Prevent interacting with shoot when hibernated

```improvement user The certificate-service as well as all worker controllers do not longer try to interact with the shoot API server in case the shoot is hibernated. ```
gardener-attic · May 31, 2019 · ea2d711 · ea2d711
1 parent f8ac54a
commit ea2d711
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 16 deletions.
diff --git a/controllers/extension-certificate-service/pkg/controller/certservice/actuator.go b/controllers/extension-certificate-service/pkg/controller/certservice/actuator.go
@@ -26,6 +26,7 @@ import (
 	"github.com/gardener/gardener-extensions/pkg/controller"
 	"github.com/gardener/gardener-extensions/pkg/controller/extension"
 	"github.com/gardener/gardener-extensions/pkg/util"
+
 	extensionsv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1"
 	gardenv1beta1 "github.com/gardener/gardener/pkg/apis/garden/v1beta1"
 	"github.com/gardener/gardener/pkg/client/kubernetes"
@@ -78,15 +79,17 @@ func (a *actuator) Reconcile(ctx context.Context, ex *extensionsv1alpha1.Extensi
 		return fmt.Errorf("Error creating Kubeconfig to deploy RBAC manifests: %v", err)
 	}
 
-	if err := a.createRBAC(ctx, kubecfg); err != nil {
-		return err
-	}
-
 	cluster, err := controller.GetCluster(ctx, a.client, namespace)
 	if err != nil {
 		return err
 	}
 
+	if !controller.IsHibernated(cluster.Shoot) {
+		if err := a.createRBAC(ctx, kubecfg); err != nil {
+			return err
+		}
+	}
+
 	return a.createCertBroker(ctx, cluster.Shoot, namespace)
 }
 

diff --git a/pkg/controller/worker/genericactuator/machine_controller_manager.go b/pkg/controller/worker/genericactuator/machine_controller_manager.go
@@ -34,21 +34,11 @@ import (
 )
 
 func (a *genericActuator) deployMachineControllerManager(ctx context.Context, workerObj *extensionsv1alpha1.Worker, cluster *controller.Cluster, workerDelegate WorkerDelegate) error {
-	shootClients, err := util.NewClientsForShoot(ctx, a.client, workerObj.Namespace, client.Options{})
-	if err != nil {
-		return err
-	}
-
 	mcmValues, err := workerDelegate.GetMachineControllerManagerChartValues(ctx)
 	if err != nil {
 		return err
 	}
 
-	mcmShootValues, err := workerDelegate.GetMachineControllerManagerShootChartValues(ctx)
-	if err != nil {
-		return err
-	}
-
 	// Generate MCM kubeconfig and inject its checksum into the MCM values.
 	mcmKubeconfigSecret, err := createKubeconfigForMachineControllerManager(ctx, a.client, workerObj.Namespace, a.mcmName)
 	if err != nil {
@@ -71,8 +61,21 @@ func (a *genericActuator) deployMachineControllerManager(ctx context.Context, wo
 	if err := a.mcmSeedChart.Apply(ctx, a.gardenerClientset, a.chartApplier, workerObj.Namespace, cluster.Shoot, a.imageVector, nil, mcmValues); err != nil {
 		return errors.Wrapf(err, "could not apply MCM chart in seed for worker '%s'", util.ObjectName(workerObj))
 	}
-	if err := a.mcmShootChart.Apply(ctx, shootClients.GardenerClientset(), shootClients.ChartApplier(), metav1.NamespaceSystem, cluster.Shoot, a.imageVector, nil, mcmShootValues); err != nil {
-		return errors.Wrapf(err, "could not apply MCM chart in seed for worker '%s'", util.ObjectName(workerObj))
+
+	if !controller.IsHibernated(cluster.Shoot) {
+		shootClients, err := util.NewClientsForShoot(ctx, a.client, workerObj.Namespace, client.Options{})
+		if err != nil {
+			return err
+		}
+
+		mcmShootValues, err := workerDelegate.GetMachineControllerManagerShootChartValues(ctx)
+		if err != nil {
+			return err
+		}
+
+		if err := a.mcmShootChart.Apply(ctx, shootClients.GardenerClientset(), shootClients.ChartApplier(), metav1.NamespaceSystem, cluster.Shoot, a.imageVector, nil, mcmShootValues); err != nil {
+			return errors.Wrapf(err, "could not apply MCM chart in seed for worker '%s'", util.ObjectName(workerObj))
+		}
 	}
 
 	return nil