Merge pull request openshift#8193 from r4f4/capi-aws-reuse-pool

openshift-merge-bot[bot] · web-flow · commit 87692909ea1f · 2024-03-23T13:59:18.000Z
no-jira: capi/aws: reuse GenerateMachines for bootstrap
diff --git a/pkg/asset/machines/aws/awsmachines.go b/pkg/asset/machines/aws/awsmachines.go
@@ -12,50 +12,59 @@ import (
 	capi "sigs.k8s.io/cluster-api/api/v1beta1"
 
 	"github.com/openshift/installer/pkg/asset"
+	"github.com/openshift/installer/pkg/asset/manifests/capiutils"
 	"github.com/openshift/installer/pkg/types"
 	"github.com/openshift/installer/pkg/types/aws"
 )
 
+// MachineInput defines the inputs needed to generate a machine asset.
+type MachineInput struct {
+	Role     string
+	Pool     *types.MachinePool
+	Subnets  map[string]string
+	Tags     capa.Tags
+	PublicIP bool
+}
+
 // GenerateMachines returns manifests and runtime objects to provision the control plane (including bootstrap, if applicable) nodes using CAPI.
-func GenerateMachines(clusterID string, region string, subnets map[string]string, pool *types.MachinePool, role string, userTags map[string]string) ([]*asset.RuntimeFile, error) {
-	if poolPlatform := pool.Platform.Name(); poolPlatform != aws.Name {
+func GenerateMachines(clusterID string, in *MachineInput) ([]*asset.RuntimeFile, error) {
+	if poolPlatform := in.Pool.Platform.Name(); poolPlatform != aws.Name {
 		return nil, fmt.Errorf("non-AWS machine-pool: %q", poolPlatform)
 	}
-	mpool := pool.Platform.AWS
+	mpool := in.Pool.Platform.AWS
 
 	total := int64(1)
-	if pool.Replicas != nil {
-		total = *pool.Replicas
-	}
-
-	tags, err := CapaTagsFromUserTags(clusterID, userTags)
-	if err != nil {
-		return nil, fmt.Errorf("failed to create machineapi.TagSpecifications from UserTags: %w", err)
+	if in.Pool.Replicas != nil {
+		total = *in.Pool.Replicas
 	}
 
 	var result []*asset.RuntimeFile
 
 	for idx := int64(0); idx < total; idx++ {
-		zone := mpool.Zones[int(idx)%len(mpool.Zones)]
-		subnetID, ok := subnets[zone]
-		if len(subnets) > 0 && !ok {
-			return nil, fmt.Errorf("no subnet for zone %s", zone)
-		}
-		subnet := &capa.AWSResourceReference{}
-		if subnetID == "" {
-			subnet.Filters = []capa.Filter{
-				{
-					Name:   "tag:Name",
-					Values: []string{fmt.Sprintf("%s-subnet-private-%s", clusterID, zone)},
-				},
+		var subnet *capa.AWSResourceReference
+		// By not setting subnets for the machine, we let CAPA choose one for us
+		if len(in.Subnets) > 0 {
+			zone := mpool.Zones[int(idx)%len(mpool.Zones)]
+			subnetID, ok := in.Subnets[zone]
+			if len(in.Subnets) > 0 && !ok {
+				return nil, fmt.Errorf("no subnet for zone %s", zone)
+			}
+			subnet = &capa.AWSResourceReference{}
+			if subnetID == "" {
+				subnet.Filters = []capa.Filter{
+					{
+						Name:   "tag:Name",
+						Values: []string{fmt.Sprintf("%s-subnet-private-%s", clusterID, zone)},
+					},
+				}
+			} else {
+				subnet.ID = ptr.To(subnetID)
 			}
-		} else {
-			subnet.ID = ptr.To(subnetID)
 		}
 
 		awsMachine := &capa.AWSMachine{
 			ObjectMeta: metav1.ObjectMeta{
-				Name: fmt.Sprintf("%s-%s-%d", clusterID, pool.Name, idx),
+				Name: fmt.Sprintf("%s-%s-%d", clusterID, in.Pool.Name, idx),
 				Labels: map[string]string{
 					"cluster.x-k8s.io/control-plane": "",
 				},
@@ -68,7 +77,7 @@ func GenerateMachines(clusterID string, region string, subnets map[string]string
 				SSHKeyName:           ptr.To(""),
 				IAMInstanceProfile:   fmt.Sprintf("%s-master-profile", clusterID),
 				Subnet:               subnet,
-				AdditionalTags:       tags,
+				AdditionalTags:       in.Tags,
 				RootVolume: &capa.Volume{
 					Size:          int64(mpool.EC2RootVolume.Size),
 					Type:          capa.VolumeType(mpool.EC2RootVolume.Type),
@@ -80,6 +89,11 @@ func GenerateMachines(clusterID string, region string, subnets map[string]string
 		}
 		awsMachine.SetGroupVersionKind(capa.GroupVersion.WithKind("AWSMachine"))
 
+		if in.Role == "bootstrap" {
+			awsMachine.Name = capiutils.GenerateBoostrapMachineName(clusterID)
+			awsMachine.Labels["install.openshift.io/bootstrap"] = ""
+		}
+
 		// Handle additional security groups.
 		for _, sg := range mpool.AdditionalSecurityGroupIDs {
 			awsMachine.Spec.AdditionalSecurityGroups = append(
@@ -103,7 +117,7 @@ func GenerateMachines(clusterID string, region string, subnets map[string]string
 			Spec: capi.MachineSpec{
 				ClusterName: clusterID,
 				Bootstrap: capi.Bootstrap{
-					DataSecretName: ptr.To(fmt.Sprintf("%s-%s", clusterID, role)),
+					DataSecretName: ptr.To(fmt.Sprintf("%s-%s", clusterID, in.Role)),
 				},
 				InfrastructureRef: v1.ObjectReference{
 					APIVersion: capa.GroupVersion.String(),
diff --git a/pkg/asset/machines/clusterapi.go b/pkg/asset/machines/clusterapi.go
@@ -8,12 +8,8 @@ import (
 
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	v1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/utils/ptr"
-	capa "sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2"
-	capi "sigs.k8s.io/cluster-api/api/v1beta1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/yaml"
 
@@ -31,6 +27,7 @@ import (
 	"github.com/openshift/installer/pkg/asset/rhcos"
 	"github.com/openshift/installer/pkg/clusterapi"
 	rhcosutils "github.com/openshift/installer/pkg/rhcos"
+	"github.com/openshift/installer/pkg/types"
 	awstypes "github.com/openshift/installer/pkg/types/aws"
 	awsdefaults "github.com/openshift/installer/pkg/types/aws/defaults"
 	azuretypes "github.com/openshift/installer/pkg/types/azure"
@@ -145,89 +142,39 @@ func (c *ClusterAPI) Generate(dependencies asset.Parents) error {
 			}
 		}
 
+		tags, err := aws.CapaTagsFromUserTags(clusterID.InfraID, installConfig.Config.Platform.AWS.UserTags)
+		if err != nil {
+			return fmt.Errorf("failed to create CAPA tags from UserTags: %w", err)
+		}
+
 		pool.Platform.AWS = &mpool
-		awsMachines, err := aws.GenerateMachines(
-			clusterID.InfraID,
-			installConfig.Config.Platform.AWS.Region,
-			subnets,
-			&pool,
-			"master",
-			installConfig.Config.Platform.AWS.UserTags,
-		)
+		awsMachines, err := aws.GenerateMachines(clusterID.InfraID, &aws.MachineInput{
+			Role:     "master",
+			Pool:     &pool,
+			Subnets:  subnets,
+			Tags:     tags,
+			PublicIP: false,
+		})
 		if err != nil {
 			return errors.Wrap(err, "failed to create master machine objects")
 		}
 		c.FileList = append(c.FileList, awsMachines...)
 
-		// TODO(vincepri): The following code is almost duplicated from aws.AWSMachines.
-		// Refactor and generalize around a bootstrap pool, with a single machine and
-		// a custom openshift label to determine the bootstrap machine role, so we can
-		// delete the machine when the stage is complete.
-		bootstrapAWSMachine := &capa.AWSMachine{
-			ObjectMeta: metav1.ObjectMeta{
-				Name: capiutils.GenerateBoostrapMachineName(clusterID.InfraID),
-				Labels: map[string]string{
-					"cluster.x-k8s.io/control-plane": "",
-					"install.openshift.io/bootstrap": "",
-				},
-			},
-			Spec: capa.AWSMachineSpec{
-				Ignition:             &capa.Ignition{Version: "3.2"},
-				UncompressedUserData: ptr.To(true),
-				InstanceType:         mpool.InstanceType,
-				AMI:                  capa.AMIReference{ID: ptr.To(mpool.AMIID)},
-				SSHKeyName:           ptr.To(""),
-				IAMInstanceProfile:   fmt.Sprintf("%s-master-profile", clusterID.InfraID),
-				PublicIP:             ptr.To(true),
-				RootVolume: &capa.Volume{
-					Size:          int64(mpool.EC2RootVolume.Size),
-					Type:          capa.VolumeType(mpool.EC2RootVolume.Type),
-					IOPS:          int64(mpool.EC2RootVolume.IOPS),
-					Encrypted:     ptr.To(true),
-					EncryptionKey: mpool.KMSKeyARN,
-				},
-			},
-		}
-		bootstrapAWSMachine.SetGroupVersionKind(capa.GroupVersion.WithKind("AWSMachine"))
-
-		// Handle additional security groups.
-		for _, sg := range mpool.AdditionalSecurityGroupIDs {
-			bootstrapAWSMachine.Spec.AdditionalSecurityGroups = append(
-				bootstrapAWSMachine.Spec.AdditionalSecurityGroups,
-				capa.AWSResourceReference{ID: ptr.To(sg)},
-			)
-		}
-
-		c.FileList = append(c.FileList, &asset.RuntimeFile{
-			File:   asset.File{Filename: fmt.Sprintf("10_inframachine_%s.yaml", bootstrapAWSMachine.Name)},
-			Object: bootstrapAWSMachine,
+		pool := *ic.ControlPlane
+		pool.Name = "bootstrap"
+		pool.Replicas = ptr.To[int64](1)
+		pool.Platform.AWS = &mpool
+		bootstrapAWSMachine, err := aws.GenerateMachines(clusterID.InfraID, &aws.MachineInput{
+			Role:     "bootstrap",
+			Subnets:  nil, // let CAPA pick one
+			Pool:     &pool,
+			Tags:     tags,
+			PublicIP: installConfig.Config.Publish == types.ExternalPublishingStrategy,
 		})
-
-		bootstrapMachine := &capi.Machine{
-			ObjectMeta: metav1.ObjectMeta{
-				Name: bootstrapAWSMachine.Name,
-				Labels: map[string]string{
-					"cluster.x-k8s.io/control-plane": "",
-				},
-			},
-			Spec: capi.MachineSpec{
-				ClusterName: clusterID.InfraID,
-				Bootstrap: capi.Bootstrap{
-					DataSecretName: ptr.To(fmt.Sprintf("%s-%s", clusterID.InfraID, "bootstrap")),
-				},
-				InfrastructureRef: v1.ObjectReference{
-					APIVersion: capa.GroupVersion.String(),
-					Kind:       "AWSMachine",
-					Name:       bootstrapAWSMachine.Name,
-				},
-			},
+		if err != nil {
+			return fmt.Errorf("failed to create bootstrap machine object: %w", err)
 		}
-		bootstrapMachine.SetGroupVersionKind(capi.GroupVersion.WithKind("Machine"))
-
-		c.FileList = append(c.FileList, &asset.RuntimeFile{
-			File:   asset.File{Filename: fmt.Sprintf("10_machine_%s.yaml", bootstrapMachine.Name)},
-			Object: bootstrapMachine,
-		})
+		c.FileList = append(c.FileList, bootstrapAWSMachine...)
 	case azuretypes.Name:
 		mpool := defaultAzureMachinePoolPlatform()
 		mpool.InstanceType = azuredefaults.ControlPlaneInstanceType(
