From 5ed11fd9c769d12936f4834373870dde68a4e55e Mon Sep 17 00:00:00 2001 From: Justin SB Date: Sun, 17 May 2020 15:19:36 -0400 Subject: [PATCH 1/2] GCE: don't rely on hostname being correct Distros that use systemd for DHCP often don't have the hostname correct, due to e.g. the requirement for policy kit. We don't rely on it being set correctly on other clouds; no real reason to require it on GCP either! --- Makefile | 2 +- pkg/model/components/kubelet.go | 6 ++++++ upup/pkg/fi/nodeup/command.go | 15 +++++++++++++++ util/pkg/vfs/context.go | 2 +- 4 files changed, 23 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index d2a3583e75..5dc8167aad 100644 --- a/Makefile +++ b/Makefile @@ -357,7 +357,7 @@ push: crossbuild-nodeup .PHONY: push-gce-dry push-gce-dry: push - ssh ${TARGET} sudo /tmp/nodeup --conf=metadata://gce/config --dryrun --v=8 + ssh ${TARGET} sudo /tmp/nodeup --conf=metadata://gce/instance/attributes/config --dryrun --v=8 .PHONY: push-gce-dry push-aws-dry: push diff --git a/pkg/model/components/kubelet.go b/pkg/model/components/kubelet.go index 1fe79a8dc7..2d5c174313 100644 --- a/pkg/model/components/kubelet.go +++ b/pkg/model/components/kubelet.go @@ -153,6 +153,12 @@ func (b *KubeletOptionsBuilder) BuildOptions(o interface{}) error { } clusterSpec.CloudConfig.Multizone = fi.Bool(true) clusterSpec.CloudConfig.NodeTags = fi.String(GCETagForRole(b.Context.ClusterName, kops.InstanceGroupRoleNode)) + + // Use the hostname from the GCE metadata service + // if hostnameOverride is not set. + if clusterSpec.Kubelet.HostnameOverride == "" { + clusterSpec.Kubelet.HostnameOverride = "@gce" + } } if cloudProvider == kops.CloudProviderVSphere { diff --git a/upup/pkg/fi/nodeup/command.go b/upup/pkg/fi/nodeup/command.go index 96d6b4fe03..876b4654a8 100644 --- a/upup/pkg/fi/nodeup/command.go +++ b/upup/pkg/fi/nodeup/command.go @@ -491,6 +491,21 @@ func evaluateHostnameOverride(hostnameOverride string) (string, error) { return *(result.Reservations[0].Instances[0].PrivateDnsName), nil } + if k == "@gce" { + // We recognize @gce as meaning the hostname from the GCE metadata service + // This lets us tolerate broken hostnames (i.e. systemd) + b, err := vfs.Context.ReadFile("metadata://gce/instance/hostname") + if err != nil { + return "", fmt.Errorf("error reading hostname from GCE metadata: %v", err) + } + + // We only want to use the first portion of the fully-qualified name + // e.g. foo.c.project.internal => foo + fullyQualified := string(b) + bareHostname := strings.Split(fullyQualified, ".")[0] + return bareHostname, nil + } + if k == "@digitalocean" { // @digitalocean means to use the private ipv4 address of a droplet as the hostname override vBytes, err := vfs.Context.ReadFile("metadata://digitalocean/interfaces/private/0/ipv4/address") diff --git a/util/pkg/vfs/context.go b/util/pkg/vfs/context.go index 0dbb48a173..f8c3bf7139 100644 --- a/util/pkg/vfs/context.go +++ b/util/pkg/vfs/context.go @@ -97,7 +97,7 @@ func (c *VFSContext) ReadFile(location string, options ...VFSOption) ([]byte, er case "metadata": switch u.Host { case "gce": - httpURL := "http://169.254.169.254/computeMetadata/v1/instance/attributes/" + u.Path + httpURL := "http://169.254.169.254/computeMetadata/v1/" + u.Path httpHeaders := make(map[string]string) httpHeaders["Metadata-Flavor"] = "Google" return c.readHTTPLocation(httpURL, httpHeaders, opts) From 7228223781a227d497965a8bf3f408113263a495 Mon Sep 17 00:00:00 2001 From: Peter Rifel Date: Fri, 22 May 2020 18:48:20 -0500 Subject: [PATCH 2/2] Update integration test outputs --- ...master-us-test1-a-ha-gce-example-com_metadata_startup-script | 2 ++ ...master-us-test1-b-ha-gce-example-com_metadata_startup-script | 2 ++ ...master-us-test1-c-ha-gce-example-com_metadata_startup-script | 2 ++ ...ce_template_nodes-ha-gce-example-com_metadata_startup-script | 1 + ...r-us-test1-a-minimal-gce-example-com_metadata_startup-script | 2 ++ ...mplate_nodes-minimal-gce-example-com_metadata_startup-script | 1 + 6 files changed, 10 insertions(+) diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script index c9357b2f05..575fee7ccb 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script @@ -226,6 +226,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 @@ -244,6 +245,7 @@ masterKubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script index ab141c7dee..678fc00553 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script @@ -226,6 +226,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 @@ -244,6 +245,7 @@ masterKubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script index b81d0b0160..8866e58645 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script @@ -226,6 +226,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 @@ -244,6 +245,7 @@ masterKubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script index 4681498b13..88770d4a38 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script @@ -162,6 +162,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script index 64611028bb..960b402120 100644 --- a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script @@ -226,6 +226,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 @@ -244,6 +245,7 @@ masterKubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script index ced79d8362..b1482df8db 100644 --- a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script @@ -162,6 +162,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001