Bug 1706576: Eliminate ec2 metadata dependency #238
Conversation
openshift-ci-robot
added
the
approved
|
This is an alternative to #235. |
openshift-ci-robot
added
the
size/M
Access to ec2 metadata will soon be restricted (openshift/origin#22826). Eliminate the ec2 metadata dependency by discovering AWS region information from cluster config. This commit uses the deprecated install config for metatadata; once openshift/installer#1725 merges, supported cluster config will provide the region information and the code can be refactored.
ironcladlou
force-pushed
the
remove-aws-metadata-lookups
branch
from
d4d6b41
to
b6063eb
Compare
| @@ -122,6 +138,7 @@ func createDNSManager(cl client.Client, operatorConfig operatorconfig.Config, in | |||
| AccessID: string(awsCreds.Data["aws_access_key_id"]), | |||
| AccessKey: string(awsCreds.Data["aws_secret_access_key"]), | |||
| DNS: dnsConfig, | |||
| Region: installConfig.Platform.AWS.Region, | |||
There was a problem hiding this comment.
We get the cloud provider from infraConfig and the aws region from installConfig. Is it possible to get the cloud provider from the installConfig too and do away with infraConfig?
There was a problem hiding this comment.
You may be missing some context here — the kube-system/cluster-config-v1 ConfigMap is deprecated, and all its usages have (for the most part) been replaced by versioned public config API (e.g. configv1.Infrastructure). In that respect, this PR is actually a regression as we had already finished the API migration and now we're once again using the deprecated stuff (because ingress didn't need region in the public API until today when metadata became off-limits).
So, when region lands in the public API, we need a followup to revert this PR and switch to the new public API version.
| region = config.Region | ||
| log.Info("using region from operator config", "region name", region) | ||
| } | ||
| if len(region) == 0 { |
There was a problem hiding this comment.
What do you think of using a switch with three cases (case len(aws.StringValue(sess.Config.Region)) > 0:, case len(config.Region) > 0:, and default:)?
There was a problem hiding this comment.
Worth another CI run?
There was a problem hiding this comment.
(related: might be able to remove sess.Config.Region support entirely and eliminate the branching — unless someone can remember why it's useful)
There was a problem hiding this comment.
(in a followup)
|
@openshift/sig-network-edge PTAL. |
|
/lgtm |
1 similar comment
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ironcladlou, knobunc, Miciah The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/cherrypick release-4.1 |
|
@ironcladlou: once the present PR merges, I will cherry-pick it on top of release-4.1 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
ironcladlou
changed the title
|
@ironcladlou: new pull request created: #239 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Access to ec2 metadata will soon be restricted
(openshift/origin#22826). Eliminate the ec2 metadata
dependency by discovering AWS region information from cluster config. This
commit uses the deprecated install config for metatadata; once
openshift/installer#1725 merges, supported cluster
config will provide the region information and the code can be refactored.