Skip to content

Commit

Permalink
fix: include all node addresses into etcd cert SANs
Browse files Browse the repository at this point in the history
That was a mistake to use only 'routed' addresses, as they e.g. do not
include SideroLink.

Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
(cherry picked from commit 9dadc4a)
  • Loading branch information
smira committed Sep 12, 2022
1 parent 09140a8 commit 39c68b6
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
4 changes: 2 additions & 2 deletions internal/app/machined/pkg/controllers/secrets/etcd.go
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ func (ctrl *EtcdController) Inputs() []controller.Input {
{
Namespace: network.NamespaceName,
Type: network.NodeAddressType,
ID: pointer.To(network.FilteredNodeAddressID(network.NodeAddressRoutedID, k8s.NodeAddressFilterNoK8s)),
ID: pointer.To(network.FilteredNodeAddressID(network.NodeAddressAccumulativeID, k8s.NodeAddressFilterNoK8s)),
Kind: controller.InputWeak,
},
}
Expand Down Expand Up @@ -148,7 +148,7 @@ func (ctrl *EtcdController) Run(ctx context.Context, r controller.Runtime, logge
resource.NewMetadata(
network.NamespaceName,
network.NodeAddressType,
network.FilteredNodeAddressID(network.NodeAddressRoutedID, k8s.NodeAddressFilterNoK8s),
network.FilteredNodeAddressID(network.NodeAddressAccumulativeID, k8s.NodeAddressFilterNoK8s),
resource.VersionUndefined,
),
)
Expand Down
2 changes: 1 addition & 1 deletion internal/app/machined/pkg/controllers/secrets/etcd_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,7 @@ func (suite *EtcdSuite) TestReconcile() {
hostnameStatus.TypedSpec().Domainname = "domain"
suite.Require().NoError(suite.State().Create(suite.Ctx(), hostnameStatus))

nodeAddresses := network.NewNodeAddress(network.NamespaceName, network.FilteredNodeAddressID(network.NodeAddressRoutedID, k8s.NodeAddressFilterNoK8s))
nodeAddresses := network.NewNodeAddress(network.NamespaceName, network.FilteredNodeAddressID(network.NodeAddressAccumulativeID, k8s.NodeAddressFilterNoK8s))
nodeAddresses.TypedSpec().Addresses = []netaddr.IPPrefix{
netaddr.MustParseIPPrefix("10.3.4.5/24"),
netaddr.MustParseIPPrefix("2001:db8::1eaf/64"),
Expand Down

0 comments on commit 39c68b6

Please sign in to comment.