycle fi.Lifecycle + + // WellKnownServices indicates which services are supported by this resource. + // This field is internal and is not rendered to the cloud. + WellKnownServices []wellknownservices.WellKnownService } var ( @@ -102,8 +106,10 @@ func (e *Instance) CompareWithID() *string { return e.ID } -func (e *Instance) IsForAPIServer() bool { - return e.ForAPIServer +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this instance. +func (e *Instance) GetWellKnownServices() []wellknownservices.WellKnownService { + return e.WellKnownServices } func (e *Instance) FindAddresses(context *fi.CloudupContext) ([]string, error) { @@ -244,7 +250,7 @@ func (e *Instance) Find(c *fi.CloudupContext) (*Instance, error) { // Avoid flapping e.ID = actual.ID e.Status = fi.PtrTo(activeStatus) - actual.ForAPIServer = e.ForAPIServer + actual.WellKnownServices = e.WellKnownServices // Immutable fields actual.Flavor = e.Flavor diff --git a/upup/pkg/fi/cloudup/openstacktasks/port.go b/upup/pkg/fi/cloudup/openstacktasks/port.go index 486160acd2..f326fc43ab 100644 --- a/upup/pkg/fi/cloudup/openstacktasks/port.go +++ b/upup/pkg/fi/cloudup/openstacktasks/port.go @@ -82,7 +82,9 @@ func (s *Port) FindAddresses(context *fi.CloudupContext) ([]string, error) { return addrs, nil } -func (s *Port) IsForAPIServer() bool { +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this load balancer. +func (s *Port) GetWellKnownServices() bool { return s.ForAPIServer } diff --git a/upup/pkg/fi/cloudup/scalewaytasks/loadbalancer.go b/upup/pkg/fi/cloudup/scalewaytasks/loadbalancer.go index 4e30afafb2..830d4156fa 100644 --- a/upup/pkg/fi/cloudup/scalewaytasks/loadbalancer.go +++ b/upup/pkg/fi/cloudup/scalewaytasks/loadbalancer.go @@ -22,6 +22,7 @@ import ( "strings" "k8s.io/klog/v2" + "k8s.io/kops/pkg/wellknownservices" "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/cloudup/scaleway" "k8s.io/kops/upup/pkg/fi/cloudup/terraform" @@ -45,7 +46,10 @@ type LoadBalancer struct { Tags []string Description string SslCompatibilityLevel string - ForAPIServer bool + + // WellKnownServices indicates which services are supported by this resource. + // This field is internal and is not rendered to the cloud. + WellKnownServices []wellknownservices.WellKnownService } var _ fi.CompareWithID = &LoadBalancer{} @@ -55,8 +59,10 @@ func (l *LoadBalancer) CompareWithID() *string { return l.LBID } -func (l *LoadBalancer) IsForAPIServer() bool { - return l.ForAPIServer +// GetWellKnownServices implements fi.HasAddress::GetWellKnownServices. +// It indicates which services we support with this load balancer. +func (l *LoadBalancer) GetWellKnownServices() []wellknownservices.WellKnownService { + return l.WellKnownServices } func (l *LoadBalancer) Find(context *fi.CloudupContext) (*LoadBalancer, error) { @@ -81,13 +87,13 @@ func (l *LoadBalancer) Find(context *fi.CloudupContext) (*LoadBalancer, error) { } return &LoadBalancer{ - Name: fi.PtrTo(loadBalancer.Name), - LBID: fi.PtrTo(loadBalancer.ID), - Zone: fi.PtrTo(string(loadBalancer.Zone)), - LBAddresses: lbIPs, - Tags: loadBalancer.Tags, - Lifecycle: l.Lifecycle, - ForAPIServer: l.ForAPIServer, + Name: fi.PtrTo(loadBalancer.Name), + LBID: fi.PtrTo(loadBalancer.ID), + Zone: fi.PtrTo(string(loadBalancer.Zone)), + LBAddresses: lbIPs, + Tags: loadBalancer.Tags, + Lifecycle: l.Lifecycle, + WellKnownServices: l.WellKnownServices, }, nil } diff --git a/upup/pkg/fi/has_address.go b/upup/pkg/fi/has_address.go index 044a8a0e5d..7137def977 100644 --- a/upup/pkg/fi/has_address.go +++ b/upup/pkg/fi/has_address.go @@ -16,12 +16,16 @@ limitations under the License. package fi +import "k8s.io/kops/pkg/wellknownservices" + // HasAddress is implemented by elastic/floating IP addresses in order to include // relevant dynamically allocated addresses in the api-server's server TLS certificate. type HasAddress interface { Task[CloudupSubContext] - // IsForAPIServer indicates whether the implementation provides an address that needs to be added to the api-server server certificate. - IsForAPIServer() bool + + // GetWellKnownServices returns the services that are behind this address. + GetWellKnownServices() []wellknownservices.WellKnownService + // FindIPAddress returns the address associated with the implementor. If there is no address, returns (nil, nil). FindAddresses(context *CloudupContext) ([]string, error) } From ae226db932cea0aed427ff35dcd965f6ca83669c Mon Sep 17 00:00:00 2001 From: justinsb Date: Fri, 12 Jan 2024 16:06:43 -0500 Subject: [PATCH 2/2] autogen: update expected test values for WellKnownServices --- .../adds-additional-security-groups.yaml | 2 +- .../adds-cloud-labels-from-ClusterSpec.yaml | 2 +- ...s-cloud-labels-from-InstanceGroupSpec.yaml | 2 +- ...llowed-address-pairs-with-annotations.yaml | 2 +- ...erver-group-affinity-with-annotations.yaml | 2 +- ...ithout-bastion-auto-zone-distribution.yaml | 48 ++++++++++++------- ...astion-with-API-loadbalancer-dns-none.yaml | 15 +++--- ...without-bastion-with-API-loadbalancer.yaml | 15 +++--- ...tup-3-masters-3-nodes-without-bastion.yaml | 48 ++++++++++++------- ...sters-3-nodes-without-external-router.yaml | 12 ++--- .../one-master-one-node-one-bastion-2.yaml | 6 +-- .../one-master-one-node-one-bastion.yaml | 10 ++-- ...hout-bastion-no-public-ip-association.yaml | 4 +- .../servergroup/one-master-one-node.yaml | 16 ++++--- ...astion-with-API-loadbalancer-dns-none.yaml | 11 +++-- ...uncate-cluster-names-to-42-characters.yaml | 16 ++++--- ...subnet-as-availability-zones-fallback.yaml | 2 +- ...nce-group-zones-as-availability-zones.yaml | 2 +- 18 files changed, 125 insertions(+), 90 deletions(-) diff --git a/pkg/model/openstackmodel/tests/servergroup/adds-additional-security-groups.yaml b/pkg/model/openstackmodel/tests/servergroup/adds-additional-security-groups.yaml index 05e2d68984..971c31c293 100644 --- a/pkg/model/openstackmodel/tests/servergroup/adds-additional-security-groups.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/adds-additional-security-groups.yaml @@ -5,7 +5,6 @@ AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.2-4 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image-node @@ -76,6 +75,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/adds-cloud-labels-from-ClusterSpec.yaml b/pkg/model/openstackmodel/tests/servergroup/adds-cloud-labels-from-ClusterSpec.yaml index 77d7381487..cdfe1f9dfb 100644 --- a/pkg/model/openstackmodel/tests/servergroup/adds-cloud-labels-from-ClusterSpec.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/adds-cloud-labels-from-ClusterSpec.yaml @@ -5,7 +5,6 @@ AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.2-4 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image-node @@ -75,6 +74,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/adds-cloud-labels-from-InstanceGroupSpec.yaml b/pkg/model/openstackmodel/tests/servergroup/adds-cloud-labels-from-InstanceGroupSpec.yaml index 77d7381487..cdfe1f9dfb 100644 --- a/pkg/model/openstackmodel/tests/servergroup/adds-cloud-labels-from-InstanceGroupSpec.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/adds-cloud-labels-from-InstanceGroupSpec.yaml @@ -5,7 +5,6 @@ AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.2-4 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image-node @@ -75,6 +74,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/configures-allowed-address-pairs-with-annotations.yaml b/pkg/model/openstackmodel/tests/servergroup/configures-allowed-address-pairs-with-annotations.yaml index 8b910cbd77..ea7c66c572 100644 --- a/pkg/model/openstackmodel/tests/servergroup/configures-allowed-address-pairs-with-annotations.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/configures-allowed-address-pairs-with-annotations.yaml @@ -5,7 +5,6 @@ AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.2-4 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image-node @@ -77,6 +76,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/configures-server-group-affinity-with-annotations.yaml b/pkg/model/openstackmodel/tests/servergroup/configures-server-group-affinity-with-annotations.yaml index 0b28a5479f..fe45c1ccbe 100644 --- a/pkg/model/openstackmodel/tests/servergroup/configures-server-group-affinity-with-annotations.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/configures-server-group-affinity-with-annotations.yaml @@ -5,7 +5,6 @@ AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.2-4 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image-node @@ -74,6 +73,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-auto-zone-distribution.yaml b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-auto-zone-distribution.yaml index fbf9b4ad06..3eb318d892 100644 --- a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-auto-zone-distribution.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-auto-zone-distribution.yaml @@ -4,59 +4,66 @@ Name: master Lifecycle: "" Name: node --- -ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-1-cluster +WellKnownServices: +- kube-apiserver +- kops-controller --- -ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-2-cluster +WellKnownServices: +- kube-apiserver +- kops-controller --- -ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-3-cluster +WellKnownServices: +- kube-apiserver +- kops-controller --- -ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-1-cluster +WellKnownServices: null --- -ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-2-cluster +WellKnownServices: null --- -ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-3-cluster +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-1-cluster -ForAPIServer: false + WellKnownServices: + - kube-apiserver + - kops-controller GroupName: master ID: null Image: image @@ -134,18 +141,20 @@ UserData: task: Lifecycle: "" Name: master +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-2-cluster -ForAPIServer: false + WellKnownServices: + - kube-apiserver + - kops-controller GroupName: master ID: null Image: image @@ -223,18 +232,20 @@ UserData: task: Lifecycle: "" Name: master +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-3-cluster -ForAPIServer: false + WellKnownServices: + - kube-apiserver + - kops-controller GroupName: master ID: null Image: image @@ -312,18 +323,18 @@ UserData: task: Lifecycle: "" Name: master +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-1-cluster -ForAPIServer: false + WellKnownServices: null GroupName: node ID: null Image: image @@ -392,18 +403,18 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-2-cluster -ForAPIServer: false + WellKnownServices: null GroupName: node ID: null Image: image @@ -472,18 +483,18 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-3-cluster -ForAPIServer: false + WellKnownServices: null GroupName: node ID: null Image: image @@ -552,6 +563,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-with-API-loadbalancer-dns-none.yaml b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-with-API-loadbalancer-dns-none.yaml index af0709574d..94f6cdb77e 100644 --- a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-with-API-loadbalancer-dns-none.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-with-API-loadbalancer-dns-none.yaml @@ -16,7 +16,6 @@ Name: node-b Lifecycle: "" Name: node-c --- -ForAPIServer: true ID: null IP: null LB: @@ -37,12 +36,13 @@ LB: VipSubnet: null Lifecycle: Sync Name: fip-api.cluster +WellKnownServices: +- kube-apiserver --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-a ID: null Image: image @@ -114,12 +114,12 @@ UserData: task: Lifecycle: "" Name: master-a +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-b ID: null Image: image @@ -191,12 +191,12 @@ UserData: task: Lifecycle: "" Name: master-b +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-c ID: null Image: image @@ -268,12 +268,12 @@ UserData: task: Lifecycle: "" Name: master-c +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-a ID: null Image: image @@ -342,12 +342,12 @@ UserData: task: Lifecycle: "" Name: node-a +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-b ID: null Image: image @@ -416,12 +416,12 @@ UserData: task: Lifecycle: "" Name: node-b +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-c ID: null Image: image @@ -490,6 +490,7 @@ UserData: task: Lifecycle: "" Name: node-c +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-with-API-loadbalancer.yaml b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-with-API-loadbalancer.yaml index b083d9cb0b..70518f2fb5 100644 --- a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-with-API-loadbalancer.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion-with-API-loadbalancer.yaml @@ -16,7 +16,6 @@ Name: node-b Lifecycle: "" Name: node-c --- -ForAPIServer: false ID: null IP: null LB: @@ -37,12 +36,13 @@ LB: VipSubnet: null Lifecycle: Sync Name: fip-master-public-name +WellKnownServices: +- kube-apiserver --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-a ID: null Image: image @@ -114,12 +114,12 @@ UserData: task: Lifecycle: "" Name: master-a +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-b ID: null Image: image @@ -191,12 +191,12 @@ UserData: task: Lifecycle: "" Name: master-b +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-c ID: null Image: image @@ -268,12 +268,12 @@ UserData: task: Lifecycle: "" Name: master-c +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-a ID: null Image: image @@ -342,12 +342,12 @@ UserData: task: Lifecycle: "" Name: node-a +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-b ID: null Image: image @@ -416,12 +416,12 @@ UserData: task: Lifecycle: "" Name: node-b +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-c ID: null Image: image @@ -490,6 +490,7 @@ UserData: task: Lifecycle: "" Name: node-c +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion.yaml b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion.yaml index 73480d96a5..d78193af64 100644 --- a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-bastion.yaml @@ -16,59 +16,66 @@ Name: node-b Lifecycle: "" Name: node-c --- -ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-a-1-cluster +WellKnownServices: +- kube-apiserver +- kops-controller --- -ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-b-1-cluster +WellKnownServices: +- kube-apiserver +- kops-controller --- -ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-c-1-cluster +WellKnownServices: +- kube-apiserver +- kops-controller --- -ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-a-1-cluster +WellKnownServices: null --- -ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-b-1-cluster +WellKnownServices: null --- -ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-c-1-cluster +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-a-1-cluster -ForAPIServer: false + WellKnownServices: + - kube-apiserver + - kops-controller GroupName: master-a ID: null Image: image @@ -146,18 +153,20 @@ UserData: task: Lifecycle: "" Name: master-a +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-b-1-cluster -ForAPIServer: false + WellKnownServices: + - kube-apiserver + - kops-controller GroupName: master-b ID: null Image: image @@ -235,18 +244,20 @@ UserData: task: Lifecycle: "" Name: master-b +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-c-1-cluster -ForAPIServer: false + WellKnownServices: + - kube-apiserver + - kops-controller GroupName: master-c ID: null Image: image @@ -324,18 +335,18 @@ UserData: task: Lifecycle: "" Name: master-c +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-a-1-cluster -ForAPIServer: false + WellKnownServices: null GroupName: node-a ID: null Image: image @@ -404,18 +415,18 @@ UserData: task: Lifecycle: "" Name: node-a +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-b-1-cluster -ForAPIServer: false + WellKnownServices: null GroupName: node-b ID: null Image: image @@ -484,18 +495,18 @@ UserData: task: Lifecycle: "" Name: node-b +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-c-1-cluster -ForAPIServer: false + WellKnownServices: null GroupName: node-c ID: null Image: image @@ -564,6 +575,7 @@ UserData: task: Lifecycle: "" Name: node-c +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-external-router.yaml b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-external-router.yaml index d1f01c4be0..8141f6e0cc 100644 --- a/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-external-router.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/multizone-setup-3-masters-3-nodes-without-external-router.yaml @@ -20,7 +20,6 @@ AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-a ID: null Image: image @@ -98,12 +97,12 @@ UserData: task: Lifecycle: "" Name: master-a +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-b ID: null Image: image @@ -181,12 +180,12 @@ UserData: task: Lifecycle: "" Name: master-b +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-c ID: null Image: image @@ -264,12 +263,12 @@ UserData: task: Lifecycle: "" Name: master-c +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-a ID: null Image: image @@ -338,12 +337,12 @@ UserData: task: Lifecycle: "" Name: node-a +WellKnownServices: null --- AvailabilityZone: zone-2 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-b ID: null Image: image @@ -412,12 +411,12 @@ UserData: task: Lifecycle: "" Name: node-b +WellKnownServices: null --- AvailabilityZone: zone-3 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-c ID: null Image: image @@ -486,6 +485,7 @@ UserData: task: Lifecycle: "" Name: node-c +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-one-bastion-2.yaml b/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-one-bastion-2.yaml index d34173669f..f74ab3ed16 100644 --- a/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-one-bastion-2.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-one-bastion-2.yaml @@ -11,7 +11,6 @@ AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: bastion ID: null Image: image @@ -78,12 +77,12 @@ UserData: task: Lifecycle: "" Name: bastion +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master ID: null Image: image @@ -161,12 +160,12 @@ UserData: task: Lifecycle: "" Name: master +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image @@ -235,6 +234,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-one-bastion.yaml b/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-one-bastion.yaml index 854f11c412..71e207ec5c 100644 --- a/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-one-bastion.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-one-bastion.yaml @@ -7,24 +7,23 @@ Name: master Lifecycle: "" Name: node --- -ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-bastion-1-cluster +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-bastion-1-cluster -ForAPIServer: false + WellKnownServices: null GroupName: bastion ID: null Image: image @@ -91,12 +90,12 @@ UserData: task: Lifecycle: "" Name: bastion +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master ID: null Image: image @@ -174,12 +173,12 @@ UserData: task: Lifecycle: "" Name: master +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image @@ -248,6 +247,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-without-bastion-no-public-ip-association.yaml b/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-without-bastion-no-public-ip-association.yaml index b7f9bb295f..85a1b6aad0 100644 --- a/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-without-bastion-no-public-ip-association.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/one-master-one-node-without-bastion-no-public-ip-association.yaml @@ -8,7 +8,6 @@ AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master ID: null Image: image-master @@ -86,12 +85,12 @@ UserData: task: Lifecycle: "" Name: master +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.2-4 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image-node @@ -160,6 +159,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/one-master-one-node.yaml b/pkg/model/openstackmodel/tests/servergroup/one-master-one-node.yaml index f073e0480b..c99a5acf81 100644 --- a/pkg/model/openstackmodel/tests/servergroup/one-master-one-node.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/one-master-one-node.yaml @@ -4,31 +4,34 @@ Name: master Lifecycle: "" Name: node --- -ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-1-cluster +WellKnownServices: +- kube-apiserver +- kops-controller --- -ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-1-cluster +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-1-cluster -ForAPIServer: false + WellKnownServices: + - kube-apiserver + - kops-controller GroupName: master ID: null Image: image-master @@ -106,18 +109,18 @@ UserData: task: Lifecycle: "" Name: master +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.2-4 FloatingIP: - ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-1-cluster -ForAPIServer: false + WellKnownServices: null GroupName: node ID: null Image: image-node @@ -186,6 +189,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/single-zone-setup-3-masters-1-node-without-bastion-with-API-loadbalancer-dns-none.yaml b/pkg/model/openstackmodel/tests/servergroup/single-zone-setup-3-masters-1-node-without-bastion-with-API-loadbalancer-dns-none.yaml index 71a8179985..e66b03ffb7 100644 --- a/pkg/model/openstackmodel/tests/servergroup/single-zone-setup-3-masters-1-node-without-bastion-with-API-loadbalancer-dns-none.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/single-zone-setup-3-masters-1-node-without-bastion-with-API-loadbalancer-dns-none.yaml @@ -10,7 +10,6 @@ Name: master-c Lifecycle: "" Name: node-a --- -ForAPIServer: true ID: null IP: null LB: @@ -31,12 +30,13 @@ LB: VipSubnet: null Lifecycle: Sync Name: fip-api.cluster +WellKnownServices: +- kube-apiserver --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-a ID: null Image: image @@ -110,12 +110,12 @@ UserData: task: Lifecycle: "" Name: master-a +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-b ID: null Image: image @@ -189,12 +189,12 @@ UserData: task: Lifecycle: "" Name: master-b +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: master-c ID: null Image: image @@ -268,12 +268,12 @@ UserData: task: Lifecycle: "" Name: master-c +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: null -ForAPIServer: false GroupName: node-a ID: null Image: image @@ -342,6 +342,7 @@ UserData: task: Lifecycle: "" Name: node-a +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/truncate-cluster-names-to-42-characters.yaml b/pkg/model/openstackmodel/tests/servergroup/truncate-cluster-names-to-42-characters.yaml index 28f978a5af..df9071e567 100644 --- a/pkg/model/openstackmodel/tests/servergroup/truncate-cluster-names-to-42-characters.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/truncate-cluster-names-to-42-characters.yaml @@ -4,31 +4,34 @@ Name: master Lifecycle: "" Name: node --- -ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-1-tom-software-dev-playground-real33-k8s-local +WellKnownServices: +- kube-apiserver +- kops-controller --- -ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-1-tom-software-dev-playground-real33-k8s-local +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.1-2 FloatingIP: - ForAPIServer: true ID: null IP: null LB: null Lifecycle: Sync Name: fip-master-1-tom-software-dev-playground-real33-k8s-local -ForAPIServer: false + WellKnownServices: + - kube-apiserver + - kops-controller GroupName: master ID: null Image: image-master @@ -106,18 +109,18 @@ UserData: task: Lifecycle: "" Name: master +WellKnownServices: null --- AvailabilityZone: zone-1 ConfigDrive: false Flavor: blc.2-4 FloatingIP: - ForAPIServer: false ID: null IP: null LB: null Lifecycle: Sync Name: fip-node-1-tom-software-dev-playground-real33-k8s-local -ForAPIServer: false + WellKnownServices: null GroupName: node ID: null Image: image-node @@ -186,6 +189,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/uses-instance-group-subnet-as-availability-zones-fallback.yaml b/pkg/model/openstackmodel/tests/servergroup/uses-instance-group-subnet-as-availability-zones-fallback.yaml index 6fb6f47de6..2312d6ca8e 100644 --- a/pkg/model/openstackmodel/tests/servergroup/uses-instance-group-subnet-as-availability-zones-fallback.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/uses-instance-group-subnet-as-availability-zones-fallback.yaml @@ -5,7 +5,6 @@ AvailabilityZone: subnet ConfigDrive: false Flavor: blc.2-4 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image-node @@ -76,6 +75,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca diff --git a/pkg/model/openstackmodel/tests/servergroup/uses-instance-group-zones-as-availability-zones.yaml b/pkg/model/openstackmodel/tests/servergroup/uses-instance-group-zones-as-availability-zones.yaml index 1483d5ebd4..4201c37357 100644 --- a/pkg/model/openstackmodel/tests/servergroup/uses-instance-group-zones-as-availability-zones.yaml +++ b/pkg/model/openstackmodel/tests/servergroup/uses-instance-group-zones-as-availability-zones.yaml @@ -5,7 +5,6 @@ AvailabilityZone: zone-a ConfigDrive: false Flavor: blc.2-4 FloatingIP: null -ForAPIServer: false GroupName: node ID: null Image: image-node @@ -76,6 +75,7 @@ UserData: task: Lifecycle: "" Name: node +WellKnownServices: null --- Lifecycle: "" Name: apiserver-aggregator-ca