Merge pull request #9135 from justinsb/gce_no_hostname_no_worries

GCE: don't rely on hostname being correct

Makefile

@@ -357,7 +357,7 @@ push: crossbuild-nodeup
 
 .PHONY: push-gce-dry
 push-gce-dry: push
-	ssh ${TARGET} sudo /tmp/nodeup --conf=metadata://gce/config --dryrun --v=8
+	ssh ${TARGET} sudo /tmp/nodeup --conf=metadata://gce/instance/attributes/config --dryrun --v=8
 
 .PHONY: push-gce-dry
 push-aws-dry: push

pkg/model/components/kubelet.go

@@ -153,6 +153,12 @@ func (b *KubeletOptionsBuilder) BuildOptions(o interface{}) error {
 		}
 		clusterSpec.CloudConfig.Multizone = fi.Bool(true)
 		clusterSpec.CloudConfig.NodeTags = fi.String(GCETagForRole(b.Context.ClusterName, kops.InstanceGroupRoleNode))
+
+		// Use the hostname from the GCE metadata service
+		// if hostnameOverride is not set.
+		if clusterSpec.Kubelet.HostnameOverride == "" {
+			clusterSpec.Kubelet.HostnameOverride = "@gce"
+		}
 	}
 
 	if cloudProvider == kops.CloudProviderVSphere {

tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script

@@ -226,6 +226,7 @@ kubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001
@@ -244,6 +245,7 @@ masterKubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001

tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script

@@ -226,6 +226,7 @@ kubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001
@@ -244,6 +245,7 @@ masterKubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001

tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script

@@ -226,6 +226,7 @@ kubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001
@@ -244,6 +245,7 @@ masterKubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001

tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script

@@ -162,6 +162,7 @@ kubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001

tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script

@@ -226,6 +226,7 @@ kubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001
@@ -244,6 +245,7 @@ masterKubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001

tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script

@@ -162,6 +162,7 @@ kubelet:
   featureGates:
     ExperimentalCriticalPodAnnotation: "true"
   hairpinMode: promiscuous-bridge
+  hostnameOverride: '@gce'
   kubeconfigPath: /var/lib/kubelet/kubeconfig
   logLevel: 2
   networkPluginMTU: 9001

upup/pkg/fi/nodeup/command.go

@@ -491,6 +491,21 @@ func evaluateHostnameOverride(hostnameOverride string) (string, error) {
 		return *(result.Reservations[0].Instances[0].PrivateDnsName), nil
 	}
 
+	if k == "@gce" {
+		// We recognize @gce as meaning the hostname from the GCE metadata service
+		// This lets us tolerate broken hostnames (i.e. systemd)
+		b, err := vfs.Context.ReadFile("metadata://gce/instance/hostname")
+		if err != nil {
+			return "", fmt.Errorf("error reading hostname from GCE metadata: %v", err)
+		}
+
+		// We only want to use the first portion of the fully-qualified name
+		// e.g. foo.c.project.internal => foo
+		fullyQualified := string(b)
+		bareHostname := strings.Split(fullyQualified, ".")[0]
+		return bareHostname, nil
+	}
+
 	if k == "@digitalocean" {
 		// @digitalocean means to use the private ipv4 address of a droplet as the hostname override
 		vBytes, err := vfs.Context.ReadFile("metadata://digitalocean/interfaces/private/0/ipv4/address")

util/pkg/vfs/context.go

@@ -97,7 +97,7 @@ func (c *VFSContext) ReadFile(location string, options ...VFSOption) ([]byte, er
 		case "metadata":
 			switch u.Host {
 			case "gce":
-				httpURL := "http://169.254.169.254/computeMetadata/v1/instance/attributes/" + u.Path
+				httpURL := "http://169.254.169.254/computeMetadata/v1/" + u.Path
 				httpHeaders := make(map[string]string)
 				httpHeaders["Metadata-Flavor"] = "Google"
 				return c.readHTTPLocation(httpURL, httpHeaders, opts)