From ec2a1f9f60c27ffbeabfec0feb800d71c65e704a Mon Sep 17 00:00:00 2001 From: Kimmo Lehto Date: Thu, 10 Oct 2024 10:05:15 +0300 Subject: [PATCH 1/4] Fall back to CPLB virtual address in external API URL Signed-off-by: Kimmo Lehto --- phase/get_kubeconfig.go | 44 +------------- phase/get_kubeconfig_test.go | 6 -- phase/install_controllers.go | 2 +- .../v1beta1/cluster/spec.go | 58 ++++++++++++++----- 4 files changed, 47 insertions(+), 63 deletions(-) diff --git a/phase/get_kubeconfig.go b/phase/get_kubeconfig.go index 19943fe9..ced829fb 100644 --- a/phase/get_kubeconfig.go +++ b/phase/get_kubeconfig.go @@ -2,13 +2,10 @@ package phase import ( "fmt" - "strings" "github.com/alessio/shellescape" - "github.com/k0sproject/dig" "github.com/k0sproject/k0sctl/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster" "github.com/k0sproject/rig/exec" - "gopkg.in/yaml.v2" "k8s.io/client-go/tools/clientcmd" ) @@ -31,24 +28,6 @@ var readKubeconfig = func(h *cluster.Host) (string, error) { return output, nil } -var k0sConfig = func(h *cluster.Host) (dig.Mapping, error) { - cfgContent, err := h.Configurer.ReadFile(h, h.Configurer.K0sConfigPath()) - if err != nil { - return nil, fmt.Errorf("read k0s config from host: %w", err) - } - - var cfg dig.Mapping - if err := yaml.Unmarshal([]byte(cfgContent), &cfg); err != nil { - return nil, fmt.Errorf("unmarshal k0s config: %w", err) - } - - if err != nil { - return nil, fmt.Errorf("parse k0s config: %w", err) - } - - return cfg, nil -} - func (p *GetKubeconfig) DryRun() error { p.DryMsg(p.Config.Spec.Hosts.Controllers()[0], "get admin kubeconfig") return nil @@ -58,34 +37,13 @@ func (p *GetKubeconfig) DryRun() error { func (p *GetKubeconfig) Run() error { h := p.Config.Spec.Hosts.Controllers()[0] - cfg, err := k0sConfig(h) - if err != nil { - return err - } - output, err := readKubeconfig(h) if err != nil { return fmt.Errorf("read kubeconfig from host: %w", err) } if p.APIAddress == "" { - // the controller admin.conf is aways pointing to localhost, thus we need to change the address - // something usable from outside - address := h.Address() - if a, ok := cfg.Dig("spec", "api", "externalAddress").(string); ok && a != "" { - address = a - } - - port := 6443 - if p, ok := cfg.Dig("spec", "api", "port").(int); ok && p != 0 { - port = p - } - - if strings.Contains(address, ":") { - p.APIAddress = fmt.Sprintf("https://[%s]:%d", address, port) - } else { - p.APIAddress = fmt.Sprintf("https://%s:%d", address, port) - } + p.APIAddress = p.Config.Spec.KubeAPIURL() } cfgString, err := kubeConfig(output, p.Config.Metadata.Name, p.APIAddress) diff --git a/phase/get_kubeconfig_test.go b/phase/get_kubeconfig_test.go index cb42fc64..e2f093fb 100644 --- a/phase/get_kubeconfig_test.go +++ b/phase/get_kubeconfig_test.go @@ -49,12 +49,6 @@ func TestGetKubeconfig(t *testing.T) { defer func() { readKubeconfig = origReadKubeconfig }() readKubeconfig = fakeReader - origK0sConfig := k0sConfig - defer func() { k0sConfig = origK0sConfig }() - k0sConfig = func(h *cluster.Host) (dig.Mapping, error) { - return cfg.Spec.K0s.Config, nil - } - p := GetKubeconfig{GenericPhase: GenericPhase{Config: cfg}} require.NoError(t, p.Run()) conf, err := clientcmd.Load([]byte(cfg.Metadata.Kubeconfig)) diff --git a/phase/install_controllers.go b/phase/install_controllers.go index 5ce0e412..017bc06c 100644 --- a/phase/install_controllers.go +++ b/phase/install_controllers.go @@ -88,7 +88,7 @@ func (p *InstallControllers) After() error { // Run the phase func (p *InstallControllers) Run() error { - url := p.Config.Spec.KubeAPIURL() + url := p.Config.Spec.InternalKubeAPIURL() healthz := fmt.Sprintf("%s/healthz", url) err := p.parallelDo(p.hosts, func(h *cluster.Host) error { diff --git a/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go b/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go index 02a6dc49..17a10867 100644 --- a/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go +++ b/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go @@ -2,9 +2,11 @@ package cluster import ( "fmt" + "strings" "github.com/creasty/defaults" "github.com/jellydator/validation" + "github.com/k0sproject/dig" ) // Spec defines cluster config spec section @@ -80,24 +82,54 @@ func (s *Spec) Validate() error { ) } -// KubeAPIURL returns an url to the cluster's kube api -func (s *Spec) KubeAPIURL() string { - var caddr string +func (s *Spec) clusterExternalAddress() string { if a := s.K0s.Config.DigString("spec", "api", "externalAddress"); a != "" { - caddr = a - } else { - leader := s.K0sLeader() - if leader.PrivateAddress != "" { - caddr = leader.PrivateAddress - } else { - caddr = leader.Address() + return a + } + + if cplb, ok := s.K0s.Config.Dig("spec", "network", "controlPlaneLoadBalancing").(dig.Mapping); ok { + if enabled, ok := cplb.Dig("enabled").(bool); ok && enabled { + vrrpAddresses := cplb.Dig("virtualServers").([]string) + if len(vrrpAddresses) > 0 { + return vrrpAddresses[0] + } } } - cport := 6443 + return s.K0sLeader().Address() +} + +func (s *Spec) clusterInternalAddress() string { + leader := s.K0sLeader() + if leader.PrivateAddress != "" { + return leader.PrivateAddress + } else { + return leader.Address() + } +} + +const defaultAPIPort = 6443 + +func (s *Spec) apiPort() int { if p, ok := s.K0s.Config.Dig("spec", "api", "port").(int); ok { - cport = p + return p } + return defaultAPIPort +} - return fmt.Sprintf("https://%s:%d", caddr, cport) +// KubeAPIURL returns an external url to the cluster's kube API +func (s *Spec) KubeAPIURL() string { + return fmt.Sprintf("https://%s:%d", formatIPV6(s.clusterExternalAddress()), s.apiPort()) +} + +// InternalKubeAPIURL returns a cluster internal url to the cluster's kube API +func (s *Spec) InternalKubeAPIURL() string { + return fmt.Sprintf("https://%s:%d", formatIPV6(s.clusterInternalAddress()), s.apiPort()) +} + +func formatIPV6(address string) string { + if strings.Contains(address, ":") { + return fmt.Sprintf("[%s]", address) + } + return address } From 6b9054b8d5d99dfb7c2d0b86a7b5c14cfd44527d Mon Sep 17 00:00:00 2001 From: Kimmo Lehto Date: Mon, 14 Oct 2024 10:58:08 +0300 Subject: [PATCH 2/4] Consider k0s onlyBindToAddress option when building API URLs Signed-off-by: Kimmo Lehto --- phase/initialize_k0s.go | 8 +------ phase/install_controllers.go | 7 +----- phase/upgrade_controllers.go | 6 +---- .../v1beta1/cluster/spec.go | 23 ++++++++++++++++--- pkg/node/statusfunc.go | 5 ++-- smoke-test/k0sctl-controller-swap.yaml | 2 ++ smoke-test/k0sctl-downloadurl.yaml | 2 ++ smoke-test/k0sctl-dryrun.yaml | 2 ++ smoke-test/k0sctl-dynamic.yaml | 2 ++ smoke-test/k0sctl-files.yaml.tpl | 2 ++ smoke-test/k0sctl-installflags.yaml.tpl | 2 ++ smoke-test/k0sctl-openssh.yaml | 2 ++ smoke-test/k0sctl-rootless.yaml.tpl | 2 ++ smoke-test/k0sctl-single.yaml | 4 +++- smoke-test/k0sctl.yaml | 2 ++ smoke-test/smoke.common.sh | 1 + 16 files changed, 48 insertions(+), 24 deletions(-) diff --git a/phase/initialize_k0s.go b/phase/initialize_k0s.go index 7cdc9ba4..821891ff 100644 --- a/phase/initialize_k0s.go +++ b/phase/initialize_k0s.go @@ -100,7 +100,6 @@ func (p *InitializeK0s) Run() error { } return nil }) - if err != nil { return err } @@ -116,18 +115,13 @@ func (p *InitializeK0s) Run() error { return err } - port := 6443 - if p, ok := p.Config.Spec.K0s.Config.Dig("spec", "api", "port").(int); ok { - port = p - } log.Infof("%s: waiting for kubernetes api to respond", h) - if err := retry.Timeout(context.TODO(), retry.DefaultTimeout, node.KubeAPIReadyFunc(h, port)); err != nil { + if err := retry.Timeout(context.TODO(), retry.DefaultTimeout, node.KubeAPIReadyFunc(h, p.Config)); err != nil { return err } return nil }) - if err != nil { return err } diff --git a/phase/install_controllers.go b/phase/install_controllers.go index 017bc06c..dd91b631 100644 --- a/phase/install_controllers.go +++ b/phase/install_controllers.go @@ -191,11 +191,6 @@ func (p *InstallControllers) Run() error { } func (p *InstallControllers) waitJoined(h *cluster.Host) error { - port := 6443 - if p, ok := p.Config.Spec.K0s.Config.Dig("spec", "api", "port").(int); ok { - port = p - } - log.Infof("%s: waiting for kubernetes api to respond", h) - return retry.Timeout(context.TODO(), retry.DefaultTimeout, node.KubeAPIReadyFunc(h, port)) + return retry.Timeout(context.TODO(), retry.DefaultTimeout, node.KubeAPIReadyFunc(h, p.Config)) } diff --git a/phase/upgrade_controllers.go b/phase/upgrade_controllers.go index 247ee0b4..df526a8f 100644 --- a/phase/upgrade_controllers.go +++ b/phase/upgrade_controllers.go @@ -131,13 +131,9 @@ func (p *UpgradeControllers) Run() error { if err != nil { return err } - port := 6443 - if p, ok := p.Config.Spec.K0s.Config.Dig("spec", "api", "port").(int); ok { - port = p - } if p.IsWet() { - if err := retry.Timeout(context.TODO(), retry.DefaultTimeout, node.KubeAPIReadyFunc(h, port)); err != nil { + if err := retry.Timeout(context.TODO(), retry.DefaultTimeout, node.KubeAPIReadyFunc(h, p.Config)); err != nil { return fmt.Errorf("kube api did not become ready: %w", err) } } diff --git a/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go b/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go index 17a10867..02f60fa4 100644 --- a/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go +++ b/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go @@ -110,7 +110,7 @@ func (s *Spec) clusterInternalAddress() string { const defaultAPIPort = 6443 -func (s *Spec) apiPort() int { +func (s *Spec) APIPort() int { if p, ok := s.K0s.Config.Dig("spec", "api", "port").(int); ok { return p } @@ -119,12 +119,29 @@ func (s *Spec) apiPort() int { // KubeAPIURL returns an external url to the cluster's kube API func (s *Spec) KubeAPIURL() string { - return fmt.Sprintf("https://%s:%d", formatIPV6(s.clusterExternalAddress()), s.apiPort()) + return fmt.Sprintf("https://%s:%d", formatIPV6(s.clusterExternalAddress()), s.APIPort()) } // InternalKubeAPIURL returns a cluster internal url to the cluster's kube API func (s *Spec) InternalKubeAPIURL() string { - return fmt.Sprintf("https://%s:%d", formatIPV6(s.clusterInternalAddress()), s.apiPort()) + return fmt.Sprintf("https://%s:%d", formatIPV6(s.clusterInternalAddress()), s.APIPort()) +} + +// NodeInternalKubeAPIURL returns a cluster internal url to the node's kube API +func (s *Spec) NodeInternalKubeAPIURL(h *Host) string { + addr := "localhost" + + // spec.api.onlyBindToAddress was introduced in k0s 1.30. Setting it to true will make the API server only + // listen on the IP address configured by the `address` option. + if onlyBindAddr, ok := s.K0s.Config.Dig("spec", "api", "onlyBindToAddress").(bool); ok && onlyBindAddr { + if h.PrivateAddress != "" { + addr = h.PrivateAddress + } else { + addr = h.Address() + } + } + + return fmt.Sprintf("https://%s:%d", formatIPV6(addr), s.APIPort()) } func formatIPV6(address string) string { diff --git a/pkg/node/statusfunc.go b/pkg/node/statusfunc.go index 3066b56d..67d16af0 100644 --- a/pkg/node/statusfunc.go +++ b/pkg/node/statusfunc.go @@ -7,6 +7,7 @@ import ( "strings" "time" + "github.com/k0sproject/k0sctl/pkg/apis/k0sctl.k0sproject.io/v1beta1" "github.com/k0sproject/k0sctl/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster" "github.com/k0sproject/rig/exec" @@ -195,8 +196,8 @@ func ServiceStoppedFunc(h *cluster.Host, service string) retryFunc { } // KubeAPIReadyFunc returns a function that returns an error unless the host's local kube api responds to /version -func KubeAPIReadyFunc(h *cluster.Host, port int) retryFunc { +func KubeAPIReadyFunc(h *cluster.Host, config *v1beta1.Cluster) retryFunc { // If the anon-auth is disabled on kube api the version endpoint will give 401 // thus we need to accept both 200 and 401 as valid statuses when checking kube api - return HTTPStatusFunc(h, fmt.Sprintf("https://localhost:%d/version", port), 200, 401) + return HTTPStatusFunc(h, fmt.Sprintf("%s/version", config.Spec.NodeInternalKubeAPIURL(h)), 200, 401) } diff --git a/smoke-test/k0sctl-controller-swap.yaml b/smoke-test/k0sctl-controller-swap.yaml index 5930468e..187b86b6 100644 --- a/smoke-test/k0sctl-controller-swap.yaml +++ b/smoke-test/k0sctl-controller-swap.yaml @@ -24,6 +24,8 @@ spec: version: "${K0S_VERSION}" config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-downloadurl.yaml b/smoke-test/k0sctl-downloadurl.yaml index fe951caa..6391e486 100644 --- a/smoke-test/k0sctl-downloadurl.yaml +++ b/smoke-test/k0sctl-downloadurl.yaml @@ -17,5 +17,7 @@ spec: k0s: config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-dryrun.yaml b/smoke-test/k0sctl-dryrun.yaml index b4e1ad3a..b3ee8acb 100644 --- a/smoke-test/k0sctl-dryrun.yaml +++ b/smoke-test/k0sctl-dryrun.yaml @@ -20,5 +20,7 @@ spec: version: "${K0S_VERSION}" config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-dynamic.yaml b/smoke-test/k0sctl-dynamic.yaml index 20b6958a..62032eb0 100644 --- a/smoke-test/k0sctl-dynamic.yaml +++ b/smoke-test/k0sctl-dynamic.yaml @@ -20,5 +20,7 @@ spec: dynamicConfig: true config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-files.yaml.tpl b/smoke-test/k0sctl-files.yaml.tpl index ca481608..73663951 100644 --- a/smoke-test/k0sctl-files.yaml.tpl +++ b/smoke-test/k0sctl-files.yaml.tpl @@ -47,5 +47,7 @@ spec: version: "$K0S_VERSION" config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-installflags.yaml.tpl b/smoke-test/k0sctl-installflags.yaml.tpl index f5a9d476..6a3d22d2 100644 --- a/smoke-test/k0sctl-installflags.yaml.tpl +++ b/smoke-test/k0sctl-installflags.yaml.tpl @@ -22,5 +22,7 @@ spec: version: "${K0S_VERSION}" config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-openssh.yaml b/smoke-test/k0sctl-openssh.yaml index 4071157d..b9ec17b2 100644 --- a/smoke-test/k0sctl-openssh.yaml +++ b/smoke-test/k0sctl-openssh.yaml @@ -16,5 +16,7 @@ spec: version: "${K0S_VERSION}" config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-rootless.yaml.tpl b/smoke-test/k0sctl-rootless.yaml.tpl index 4d911c60..d18760c0 100644 --- a/smoke-test/k0sctl-rootless.yaml.tpl +++ b/smoke-test/k0sctl-rootless.yaml.tpl @@ -28,5 +28,7 @@ spec: version: "${K0S_VERSION}" config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-single.yaml b/smoke-test/k0sctl-single.yaml index 3b3165bb..68a4a5c1 100644 --- a/smoke-test/k0sctl-single.yaml +++ b/smoke-test/k0sctl-single.yaml @@ -19,5 +19,7 @@ spec: version: "$K0S_VERSION" config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: - enabled: false \ No newline at end of file + enabled: false diff --git a/smoke-test/k0sctl.yaml b/smoke-test/k0sctl.yaml index 1a43973d..0c6b5f2b 100644 --- a/smoke-test/k0sctl.yaml +++ b/smoke-test/k0sctl.yaml @@ -26,5 +26,7 @@ spec: version: "${K0S_VERSION}" config: spec: + api: + externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/smoke.common.sh b/smoke-test/smoke.common.sh index 385e091c..a7e47803 100644 --- a/smoke-test/smoke.common.sh +++ b/smoke-test/smoke.common.sh @@ -4,6 +4,7 @@ export LINUX_IMAGE="${LINUX_IMAGE:-"quay.io/k0sproject/bootloose-ubuntu20.04"}" export PRESERVE_CLUSTER="${PRESERVE_CLUSTER:-""}" export DISABLE_TELEMETRY=true export K0S_VERSION +export K0S_API_EXTERNAL_ADDRESS="${K0S_API_EXTERNAL_ADDRESS:-172.20.0.1}" createCluster() { envsubst < "${BOOTLOOSE_TEMPLATE}" > bootloose.yaml From 3f9f91de82d7d8d4aec5748640c0906f124c5b28 Mon Sep 17 00:00:00 2001 From: Kimmo Lehto Date: Mon, 14 Oct 2024 14:04:36 +0300 Subject: [PATCH 3/4] Validate worker connectivity to cluster-internal addresses Signed-off-by: Kimmo Lehto --- phase/configure_k0s.go | 6 +++++- phase/install_workers.go | 2 +- pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go | 2 +- smoke-test/k0sctl-controller-swap.yaml | 2 -- smoke-test/k0sctl-downloadurl.yaml | 2 -- smoke-test/k0sctl-dryrun.yaml | 2 -- smoke-test/k0sctl-dynamic.yaml | 2 -- smoke-test/k0sctl-files.yaml.tpl | 2 -- smoke-test/k0sctl-installflags.yaml.tpl | 2 -- smoke-test/k0sctl-openssh.yaml | 2 -- smoke-test/k0sctl-rootless.yaml.tpl | 2 -- smoke-test/k0sctl-single.yaml | 4 +--- smoke-test/k0sctl.yaml | 2 -- smoke-test/smoke.common.sh | 1 - 14 files changed, 8 insertions(+), 25 deletions(-) diff --git a/phase/configure_k0s.go b/phase/configure_k0s.go index 26163032..1c82841b 100644 --- a/phase/configure_k0s.go +++ b/phase/configure_k0s.go @@ -183,7 +183,7 @@ func (p *ConfigureK0s) generateDefaultConfig() (string, error) { func (p *ConfigureK0s) Run() error { controllers := p.Config.Spec.Hosts.Controllers().Filter(func(h *cluster.Host) bool { return !h.Reset && len(h.Metadata.K0sNewConfig) > 0 - }) + }) return p.parallelDo(controllers, p.configureK0s) } @@ -309,6 +309,10 @@ func (p *ConfigureK0s) configFor(h *cluster.Host) (string, error) { cfg.DigMapping("spec", "api")["address"] = addr addUnlessExist(&sans, addr) + if externalAddr := cfg.DigString("spec", "api", "externalAddress"); externalAddr != "" { + addUnlessExist(&sans, externalAddr) + } + oldsans := cfg.Dig("spec", "api", "sans") switch oldsans := oldsans.(type) { case []interface{}: diff --git a/phase/install_workers.go b/phase/install_workers.go index 970d9ec2..ebdc1fbe 100644 --- a/phase/install_workers.go +++ b/phase/install_workers.go @@ -98,7 +98,7 @@ func (p *InstallWorkers) After() error { // Run the phase func (p *InstallWorkers) Run() error { - url := p.Config.Spec.KubeAPIURL() + url := p.Config.Spec.InternalKubeAPIURL() healthz := fmt.Sprintf("%s/healthz", url) err := p.parallelDo(p.hosts, func(h *cluster.Host) error { diff --git a/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go b/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go index 02f60fa4..050be23e 100644 --- a/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go +++ b/pkg/apis/k0sctl.k0sproject.io/v1beta1/cluster/spec.go @@ -129,7 +129,7 @@ func (s *Spec) InternalKubeAPIURL() string { // NodeInternalKubeAPIURL returns a cluster internal url to the node's kube API func (s *Spec) NodeInternalKubeAPIURL(h *Host) string { - addr := "localhost" + addr := "127.0.0.1" // spec.api.onlyBindToAddress was introduced in k0s 1.30. Setting it to true will make the API server only // listen on the IP address configured by the `address` option. diff --git a/smoke-test/k0sctl-controller-swap.yaml b/smoke-test/k0sctl-controller-swap.yaml index 187b86b6..5930468e 100644 --- a/smoke-test/k0sctl-controller-swap.yaml +++ b/smoke-test/k0sctl-controller-swap.yaml @@ -24,8 +24,6 @@ spec: version: "${K0S_VERSION}" config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-downloadurl.yaml b/smoke-test/k0sctl-downloadurl.yaml index 6391e486..fe951caa 100644 --- a/smoke-test/k0sctl-downloadurl.yaml +++ b/smoke-test/k0sctl-downloadurl.yaml @@ -17,7 +17,5 @@ spec: k0s: config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-dryrun.yaml b/smoke-test/k0sctl-dryrun.yaml index b3ee8acb..b4e1ad3a 100644 --- a/smoke-test/k0sctl-dryrun.yaml +++ b/smoke-test/k0sctl-dryrun.yaml @@ -20,7 +20,5 @@ spec: version: "${K0S_VERSION}" config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-dynamic.yaml b/smoke-test/k0sctl-dynamic.yaml index 62032eb0..20b6958a 100644 --- a/smoke-test/k0sctl-dynamic.yaml +++ b/smoke-test/k0sctl-dynamic.yaml @@ -20,7 +20,5 @@ spec: dynamicConfig: true config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-files.yaml.tpl b/smoke-test/k0sctl-files.yaml.tpl index 73663951..ca481608 100644 --- a/smoke-test/k0sctl-files.yaml.tpl +++ b/smoke-test/k0sctl-files.yaml.tpl @@ -47,7 +47,5 @@ spec: version: "$K0S_VERSION" config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-installflags.yaml.tpl b/smoke-test/k0sctl-installflags.yaml.tpl index 6a3d22d2..f5a9d476 100644 --- a/smoke-test/k0sctl-installflags.yaml.tpl +++ b/smoke-test/k0sctl-installflags.yaml.tpl @@ -22,7 +22,5 @@ spec: version: "${K0S_VERSION}" config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-openssh.yaml b/smoke-test/k0sctl-openssh.yaml index b9ec17b2..4071157d 100644 --- a/smoke-test/k0sctl-openssh.yaml +++ b/smoke-test/k0sctl-openssh.yaml @@ -16,7 +16,5 @@ spec: version: "${K0S_VERSION}" config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-rootless.yaml.tpl b/smoke-test/k0sctl-rootless.yaml.tpl index d18760c0..4d911c60 100644 --- a/smoke-test/k0sctl-rootless.yaml.tpl +++ b/smoke-test/k0sctl-rootless.yaml.tpl @@ -28,7 +28,5 @@ spec: version: "${K0S_VERSION}" config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/k0sctl-single.yaml b/smoke-test/k0sctl-single.yaml index 68a4a5c1..3b3165bb 100644 --- a/smoke-test/k0sctl-single.yaml +++ b/smoke-test/k0sctl-single.yaml @@ -19,7 +19,5 @@ spec: version: "$K0S_VERSION" config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: - enabled: false + enabled: false \ No newline at end of file diff --git a/smoke-test/k0sctl.yaml b/smoke-test/k0sctl.yaml index 0c6b5f2b..1a43973d 100644 --- a/smoke-test/k0sctl.yaml +++ b/smoke-test/k0sctl.yaml @@ -26,7 +26,5 @@ spec: version: "${K0S_VERSION}" config: spec: - api: - externalAddress: "${K0S_API_EXTERNAL_ADDRESS}" telemetry: enabled: false diff --git a/smoke-test/smoke.common.sh b/smoke-test/smoke.common.sh index a7e47803..385e091c 100644 --- a/smoke-test/smoke.common.sh +++ b/smoke-test/smoke.common.sh @@ -4,7 +4,6 @@ export LINUX_IMAGE="${LINUX_IMAGE:-"quay.io/k0sproject/bootloose-ubuntu20.04"}" export PRESERVE_CLUSTER="${PRESERVE_CLUSTER:-""}" export DISABLE_TELEMETRY=true export K0S_VERSION -export K0S_API_EXTERNAL_ADDRESS="${K0S_API_EXTERNAL_ADDRESS:-172.20.0.1}" createCluster() { envsubst < "${BOOTLOOSE_TEMPLATE}" > bootloose.yaml From fd0ba50f48005339846446ffc2452db015e90272 Mon Sep 17 00:00:00 2001 From: Kimmo Lehto Date: Tue, 22 Oct 2024 10:10:38 +0300 Subject: [PATCH 4/4] Remove all SANs manipulation as k0s does it on its own Signed-off-by: Kimmo Lehto --- phase/configure_k0s.go | 45 ------------------------------------------ 1 file changed, 45 deletions(-) diff --git a/phase/configure_k0s.go b/phase/configure_k0s.go index 1c82841b..4f252ead 100644 --- a/phase/configure_k0s.go +++ b/phase/configure_k0s.go @@ -270,19 +270,6 @@ func (p *ConfigureK0s) configureK0s(h *cluster.Host) error { return nil } -func addUnlessExist(slice *[]string, s string) { - var found bool - for _, v := range *slice { - if v == s { - found = true - break - } - } - if !found { - *slice = append(*slice, s) - } -} - func (p *ConfigureK0s) configFor(h *cluster.Host) (string, error) { var cfg dig.Mapping @@ -298,44 +285,12 @@ func (p *ConfigureK0s) configFor(h *cluster.Host) (string, error) { cfg = p.newBaseConfig.Dup() } - var sans []string - var addr string if h.PrivateAddress != "" { addr = h.PrivateAddress } else { addr = h.Address() } - cfg.DigMapping("spec", "api")["address"] = addr - addUnlessExist(&sans, addr) - - if externalAddr := cfg.DigString("spec", "api", "externalAddress"); externalAddr != "" { - addUnlessExist(&sans, externalAddr) - } - - oldsans := cfg.Dig("spec", "api", "sans") - switch oldsans := oldsans.(type) { - case []interface{}: - for _, v := range oldsans { - if s, ok := v.(string); ok { - addUnlessExist(&sans, s) - } - } - case []string: - for _, v := range oldsans { - addUnlessExist(&sans, v) - } - } - - var controllers cluster.Hosts = p.Config.Spec.Hosts.Controllers() - for _, c := range controllers { - addUnlessExist(&sans, c.Address()) - if c.PrivateAddress != "" { - addUnlessExist(&sans, c.PrivateAddress) - } - } - addUnlessExist(&sans, "127.0.0.1") - cfg.DigMapping("spec", "api")["sans"] = sans if cfg.Dig("spec", "storage", "etcd", "peerAddress") != nil || h.PrivateAddress != "" { cfg.DigMapping("spec", "storage", "etcd")["peerAddress"] = addr