chore: support Windows CSE and Customdata #396
Conversation
mainred
force-pushed
the
qinhao/sync-windows-cse
branch
from
0db575b to
391d3e6
Compare
| echo %DATE%,%TIME%,%COMPUTERNAME% && powershell.exe -ExecutionPolicy Unrestricted -command \" |
There was a problem hiding this comment.
This is referenced from
https://github.com/Azure/aks-engine/blob/aks-release-v0.47.0-1/pkg/engine/virtualmachinescalesets.go#L794.
The changed code is more readable
There was a problem hiding this comment.
This script is not used, but kept for further reference.
There was a problem hiding this comment.
I assume you will file a second PR to use this template?
There was a problem hiding this comment.
do you plan to use agentbaker cse in ARM template and then convert ARM template to vmss-client for windows?
or do you plan to use agentbaker cse directly in vmss-client?
My imagination is we go with the latter one and if so, this file should be used
There was a problem hiding this comment.
We plan to first use agentbaker cse in ARM template and then convert ARM template to vmss-client for windows?
Just to be careful about the change. Also, I hit some issue when passing certificate in cse command, needing more time to fix.
There was a problem hiding this comment.
This file will definitely be used in our further PR.
mainred
force-pushed
the
qinhao/sync-windows-cse
branch
from
391d3e6 to
3876a04
Compare
| echo %DATE%,%TIME%,%COMPUTERNAME% && powershell.exe -ExecutionPolicy Unrestricted -command \" |
There was a problem hiding this comment.
This script is not used, but kept for further reference.
| if isUserAssignedIdentity { | ||
| userAssignedIdentityClientIDParams = "' -UserAssignedClientID ',reference(variables('userAssignedIDReference'), variables('apiVersionManagedIdentity')).clientId," | ||
| } | ||
| commandExecStr := fmt.Sprintf("[concat('echo %s && powershell.exe -ExecutionPolicy Unrestricted -command \"', '$arguments = ', variables('singleQuote'),'-MasterIP ',variables('kubernetesAPIServerIP'),' -KubeDnsServiceIp ',parameters('kubeDnsServiceIp'),%s' -MasterFQDNPrefix ',variables('masterFqdnPrefix'),' -Location ',variables('location'),' -TargetEnvironment ',parameters('targetEnvironment'),' -AgentKey ',parameters('clientPrivateKey'),' -AADClientId ',variables('servicePrincipalClientId'),' -AADClientSecret ',variables('singleQuote'),variables('singleQuote'),base64(variables('servicePrincipalClientSecret')),variables('singleQuote'),variables('singleQuote'),' -NetworkAPIVersion ',variables('apiVersionNetwork'),' ',variables('singleQuote'), ' ; ', variables('windowsCustomScriptSuffix'), '\" > %s 2>&1 ; exit $LASTEXITCODE')]", "%DATE%,%TIME%,%COMPUTERNAME%", userAssignedIdentityClientIDParams, "%SYSTEMDRIVE%\\AzureData\\CustomDataSetupScript.log") |
There was a problem hiding this comment.
There was a problem hiding this comment.
this won't work outside of ARM template. The concat is ARM template func.
Also can you put the command template in a file?
There was a problem hiding this comment.
We plan to first enable windows CSE in agentbaker first and remove arm variables and ARM template later.
| @@ -82,7 +102,7 @@ $global:SubscriptionId = "{{GetVariable "subscriptionId"}}" | |||
| $global:ResourceGroup = "{{GetVariable "resourceGroup"}}" | |||
| $global:VmType = "{{GetVariable "vmType"}}" | |||
| $global:SubnetName = "{{GetVariable "subnetName"}}" | |||
| $global:MasterSubnet = "{{GetWindowsMasterSubnetARMParam}}" | |||
| $global:MasterSubnet = "{{GetParameter "masterSubnet"}}" | |||
There was a problem hiding this comment.
several lines after here, the assignment of global:KubeletNodeLabels is different from aks-engine as follows because we have labelResourceGroup related change implemented in
Line 209 in 20d879d
{{if IsKubernetesVersionGe "1.16.0"}}
$global:KubeletNodeLabels = "{{GetAgentKubernetesLabels . "',variables('labelResourceGroup'),'"}}"
{{else}}
$global:KubeletNodeLabels = "{{GetAgentKubernetesLabelsDeprecated . "',variables('labelResourceGroup'),'"}}"
There was a problem hiding this comment.
"{{GetParameter "masterSubnet"}}" brings no harm as it provides subnet of VNetCIDR and it's being used by our current Windows nodepools, but as the first step to enable agentbaker windows, we here keep this for minimal change, and will delete it in the coming PR.
|
ping @AbelHu for another look. |
| @@ -0,0 +1 @@ | |||
| [concat('echo %DATE%,%TIME%,%COMPUTERNAME% && powershell.exe -ExecutionPolicy Unrestricted -command "', '$arguments = ', variables('singleQuote'),'-MasterIP ',variables('kubernetesAPIServerIP'),' -KubeDnsServiceIp ',parameters('kubeDnsServiceIp'),' -MasterFQDNPrefix ',variables('masterFqdnPrefix'),' -Location ',variables('location'),' -TargetEnvironment ',parameters('targetEnvironment'),' -AgentKey ',parameters('clientPrivateKey'),' -AADClientId ',variables('servicePrincipalClientId'),' -AADClientSecret ',variables('singleQuote'),variables('singleQuote'),base64(variables('servicePrincipalClientSecret')),variables('singleQuote'),variables('singleQuote'),' -NetworkAPIVersion ',variables('apiVersionNetwork'),' ',variables('singleQuote'), ' ; ', variables('windowsCustomScriptSuffix'), '" > %SYSTEMDRIVE%\AzureData\CustomDataSetupScript.log 2>&1 ; exit $LASTEXITCODE')] | |||
There was a problem hiding this comment.
This is pretty raw CSECommand, which is passed to ARM before being parsed.
pkg/agent/testdata/AKSUbuntu1604+CustomKubeletConfig+CustomLinuxOSConfig/CSECommand
Outdated
Show resolved
Hide resolved
mainred
force-pushed
the
qinhao/sync-windows-cse
branch
from
998d03b to
70eedf6
Compare
pkg/agent/baker_test.go
Outdated
| Subnet: "10.240.0.0/16", | ||
| }, | ||
| AgentPoolProfiles: []*datamodel.AgentPoolProfile{ | ||
| { |
There was a problem hiding this comment.
just to be clear we're not supposed to work with multiple agent pool. Please split them into different test cases.
pkg/agent/variables.go
Outdated
| "customData": paramsMap{ | ||
| "tenantID": config.TenantID, | ||
| "subscriptionId": config.SubscriptionID, | ||
| "resourceGroup": config.ResourceGroupName, | ||
| "location": cs.Location, | ||
| "vmType": cs.Properties.GetVMType(), | ||
| "subnetName": cs.Properties.GetSubnetName(), | ||
| "nsgName": cs.Properties.GetNSGName(), | ||
| "virtualNetworkName": cs.Properties.GetVirtualNetworkName(), | ||
| "routeTableName": cs.Properties.GetRouteTableName(), | ||
| "primaryAvailabilitySetName": cs.Properties.GetPrimaryAvailabilitySetName(), | ||
| "primaryScaleSetName": cs.Properties.GetPrimaryScaleSetName(), | ||
| "useManagedIdentityExtension": useManagedIdentity(cs), | ||
| "useInstanceMetadata": useInstanceMetadata(cs), | ||
| "loadBalancerSku": cs.Properties.OrchestratorProfile.KubernetesConfig.LoadBalancerSku, | ||
| "excludeMasterFromStandardLB": true, | ||
| "enableTelemetry": cs.Properties.FeatureFlags.IsFeatureEnabled("EnableTelemetry"), | ||
| }, |
There was a problem hiding this comment.
no, please get these from NodeBootstrappingConfiguration instead of keep relying on cs.properties.
Also for linux, these are not needed for custom data generation, it's only for cse command. I'd be interested in why we need them for windows scenario
There was a problem hiding this comment.
Maybe we are still on the way to follow Linux's work. We just first copied the case from aks-engnie
There was a problem hiding this comment.
Add a comment for the usage of windows
pkg/agent/variables.go
Outdated
| @@ -28,9 +29,28 @@ func getCustomDataVariables(config *datamodel.NodeBootstrappingConfiguration) pa | |||
| "reconcilePrivateHostsService": getBase64EncodedGzippedCustomScript(reconcilePrivateHostsService, config), | |||
| "configureAzure0Script": getBase64EncodedGzippedCustomScript(kubernetesConfigAzure0Script, config), | |||
| }, | |||
| // customData defined here is mainly used for Windows | |||
| "customData": paramsMap{ | |||
There was a problem hiding this comment.
I think it makes more sense to have a separate getWindowsCustomDataVariables - there is no much shared things in this method between windows and linux.
pkg/agent/variables.go
Outdated
| } | ||
|
|
||
| func getCSECommandVariables(config *datamodel.NodeBootstrappingConfiguration) paramsMap { | ||
| cs := config.ContainerService | ||
| profile := config.AgentPoolProfile | ||
| return map[string]interface{}{ | ||
| cseCommandVariables := map[string]interface{}{ |
There was a problem hiding this comment.
you don't need the change since you reverted the change
mainred
force-pushed
the
qinhao/sync-windows-cse
branch
from
2d690c1 to
8a9d1c5
Compare
* support replacing windows CSE * Add hyper-v and containerd support * add customcloud back and fix comments * Removed unused testdata * Add TODO comment for current less code change * More UTs and tetdata * Add more test cases and copy CSECommand from aks-engine * Update generated code * fix comments * Rebase onto the master * Update CustomVnet testdata * fix comments * nil check kubernetesconfig * Enable ip-masq-agent by default * Remove used variables * Split the function returning custom data * Split test for Linux and Windows * fix comments * Remove mastersubnet and modify name of container runtimes * Update testdata
* support replacing windows CSE * Add hyper-v and containerd support * add customcloud back and fix comments * Removed unused testdata * Add TODO comment for current less code change * More UTs and tetdata * Add more test cases and copy CSECommand from aks-engine * Update generated code * fix comments * Rebase onto the master * Update CustomVnet testdata * fix comments * nil check kubernetesconfig * Enable ip-masq-agent by default * Remove used variables * Split the function returning custom data * Split test for Linux and Windows * fix comments * Remove mastersubnet and modify name of container runtimes * Update testdata
Changes included in this PR:
WrapAsVariableresolved by ARM template to theGetParameterby go-template in agentbaker, this change is on only parts/windows/kuberneteswindowsfunctions.ps1 and parts/windows/csecmd.ps1