Revert vspherevm name limit.

- Remove hostname command from prekubeadm commands - Add capv user to Administrators group
gab-satchi · Jan 15, 2021 · b1d7f0f · b1d7f0f
1 parent bcba956
commit b1d7f0f
Show file tree

Hide file tree

Showing 6 changed files with 36 additions and 128 deletions.
diff --git a/api/v1alpha3/vspherevm_webhook.go b/api/v1alpha3/vspherevm_webhook.go
@@ -22,7 +22,6 @@ import (
 	"reflect"
 
 	"github.com/pkg/errors"
-	"golang.org/x/crypto/blake2b"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/validation/field"
@@ -36,19 +35,6 @@ func (r *VSphereVM) SetupWebhookWithManager(mgr ctrl.Manager) error {
 }
 
 // +kubebuilder:webhook:verbs=create;update,path=/validate-infrastructure-cluster-x-k8s-io-v1alpha3-vspherevm,mutating=false,failurePolicy=fail,matchPolicy=Equivalent,groups=infrastructure.cluster.x-k8s.io,resources=vspherevms,versions=v1alpha3,name=validation.vspherevm.infrastructure.x-k8s.io,sideEffects=None
-// +kubebuilder:webhook:verbs=create;update,path=/mutate-infrastructure-cluster-x-k8s-io-v1alpha3-vspherevm,mutating=true,failurePolicy=fail,matchPolicy=Equivalent,groups=infrastructure.cluster.x-k8s.io,resources=vspherevms,versions=v1alpha3,name=default.vspherevm.infrastructure.x-k8s.io,sideEffects=None
-
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *VSphereVM) Default() {
-	// Windows hostnames must be < 16 characters in length
-	if r.Spec.OS == Windows && len(r.Name) > 15 {
-		name, err := base36TruncatedHash(r.Name, 15)
-
-		if err == nil {
-			r.Name = name
-		}
-	}
-}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
 func (r *VSphereVM) ValidateCreate() error {
@@ -67,9 +53,6 @@ func (r *VSphereVM) ValidateCreate() error {
 		}
 	}
 
-	if r.Spec.OS == Windows && len(r.Name) > 15 {
-		allErrs = append(allErrs, field.Invalid(field.NewPath("name"), r.Name, "name has to be less than 16 characters for Windows VM"))
-	}
 	return aggregateObjErrors(r.GroupVersionKind().GroupKind(), r.Name, allErrs)
 }
 
@@ -115,34 +98,3 @@ func (r *VSphereVM) ValidateUpdate(old runtime.Object) error { //nolint
 func (r *VSphereVM) ValidateDelete() error {
 	return nil
 }
-
-const base36set = "0123456789abcdefghijklmnopqrstuvwxyz"
-
-// From: https://github.com/kubernetes-sigs/cluster-api-provider-aws/blob/master/pkg/hash/base36.go
-// Base36TruncatedHash returns a consistent hash using blake2b
-// and truncating the byte values to alphanumeric only
-// of a fixed length specified by the consumer.
-func base36TruncatedHash(str string, len int) (string, error) {
-	hasher, err := blake2b.New(len, nil)
-	if err != nil {
-		return "", errors.Wrap(err, "unable to create hash function")
-	}
-
-	if _, err := hasher.Write([]byte(str)); err != nil {
-		return "", errors.Wrap(err, "unable to write hash")
-	}
-	return base36Truncate(hasher.Sum(nil)), nil
-}
-
-// base36Truncate returns a string that is base36 compliant
-// It is not an encoding since it returns a same-length string
-// for any byte value
-func base36Truncate(bytes []byte) string {
-	var chars string
-	for _, bite := range bytes {
-		idx := int(bite) % 36
-		chars += string(base36set[idx])
-	}
-
-	return chars
-}
diff --git a/api/v1alpha3/vspherevm_webhook_test.go b/api/v1alpha3/vspherevm_webhook_test.go
@@ -21,7 +21,6 @@ import (
 
 	. "github.com/onsi/gomega"
 	corev1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
 var (
@@ -39,27 +38,17 @@ func TestVSphereVM_ValidateCreate(t *testing.T) {
 	}{
 		{
 			name:      "preferredAPIServerCIDR set on creation ",
-			vSphereVM: createVSphereVM("vsphere-vm-1", "foo.com", "", "192.168.0.1/32", []string{}, nil, Linux),
+			vSphereVM: createVSphereVM("foo.com", "", "192.168.0.1/32", []string{}, nil),
 			wantErr:   true,
 		},
 		{
 			name:      "IPs are not in CIDR format",
-			vSphereVM: createVSphereVM("vsphere-vm-1", "foo.com", "", "", []string{"192.168.0.1/32", "192.168.0.3"}, nil, Linux),
+			vSphereVM: createVSphereVM("foo.com", "", "", []string{"192.168.0.1/32", "192.168.0.3"}, nil),
 			wantErr:   true,
 		},
-		{
-			name:      "name too long for Windows VM",
-			vSphereVM: createVSphereVM("1234567890abcdef", "foo.com", "", "", []string{"192.168.0.1/32", "192.168.0.3/32"}, nil, Windows),
-			wantErr:   true,
-		},
-		{
-			name:      "name too long for Linux VM",
-			vSphereVM: createVSphereVM("1234567890abcdef", "foo.com", "", "", []string{"192.168.0.1/32", "192.168.0.3/32"}, nil, Linux),
-			wantErr:   false,
-		},
 		{
 			name:      "successful VSphereVM creation",
-			vSphereVM: createVSphereVM("vsphere-vm-1", "foo.com", "", "", []string{"192.168.0.1/32", "192.168.0.3/32"}, nil, Linux),
+			vSphereVM: createVSphereVM("foo.com", "", "", []string{"192.168.0.1/32", "192.168.0.3/32"}, nil),
 			wantErr:   false,
 		},
 	}
@@ -88,26 +77,26 @@ func TestVSphereVM_ValidateUpdate(t *testing.T) {
 	}{
 		{
 			name:         "ProviderID can be updated",
-			oldVSphereVM: createVSphereVM("vsphere-vm-1", "foo.com", "", "", []string{"192.168.0.1/32"}, nil, Linux),
-			vSphereVM:    createVSphereVM("vsphere-vm-1", "foo.com", biosUUID, "", []string{"192.168.0.1/32"}, nil, Linux),
+			oldVSphereVM: createVSphereVM("foo.com", "", "", []string{"192.168.0.1/32"}, nil),
+			vSphereVM:    createVSphereVM("foo.com", biosUUID, "", []string{"192.168.0.1/32"}, nil),
 			wantErr:      false,
 		},
 		{
 			name:         "updating ips can be done",
-			oldVSphereVM: createVSphereVM("vsphere-vm-1", "foo.com", "", "", []string{"192.168.0.1/32"}, nil, Linux),
-			vSphereVM:    createVSphereVM("vsphere-vm-1", "foo.com", biosUUID, "", []string{"192.168.0.1/32", "192.168.0.10/32"}, nil, Linux),
+			oldVSphereVM: createVSphereVM("foo.com", "", "", []string{"192.168.0.1/32"}, nil),
+			vSphereVM:    createVSphereVM("foo.com", biosUUID, "", []string{"192.168.0.1/32", "192.168.0.10/32"}, nil),
 			wantErr:      false,
 		},
 		{
 			name:         "updating bootstrapRef can be done",
-			oldVSphereVM: createVSphereVM("vsphere-vm-1", "foo.com", "", "", []string{"192.168.0.1/32"}, nil, Linux),
-			vSphereVM:    createVSphereVM("vsphere-vm-1", "foo.com", biosUUID, "", []string{"192.168.0.1/32", "192.168.0.10/32"}, &corev1.ObjectReference{}, Linux),
+			oldVSphereVM: createVSphereVM("foo.com", "", "", []string{"192.168.0.1/32"}, nil),
+			vSphereVM:    createVSphereVM("foo.com", biosUUID, "", []string{"192.168.0.1/32", "192.168.0.10/32"}, &corev1.ObjectReference{}),
 			wantErr:      false,
 		},
 		{
 			name:         "updating server cannot be done",
-			oldVSphereVM: createVSphereVM("vsphere-vm-1", "foo.com", "", "", []string{"192.168.0.1/32"}, nil, Linux),
-			vSphereVM:    createVSphereVM("vsphere-vm-1", "bar.com", biosUUID, "", []string{"192.168.0.1/32", "192.168.0.10/32"}, nil, Linux),
+			oldVSphereVM: createVSphereVM("foo.com", "", "", []string{"192.168.0.1/32"}, nil),
+			vSphereVM:    createVSphereVM("bar.com", biosUUID, "", []string{"192.168.0.1/32", "192.168.0.10/32"}, nil),
 			wantErr:      true,
 		},
 	}
@@ -123,26 +112,8 @@ func TestVSphereVM_ValidateUpdate(t *testing.T) {
 	}
 }
 
-//nolint
-func TestVSphereVM_Default(t *testing.T) {
-	g := NewWithT(t)
-
-	WindowsVM := createVSphereVM("1234567890abcdef", "foo.com", "", "", []string{"192.168.0.1/32", "192.168.0.3/32"}, nil, Windows)
-	LinuxVM := createVSphereVM("1234567890abcdef", "foo.com", "", "", []string{"192.168.0.1/32", "192.168.0.3/32"}, nil, Linux)
-
-	WindowsVM.Default()
-	LinuxVM.Default()
-
-	// WindowsVM gets name updated to be 15 characters. Linux remains unchanged
-	g.Expect(WindowsVM.Name).To(Equal("rpixa2sjd9zq5br"))
-	g.Expect(LinuxVM.Name).To(Equal("1234567890abcdef"))
-}
-
-func createVSphereVM(name string, server string, biosUUID string, preferredAPIServerCIDR string, ips []string, bootstrapRef *corev1.ObjectReference, os OS) *VSphereVM {
+func createVSphereVM(server string, biosUUID string, preferredAPIServerCIDR string, ips []string, bootstrapRef *corev1.ObjectReference) *VSphereVM {
 	VSphereVM := &VSphereVM{
-		ObjectMeta: metav1.ObjectMeta{
-			Name: name,
-		},
 		Spec: VSphereVMSpec{
 			BiosUUID:     biosUUID,
 			BootstrapRef: bootstrapRef,
@@ -152,7 +123,6 @@ func createVSphereVM(name string, server string, biosUUID string, preferredAPISe
 					PreferredAPIServerCIDR: preferredAPIServerCIDR,
 					Devices:                []NetworkDeviceSpec{},
 				},
-				OS: os,
 			},
 		},
 	}

diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml
@@ -1,32 +1,4 @@
 
----
-apiVersion: admissionregistration.k8s.io/v1beta1
-kind: MutatingWebhookConfiguration
-metadata:
-  creationTimestamp: null
-  name: mutating-webhook-configuration
-webhooks:
-- clientConfig:
-    caBundle: Cg==
-    service:
-      name: webhook-service
-      namespace: system
-      path: /mutate-infrastructure-cluster-x-k8s-io-v1alpha3-vspherevm
-  failurePolicy: Fail
-  matchPolicy: Equivalent
-  name: default.vspherevm.infrastructure.x-k8s.io
-  rules:
-  - apiGroups:
-    - infrastructure.cluster.x-k8s.io
-    apiVersions:
-    - v1alpha3
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - vspherevms
-  sideEffects: None
-
 ---
 apiVersion: admissionregistration.k8s.io/v1beta1
 kind: ValidatingWebhookConfiguration

diff --git a/config/webhook/webhookcainjection_patch.yaml b/config/webhook/webhookcainjection_patch.yaml
@@ -4,12 +4,5 @@ apiVersion: admissionregistration.k8s.io/v1beta1
 kind: ValidatingWebhookConfiguration
 metadata:
   name: validating-webhook-configuration
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
----
-apiVersion: admissionregistration.k8s.io/v1beta1
-kind: MutatingWebhookConfiguration
-metadata:
-  name: mutating-webhook-configuration
   annotations:
     cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
diff --git a/controllers/vspheremachine_controller.go b/controllers/vspheremachine_controller.go
@@ -391,7 +391,6 @@ func (r machineReconciler) reconcileNormal(ctx *context.MachineContext) (reconci
 
 func (r machineReconciler) reconcileNormalPre7(ctx *context.MachineContext, vsphereVM *infrav1.VSphereVM) (runtime.Object, error) {
 	// Create or update the VSphereVM resource.
-
 	vm := &infrav1.VSphereVM{
 		ObjectMeta: metav1.ObjectMeta{
 			Namespace: ctx.VSphereMachine.Namespace,

diff --git a/packaging/flavorgen/flavors/generators.go b/packaging/flavorgen/flavors/generators.go
@@ -369,8 +369,8 @@ func newWindowsKubeadmConfigTemplate() bootstrapv1.KubeadmConfigTemplate {
 					JoinConfiguration: &kubeadmv1beta1.JoinConfiguration{
 						NodeRegistration: windowsNodeRegistrationOptions(),
 					},
-					Users:              defaultUsers(),
-					PreKubeadmCommands: defaultPreKubeadmCommands(),
+					Users:              defaultWindowsUsers(),
+					PreKubeadmCommands: defaultWindowsPreKubeadmCommands(),
 				},
 			},
 		},
@@ -404,6 +404,19 @@ func defaultUsers() []bootstrapv1.User {
 	}
 }
 
+func defaultWindowsUsers() []bootstrapv1.User {
+	return []bootstrapv1.User{
+		{
+			Name:   "capv",
+			Groups: pointer.StringPtr("Administrators"),
+			Sudo:   pointer.StringPtr("ALL=(ALL) NOPASSWD:ALL"),
+			SSHAuthorizedKeys: []string{
+				vSphereSSHAuthorizedKeysVar,
+			},
+		},
+	}
+}
+
 func defaultControlPlaneComponent() kubeadmv1beta1.ControlPlaneComponent {
 	return kubeadmv1beta1.ControlPlaneComponent{
 		ExtraArgs: defaultExtraArgs(),
@@ -430,6 +443,15 @@ func defaultPreKubeadmCommands() []string {
 	}
 }
 
+func defaultWindowsPreKubeadmCommands() []string {
+	return []string{
+		"echo \"::1         ipv6-localhost ipv6-loopback\" >/etc/hosts",
+		"echo \"127.0.0.1   localhost\" >>/etc/hosts",
+		"echo \"127.0.0.1   {{ ds.meta_data.hostname }}\" >>/etc/hosts",
+		"echo \"{{ ds.meta_data.hostname }}\" >/etc/hostname",
+	}
+}
+
 func kubeVIPPod() string {
 	hostPathType := v1.HostPathFileOrCreate
 	pod := &v1.Pod{