Add Linux VM and VMSS extensions

kubernetes-sigs · Jan 23, 2021 · 9e0fad0 · 9e0fad0
1 parent e7ffa8e
commit 9e0fad0
Show file tree

Hide file tree

Showing 21 changed files with 1,523 additions and 0 deletions.
diff --git a/cloud/defaults.go b/cloud/defaults.go
@@ -19,6 +19,8 @@ package azure
 import (
 	"fmt"
 
+	"github.com/Azure/go-autorest/autorest/azure"
+
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/blang/semver"
 	"github.com/pkg/errors"
@@ -246,6 +248,18 @@ func GetDefaultWindowsImage(k8sVersion string) (*infrav1.Image, error) {
 	return defaultImage, nil
 }
 
+// GetBootstrappingVMExtension returns the CAPZ Bootstrapping VM extension.
+// The CAPZ Bootstrapping extension is a simple clone of https://github.com/Azure/custom-script-extension-linux which allows running arbitrary scripts on the VM.
+// Its role is to detect and report Kubernetes bootstrap failure or success.
+func GetBootstrappingVMExtension(osType string, cloud string) (name, publisher, version string) {
+	// currently, the bootstrap extension is only available for Linux and in AzurePublicCloud.
+	if osType == "Linux" && cloud == azure.PublicCloud.Name {
+		return "CAPZ.Linux.Bootstrapping", "Microsoft.Azure.ContainerUpstream", "1.0"
+	}
+
+	return "", "", ""
+}
+
 // UserAgent specifies a string to append to the agent identifier.
 func UserAgent() string {
 	return fmt.Sprintf("cluster-api-provider-azure/%s", version.Get().String())

diff --git a/cloud/scope/machine.go b/cloud/scope/machine.go
@@ -231,6 +231,22 @@ func (m *MachineScope) RoleAssignmentSpecs() []azure.RoleAssignmentSpec {
 	return []azure.RoleAssignmentSpec{}
 }
 
+// VMExtensionSpecs returns the vm extension specs.
+func (m *MachineScope) VMExtensionSpecs() []azure.VMExtensionSpec {
+	name, publisher, version := azure.GetBootstrappingVMExtension(m.AzureMachine.Spec.OSDisk.OSType, m.CloudEnvironment())
+	if name != "" {
+		return []azure.VMExtensionSpec{
+			{
+				Name:      name,
+				VMName:    m.Name(),
+				Publisher: publisher,
+				Version:   version,
+			},
+		}
+	}
+	return []azure.VMExtensionSpec{}
+}
+
 // Subnet returns the machine's subnet based on its role
 func (m *MachineScope) Subnet() *infrav1.SubnetSpec {
 	if m.IsControlPlane() {

diff --git a/cloud/scope/machinepool.go b/cloud/scope/machinepool.go
@@ -356,6 +356,22 @@ func (m *MachinePoolScope) RoleAssignmentSpecs() []azure.RoleAssignmentSpec {
 	return []azure.RoleAssignmentSpec{}
 }
 
+// VMSSExtensionSpecs returns the vmss extension specs.
+func (m *MachinePoolScope) VMSSExtensionSpecs() []azure.VMSSExtensionSpec {
+	name, publisher, version := azure.GetBootstrappingVMExtension(m.AzureMachinePool.Spec.Template.OSDisk.OSType, m.CloudEnvironment())
+	if name != "" {
+		return []azure.VMSSExtensionSpec{
+			{
+				Name:         name,
+				ScaleSetName: m.Name(),
+				Publisher:    publisher,
+				Version:      version,
+			},
+		}
+	}
+	return []azure.VMSSExtensionSpec{}
+}
+
 func getAzureMachineTemplate(ctx context.Context, c client.Client, name, namespace string) (*infrav1.AzureMachineTemplate, error) {
 	ctx, span := tele.Tracer().Start(ctx, "scope.MachinePoolScope.getAzureMachineTemplate")
 	defer span.End()

diff --git a/cloud/services/scalesets/scalesets.go b/cloud/services/scalesets/scalesets.go
@@ -368,6 +368,7 @@ func (s *Service) buildVMSSFromSpec(ctx context.Context, vmssSpec azure.ScaleSet
 			UpgradePolicy: &compute.UpgradePolicy{
 				Mode: compute.UpgradeModeManual,
 			},
+			DoNotRunExtensionsOnOverprovisionedVMs: to.BoolPtr(true),
 			VirtualMachineProfile: &compute.VirtualMachineScaleSetVMProfile{
 				OsProfile:       osProfile,
 				StorageProfile:  storageProfile,

diff --git a/cloud/services/scalesets/scalesets_test.go b/cloud/services/scalesets/scalesets_test.go
@@ -800,6 +800,7 @@ func newDefaultVMSS() compute.VirtualMachineScaleSet {
 			UpgradePolicy: &compute.UpgradePolicy{
 				Mode: compute.UpgradeModeRolling,
 			},
+			DoNotRunExtensionsOnOverprovisionedVMs: to.BoolPtr(true),
 			VirtualMachineProfile: &compute.VirtualMachineScaleSetVMProfile{
 				OsProfile: &compute.VirtualMachineScaleSetOSProfile{
 					ComputerNamePrefix: to.StringPtr(defaultVMSSName),

diff --git a/cloud/services/vmextensions/client.go b/cloud/services/vmextensions/client.go
@@ -0,0 +1,86 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package vmextensions
+
+import (
+	"context"
+
+	"github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2020-06-30/compute"
+	"github.com/Azure/go-autorest/autorest"
+	azure "sigs.k8s.io/cluster-api-provider-azure/cloud"
+	"sigs.k8s.io/cluster-api-provider-azure/util/tele"
+)
+
+// Client wraps go-sdk
+type client interface {
+	CreateOrUpdate(context.Context, string, string, string, compute.VirtualMachineExtension) error
+	Delete(context.Context, string, string, string) error
+}
+
+// AzureClient contains the Azure go-sdk Client
+type azureClient struct {
+	vmextensions compute.VirtualMachineExtensionsClient
+}
+
+var _ client = (*azureClient)(nil)
+
+// newClient creates a new VM client from subscription ID.
+func newClient(auth azure.Authorizer) *azureClient {
+	c := newVirtualMachineExtensionsClient(auth.SubscriptionID(), auth.BaseURI(), auth.Authorizer())
+	return &azureClient{c}
+}
+
+// newVirtualMachineExtensionsClient creates a new vm extension client from subscription ID.
+func newVirtualMachineExtensionsClient(subscriptionID string, baseURI string, authorizer autorest.Authorizer) compute.VirtualMachineExtensionsClient {
+	vmextensionsClient := compute.NewVirtualMachineExtensionsClientWithBaseURI(baseURI, subscriptionID)
+	azure.SetAutoRestClientDefaults(&vmextensionsClient.Client, authorizer)
+	return vmextensionsClient
+}
+
+// CreateOrUpdate creates or updates the virtual machine extension
+func (ac *azureClient) CreateOrUpdate(ctx context.Context, resourceGroupName, vmName, name string, parameters compute.VirtualMachineExtension) error {
+	ctx, span := tele.Tracer().Start(ctx, "vmextensions.AzureClient.CreateOrUpdate")
+	defer span.End()
+
+	future, err := ac.vmextensions.CreateOrUpdate(ctx, resourceGroupName, vmName, name, parameters)
+	if err != nil {
+		return err
+	}
+	err = future.WaitForCompletionRef(ctx, ac.vmextensions.Client)
+	if err != nil {
+		return err
+	}
+	_, err = future.Result(ac.vmextensions)
+	return err
+}
+
+// Delete removes the virtual machine extension.
+func (ac *azureClient) Delete(ctx context.Context, resourceGroupName, vmName, name string) error {
+	ctx, span := tele.Tracer().Start(ctx, "vmextensions.AzureClient.Delete")
+	defer span.End()
+
+	future, err := ac.vmextensions.Delete(ctx, resourceGroupName, vmName, name)
+	if err != nil {
+		return err
+	}
+	err = future.WaitForCompletionRef(ctx, ac.vmextensions.Client)
+	if err != nil {
+		return err
+	}
+	_, err = future.Result(ac.vmextensions)
+	return err
+}
diff --git a/cloud/services/vmextensions/mock_vmextensions/client_mock.go b/cloud/services/vmextensions/mock_vmextensions/client_mock.go
diff --git a/cloud/services/vmextensions/mock_vmextensions/doc.go b/cloud/services/vmextensions/mock_vmextensions/doc.go
@@ -0,0 +1,22 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Run go generate to regenerate this mock.
+//go:generate ../../../../hack/tools/bin/mockgen -destination client_mock.go -package mock_vmextensions -source ../client.go Client
+//go:generate ../../../../hack/tools/bin/mockgen -destination vmextensions_mock.go -package mock_vmextensions -source ../vmextensions.go VMExtensionScope
+//go:generate /usr/bin/env bash -c "cat ../../../../hack/boilerplate/boilerplate.generatego.txt client_mock.go > _client_mock.go && mv _client_mock.go client_mock.go"
+//go:generate /usr/bin/env bash -c "cat ../../../../hack/boilerplate/boilerplate.generatego.txt vmextensions_mock.go > _vmextensions_mock.go && mv _vmextensions_mock.go vmextensions_mock.go"
+package mock_vmextensions //nolint