Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(chart): Switch base64 encoded cniConfig.fileContents to the binaryData #2552

Merged
merged 1 commit into from
Sep 11, 2023
Merged

fix(chart): Switch base64 encoded cniConfig.fileContents to the binaryData #2552

merged 1 commit into from
Sep 11, 2023

Conversation

VLZZZ
Copy link
Contributor

@VLZZZ VLZZZ commented Sep 7, 2023

What type of PR is this?
bug

Which issue does this PR fix:
#2551

What does this PR do / Why do we need it:
Currently it's stored as a base64 encoded JSON and the VPC CNI app doesn't decode this base64 and fails.
This change switched the ConfigMap from data to the binaryData which natively will decode base64 from the ConfigMap with no need to introduce any changes to the app itself.

If an issue # is not available please add repro steps and logs from IPAMD/CNI showing the issue:

Testing done on this change:

After changing the data in ConfigMap to the binaryData everything works as intended:

apiVersion: v1
binaryData:
  10-aws.conflist: ewogICJjbmlWZXJzaW9uIjogIjAuNC4wIiwKICAibmFtZSI6ICJhd3MtY25pIiwKICAiZGlzYWJsZUNoZWNrIjogdHJ1ZSwKICAicGx1Z2lucyI6IFsKICAgIHsKICAgICAgIm5hbWUiOiAiYXdzLWNuaSIsCiAgICAgICJ0eXBlIjogImF3cy1jbmkiLAogICAgICAidmV0aFByZWZpeCI6ICJfX1ZFVEhQUkVGSVhfXyIsCiAgICAgICJtdHUiOiAiX19NVFVfXyIsCiAgICAgICJwb2RTR0VuZm9yY2luZ01vZGUiOiAiX19QT0RTR0VORk9SQ0lOR01PREVfXyIsCiAgICAgICJwbHVnaW5Mb2dGaWxlIjogIl9fUExVR0lOTE9HRklMRV9fIiwKICAgICAgInBsdWdpbkxvZ0xldmVsIjogIl9fUExVR0lOTE9HTEVWRUxfXyIKICAgIH0sCiAgICB7CiAgICAgICJuYW1lIjogImVncmVzcy1jbmkiLAogICAgICAidHlwZSI6ICJlZ3Jlc3MtY25pIiwKICAgICAgIm10dSI6ICI5MDAxIiwKICAgICAgImVuYWJsZWQiOiAiX19FR1JFU1NQTFVHSU5FTkFCTEVEX18iLAogICAgICAicmFuZG9taXplU05BVCI6ICJfX1JBTkRPTUlaRVNOQVRfXyIsCiAgICAgICJub2RlSVAiOiAiX19OT0RFSVBfXyIsCiAgICAgICJpcGFtIjogewogICAgICAgICJ0eXBlIjogImhvc3QtbG9jYWwiLAogICAgICAgICJyYW5nZXMiOiBbW3sic3VibmV0IjogIl9fRUdSRVNTUExVR0lOSVBBTVNVQk5FVF9fIn1dXSwKICAgICAgICAicm91dGVzIjogW3siZHN0IjogIl9fRUdSRVNTUExVR0lOSVBBTURTVF9fIn1dLAogICAgICAgICJkYXRhRGlyIjogIl9fRUdSRVNTUExVR0lOSVBBTURBVEFESVJfXyIKICAgICAgfSwKICAgICAgInBsdWdpbkxvZ0ZpbGUiOiAiX19FR1JFU1NQTFVHSU5MT0dGSUxFX18iLAogICAgICAicGx1Z2luTG9nTGV2ZWwiOiAiX19QTFVHSU5MT0dMRVZFTF9fIgogICAgfSwKICAgIHsKICAgICAgInR5cGUiOiAicG9ydG1hcCIsCiAgICAgICJjYXBhYmlsaXRpZXMiOiB7InBvcnRNYXBwaW5ncyI6IHRydWV9LAogICAgICAic25hdCI6IHRydWUKICAgIH0sCiAgICB7CiAgICAgICJ0eXBlIjogInR1bmluZyIsCiAgICAgICJzeXNjdGwiOiB7CiAgICAgICAgIm5ldC5pcHY2LmNvbmYuYWxsLmRpc2FibGVfaXB2NiI6ICIxIiwKICAgICAgICAibmV0LmlwdjYuY29uZi5kZWZhdWx0LmRpc2FibGVfaXB2NiI6ICIxIiwKICAgICAgICAibmV0LmlwdjYuY29uZi5sby5kaXNhYmxlX2lwdjYiOiAiMSIKICAgICAgfQogICAgfQogIF0KfQ==
kind: ConfigMap
metadata:
  annotations:
    meta.helm.sh/release-name: aws-vpc-cni
    meta.helm.sh/release-namespace: kube-system
  creationTimestamp: "2023-09-07T13:07:22Z"
  labels:
    app.kubernetes.io/instance: aws-vpc-cni
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: aws-node
    app.kubernetes.io/version: v1.12.1
    helm.sh/chart: aws-vpc-cni-1.2.2
    k8s-app: aws-node
  name: aws-node
  namespace: kube-system
  resourceVersion: "331112026"
  uid: 201208f3-7f66-4cc7-97da-7202b0b4f984
Defaulted container "aws-node" out of: aws-node, aws-vpc-cni-init (init)
Installed /host/opt/cni/bin/aws-cni
Installed /host/opt/cni/bin/egress-cni
time="2023-09-07T13:33:27Z" level=info msg="Starting IPAM daemon... "
time="2023-09-07T13:33:27Z" level=info msg="Checking for IPAM connectivity... "
time="2023-09-07T13:33:28Z" level=info msg="Copying config file... "
time="2023-09-07T13:33:28Z" level=info msg="Successfully copied CNI plugin binary and config file."

Automation added to e2e:

no
Will this PR introduce any new dependencies?:

No
Will this break upgrades or downgrades. Has updating a running cluster been tested?:
No

Does this change require updates to the CNI daemonset config files to work?:

No

Does this PR introduce any user-facing change?:

No


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@VLZZZ VLZZZ requested a review from a team as a code owner September 7, 2023 14:01
@jdn5126
Copy link
Contributor

jdn5126 commented Sep 7, 2023

Ah nice find @VLZZZ, thank you for fixing!

@jdn5126 jdn5126 merged commit 56390a1 into aws:master Sep 11, 2023
@VLZZZ VLZZZ deleted the fix-cni-config-cm branch September 12, 2023 21:00
jdn5126 added a commit that referenced this pull request Oct 20, 2023
* restore node update permission to master until image tag can be updated (#2513)

* Merge branch 'release-1.14' (#2517)

* network policies update to readme (#2478)

* init draft of network policy desc

* add security note

* fixup

* fixup

* fix placeholder link

* Update manifest for cni 1.14 (#2526)

* Mimic VPC-RC limit struture (#2516)

* limits api pkg (#2528)

* Update kops tests for 1.28 and fix generate-cni-yaml script (#2536)

* skip IPAMD events test (#2537)

* chore: remove refs to deprecated io/ioutil (#2541)

* Change default Node Agent ports for health and metrics (#2545)

* remove self-managed node group from pod-eni test suite (#2547)

* bump controller runtime to 0.16.1 (#2548)

Co-authored-by: Joseph Chen <chenjoez@amazon.com>

* update agent image (#2554)

* fix(chart): Switch base64 encoded cniConfig.fileContents to the binaryData (#2552)

* Update the use of privileged flag in aws-vpc-cni manifest (#2555)

* increment default Calico version for helm compatibility (#2560)

* update nginx image (#2561)

* Only metrics (#2557)

Prometheus metrics for capturing ENI IP usage and no available IP address errors

Co-authored-by: Lindsay Hanks <lnhanks@dev-dsk-lnhanks-2a-167bac85.us-west-2.amazon.com>

* CHANGELOG, chart, and manifest updates for VPC CNI v1.15.0 release (#2563)

* remove calico test suite from weekly integration tests (#2559)

* remove addon-tests integration suite as it is no longer needed (#2564)

* Only metrics (#2569)

* rename warm pool metrics

---------

Co-authored-by: Lindsay Hanks <lnhanks@dev-dsk-lnhanks-2a-167bac85.us-west-2.amazon.com>

* Fix unused version variable (#2566)

* Update example table 'Pod per Prefixes' value (#2573)

* Bandwidth plugin with NP is currently unsupported (#2572)

* Bandwidth plugin with NP

* Messaging review

* pass CNINode scheme to client only (#2570)

* reduce api calls (#2575)

* Add region flag to describe-addon command (#2576)

* add ENABLE_V4_EGRESS (#2577)

* Add test registry parameter for ipv6 and CNI full tests (#2585)

* update golang image (#2586)

* increase time for service readiness (#2587)

* do not patch CNINode for custom networking unless podENI is enabled (#2591)

* Remove self-managed node group from custom-networking suite (#2590)

* remove self-managed node group from custom-networking suite

* Select CNI manifest based on regions (#2593)

* Update metrics helper image url based on region (#2604)

* dependabot updates (#2605)

* Graceful termination for service connectivity tests (#2611)

* update CHANGELOG, charts, and manifests in master following v1.15.1 release (#2614)

* go module updates and golang builder image update (#2615)

* update Golang to 1.21.3 (#2616)

* Stricter dependency/security review (#2617)

* Stricter dependency/security review

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

* move common things to a separate file

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

---------

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

* update actions for go 1.21 and fix deps action warnings (#2618)

---------

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com>
Co-authored-by: Joseph Chen <76720045+jchen6585@users.noreply.github.com>
Co-authored-by: guangwu <guoguangwu@magic-shield.com>
Co-authored-by: Joseph Chen <chenjoez@amazon.com>
Co-authored-by: Valentin Zayash <VLZZZ@users.noreply.github.com>
Co-authored-by: lnhanks <67074258+lnhanks@users.noreply.github.com>
Co-authored-by: Lindsay Hanks <lnhanks@dev-dsk-lnhanks-2a-167bac85.us-west-2.amazon.com>
Co-authored-by: 김은빈 <rlaisqls@gmail.com>
Co-authored-by: Jayanth Varavani <1111446+jayanthvn@users.noreply.github.com>
Co-authored-by: Davanum Srinivas <davanum@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants