write custom data in node-bootstrapper

Azure · Sep 5, 2024 · f68782a · f68782a
1 parent 27d780d
commit f68782a
Show file tree

Hide file tree

Showing 9 changed files with 470 additions and 34 deletions.
diff --git a/node-bootstrapper/build.sh b/node-bootstrapper/build.sh
@@ -1,3 +1,4 @@
+go test ./...
 GOOS=linux GOARCH=amd64 go build -o ./dist/node-bootstrapper-linux-amd64
 GOOS=linux GOARCH=arm64 go build -o ./dist/node-bootstrapper-linux-arm64
 GOOS=windows GOARCH=amd64 go build -o ./dist/node-bootstrapper-windows-amd64.exe

diff --git a/node-bootstrapper/custom_data_test.go b/node-bootstrapper/custom_data_test.go
@@ -0,0 +1,161 @@
+package main
+
+import (
+	"io/fs"
+	"testing"
+
+	"github.com/Azure/agentbaker/pkg/agent/datamodel"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestCustomData(t *testing.T) {
+	getFile := func(t *testing.T, nbc *datamodel.NodeBootstrappingConfiguration, path string, expectedMode fs.FileMode) string {
+		t.Helper()
+		files, err := customData(nbc)
+		require.NoError(t, err)
+		require.Contains(t, files, path)
+		actual := files[path]
+		assert.Equal(t, expectedMode, actual.Mode)
+		return actual.Content
+	}
+
+	t.Run("kubeconfig", func(t *testing.T) {
+		nbc := validNBC()
+		actual := getFile(t, nbc, "/var/lib/kubelet/kubeconfig", 0644)
+		expected := `
+apiVersion: v1
+kind: Config
+clusters:
+- name: localcluster
+  cluster:
+    certificate-authority: /etc/kubernetes/certs/ca.crt
+    server: https://:443
+users:
+- name: client
+  user:
+    client-certificate: /etc/kubernetes/certs/client.crt
+    client-key: /etc/kubernetes/certs/client.key
+contexts:
+- context:
+    cluster: localcluster
+    user: client
+  name: localclustercontext
+current-context: localclustercontext
+`
+		assert.YAMLEq(t, expected, actual)
+	})
+
+	t.Run("ca.crt", func(t *testing.T) {
+		nbc := validNBC()
+		actual := getFile(t, nbc, "/etc/kubernetes/certs/ca.crt", 0600)
+		expected := "test-ca-cert"
+		assert.Equal(t, expected, actual)
+	})
+
+	t.Run("bootstrap-kubeconfig", func(t *testing.T) {
+		nbc := validNBC()
+		nbc.KubeletClientTLSBootstrapToken = Ptr("test-token")
+		actual := getFile(t, nbc, "/var/lib/kubelet/bootstrap-kubeconfig", 0644)
+		expected := `apiVersion: v1
+clusters:
+    - cluster:
+        certificate-authority: /etc/kubernetes/certs/ca.crt
+        server: https://:443
+      name: localcluster
+contexts:
+    - context:
+        cluster: localcluster
+        user: kubelet-bootstrap
+      name: bootstrap-context
+current-context: bootstrap-context
+kind: Config
+users:
+    - name: kubelet-bootstrap
+      user:
+        token: test-token
+`
+		assert.YAMLEq(t, expected, actual)
+	})
+
+	t.Run("exec_start.conf", func(t *testing.T) {
+		nbc := validNBC()
+		actual := getFile(t, nbc, "/etc/systemd/system/docker.service.d/exec_start.conf", 0644)
+		nbc.ContainerService.Properties.OrchestratorProfile.KubernetesConfig.DockerBridgeSubnet = "1.1.1.1"
+		expected := `[Service]
+ExecStart=
+ExecStart=/usr/bin/dockerd -H fd:// --storage-driver=overlay2 --bip=1.1.1.1
+ExecStartPost=/sbin/iptables -P FORWARD ACCEPT
+#EOF`
+		assert.Equal(t, expected, actual)
+	})
+
+	t.Run("docker-daemon.json", func(t *testing.T) {
+		nbc := validNBC()
+		actual := getFile(t, nbc, "/etc/docker/daemon.json", 0644)
+		expected := `
+{
+	"data-root":"/mnt/aks/containers",
+	"live-restore":true,
+	"log-driver":"json-file",
+	"log-opts": {
+		"max-file":"5",
+		"max-size":"50m"
+	}
+}
+`
+		assert.JSONEq(t, expected, actual)
+	})
+	t.Run("kubelet", func(t *testing.T) {
+		nbc := validNBC()
+		actual := getFile(t, nbc, "/etc/default/kubelet", 0644)
+		expected := `KUBELET_FLAGS=
+KUBELET_REGISTER_SCHEDULABLE=true
+NETWORK_POLICY=
+KUBELET_NODE_LABELS=agentpool=,kubernetes.azure.com/agentpool=
+`
+		assert.Equal(t, expected, actual)
+	})
+
+	t.Run("containerDMCRHosts", func(t *testing.T) {
+		nbc := validNBC()
+		nbc.ContainerService.Properties.SecurityProfile = &datamodel.SecurityProfile{
+			PrivateEgress: &datamodel.PrivateEgress{
+				Enabled:                 true,
+				ContainerRegistryServer: "test-registry",
+			},
+		}
+		actual := getFile(t, nbc, "/etc/containerd/certs.d/mcr.microsoft.com/hosts.toml", 0644)
+		expected := `[host."https://test-registry"]
+capabilities = ["pull", "resolve"]
+`
+		assert.Equal(t, expected, actual)
+	})
+}
+
+func validNBC() *datamodel.NodeBootstrappingConfiguration {
+	return &datamodel.NodeBootstrappingConfiguration{
+		ContainerService: &datamodel.ContainerService{
+			Properties: &datamodel.Properties{
+				CertificateProfile: &datamodel.CertificateProfile{
+					CaCertificate: "test-ca-cert",
+				},
+				OrchestratorProfile: &datamodel.OrchestratorProfile{
+					OrchestratorType:    datamodel.Kubernetes,
+					OrchestratorVersion: "1.31.0",
+					KubernetesConfig: &datamodel.KubernetesConfig{
+						DockerBridgeSubnet: "1.1.1.1",
+					},
+				},
+			},
+		},
+		CustomSecureTLSBootstrapAADServerAppID: "test-app-id",
+		AgentPoolProfile: &datamodel.AgentPoolProfile{
+			KubeletDiskType: datamodel.TempDisk,
+		},
+	}
+}
+
+func Ptr[T any](input T) *T {
+	return &input
+}
diff --git a/node-bootstrapper/go.mod b/node-bootstrapper/go.mod
@@ -4,13 +4,20 @@ go 1.23.0
 
 replace github.com/Azure/agentbaker => ../
 
-require github.com/Azure/agentbaker v1.0.1238
+require (
+	github.com/Azure/agentbaker v1.0.1238
+	github.com/stretchr/testify v1.9.0
+	sigs.k8s.io/yaml v1.4.0
+)
 
 require (
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
 	github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
 	github.com/Masterminds/semver/v3 v3.2.1 // indirect
 	github.com/blang/semver v3.5.1+incompatible // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/apimachinery v0.28.5 // indirect
 )
diff --git a/node-bootstrapper/go.sum b/node-bootstrapper/go.sum
@@ -12,8 +12,13 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
 github.com/onsi/ginkgo v1.12.2 h1:Ke9m3h2Hu0wsZ45yewCqhYr3Z+emcNTuLY2nMWCkrSI=
@@ -24,6 +29,8 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
+github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
 github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
@@ -32,9 +39,14 @@ golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
 golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
 golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 k8s.io/apimachinery v0.28.5 h1:EEj2q1qdTcv2p5wl88KavAn3VlFRjREgRu8Sm/EuMPY=
 k8s.io/apimachinery v0.28.5/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg=
+sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
+sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=