Node join

Signed-off-by: Vince Prignano <[email protected]>

Makefile

@@ -95,7 +95,7 @@ test: generate ## Run tests
 	bazel test --nosandbox_debug //pkg/... //cmd/... $(BAZEL_ARGS)
 
 .PHONY: copy-genmocks
-copy-genmocks: test ## Copies generated mocks into the repository
+copy-genmocks: ## Copies generated mocks into the repository
 	cp -Rf bazel-genfiles/pkg/* pkg/
 
 BAZEL_DOCKER_ARGS_COMMON := --define=MANAGER_IMAGE_NAME=$(MANAGER_IMAGE_NAME) --define=MANAGER_IMAGE_TAG=$(MANAGER_IMAGE_TAG) $(BAZEL_ARGS)
@@ -152,7 +152,7 @@ manifests-dev: ## Push development manifest
 
 .PHONY: create-cluster
 create-cluster: ## Create a Kubernetes cluster on AWS using examples
-	clusterctl create cluster -v3 --provider aws -m ./cmd/clusterctl/examples/aws/out/machines.yaml -c ./cmd/clusterctl/examples/aws/out/cluster.yaml -p ./cmd/clusterctl/examples/aws/out/provider-components.yaml
+	clusterctl create cluster -v 4 --provider aws -m ./cmd/clusterctl/examples/aws/out/machines.yaml -c ./cmd/clusterctl/examples/aws/out/cluster.yaml -p ./cmd/clusterctl/examples/aws/out/provider-components.yaml -a ./cmd/clusterctl/examples/aws/out/addons.yaml
 
 lint-full: dep-ensure ## Run slower linters to detect possible issues
 	bazel run //:lint-full $(BAZEL_ARGS)
@@ -162,6 +162,9 @@ ifneq ($(FASTBUILD),y)
 
 ## Define slow dependency targets here
 
+reset-bazel: ## Deep cleaning for bazel
+	bazel clean --expunge
+
 generate: dep-ensure ## Run go generate
 	GOPATH=$(shell go env GOPATH) bazel run //:generate $(BAZEL_ARGS)
 	$(MAKE) dep-ensure

cmd/clusterctl/examples/aws/machines.yaml.template

@@ -16,19 +16,19 @@ items:
           instanceType: "${CONTROL_PLANE_MACHINE_TYPE}"
           iamInstanceProfile: "control-plane.cluster-api-provider-aws.sigs.k8s.io"
           keyName: "${SSH_KEY_NAME}"
-  # - apiVersion: "cluster.k8s.io/v1alpha1"
-  #   kind: Machine
-  #   metadata:
-  #     generateName: aws-node-
-  #     labels:
-  #       set: node
-  #   spec:
-  #     versions:
-  #       kubelet: v1.12.0
-  #     providerConfig:
-  #       value:
-  #         apiVersion: awsprovider/v1alpha1
-  #         kind: AWSMachineProviderConfig
-  #         instanceType: "${NODE_MACHINE_TYPE}"
-  #         iamInstanceProfile: "nodes.cluster-api-provider-aws.sigs.k8s.io"
-  #         keyName: "${SSH_KEY_NAME}"
+  - apiVersion: "cluster.k8s.io/v1alpha1"
+    kind: Machine
+    metadata:
+      generateName: aws-node-
+      labels:
+        set: node
+    spec:
+      versions:
+        kubelet: v1.12.0
+      providerConfig:
+        value:
+          apiVersion: awsprovider/v1alpha1
+          kind: AWSMachineProviderConfig
+          instanceType: "${NODE_MACHINE_TYPE}"
+          iamInstanceProfile: "nodes.cluster-api-provider-aws.sigs.k8s.io"
+          keyName: "${SSH_KEY_NAME}"

config/crds/awsprovider_v1alpha1_awsclusterproviderconfig.yaml

@@ -16,6 +16,12 @@ spec:
       properties:
         apiVersion:
           type: string
+        caCertificate:
+          format: byte
+          type: string
+        caKey:
+          format: byte
+          type: string
         kind:
           type: string
         metadata:
@@ -24,6 +30,8 @@ spec:
           type: string
         sshKeyName:
           type: string
+      required:
+      - caKey
   version: v1alpha1
 status:
   acceptedNames:

config/manager/manager.yaml

@@ -54,7 +54,9 @@ spec:
       containers:
         - name: manager
           image: SET_BY_PATCH
+          imagePullPolicy: Always
           args:
+            - "-v=3"
             - "-logtostderr=true"
             - "-stderrthreshold=INFO"
           volumeMounts:

pkg/apis/awsprovider/v1alpha1/awsclusterproviderconfig_types.go

@@ -35,6 +35,12 @@ type AWSClusterProviderConfig struct {
 
 	// SSHKeyName is the name of the ssh key to attach to the bastion host.
 	SSHKeyName string `json:"sshKeyName,omitempty"`
+
+	// CACertificate is a PEM encoded CA Certificate for the control plane nodes.
+	CACertificate []byte `json:"caCertificate,omitempty"`
+
+	// CAPrivateKey is a PEM encoded PKCS1 CA PrivateKey for the control plane nodes.
+	CAPrivateKey []byte `json:"caKey,omitemptuy"`
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

pkg/apis/awsprovider/v1alpha1/awsclusterproviderstatus_types.go

@@ -33,12 +33,6 @@ type AWSClusterProviderStatus struct {
 	Region  string   `json:"region,omitempty"`
 	Network Network  `json:"network,omitempty"`
 	Bastion Instance `json:"bastion,omitempty"`
-
-	// CACertificate is a PEM encoded CA Certificate for the control plane nodes.
-	CACertificate []byte
-
-	// CAPrivateKey is a PEM encoded PKCS1 CA PrivateKey for the control plane nodes.
-	CAPrivateKey []byte
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

pkg/apis/awsprovider/v1alpha1/register.go

@@ -129,3 +129,22 @@ func EncodeClusterStatus(status *AWSClusterProviderStatus) (*runtime.RawExtensio
 		Raw: rawBytes,
 	}, nil
 }
+
+// EncodeClusterConfig marshals the cluster config.
+func EncodeClusterConfig(status *AWSClusterProviderConfig) (*runtime.RawExtension, error) {
+	if status == nil {
+		return &runtime.RawExtension{}, nil
+	}
+
+	var rawBytes []byte
+	var err error
+
+	//  TODO: use apimachinery conversion https://godoc.org/k8s.io/apimachinery/pkg/runtime#Convert_runtime_Object_To_runtime_RawExtension
+	if rawBytes, err = json.Marshal(status); err != nil {
+		return nil, err
+	}
+
+	return &runtime.RawExtension{
+		Raw: rawBytes,
+	}, nil
+}

pkg/cloud/aws/actuators/cluster/BUILD

@@ -11,13 +11,13 @@ go_library(
         "//pkg/cloud/aws/services/certificates:go_default_library",
         "//pkg/cloud/aws/services/ec2:go_default_library",
         "//pkg/cloud/aws/services/elb:go_default_library",
+        "//pkg/deployer:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/aws:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/aws/session:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/service/ec2:go_default_library",
         "//vendor/github.com/aws/aws-sdk-go/service/elb:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/github.com/pkg/errors:go_default_library",
-        "//vendor/k8s.io/client-go/tools/clientcmd:go_default_library",
         "//vendor/sigs.k8s.io/cluster-api/pkg/apis/cluster/v1alpha1:go_default_library",
         "//vendor/sigs.k8s.io/cluster-api/pkg/client/clientset_generated/clientset/typed/cluster/v1alpha1:go_default_library",
         "//vendor/sigs.k8s.io/cluster-api/pkg/controller/error:go_default_library",

pkg/cloud/aws/actuators/cluster/actuator.go

@@ -14,27 +14,27 @@
 package cluster
 
 import (
-	"fmt"
-
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/ec2"
 	"github.com/aws/aws-sdk-go/service/elb"
 	"github.com/golang/glog"
 	"github.com/pkg/errors"
-	"k8s.io/client-go/tools/clientcmd"
 	providerv1 "sigs.k8s.io/cluster-api-provider-aws/pkg/apis/awsprovider/v1alpha1"
 	service "sigs.k8s.io/cluster-api-provider-aws/pkg/cloud/aws/services"
 	"sigs.k8s.io/cluster-api-provider-aws/pkg/cloud/aws/services/certificates"
 	ec2svc "sigs.k8s.io/cluster-api-provider-aws/pkg/cloud/aws/services/ec2"
 	elbsvc "sigs.k8s.io/cluster-api-provider-aws/pkg/cloud/aws/services/elb"
+	"sigs.k8s.io/cluster-api-provider-aws/pkg/deployer"
 	clusterv1 "sigs.k8s.io/cluster-api/pkg/apis/cluster/v1alpha1"
 	client "sigs.k8s.io/cluster-api/pkg/client/clientset_generated/clientset/typed/cluster/v1alpha1"
 	controllerError "sigs.k8s.io/cluster-api/pkg/controller/error"
 )
 
 // Actuator is responsible for performing cluster reconciliation
 type Actuator struct {
+	*deployer.Deployer
+
 	clustersGetter client.ClustersGetter
 	servicesGetter service.Getter
 }
@@ -56,6 +56,7 @@ func NewActuator(params ActuatorParams) *Actuator {
 		res.servicesGetter = new(defaultServicesGetter)
 	}
 
+	res.Deployer = deployer.New(res.servicesGetter)
 	return res
 }
 
@@ -76,6 +77,10 @@ func (a *Actuator) Reconcile(cluster *clusterv1.Cluster) (reterr error) {
 	}
 
 	defer func() {
+		if err := a.storeClusterConfig(cluster, config); err != nil {
+			glog.Errorf("failed to store provider config for cluster %q in namespace %q: %v", cluster.Name, cluster.Namespace, err)
+		}
+
 		if err := a.storeClusterStatus(cluster, status); err != nil {
 			glog.Errorf("failed to store provider status for cluster %q in namespace %q: %v", cluster.Name, cluster.Namespace, err)
 		}
@@ -84,13 +89,14 @@ func (a *Actuator) Reconcile(cluster *clusterv1.Cluster) (reterr error) {
 	// Store some config parameters in the status.
 	status.Region = config.Region
 
-	if len(status.CACertificate) == 0 {
+	if len(config.CACertificate) == 0 {
 		caCert, caKey, err := certificates.NewCertificateAuthority()
 		if err != nil {
 			return errors.Wrap(err, "Failed to generate a CA for the control plane")
 		}
-		status.CACertificate = certificates.EncodeCertPEM(caCert)
-		status.CAPrivateKey = certificates.EncodePrivateKeyPEM(caKey)
+
+		config.CACertificate = certificates.EncodeCertPEM(caCert)
+		config.CAPrivateKey = certificates.EncodePrivateKeyPEM(caKey)
 	}
 
 	// Create new aws session.
@@ -163,87 +169,35 @@ func (a *Actuator) Delete(cluster *clusterv1.Cluster) error {
 	return nil
 }
 
-// GetIP returns the IP of a machine, but this is going away.
-func (a *Actuator) GetIP(cluster *clusterv1.Cluster, _ *clusterv1.Machine) (string, error) {
-	if cluster.Status.ProviderStatus != nil {
-
-		// Load provider status.
-		status, err := providerv1.ClusterStatusFromProviderStatus(cluster.Status.ProviderStatus)
-		if err != nil {
-			return "", errors.Errorf("failed to load cluster provider status: %v", err)
-		}
-
-		if status.Network.APIServerELB.DNSName != "" {
-			return status.Network.APIServerELB.DNSName, nil
-		}
-	}
-
-	// Load provider config.
-	config, err := providerv1.ClusterConfigFromProviderConfig(cluster.Spec.ProviderConfig)
-	if err != nil {
-		return "", errors.Errorf("failed to load cluster provider config: %v", err)
-	}
-
-	sess := a.servicesGetter.Session(config)
-	elb := a.servicesGetter.ELB(sess)
-	return elb.GetAPIServerDNSName(cluster.Name)
-}
-
-// GetKubeConfig returns the kubeconfig after the bootstrap process is complete.
-func (a *Actuator) GetKubeConfig(cluster *clusterv1.Cluster, machine *clusterv1.Machine) (string, error) {
-
-	// Load provider status.
-	status, err := providerv1.ClusterStatusFromProviderStatus(cluster.Status.ProviderStatus)
-	if err != nil {
-		return "", errors.Errorf("failed to load cluster provider status: %v", err)
-	}
-
-	cert, err := certificates.DecodeCertPEM(status.CACertificate)
-	if err != nil {
-		return "", errors.Wrap(err, "failed to decode CA Cert")
-	} else if cert == nil {
-		return "", errors.New("certificate not found in status")
-	}
-
-	key, err := certificates.DecodePrivateKeyPEM(status.CAPrivateKey)
-	if err != nil {
-		return "", errors.Wrap(err, "failed to decode private key")
-	} else if key == nil {
-		return "", errors.New("key not found in status")
-	}
+func (a *Actuator) storeClusterConfig(cluster *clusterv1.Cluster, config *providerv1.AWSClusterProviderConfig) error {
+	clusterClient := a.clustersGetter.Clusters(cluster.Namespace)
 
-	dnsName, err := a.GetIP(cluster, machine)
+	ext, err := providerv1.EncodeClusterConfig(config)
 	if err != nil {
-		return "", errors.Wrap(err, "failed to get DNS address")
+		return err
 	}
 
-	server := fmt.Sprintf("https://%s:6443", dnsName)
+	cluster.Spec.ProviderConfig.Value = ext
 
-	cfg, err := certificates.NewKubeconfig(server, cert, key)
-	if err != nil {
-		return "", errors.Wrap(err, "failed to generate a kubeconfig")
+	if _, err := clusterClient.Update(cluster); err != nil {
+		return err
 	}
 
-	yaml, err := clientcmd.Write(*cfg)
-	if err != nil {
-		return "", errors.Wrap(err, "failed to serialize config to yaml")
-	}
-
-	return string(yaml), nil
+	return nil
 }
 
 func (a *Actuator) storeClusterStatus(cluster *clusterv1.Cluster, status *providerv1.AWSClusterProviderStatus) error {
 	clusterClient := a.clustersGetter.Clusters(cluster.Namespace)
 
 	ext, err := providerv1.EncodeClusterStatus(status)
 	if err != nil {
-		return fmt.Errorf("failed to update cluster status for cluster %q in namespace %q: %v", cluster.Name, cluster.Namespace, err)
+		return err
 	}
 
 	cluster.Status.ProviderStatus = ext
 
 	if _, err := clusterClient.UpdateStatus(cluster); err != nil {
-		return fmt.Errorf("failed to update cluster status for cluster %q in namespace %q: %v", cluster.Name, cluster.Namespace, err)
+		return err
 	}
 
 	return nil

pkg/cloud/aws/actuators/cluster/actuator_test.go

@@ -189,6 +189,10 @@ func TestReconcile(t *testing.T) {
 		},
 	}
 
+	clusters.ci.EXPECT().
+		Update(gomock.AssignableToTypeOf(cluster)).
+		Return(cluster, nil)
+
 	clusters.ci.EXPECT().
 		UpdateStatus(gomock.AssignableToTypeOf(cluster)).
 		Return(cluster, nil)