Merge pull request #16423 from rifelpet/aws-sdk-go-v2

Migrate more packages to aws-sdk-go-v2

cmd/kops-controller/controllers/awsipam.go

@@ -23,11 +23,11 @@ import (
 	"net/url"
 	"strings"
 
-	"github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/aws/ec2metadata"
-	"github.com/aws/aws-sdk-go/aws/request"
-	"github.com/aws/aws-sdk-go/aws/session"
-	"github.com/aws/aws-sdk-go/service/ec2"
+	"github.com/aws/aws-sdk-go-v2/aws"
+	awsconfig "github.com/aws/aws-sdk-go-v2/config"
+	"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
+	"github.com/aws/aws-sdk-go-v2/service/ec2"
+	ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types"
 	"github.com/go-logr/logr"
 	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -36,13 +36,14 @@ import (
 	corev1client "k8s.io/client-go/kubernetes/typed/core/v1"
 	"k8s.io/klog/v2"
 	"k8s.io/kops/upup/pkg/fi"
+	"k8s.io/kops/util/pkg/awslog"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/manager"
 )
 
 // NewAWSIPAMReconciler is the constructor for a IPAMReconciler
-func NewAWSIPAMReconciler(mgr manager.Manager) (*AWSIPAMReconciler, error) {
+func NewAWSIPAMReconciler(ctx context.Context, mgr manager.Manager) (*AWSIPAMReconciler, error) {
 	klog.Info("Starting aws ipam controller")
 	r := &AWSIPAMReconciler{
 		client: mgr.GetClient(),
@@ -55,26 +56,21 @@ func NewAWSIPAMReconciler(mgr manager.Manager) (*AWSIPAMReconciler, error) {
 	}
 	r.coreV1Client = coreClient
 
-	config := aws.NewConfig()
-	config = config.WithCredentialsChainVerboseErrors(true)
-
-	s, err := session.NewSession(config)
+	config, err := awsconfig.LoadDefaultConfig(ctx, awslog.WithAWSLogger())
 	if err != nil {
-		return nil, fmt.Errorf("error starting new AWS session: %v", err)
+		return nil, fmt.Errorf("error loading default AWS config: %v", err)
 	}
-	s.Handlers.Send.PushFront(func(r *request.Request) {
-		// Log requests
-		klog.V(4).Infof("AWS API Request: %s/%s", r.ClientInfo.ServiceName, r.Operation.Name)
-	})
 
-	metadata := ec2metadata.New(s, config)
+	metadata := imds.NewFromConfig(config)
 
-	region, err := metadata.Region()
+	resp, err := metadata.GetRegion(ctx, &imds.GetRegionInput{})
 	if err != nil {
 		return nil, fmt.Errorf("error querying ec2 metadata service (for region): %v", err)
 	}
 
-	r.ec2Client = ec2.New(s, config.WithRegion(region))
+	ec2Config := config.Copy()
+	ec2Config.Region = resp.Region
+	r.ec2Client = ec2.NewFromConfig(ec2Config)
 
 	return r, nil
 }
@@ -91,7 +87,7 @@ type AWSIPAMReconciler struct {
 	// coreV1Client is a client-go client for patching nodes
 	coreV1Client *corev1client.CoreV1Client
 
-	ec2Client *ec2.EC2
+	ec2Client *ec2.Client
 }
 
 // +kubebuilder:rbac:groups=,resources=nodes,verbs=get;list;watch;patch
@@ -124,12 +120,12 @@ func (r *AWSIPAMReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
 			return ctrl.Result{}, err
 		}
 		instanceID := strings.Split(providerURL.Path, "/")[2]
-		eni, err := r.ec2Client.DescribeNetworkInterfaces(&ec2.DescribeNetworkInterfacesInput{
-			Filters: []*ec2.Filter{
+		eni, err := r.ec2Client.DescribeNetworkInterfaces(ctx, &ec2.DescribeNetworkInterfacesInput{
+			Filters: []ec2types.Filter{
 				{
 					Name: fi.PtrTo("attachment.instance-id"),
-					Values: []*string{
-						&instanceID,
+					Values: []string{
+						instanceID,
 					},
 				},
 			},
@@ -146,7 +142,7 @@ func (r *AWSIPAMReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
 			return ctrl.Result{}, fmt.Errorf("unexpected amount of ipv6 prefixes on interface %q: %v", *eni.NetworkInterfaces[0].NetworkInterfaceId, len(eni.NetworkInterfaces[0].Ipv6Prefixes))
 		}
 
-		ipv6Address := aws.StringValue(eni.NetworkInterfaces[0].Ipv6Prefixes[0].Ipv6Prefix)
+		ipv6Address := aws.ToString(eni.NetworkInterfaces[0].Ipv6Prefixes[0].Ipv6Prefix)
 		if err := patchNodePodCIDRs(r.coreV1Client, ctx, node, ipv6Address); err != nil {
 			return ctrl.Result{}, err
 		}

cmd/kops-controller/main.go

@@ -219,7 +219,7 @@ func main() {
 	}
 
 	if opt.EnableCloudIPAM {
-		if err := setupCloudIPAM(mgr, &opt); err != nil {
+		if err := setupCloudIPAM(ctx, mgr, &opt); err != nil {
 			setupLog.Error(err, "unable to setup cloud IPAM")
 			os.Exit(1)
 
@@ -369,12 +369,12 @@ type Reconciler interface {
 	SetupWithManager(mgr manager.Manager) error
 }
 
-func setupCloudIPAM(mgr manager.Manager, opt *config.Options) error {
+func setupCloudIPAM(ctx context.Context, mgr manager.Manager, opt *config.Options) error {
 	setupLog.Info("enabling IPAM controller")
 	var controller Reconciler
 	switch opt.Cloud {
 	case "aws":
-		ipamController, err := controllers.NewAWSIPAMReconciler(mgr)
+		ipamController, err := controllers.NewAWSIPAMReconciler(ctx, mgr)
 		if err != nil {
 			return fmt.Errorf("creating aws IPAM controller: %w", err)
 		}

go.mod

@@ -20,8 +20,12 @@ require (
 	github.com/aws/aws-sdk-go v1.51.6
 	github.com/aws/aws-sdk-go-v2 v1.26.0
 	github.com/aws/aws-sdk-go-v2/config v1.27.9
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.9
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.0
+	github.com/aws/aws-sdk-go-v2/service/ec2 v1.152.0
 	github.com/aws/aws-sdk-go-v2/service/kms v1.30.0
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.53.0
+	github.com/aws/smithy-go v1.20.1
 	github.com/blang/semver/v4 v4.0.0
 	github.com/cert-manager/cert-manager v1.14.4
 	github.com/digitalocean/godo v1.110.0
@@ -99,16 +103,18 @@ require (
 	github.com/Microsoft/hcsshim v0.11.4 // indirect
 	github.com/armon/go-metrics v0.4.1 // indirect
 	github.com/atotto/clipboard v0.1.4 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.9 // indirect
+	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.1 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.4 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.4 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.6 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.6 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sso v1.20.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sts v1.28.5 // indirect
-	github.com/aws/smithy-go v1.20.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/chai2010/gettext-go v1.0.2 // indirect

go.sum

@@ -75,6 +75,8 @@ github.com/aws/aws-sdk-go v1.51.6 h1:Ld36dn9r7P9IjU8WZSaswQ8Y/XUCRpewim5980DwYiU
 github.com/aws/aws-sdk-go v1.51.6/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/aws/aws-sdk-go-v2 v1.26.0 h1:/Ce4OCiM3EkpW7Y+xUnfAFpchU78K7/Ug01sZni9PgA=
 github.com/aws/aws-sdk-go-v2 v1.26.0/go.mod h1:35hUlJVYd+M++iLI3ALmVwMOyRYMmRqUXpTtRGW+K9I=
+github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.1 h1:gTK2uhtAPtFcdRRJilZPx8uJLL2J85xK11nKtWL0wfU=
+github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.1/go.mod h1:sxpLb+nZk7tIfCWChfd+h4QwHNUR57d8hA1cleTkjJo=
 github.com/aws/aws-sdk-go-v2/config v1.27.9 h1:gRx/NwpNEFSk+yQlgmk1bmxxvQ5TyJ76CWXs9XScTqg=
 github.com/aws/aws-sdk-go-v2/config v1.27.9/go.mod h1:dK1FQfpwpql83kbD873E9vz4FyAxuJtR22wzoXn3qq0=
 github.com/aws/aws-sdk-go-v2/credentials v1.17.9 h1:N8s0/7yW+h8qR8WaRlPQeJ6czVMNQVNtNdUqf6cItao=
@@ -87,12 +89,22 @@ github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.4 h1:sHmMWWX5E7guWEFQ9SV
 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.4/go.mod h1:WjpDrhWisWOIoS9n3nk67A3Ll1vfULJ9Kq6h29HTD48=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 h1:hT8rVHwugYE2lEfdFE0QWVo81lF7jMrYJVDWI+f+VxU=
 github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0/go.mod h1:8tu/lYfQfFe6IGnaOdrpVgEL2IrrDOf6/m9RQum4NkY=
+github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.4 h1:SIkD6T4zGQ+1YIit22wi37CGNkrE7mXV1vNA5VpI3TI=
+github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.4/go.mod h1:XfeqbsG0HNedNs0GT+ju4Bs+pFAwsrlzcRdMvdNVf5s=
+github.com/aws/aws-sdk-go-v2/service/ec2 v1.152.0 h1:ltCQObuImVYmIrMX65ikB9W83MEun3Ry2Sk11ecZ8Xw=
+github.com/aws/aws-sdk-go-v2/service/ec2 v1.152.0/go.mod h1:TeZ9dVQzGaLG+SBIgdLIDbJ6WmfFvksLeG3EHGnNfZM=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1 h1:EyBZibRTVAs6ECHZOw5/wlylS9OcTzwyjeQMudmREjE=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.1/go.mod h1:JKpmtYhhPs7D97NL/ltqz7yCkERFW5dOlHyVl66ZYF8=
+github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.6 h1:NkHCgg0Ck86c5PTOzBZ0JRccI51suJDg5lgFtxBu1ek=
+github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.6/go.mod h1:mjTpxjC8v4SeINTngrnKFgm2QUi+Jm+etTbCxh8W4uU=
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.6 h1:b+E7zIUHMmcB4Dckjpkapoy47W6C9QBv/zoUP+Hn8Kc=
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.6/go.mod h1:S2fNV0rxrP78NhPbCZeQgY8H9jdDMeGtwcfZIRxzBqU=
+github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.4 h1:uDj2K47EM1reAYU9jVlQ1M5YENI1u6a/TxJpf6AeOLA=
+github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.4/go.mod h1:XKCODf4RKHppc96c2EZBGV/oCUC7OClxAo2MEyg4pIk=
 github.com/aws/aws-sdk-go-v2/service/kms v1.30.0 h1:yS0JkEdV6h9JOo8sy2JSpjX+i7vsKifU8SIeHrqiDhU=
 github.com/aws/aws-sdk-go-v2/service/kms v1.30.0/go.mod h1:+I8VUUSVD4p5ISQtzpgSva4I8cJ4SQ4b1dcBcof7O+g=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.53.0 h1:r3o2YsgW9zRcIP3Q0WCmttFVhTuugeKIvT5z9xDspc0=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.53.0/go.mod h1:w2E4f8PUfNtyjfL6Iu+mWI96FGttE03z3UdNcUEC4tA=
 github.com/aws/aws-sdk-go-v2/service/sso v1.20.3 h1:mnbuWHOcM70/OFUlZZ5rcdfA8PflGXXiefU/O+1S3+8=
 github.com/aws/aws-sdk-go-v2/service/sso v1.20.3/go.mod h1:5HFu51Elk+4oRBZVxmHrSds5jFXmFj8C3w7DVF2gnrs=
 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.23.3 h1:uLq0BKatTmDzWa/Nu4WO0M1AaQDaPpwTKAeByEc6WFM=

nodeup/pkg/model/context.go

@@ -17,15 +17,16 @@ limitations under the License.
 package model
 
 import (
+	"context"
 	"fmt"
 	"net"
 	"os"
 	"path/filepath"
 	"regexp"
 	"strings"
 
-	"github.com/aws/aws-sdk-go/aws/ec2metadata"
-	"github.com/aws/aws-sdk-go/aws/session"
+	awsconfig "github.com/aws/aws-sdk-go-v2/config"
+	"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
 	"github.com/blang/semver/v4"
 	hcloudmetadata "github.com/hetznercloud/hcloud-go/hcloud/metadata"
 	"k8s.io/klog/v2"
@@ -560,14 +561,17 @@ func (c *NodeupModelContext) RunningOnAzure() bool {
 }
 
 // GetMetadataLocalIP returns the local IP address read from metadata
-func (c *NodeupModelContext) GetMetadataLocalIP() (string, error) {
+func (c *NodeupModelContext) GetMetadataLocalIP(ctx context.Context) (string, error) {
 	var internalIP string
 
 	switch c.BootConfig.CloudProvider {
 	case kops.CloudProviderAWS:
-		sess := session.Must(session.NewSession())
-		metadata := ec2metadata.New(sess)
-		localIPv4, err := metadata.GetMetadata("local-ipv4")
+		config, err := awsconfig.LoadDefaultConfig(ctx)
+		if err != nil {
+			return "", fmt.Errorf("failed to load AWS config: %w", err)
+		}
+		metadata := imds.NewFromConfig(config)
+		localIPv4, err := getMetadata(ctx, metadata, "local-ipv4")
 		if err != nil {
 			return "", fmt.Errorf("failed to get local-ipv4 address from ec2 metadata: %w", err)
 		}

nodeup/pkg/model/kube_apiserver.go

@@ -68,7 +68,7 @@ func (b *KubeAPIServerBuilder) Build(c *fi.NodeupModelBuilderContext) error {
 	}
 
 	if b.CloudProvider() == kops.CloudProviderHetzner {
-		localIP, err := b.GetMetadataLocalIP()
+		localIP, err := b.GetMetadataLocalIP(c.Context())
 		if err != nil {
 			return err
 		}
@@ -420,7 +420,7 @@ func (b *KubeAPIServerBuilder) writeServerCertificate(c *fi.NodeupModelBuilderCo
 		alternateNames = append(alternateNames, "127.0.0.1")
 
 		if b.CloudProvider() == kops.CloudProviderHetzner {
-			localIP, err := b.GetMetadataLocalIP()
+			localIP, err := b.GetMetadataLocalIP(c.Context())
 			if err != nil {
 				return err
 			}