-
Notifications
You must be signed in to change notification settings - Fork 49
EM: Add worker pool specific facility param #1359
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems OK if it works. Perhaps we could have some kind of guide on when to use this feature etc.
Yep I am on it, in a separate PR, so that we don't trigger CI without reason. |
46c6079
to
8978273
Compare
I think we need to convert |
Maybe we add |
af0b0b0
to
0c71812
Compare
@invidian done. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Small NITs. Apart from CI failing, the rest looks OK
assets/terraform-modules/packet/flatcar-linux/kubernetes/variables.tf
Outdated
Show resolved
Hide resolved
0c71812
to
309858e
Compare
309858e
to
ad04e7e
Compare
assets/terraform-modules/packet/flatcar-linux/kubernetes/bootkube.tf
Outdated
Show resolved
Hide resolved
514635a
to
8907cc9
Compare
da88f55
to
0006ac2
Compare
0006ac2
to
ccfe62b
Compare
34b9e3c
to
f33a370
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My concerns are still not addressed, so this should perhaps be reviewed by others.
This commit adds a param to the worker pools called facility. This allows users to choose a different facility/region than the controller nodes. The default behaviour is to deploy controllers and workers in the same facility. Signed-off-by: Suraj Deshmukh <suraj@kinvolk.io>
Signed-off-by: Suraj Deshmukh <suraj@kinvolk.io>
Signed-off-by: Suraj Deshmukh <suraj@kinvolk.io>
For calico's node ip auto detection use first controller node's private IP instead of node private CIDR. Signed-off-by: Suraj Deshmukh <suraj@kinvolk.io>
de00bfa
to
d9b32f3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Last thing from my side 🙏
Talking a bit more about validation, can we do this? We won't be doing random prints in pkg/platform
and we warn the proper way with logrus.
diff --git a/cli/cmd/cluster/cluster.go b/cli/cmd/cluster/cluster.go
index 954f6b32a..81f3d9b5b 100644
--- a/cli/cmd/cluster/cluster.go
+++ b/cli/cmd/cluster/cluster.go
@@ -18,6 +18,7 @@ import (
"fmt"
"path/filepath"
+ "github.com/hashicorp/hcl/v2"
"github.com/mitchellh/go-homedir"
log "github.com/sirupsen/logrus"
"helm.sh/helm/v3/pkg/action"
@@ -58,11 +59,15 @@ func (cc clusterConfig) initialize(contextLogger *log.Entry) (*cluster, error) {
}
p, diags := getConfiguredPlatform(lokoConfig, true)
- if diags.HasErrors() {
- for _, diagnostic := range diags {
+ for _, diagnostic := range diags {
+ if diagnostic.Severity == hcl.DiagError {
contextLogger.Error(diagnostic.Error())
+ } else {
+ contextLogger.Warning(diagnostic.Error())
}
+ }
+ if diags.HasErrors() {
return nil, fmt.Errorf("loading platform configuration")
}
diff --git a/pkg/platform/packet/packet.go b/pkg/platform/packet/packet.go
index 8ab4134a3..f2f652136 100644
--- a/pkg/platform/packet/packet.go
+++ b/pkg/platform/packet/packet.go
@@ -112,6 +112,12 @@ const (
Name = "packet"
)
+type DeprecatedNodeCIDRError struct{}
+
+func (e DeprecatedNodeCIDRError) Error() string {
+ return "`node_private_cidr` is deprecated, use `node_private_cidrs` instead"
+}
+
func (c *config) LoadConfig(configBody *hcl.Body, evalContext *hcl.EvalContext) hcl.Diagnostics {
if configBody == nil {
return hcl.Diagnostics{}
@@ -240,7 +246,12 @@ func createTerraformConfigFile(cfg *config, terraformPath string) error {
nodePrivateCIDRs, err := validateNodePrivateCIDRs(cfg)
if err != nil {
- return fmt.Errorf("validating Node Private CIDR: %w", err)
+ switch err.(type) {
+ case DeprecatedNodeCIDRError:
+ // we've warned about this before, ignore
+ default:
+ return fmt.Errorf("validating Node Private CIDR: %w", err)
+ }
}
// Configure oidc flags and set it to KubeAPIServerExtraFlags.
@@ -306,9 +317,7 @@ func validateNodePrivateCIDRs(cfg *config) ([]string, error) {
// If just the deprecated field is provided then produce a warning.
if cfg.NodePrivateCIDR != "" {
- fmt.Printf("Warning: `node_private_cidr` is deprecated, use `node_private_cidrs` instead.\n")
-
- return []string{cfg.NodePrivateCIDR}, nil
+ return []string{cfg.NodePrivateCIDR}, DeprecatedNodeCIDRError{}
}
// If there are repeated CIDRs then error out.
@@ -480,10 +489,19 @@ func (c *config) checkValidConfig() hcl.Diagnostics {
}
if _, err := validateNodePrivateCIDRs(c); err != nil {
+ var severity hcl.DiagnosticSeverity
+
+ switch err.(type) {
+ case DeprecatedNodeCIDRError:
+ severity = hcl.DiagWarning
+ default:
+ severity = hcl.DiagError
+ }
+
diagnostics = append(diagnostics, &hcl.Diagnostic{
- Severity: hcl.DiagError,
+ Severity: severity,
Summary: "Node Private CIDR",
- Detail: fmt.Sprintf("Node Private CIDR failed with: %v", err),
+ Detail: fmt.Sprintf("Validating Node Private CIDR: %v", err),
})
}
I think |
Right, so something like this? (I hate using hcl.Diagnostics) I can add this as a commit on top if @surajssd agrees. diff --git a/cli/cmd/cluster/cluster.go b/cli/cmd/cluster/cluster.go
index 954f6b32a..81f3d9b5b 100644
--- a/cli/cmd/cluster/cluster.go
+++ b/cli/cmd/cluster/cluster.go
@@ -18,6 +18,7 @@ import (
"fmt"
"path/filepath"
+ "github.com/hashicorp/hcl/v2"
"github.com/mitchellh/go-homedir"
log "github.com/sirupsen/logrus"
"helm.sh/helm/v3/pkg/action"
@@ -58,11 +59,15 @@ func (cc clusterConfig) initialize(contextLogger *log.Entry) (*cluster, error) {
}
p, diags := getConfiguredPlatform(lokoConfig, true)
- if diags.HasErrors() {
- for _, diagnostic := range diags {
+ for _, diagnostic := range diags {
+ if diagnostic.Severity == hcl.DiagError {
contextLogger.Error(diagnostic.Error())
+ } else {
+ contextLogger.Warning(diagnostic.Error())
}
+ }
+ if diags.HasErrors() {
return nil, fmt.Errorf("loading platform configuration")
}
diff --git a/pkg/platform/packet/packet.go b/pkg/platform/packet/packet.go
index 8ab4134a3..f9684d7d0 100644
--- a/pkg/platform/packet/packet.go
+++ b/pkg/platform/packet/packet.go
@@ -238,9 +238,9 @@ func createTerraformConfigFile(cfg *config, terraformPath string) error {
return fmt.Errorf("marshaling management CIDRs: %w", err)
}
- nodePrivateCIDRs, err := validateNodePrivateCIDRs(cfg)
- if err != nil {
- return fmt.Errorf("validating Node Private CIDR: %w", err)
+ nodePrivateCIDRs, diags := validateNodePrivateCIDRs(cfg)
+ if diags.HasErrors() {
+ return fmt.Errorf("validating Node Private CIDR: %w", diags)
}
// Configure oidc flags and set it to KubeAPIServerExtraFlags.
@@ -297,28 +297,45 @@ func createTerraformConfigFile(cfg *config, terraformPath string) error {
return nil
}
-func validateNodePrivateCIDRs(cfg *config) ([]string, error) {
+func validateNodePrivateCIDRs(cfg *config) ([]string, hcl.Diagnostics) {
// If both the deprecated and the new fields are provided then error out.
if cfg.NodePrivateCIDR != "" && len(cfg.NodePrivateCIDRs) > 0 {
- return nil, fmt.Errorf("`node_private_cidr` and `node_private_cidrs` cannot be used together," +
- " use `node_private_cidrs` only")
+ return nil, hcl.Diagnostics{
+ &hcl.Diagnostic{
+ Severity: hcl.DiagError,
+ Summary: "`node_private_cidr` and `node_private_cidrs` cannot be used together,",
+ },
+ }
}
// If just the deprecated field is provided then produce a warning.
if cfg.NodePrivateCIDR != "" {
- fmt.Printf("Warning: `node_private_cidr` is deprecated, use `node_private_cidrs` instead.\n")
-
- return []string{cfg.NodePrivateCIDR}, nil
+ return nil, hcl.Diagnostics{
+ &hcl.Diagnostic{
+ Severity: hcl.DiagWarning,
+ Summary: "`node_private_cidr` is deprecated, use `node_private_cidrs` instead",
+ },
+ }
}
// If there are repeated CIDRs then error out.
if repeatedCIDR := findDuplicateString(cfg.NodePrivateCIDRs); repeatedCIDR != "" {
- return nil, fmt.Errorf("multiple entries of node private CIDR: %v", repeatedCIDR)
+ return nil, hcl.Diagnostics{
+ &hcl.Diagnostic{
+ Severity: hcl.DiagError,
+ Summary: fmt.Sprintf("multiple entries of node private CIDR: %v", repeatedCIDR),
+ },
+ }
}
// If there are no CIDRs provided then error out.
if len(cfg.NodePrivateCIDRs) == 0 {
- return nil, fmt.Errorf("neither `node_private_cidr` nor `node_private_cidrs` provided")
+ return nil, hcl.Diagnostics{
+ &hcl.Diagnostic{
+ Severity: hcl.DiagError,
+ Summary: "neither `node_private_cidr` nor `node_private_cidrs` provided",
+ },
+ }
}
return cfg.NodePrivateCIDRs, nil
@@ -479,12 +496,8 @@ func (c *config) checkValidConfig() hcl.Diagnostics {
diagnostics = append(diagnostics, diags...)
}
- if _, err := validateNodePrivateCIDRs(c); err != nil {
- diagnostics = append(diagnostics, &hcl.Diagnostic{
- Severity: hcl.DiagError,
- Summary: "Node Private CIDR",
- Detail: fmt.Sprintf("Node Private CIDR failed with: %v", err),
- })
+ if _, diags := validateNodePrivateCIDRs(c); diags != nil {
+ diagnostics = append(diagnostics, diags...)
}
return diagnostics |
Exactly. But as |
d9b32f3
to
a7fa225
Compare
@iaguis incorporated, PTAL. |
Good point, let's name it |
a7fa225
to
4843f45
Compare
- Mark `node_private_cidr` as deprecated. - This is added to support multi-facility worker pools. Different facility in an EM project can have different private node CIDR, hence allow user to provide multiple CIDRs. Signed-off-by: Suraj Deshmukh <suraj@kinvolk.io>
Signed-off-by: Suraj Deshmukh <suraj@kinvolk.io>
We use octal of format `0o700` in `lokomotive/pkg/terraform_test` package. Without this change the tests fail with following error on go1.16: ``` octal literals requires go1.13 or later (-lang was set to go1.12; check go.mod) ``` It needs go1.13 or later mentioned in `go.mod`. This commit updates the go version in `go.mod`. Signed-off-by: Suraj Deshmukh <suraj@kinvolk.io>
4843f45
to
da95497
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
This commit adds a param to the worker pools called facility. This
allows users to choose a different facility/region than the controller
nodes. The default behaviour is to deploy controllers and workers in the
same facility.
Signed-off-by: Suraj Deshmukh suraj@kinvolk.io