Merge pull request #3162 from damdo/BZ2084450-2

Bug 2084450: Add unit/file for AWS to compute instance provider-id and pass it to the kubelet
openshift · May 30, 2022 · 6ceb3af · 6ceb3af
2 parents b52e75e + ae86af7
commit 6ceb3af
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 0 deletions.
diff --git a/templates/common/aws/files/usr-local-bin-aws-kubelet-providerid.yaml b/templates/common/aws/files/usr-local-bin-aws-kubelet-providerid.yaml
@@ -0,0 +1,26 @@
+mode: 0755
+path: "/usr/local/bin/aws-kubelet-providerid"
+contents:
+  inline: |
+    #!/bin/bash
+    set -e -o pipefail
+
+    NODECONF=/etc/systemd/system/kubelet.service.d/20-aws-providerid.conf
+
+    if [ -e "${NODECONF}" ]; then
+        echo "Not replacing existing ${NODECONF}"
+        exit 0
+    fi
+
+    # Due to a potential mismatch between Hostname and PrivateDNSName with clusters that use custom DHCP Option Sets
+    # which can cause issues in cloud controller manager node syncing
+    # (see: https://github.com/kubernetes/cloud-provider-aws/issues/384),
+    # set KUBELET_PROVIDERID to be a fully qualified AWS instace provider id.
+    # This new variable is later used to populate the kubelet's `provider-id` flag, later set on the Node .spec
+    # and used by the cloud controller manager's node controller to retrieve the Node's backing instance.
+    # This is obtained by using afterburn service variables, in turn obtained from metadata retrival.
+    # See respective systemd unit metadata related afterburn doc: https://coreos.github.io/afterburn/usage/attributes/
+    cat > "${NODECONF}" <<EOF
+    [Service]
+    Environment="KUBELET_PROVIDERID=aws://${AFTERBURN_AWS_AVAILABILITY_ZONE}/${AFTERBURN_AWS_INSTANCE_ID}"
+    EOF
diff --git a/templates/common/aws/units/aws-kubelet-providerid.service.yaml b/templates/common/aws/units/aws-kubelet-providerid.service.yaml
@@ -0,0 +1,23 @@
+name: aws-kubelet-providerid.service
+enabled: true
+contents: |
+  [Unit]
+  Description=Fetch kubelet provider id from AWS Metadata
+
+  # Run afterburn service for collect info from metadata server
+  # see: https://coreos.github.io/afterburn/usage/attributes/
+  Requires=afterburn.service
+  After=afterburn.service
+
+  # Wait for NetworkManager to report it's online
+  After=NetworkManager-wait-online.service
+  # Run before kubelet
+  Before=kubelet.service
+
+  [Service]
+  EnvironmentFile=/run/metadata/afterburn
+  ExecStart=/usr/local/bin/aws-kubelet-providerid
+  Type=oneshot
+
+  [Install]
+  WantedBy=network-online.target
diff --git a/templates/master/01-master-kubelet/_base/units/kubelet.service.yaml b/templates/master/01-master-kubelet/_base/units/kubelet.service.yaml
@@ -40,6 +40,7 @@ contents: |
         --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec \
         {{cloudConfigFlag . }} \
         --hostname-override=${KUBELET_NODE_NAME} \
+        --provider-id=${KUBELET_PROVIDERID} \
         --register-with-taints=node-role.kubernetes.io/master=:NoSchedule \
         --pod-infra-container-image={{.Images.infraImageKey}} \
         --system-reserved=cpu=${SYSTEM_RESERVED_CPU},memory=${SYSTEM_RESERVED_MEMORY} \

diff --git a/templates/worker/01-worker-kubelet/_base/units/kubelet.service.yaml b/templates/worker/01-worker-kubelet/_base/units/kubelet.service.yaml
@@ -40,6 +40,7 @@ contents: |
         --cloud-provider={{cloudProvider .}} \
         {{cloudConfigFlag . }} \
         --hostname-override=${KUBELET_NODE_NAME} \
+        --provider-id=${KUBELET_PROVIDERID} \
         --pod-infra-container-image={{.Images.infraImageKey}} \
         --system-reserved=cpu=${SYSTEM_RESERVED_CPU},memory=${SYSTEM_RESERVED_MEMORY} \
         --v=${KUBELET_LOG_LEVEL}