From 07fe3ca0bd017268c7b4ddfe0e89eb255c24094c Mon Sep 17 00:00:00 2001
From: Suraj Deshmukh <suraj@kinvolk.io>
Date: Thu, 14 May 2020 13:53:20 +0530
Subject: [PATCH] baremetal: Add a knob to disable self-hosted kubelet

This commit adds a boolean variable to controller config called
`disable_self_hosted_kubelet`.

Signed-off-by: Suraj Deshmukh <suraj@kinvolk.io>
---
 .../flatcar-linux/kubernetes/bootkube.tf      |   3 +
 .../flatcar-linux/kubernetes/variables.tf     |   5 +
 pkg/platform/baremetal/baremetal.go           | 107 +++++++++---------
 pkg/platform/baremetal/template.go            |   3 +
 4 files changed, 66 insertions(+), 52 deletions(-)

diff --git a/assets/lokomotive-kubernetes/bare-metal/flatcar-linux/kubernetes/bootkube.tf b/assets/lokomotive-kubernetes/bare-metal/flatcar-linux/kubernetes/bootkube.tf
index ad6dd143e..095ca9078 100644
--- a/assets/lokomotive-kubernetes/bare-metal/flatcar-linux/kubernetes/bootkube.tf
+++ b/assets/lokomotive-kubernetes/bare-metal/flatcar-linux/kubernetes/bootkube.tf
@@ -15,4 +15,7 @@ module "bootkube" {
   enable_aggregation              = var.enable_aggregation
 
   certs_validity_period_hours = var.certs_validity_period_hours
+
+  # Disable the self hosted kubelet
+  disable_self_hosted_kubelet = var.disable_self_hosted_kubelet
 }
diff --git a/assets/lokomotive-kubernetes/bare-metal/flatcar-linux/kubernetes/variables.tf b/assets/lokomotive-kubernetes/bare-metal/flatcar-linux/kubernetes/variables.tf
index 373bd1c4a..cf97902a1 100644
--- a/assets/lokomotive-kubernetes/bare-metal/flatcar-linux/kubernetes/variables.tf
+++ b/assets/lokomotive-kubernetes/bare-metal/flatcar-linux/kubernetes/variables.tf
@@ -155,6 +155,11 @@ variable "enable_aggregation" {
   default     = true
 }
 
+variable "disable_self_hosted_kubelet" {
+  description = "Disable the self hosted kubelet installed by default"
+  type = bool
+}
+
 # Certificates
 
 variable "certs_validity_period_hours" {
diff --git a/pkg/platform/baremetal/baremetal.go b/pkg/platform/baremetal/baremetal.go
index fbd0276ab..6c58045ee 100644
--- a/pkg/platform/baremetal/baremetal.go
+++ b/pkg/platform/baremetal/baremetal.go
@@ -30,24 +30,25 @@ import (
 )
 
 type config struct {
-	AssetDir               string   `hcl:"asset_dir"`
-	CachedInstall          string   `hcl:"cached_install,optional"`
-	ClusterName            string   `hcl:"cluster_name"`
-	ControllerDomains      []string `hcl:"controller_domains"`
-	ControllerMacs         []string `hcl:"controller_macs"`
-	ControllerNames        []string `hcl:"controller_names"`
-	K8sDomainName          string   `hcl:"k8s_domain_name"`
-	MatchboxCAPath         string   `hcl:"matchbox_ca_path"`
-	MatchboxClientCertPath string   `hcl:"matchbox_client_cert_path"`
-	MatchboxClientKeyPath  string   `hcl:"matchbox_client_key_path"`
-	MatchboxEndpoint       string   `hcl:"matchbox_endpoint"`
-	MatchboxHTTPEndpoint   string   `hcl:"matchbox_http_endpoint"`
-	OSChannel              string   `hcl:"os_channel,optional"`
-	OSVersion              string   `hcl:"os_version,optional"`
-	SSHPubKeys             []string `hcl:"ssh_pubkeys"`
-	WorkerNames            []string `hcl:"worker_names"`
-	WorkerMacs             []string `hcl:"worker_macs"`
-	WorkerDomains          []string `hcl:"worker_domains"`
+	AssetDir                 string   `hcl:"asset_dir"`
+	CachedInstall            string   `hcl:"cached_install,optional"`
+	ClusterName              string   `hcl:"cluster_name"`
+	ControllerDomains        []string `hcl:"controller_domains"`
+	ControllerMacs           []string `hcl:"controller_macs"`
+	ControllerNames          []string `hcl:"controller_names"`
+	DisableSelfHostedKubelet bool     `hcl:"disable_self_hosted_kubelet,optional"`
+	K8sDomainName            string   `hcl:"k8s_domain_name"`
+	MatchboxCAPath           string   `hcl:"matchbox_ca_path"`
+	MatchboxClientCertPath   string   `hcl:"matchbox_client_cert_path"`
+	MatchboxClientKeyPath    string   `hcl:"matchbox_client_key_path"`
+	MatchboxEndpoint         string   `hcl:"matchbox_endpoint"`
+	MatchboxHTTPEndpoint     string   `hcl:"matchbox_http_endpoint"`
+	OSChannel                string   `hcl:"os_channel,optional"`
+	OSVersion                string   `hcl:"os_version,optional"`
+	SSHPubKeys               []string `hcl:"ssh_pubkeys"`
+	WorkerNames              []string `hcl:"worker_names"`
+	WorkerMacs               []string `hcl:"worker_macs"`
+	WorkerDomains            []string `hcl:"worker_domains"`
 }
 
 // init registers bare-metal as a platform
@@ -156,41 +157,43 @@ func createTerraformConfigFile(cfg *config, terraformPath string) error {
 	}
 
 	terraformCfg := struct {
-		CachedInstall        string
-		ClusterName          string
-		ControllerDomains    string
-		ControllerMacs       string
-		ControllerNames      string
-		K8sDomainName        string
-		MatchboxClientCert   string
-		MatchboxClientKey    string
-		MatchboxCA           string
-		MatchboxEndpoint     string
-		MatchboxHTTPEndpoint string
-		OSChannel            string
-		OSVersion            string
-		SSHPublicKeys        string
-		WorkerNames          string
-		WorkerMacs           string
-		WorkerDomains        string
+		CachedInstall            string
+		ClusterName              string
+		ControllerDomains        string
+		ControllerMacs           string
+		ControllerNames          string
+		K8sDomainName            string
+		MatchboxClientCert       string
+		MatchboxClientKey        string
+		MatchboxCA               string
+		MatchboxEndpoint         string
+		MatchboxHTTPEndpoint     string
+		OSChannel                string
+		OSVersion                string
+		SSHPublicKeys            string
+		WorkerNames              string
+		WorkerMacs               string
+		WorkerDomains            string
+		DisableSelfHostedKubelet bool
 	}{
-		CachedInstall:        cfg.CachedInstall,
-		ClusterName:          cfg.ClusterName,
-		ControllerDomains:    string(controllerDomains),
-		ControllerMacs:       string(controllerMacs),
-		ControllerNames:      string(controllerNames),
-		K8sDomainName:        cfg.K8sDomainName,
-		MatchboxCA:           cfg.MatchboxCAPath,
-		MatchboxClientCert:   cfg.MatchboxClientCertPath,
-		MatchboxClientKey:    cfg.MatchboxClientKeyPath,
-		MatchboxEndpoint:     cfg.MatchboxEndpoint,
-		MatchboxHTTPEndpoint: cfg.MatchboxHTTPEndpoint,
-		OSChannel:            cfg.OSChannel,
-		OSVersion:            cfg.OSVersion,
-		SSHPublicKeys:        string(keyListBytes),
-		WorkerNames:          string(workerNames),
-		WorkerMacs:           string(workerMacs),
-		WorkerDomains:        string(workerDomains),
+		CachedInstall:            cfg.CachedInstall,
+		ClusterName:              cfg.ClusterName,
+		ControllerDomains:        string(controllerDomains),
+		ControllerMacs:           string(controllerMacs),
+		ControllerNames:          string(controllerNames),
+		K8sDomainName:            cfg.K8sDomainName,
+		MatchboxCA:               cfg.MatchboxCAPath,
+		MatchboxClientCert:       cfg.MatchboxClientCertPath,
+		MatchboxClientKey:        cfg.MatchboxClientKeyPath,
+		MatchboxEndpoint:         cfg.MatchboxEndpoint,
+		MatchboxHTTPEndpoint:     cfg.MatchboxHTTPEndpoint,
+		OSChannel:                cfg.OSChannel,
+		OSVersion:                cfg.OSVersion,
+		SSHPublicKeys:            string(keyListBytes),
+		WorkerNames:              string(workerNames),
+		WorkerMacs:               string(workerMacs),
+		WorkerDomains:            string(workerDomains),
+		DisableSelfHostedKubelet: cfg.DisableSelfHostedKubelet,
 	}
 
 	if err := t.Execute(f, terraformCfg); err != nil {
diff --git a/pkg/platform/baremetal/template.go b/pkg/platform/baremetal/template.go
index 018b053d1..229ad31fb 100644
--- a/pkg/platform/baremetal/template.go
+++ b/pkg/platform/baremetal/template.go
@@ -31,6 +31,9 @@ module "bare-metal-{{.ClusterName}}" {
   os_channel             = "{{.OSChannel}}"
   os_version             = "{{.OSVersion}}"
 
+  # Disable self hosted kubelet
+  disable_self_hosted_kubelet = {{ .DisableSelfHostedKubelet }}
+
   # configuration
   cached_install     = "{{.CachedInstall}}"
   k8s_domain_name    = "{{.K8sDomainName}}"