From e6108154c4042d8836c6977c21bb20e135a75100 Mon Sep 17 00:00:00 2001 From: Murcherla Date: Mon, 13 Jul 2020 16:36:00 -0500 Subject: [PATCH] Added config map for env vars --- config/master/aws-k8s-cni-cn.yaml | 33 ++----------- config/master/aws-k8s-cni-configmap.yaml | 25 ++++++++++ config/master/aws-k8s-cni-us-gov-east-1.yaml | 33 ++----------- config/master/aws-k8s-cni-us-gov-west-1.yaml | 33 ++----------- config/master/aws-k8s-cni.yaml | 33 ++----------- config/master/manifests.jsonnet | 50 ++++++++++++++------ 6 files changed, 72 insertions(+), 135 deletions(-) create mode 100644 config/master/aws-k8s-cni-configmap.yaml diff --git a/config/master/aws-k8s-cni-cn.yaml b/config/master/aws-k8s-cni-cn.yaml index 726278c967b..435cbe01d43 100644 --- a/config/master/aws-k8s-cni-cn.yaml +++ b/config/master/aws-k8s-cni-cn.yaml @@ -107,40 +107,13 @@ - "fargate" "containers": - "env": - - "name": "ADDITIONAL_ENI_TAGS" - "value": "{}" - - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" - "value": "true" - - "name": "AWS_VPC_ENI_MTU" - "value": "9001" - - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" - "value": "DEBUG" - - "name": "AWS_VPC_K8S_CNI_LOG_FILE" - "value": "/host/var/log/aws-routed-eni/ipamd.log" - - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" - "value": "prng" - - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" - "value": "eni" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" - "value": "/var/log/aws-routed-eni/plugin.log" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" - "value": "DEBUG" - - "name": "DISABLE_INTROSPECTION" - "value": "false" - - "name": "DISABLE_METRICS" - "value": "false" - "name": "MY_NODE_NAME" "valueFrom": "fieldRef": "fieldPath": "spec.nodeName" - - "name": "WARM_ENI_TARGET" - "value": "1" + "envFrom": + - "configMapRef": + "name": "aws-k8s-cni-configmap" "image": "961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon-k8s-cni:latest" "imagePullPolicy": "Always" "livenessProbe": diff --git a/config/master/aws-k8s-cni-configmap.yaml b/config/master/aws-k8s-cni-configmap.yaml new file mode 100644 index 00000000000..13441e8aff2 --- /dev/null +++ b/config/master/aws-k8s-cni-configmap.yaml @@ -0,0 +1,25 @@ +--- +"apiVersion": "v1" +"data": + "ADDITIONAL_ENI_TAGS": "{}" + "AWS_VPC_CNI_NODE_PORT_SUPPORT": "true" + "AWS_VPC_ENI_MTU": "9001" + "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER": "false" + "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG": "false" + "AWS_VPC_K8S_CNI_EXTERNALSNAT": "false" + "AWS_VPC_K8S_CNI_LOGLEVEL": "DEBUG" + "AWS_VPC_K8S_CNI_LOG_FILE": "/host/var/log/aws-routed-eni/ipamd.log" + "AWS_VPC_K8S_CNI_RANDOMIZESNAT": "prng" + "AWS_VPC_K8S_CNI_VETHPREFIX": "eni" + "AWS_VPC_K8S_PLUGIN_LOG_FILE": "/var/log/aws-routed-eni/plugin.log" + "AWS_VPC_K8S_PLUGIN_LOG_LEVEL": "DEBUG" + "DISABLE_INTROSPECTION": "false" + "DISABLE_METRICS": "false" + "WARM_ENI_TARGET": "1" +"kind": "ConfigMap" +"metadata": + "labels": + "k8s-app": "aws-node-cm" + "name": "aws-k8s-cni-configmap" + "namespace": "kube-system" +... diff --git a/config/master/aws-k8s-cni-us-gov-east-1.yaml b/config/master/aws-k8s-cni-us-gov-east-1.yaml index d93df77c135..d32d9e3df91 100644 --- a/config/master/aws-k8s-cni-us-gov-east-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-east-1.yaml @@ -107,40 +107,13 @@ - "fargate" "containers": - "env": - - "name": "ADDITIONAL_ENI_TAGS" - "value": "{}" - - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" - "value": "true" - - "name": "AWS_VPC_ENI_MTU" - "value": "9001" - - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" - "value": "DEBUG" - - "name": "AWS_VPC_K8S_CNI_LOG_FILE" - "value": "/host/var/log/aws-routed-eni/ipamd.log" - - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" - "value": "prng" - - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" - "value": "eni" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" - "value": "/var/log/aws-routed-eni/plugin.log" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" - "value": "DEBUG" - - "name": "DISABLE_INTROSPECTION" - "value": "false" - - "name": "DISABLE_METRICS" - "value": "false" - "name": "MY_NODE_NAME" "valueFrom": "fieldRef": "fieldPath": "spec.nodeName" - - "name": "WARM_ENI_TARGET" - "value": "1" + "envFrom": + - "configMapRef": + "name": "aws-k8s-cni-configmap" "image": "151742754352.dkr.ecr.us-gov-east-1.amazonaws.com/amazon-k8s-cni:latest" "imagePullPolicy": "Always" "livenessProbe": diff --git a/config/master/aws-k8s-cni-us-gov-west-1.yaml b/config/master/aws-k8s-cni-us-gov-west-1.yaml index 8721cb2ee85..de10cfd2ff3 100644 --- a/config/master/aws-k8s-cni-us-gov-west-1.yaml +++ b/config/master/aws-k8s-cni-us-gov-west-1.yaml @@ -107,40 +107,13 @@ - "fargate" "containers": - "env": - - "name": "ADDITIONAL_ENI_TAGS" - "value": "{}" - - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" - "value": "true" - - "name": "AWS_VPC_ENI_MTU" - "value": "9001" - - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" - "value": "DEBUG" - - "name": "AWS_VPC_K8S_CNI_LOG_FILE" - "value": "/host/var/log/aws-routed-eni/ipamd.log" - - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" - "value": "prng" - - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" - "value": "eni" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" - "value": "/var/log/aws-routed-eni/plugin.log" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" - "value": "DEBUG" - - "name": "DISABLE_INTROSPECTION" - "value": "false" - - "name": "DISABLE_METRICS" - "value": "false" - "name": "MY_NODE_NAME" "valueFrom": "fieldRef": "fieldPath": "spec.nodeName" - - "name": "WARM_ENI_TARGET" - "value": "1" + "envFrom": + - "configMapRef": + "name": "aws-k8s-cni-configmap" "image": "013241004608.dkr.ecr.us-gov-west-1.amazonaws.com/amazon-k8s-cni:latest" "imagePullPolicy": "Always" "livenessProbe": diff --git a/config/master/aws-k8s-cni.yaml b/config/master/aws-k8s-cni.yaml index c6d90a4a847..14979f50fc3 100644 --- a/config/master/aws-k8s-cni.yaml +++ b/config/master/aws-k8s-cni.yaml @@ -107,40 +107,13 @@ - "fargate" "containers": - "env": - - "name": "ADDITIONAL_ENI_TAGS" - "value": "{}" - - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" - "value": "true" - - "name": "AWS_VPC_ENI_MTU" - "value": "9001" - - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" - "value": "false" - - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" - "value": "DEBUG" - - "name": "AWS_VPC_K8S_CNI_LOG_FILE" - "value": "/host/var/log/aws-routed-eni/ipamd.log" - - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" - "value": "prng" - - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" - "value": "eni" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" - "value": "/var/log/aws-routed-eni/plugin.log" - - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" - "value": "DEBUG" - - "name": "DISABLE_INTROSPECTION" - "value": "false" - - "name": "DISABLE_METRICS" - "value": "false" - "name": "MY_NODE_NAME" "valueFrom": "fieldRef": "fieldPath": "spec.nodeName" - - "name": "WARM_ENI_TARGET" - "value": "1" + "envFrom": + - "configMapRef": + "name": "aws-k8s-cni-configmap" "image": "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:latest" "imagePullPolicy": "Always" "livenessProbe": diff --git a/config/master/manifests.jsonnet b/config/master/manifests.jsonnet index 45f3e6c504c..019db2edb04 100644 --- a/config/master/manifests.jsonnet +++ b/config/master/manifests.jsonnet @@ -27,6 +27,37 @@ local regions = { }, }; +local awsnodecm = { + configMap: { + apiVersion: "v1", + kind: "ConfigMap", + metadata: { + name: "aws-k8s-cni-configmap", + namespace: "kube-system", + labels: { + "k8s-app": "aws-node-cm", + }, + }, + data: { + AWS_VPC_CNI_NODE_PORT_SUPPORT: "true", + AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG: "false", + AWS_VPC_ENI_MTU: "9001", + AWS_VPC_K8S_CNI_EXTERNALSNAT: "false", + AWS_VPC_K8S_CNI_RANDOMIZESNAT: "prng", + WARM_ENI_TARGET: "1", + AWS_VPC_K8S_CNI_LOGLEVEL: "DEBUG", + AWS_VPC_K8S_CNI_LOG_FILE: "/host/var/log/aws-routed-eni/ipamd.log", + AWS_VPC_K8S_PLUGIN_LOG_FILE: "/var/log/aws-routed-eni/plugin.log", + AWS_VPC_K8S_PLUGIN_LOG_LEVEL: "DEBUG", + DISABLE_INTROSPECTION: "false", + DISABLE_METRICS: "false", + AWS_VPC_K8S_CNI_VETHPREFIX: "eni", + ADDITIONAL_ENI_TAGS: "{}", + AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER: "false", + }, + }, +}; + local awsnode = { clusterRole: { apiVersion: "rbac.authorization.k8s.io/v1", @@ -154,22 +185,10 @@ local awsnode = { livenessProbe: self.readinessProbe + { initialDelaySeconds: 60, }, + envFrom: [ + {configMapRef: {name: "aws-k8s-cni-configmap"}}, + ], env_:: { - AWS_VPC_CNI_NODE_PORT_SUPPORT: "true", - AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG: "false", - AWS_VPC_ENI_MTU: "9001", - AWS_VPC_K8S_CNI_EXTERNALSNAT: "false", - AWS_VPC_K8S_CNI_RANDOMIZESNAT: "prng", - WARM_ENI_TARGET: "1", - AWS_VPC_K8S_CNI_LOGLEVEL: "DEBUG", - AWS_VPC_K8S_CNI_LOG_FILE: "/host/var/log/aws-routed-eni/ipamd.log", - AWS_VPC_K8S_PLUGIN_LOG_FILE: "/var/log/aws-routed-eni/plugin.log", - AWS_VPC_K8S_PLUGIN_LOG_LEVEL: "DEBUG", - DISABLE_INTROSPECTION: "false", - DISABLE_METRICS: "false", - AWS_VPC_K8S_CNI_VETHPREFIX: "eni", - ADDITIONAL_ENI_TAGS: "{}", - AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER: "false", MY_NODE_NAME: { valueFrom: { fieldRef: {fieldPath: "spec.nodeName"}, @@ -390,3 +409,4 @@ byRegion("cni-metrics-helper", metricsHelper); [kv[0] + ".yaml"]: std.manifestYamlStream(objectValues(kv[1])) for kv in objectItems(output) } +{"aws-k8s-cni-configmap.yaml": std.manifestYamlStream(objectValues(awsnodecm))}