Update logic for pulling cni plugins and bump version

awslabs · Nov 12, 2024 · 9ceff0e · 9ceff0e
1 parent f81d9fa
commit 9ceff0e
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 9 deletions.
diff --git a/templates/al2/provisioners/install-worker.sh b/templates/al2/provisioners/install-worker.sh
@@ -272,9 +272,30 @@ elif [ "$BINARY_BUCKET_REGION" = "eu-isoe-west-1" ]; then
 elif [ "$BINARY_BUCKET_REGION" = "us-isof-south-1" ]; then
   S3_DOMAIN="csp.hci.ic.gov"
 fi
+
+# TODO: start deprecating these.
 S3_URL_BASE="https://$BINARY_BUCKET_NAME.s3.$BINARY_BUCKET_REGION.$S3_DOMAIN/$KUBERNETES_VERSION/$KUBERNETES_BUILD_DATE/bin/linux/$ARCH"
 S3_PATH="s3://$BINARY_BUCKET_NAME/$KUBERNETES_VERSION/$KUBERNETES_BUILD_DATE/bin/linux/$ARCH"
 
+function s3_binary_path() {
+  local binary_name=""
+  local os="linux"
+  local arch="$ARCH"
+  local version=""
+  while getopts 'n:o:a:v:' OPTION; do
+    case "$OPTION" in
+      n) binary_name="$OPTARG" ;;
+      o) os="$OPTARG" ;;
+      a) arch="$OPTARG" ;;
+      v) version="$OPTARG" ;;
+    esac
+  done
+  echo "bin/$binary_name/$version/$os/$arch/$binary_name"
+}
+
+S3_URI_BASE="s3://$BINARY_BUCKET_NAME"
+S3_HTTP_BASE="https://$BINARY_BUCKET_NAME.s3.$BINARY_BUCKET_REGION.$S3_DOMAIN"
+
 BINARIES=(
   kubelet
   aws-iam-authenticator
@@ -313,21 +334,22 @@ if [ "$PULL_CNI_FROM_GITHUB" = "true" ]; then
   wget "https://github.com/containernetworking/plugins/releases/download/${CNI_PLUGIN_VERSION}/${CNI_PLUGIN_FILENAME}.tgz.sha512"
   sudo sha512sum -c "${CNI_PLUGIN_FILENAME}.tgz.sha512"
   rm "${CNI_PLUGIN_FILENAME}.tgz.sha512"
+  sudo tar -xvf "${CNI_PLUGIN_FILENAME}.tgz" -C /opt/cni/bin
+  rm "${CNI_PLUGIN_FILENAME}.tgz"
 else
   if [[ -n "$AWS_ACCESS_KEY_ID" ]]; then
     echo "AWS cli present - using it to copy binaries from s3."
-    aws s3 cp --region $BINARY_BUCKET_REGION $S3_PATH/${CNI_PLUGIN_FILENAME}.tgz .
-    aws s3 cp --region $BINARY_BUCKET_REGION $S3_PATH/${CNI_PLUGIN_FILENAME}.tgz.sha256 .
+    aws s3 cp --region $BINARY_BUCKET_REGION $S3_URI_BASE/$(s3_binary_path -n cni-plugins -v $CNI_PLUGIN_VERSION).tgz .
+    aws s3 cp --region $BINARY_BUCKET_REGION $S3_URI_BASE/$(s3_binary_path -n cni-plugins -v $CNI_PLUGIN_VERSION).tgz.sha256 .
   else
     echo "AWS cli missing - using wget to fetch cni binaries from s3. Note: This won't work for private bucket."
-    sudo wget "$S3_URL_BASE/${CNI_PLUGIN_FILENAME}.tgz"
-    sudo wget "$S3_URL_BASE/${CNI_PLUGIN_FILENAME}.tgz.sha256"
+    sudo wget "$S3_HTTP_BASE/$(s3_binary_path -n cni-plugins -v $CNI_PLUGIN_VERSION).tgz"
+    sudo wget "$S3_HTTP_BASE/$(s3_binary_path -n cni-plugins -v $CNI_PLUGIN_VERSION).tgz.sha256"
   fi
-  sudo sha256sum -c "${CNI_PLUGIN_FILENAME}.tgz.sha256"
+  sudo sha256sum -c cni-plugins.tgz.sha256
+  sudo tar -xvf cni-plugins.tgz -C /opt/cni/bin
+  rm cni-plugins.tgz
 fi
-sudo tar -xvf "${CNI_PLUGIN_FILENAME}.tgz" -C /opt/cni/bin
-rm "${CNI_PLUGIN_FILENAME}.tgz"
-
 sudo rm ./*.sha256
 
 sudo mkdir -p /etc/kubernetes/kubelet

diff --git a/templates/al2/variables-default.json b/templates/al2/variables-default.json
@@ -12,7 +12,7 @@
     "binary_bucket_name": "amazon-eks",
     "binary_bucket_region": "us-west-2",
     "cache_container_images": "false",
-    "cni_plugin_version": "v1.2.0",
+    "cni_plugin_version": "v1.5.1",
     "containerd_version": "1.7.*",
     "creator": "{{env `USER`}}",
     "docker_version": "none",