-
Notifications
You must be signed in to change notification settings - Fork 190
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1706576: Eliminate ec2 metadata dependency #238
Bug 1706576: Eliminate ec2 metadata dependency #238
Conversation
This is an alternative to #235. |
Access to ec2 metadata will soon be restricted (openshift/origin#22826). Eliminate the ec2 metadata dependency by discovering AWS region information from cluster config. This commit uses the deprecated install config for metatadata; once openshift/installer#1725 merges, supported cluster config will provide the region information and the code can be refactored.
d4d6b41
to
b6063eb
Compare
@@ -122,6 +138,7 @@ func createDNSManager(cl client.Client, operatorConfig operatorconfig.Config, in | |||
AccessID: string(awsCreds.Data["aws_access_key_id"]), | |||
AccessKey: string(awsCreds.Data["aws_secret_access_key"]), | |||
DNS: dnsConfig, | |||
Region: installConfig.Platform.AWS.Region, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We get the cloud provider from infraConfig and the aws region from installConfig. Is it possible to get the cloud provider from the installConfig too and do away with infraConfig?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You may be missing some context here — the kube-system/cluster-config-v1 ConfigMap is deprecated, and all its usages have (for the most part) been replaced by versioned public config API (e.g. configv1.Infrastructure
). In that respect, this PR is actually a regression as we had already finished the API migration and now we're once again using the deprecated stuff (because ingress didn't need region in the public API until today when metadata became off-limits).
So, when region lands in the public API, we need a followup to revert this PR and switch to the new public API version.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good.
region = config.Region | ||
log.Info("using region from operator config", "region name", region) | ||
} | ||
if len(region) == 0 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do you think of using a switch with three cases (case len(aws.StringValue(sess.Config.Region)) > 0:
, case len(config.Region) > 0:
, and default:
)?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Worth another CI run?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(related: might be able to remove sess.Config.Region
support entirely and eliminate the branching — unless someone can remember why it's useful)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(in a followup)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably not.
@openshift/sig-network-edge PTAL. |
/lgtm |
1 similar comment
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ironcladlou, knobunc, Miciah The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/cherrypick release-4.1 |
@ironcladlou: once the present PR merges, I will cherry-pick it on top of release-4.1 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@ironcladlou: new pull request created: #239 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Access to ec2 metadata will soon be restricted
(openshift/origin#22826). Eliminate the ec2 metadata
dependency by discovering AWS region information from cluster config. This
commit uses the deprecated install config for metatadata; once
openshift/installer#1725 merges, supported cluster
config will provide the region information and the code can be refactored.