From 5ed11fd9c769d12936f4834373870dde68a4e55e Mon Sep 17 00:00:00 2001 From: Justin SB Date: Sun, 17 May 2020 15:19:36 -0400 Subject: [PATCH 1/2] GCE: don't rely on hostname being correct Distros that use systemd for DHCP often don't have the hostname correct, due to e.g. the requirement for policy kit. We don't rely on it being set correctly on other clouds; no real reason to require it on GCP either! --- Makefile | 2 +- pkg/model/components/kubelet.go | 6 ++++++ upup/pkg/fi/nodeup/command.go | 15 +++++++++++++++ util/pkg/vfs/context.go | 2 +- 4 files changed, 23 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index d2a3583e752f1..5dc8167aade45 100644 --- a/Makefile +++ b/Makefile @@ -357,7 +357,7 @@ push: crossbuild-nodeup .PHONY: push-gce-dry push-gce-dry: push - ssh ${TARGET} sudo /tmp/nodeup --conf=metadata://gce/config --dryrun --v=8 + ssh ${TARGET} sudo /tmp/nodeup --conf=metadata://gce/instance/attributes/config --dryrun --v=8 .PHONY: push-gce-dry push-aws-dry: push diff --git a/pkg/model/components/kubelet.go b/pkg/model/components/kubelet.go index 1fe79a8dc7006..2d5c17431342b 100644 --- a/pkg/model/components/kubelet.go +++ b/pkg/model/components/kubelet.go @@ -153,6 +153,12 @@ func (b *KubeletOptionsBuilder) BuildOptions(o interface{}) error { } clusterSpec.CloudConfig.Multizone = fi.Bool(true) clusterSpec.CloudConfig.NodeTags = fi.String(GCETagForRole(b.Context.ClusterName, kops.InstanceGroupRoleNode)) + + // Use the hostname from the GCE metadata service + // if hostnameOverride is not set. + if clusterSpec.Kubelet.HostnameOverride == "" { + clusterSpec.Kubelet.HostnameOverride = "@gce" + } } if cloudProvider == kops.CloudProviderVSphere { diff --git a/upup/pkg/fi/nodeup/command.go b/upup/pkg/fi/nodeup/command.go index 96d6b4fe03d3b..876b4654a8e51 100644 --- a/upup/pkg/fi/nodeup/command.go +++ b/upup/pkg/fi/nodeup/command.go @@ -491,6 +491,21 @@ func evaluateHostnameOverride(hostnameOverride string) (string, error) { return *(result.Reservations[0].Instances[0].PrivateDnsName), nil } + if k == "@gce" { + // We recognize @gce as meaning the hostname from the GCE metadata service + // This lets us tolerate broken hostnames (i.e. systemd) + b, err := vfs.Context.ReadFile("metadata://gce/instance/hostname") + if err != nil { + return "", fmt.Errorf("error reading hostname from GCE metadata: %v", err) + } + + // We only want to use the first portion of the fully-qualified name + // e.g. foo.c.project.internal => foo + fullyQualified := string(b) + bareHostname := strings.Split(fullyQualified, ".")[0] + return bareHostname, nil + } + if k == "@digitalocean" { // @digitalocean means to use the private ipv4 address of a droplet as the hostname override vBytes, err := vfs.Context.ReadFile("metadata://digitalocean/interfaces/private/0/ipv4/address") diff --git a/util/pkg/vfs/context.go b/util/pkg/vfs/context.go index 0dbb48a173861..f8c3bf7139607 100644 --- a/util/pkg/vfs/context.go +++ b/util/pkg/vfs/context.go @@ -97,7 +97,7 @@ func (c *VFSContext) ReadFile(location string, options ...VFSOption) ([]byte, er case "metadata": switch u.Host { case "gce": - httpURL := "http://169.254.169.254/computeMetadata/v1/instance/attributes/" + u.Path + httpURL := "http://169.254.169.254/computeMetadata/v1/" + u.Path httpHeaders := make(map[string]string) httpHeaders["Metadata-Flavor"] = "Google" return c.readHTTPLocation(httpURL, httpHeaders, opts) From 7228223781a227d497965a8bf3f408113263a495 Mon Sep 17 00:00:00 2001 From: Peter Rifel Date: Fri, 22 May 2020 18:48:20 -0500 Subject: [PATCH 2/2] Update integration test outputs --- ...master-us-test1-a-ha-gce-example-com_metadata_startup-script | 2 ++ ...master-us-test1-b-ha-gce-example-com_metadata_startup-script | 2 ++ ...master-us-test1-c-ha-gce-example-com_metadata_startup-script | 2 ++ ...ce_template_nodes-ha-gce-example-com_metadata_startup-script | 1 + ...r-us-test1-a-minimal-gce-example-com_metadata_startup-script | 2 ++ ...mplate_nodes-minimal-gce-example-com_metadata_startup-script | 1 + 6 files changed, 10 insertions(+) diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script index c9357b2f05cf0..575fee7ccbe4d 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-a-ha-gce-example-com_metadata_startup-script @@ -226,6 +226,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 @@ -244,6 +245,7 @@ masterKubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script index ab141c7dee7bd..678fc00553099 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-b-ha-gce-example-com_metadata_startup-script @@ -226,6 +226,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 @@ -244,6 +245,7 @@ masterKubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script index b81d0b01606c4..8866e58645aaf 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_master-us-test1-c-ha-gce-example-com_metadata_startup-script @@ -226,6 +226,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 @@ -244,6 +245,7 @@ masterKubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script index 4681498b13614..88770d4a3852f 100644 --- a/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/ha_gce/data/google_compute_instance_template_nodes-ha-gce-example-com_metadata_startup-script @@ -162,6 +162,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script index 64611028bb6b7..960b402120740 100644 --- a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_master-us-test1-a-minimal-gce-example-com_metadata_startup-script @@ -226,6 +226,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 @@ -244,6 +245,7 @@ masterKubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001 diff --git a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script index ced79d8362e30..b1482df8dbbb4 100644 --- a/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script +++ b/tests/integration/update_cluster/minimal_gce/data/google_compute_instance_template_nodes-minimal-gce-example-com_metadata_startup-script @@ -162,6 +162,7 @@ kubelet: featureGates: ExperimentalCriticalPodAnnotation: "true" hairpinMode: promiscuous-bridge + hostnameOverride: '@gce' kubeconfigPath: /var/lib/kubelet/kubeconfig logLevel: 2 networkPluginMTU: 9001