From a87e346de5dfd9e671e1fdde3b4f7151d69d8397 Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Tue, 5 Sep 2023 13:40:06 -0500
Subject: [PATCH 1/2] Patch CAPI to include rate limit arguments

---
 ...dd-flags-for-configuring-rate-limits.patch | 183 ++++++++++++++++++
 1 file changed, 183 insertions(+)
 create mode 100644 projects/kubernetes-sigs/cluster-api/patches/0037-Add-flags-for-configuring-rate-limits.patch

diff --git a/projects/kubernetes-sigs/cluster-api/patches/0037-Add-flags-for-configuring-rate-limits.patch b/projects/kubernetes-sigs/cluster-api/patches/0037-Add-flags-for-configuring-rate-limits.patch
new file mode 100644
index 0000000000..cba2e59675
--- /dev/null
+++ b/projects/kubernetes-sigs/cluster-api/patches/0037-Add-flags-for-configuring-rate-limits.patch
@@ -0,0 +1,183 @@
+From ba34136c11580c8cba752a3dd1a408cd8b2a7769 Mon Sep 17 00:00:00 2001
+From: Lennart Jern <lennart.jern@est.tech>
+Date: Thu, 27 Apr 2023 14:03:23 +0300
+Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20Add=20flags=20for=20configuring=20r?=
+ =?UTF-8?q?ate=20limits?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+All the controllers have built-in rate limits. They throttle themselves
+if they hit this limit. So far it has not been possible to configure
+these limits. This commit adds flags to the controllers for setting both
+the QPS and the burst for the rate limits. The default remains the same
+as before (20 QPS, 30 burst).
+
+New flags (for each controller, including CAPD):
+
+--kube-api-qps
+--kube-api-burst
+
+Also adds .devcontainer to .gitignore.
+
+Signed-off-by: Vignesh Goutham Ganesh <vgg@amazon.com>
+---
+ .gitignore                         |  3 +++
+ bootstrap/kubeadm/main.go          | 10 ++++++++++
+ controlplane/kubeadm/main.go       | 10 ++++++++++
+ main.go                            | 10 ++++++++++
+ test/infrastructure/docker/main.go |  8 ++++++++
+ 5 files changed, 41 insertions(+)
+
+diff --git a/.gitignore b/.gitignore
+index 35833619a..687dead39 100644
+--- a/.gitignore
++++ b/.gitignore
+@@ -89,3 +89,6 @@ tmp
+ 
+ # asdf (not a typo! ;) used to manage multiple versions of tools
+ .tool-versions
++
++# Development container configurations (https://containers.dev/)
++.devcontainer
+diff --git a/bootstrap/kubeadm/main.go b/bootstrap/kubeadm/main.go
+index cbbd39495..9a0d26c92 100644
+--- a/bootstrap/kubeadm/main.go
++++ b/bootstrap/kubeadm/main.go
+@@ -84,6 +84,8 @@ var (
+ 	profilerAddress             string
+ 	kubeadmConfigConcurrency    int
+ 	syncPeriod                  time.Duration
++	restConfigQPS               float32
++	restConfigBurst             int
+ 	webhookPort                 int
+ 	webhookCertDir              string
+ 	healthAddr                  string
+@@ -123,6 +125,12 @@ func InitFlags(fs *pflag.FlagSet) {
+ 	fs.DurationVar(&syncPeriod, "sync-period", 10*time.Minute,
+ 		"The minimum interval at which watched resources are reconciled (e.g. 15m)")
+ 
++	fs.Float32Var(&restConfigQPS, "kube-api-qps", 20,
++		"Maximum queries per second from the controller client to the Kubernetes API server. Defaults to 20")
++
++	fs.IntVar(&restConfigBurst, "kube-api-burst", 30,
++		"Maximum number of queries that should be allowed in one burst from the controller client to the Kubernetes API server. Default 30")
++
+ 	fs.DurationVar(&tokenTTL, "bootstrap-token-ttl", kubeadmbootstrapcontrollers.DefaultTokenTTL,
+ 		"The amount of time the bootstrap token will be valid")
+ 
+@@ -167,6 +175,8 @@ func main() {
+ 	}
+ 
+ 	restConfig := ctrl.GetConfigOrDie()
++	restConfig.QPS = restConfigQPS
++	restConfig.Burst = restConfigBurst
+ 	restConfig.UserAgent = remote.DefaultClusterAPIUserAgent("cluster-api-kubeadm-bootstrap-manager")
+ 
+ 	tlsOptionOverrides, err := flags.GetTLSOptionOverrideFuncs(tlsOptions)
+diff --git a/controlplane/kubeadm/main.go b/controlplane/kubeadm/main.go
+index 36b2e745a..1dd0599e2 100644
+--- a/controlplane/kubeadm/main.go
++++ b/controlplane/kubeadm/main.go
+@@ -89,6 +89,8 @@ var (
+ 	profilerAddress                string
+ 	kubeadmControlPlaneConcurrency int
+ 	syncPeriod                     time.Duration
++	restConfigQPS                  float32
++	restConfigBurst                int
+ 	webhookPort                    int
+ 	webhookCertDir                 string
+ 	healthAddr                     string
+@@ -129,6 +131,12 @@ func InitFlags(fs *pflag.FlagSet) {
+ 	fs.DurationVar(&syncPeriod, "sync-period", 10*time.Minute,
+ 		"The minimum interval at which watched resources are reconciled (e.g. 15m)")
+ 
++	fs.Float32Var(&restConfigQPS, "kube-api-qps", 20,
++		"Maximum queries per second from the controller client to the Kubernetes API server. Defaults to 20")
++
++	fs.IntVar(&restConfigBurst, "kube-api-burst", 30,
++		"Maximum number of queries that should be allowed in one burst from the controller client to the Kubernetes API server. Default 30")
++
+ 	fs.StringVar(&watchFilterValue, "watch-filter", "",
+ 		fmt.Sprintf("Label value that the controller watches to reconcile cluster-api objects. Label key is always %s. If unspecified, the controller watches for all cluster-api objects.", clusterv1.WatchLabel))
+ 
+@@ -176,6 +184,8 @@ func main() {
+ 	}
+ 
+ 	restConfig := ctrl.GetConfigOrDie()
++	restConfig.QPS = restConfigQPS
++	restConfig.Burst = restConfigBurst
+ 	restConfig.UserAgent = remote.DefaultClusterAPIUserAgent("cluster-api-kubeadm-control-plane-manager")
+ 
+ 	tlsOptionOverrides, err := flags.GetTLSOptionOverrideFuncs(tlsOptions)
+diff --git a/main.go b/main.go
+index f93e58361..1efcb3aec 100644
+--- a/main.go
++++ b/main.go
+@@ -99,6 +99,8 @@ var (
+ 	clusterResourceSetConcurrency int
+ 	machineHealthCheckConcurrency int
+ 	syncPeriod                    time.Duration
++	restConfigQPS                 float32
++	restConfigBurst               int
+ 	webhookPort                   int
+ 	webhookCertDir                string
+ 	healthAddr                    string
+@@ -192,6 +194,12 @@ func InitFlags(fs *pflag.FlagSet) {
+ 	fs.DurationVar(&syncPeriod, "sync-period", 10*time.Minute,
+ 		"The minimum interval at which watched resources are reconciled (e.g. 15m)")
+ 
++	fs.Float32Var(&restConfigQPS, "kube-api-qps", 20,
++		"Maximum queries per second from the controller client to the Kubernetes API server. Defaults to 20")
++
++	fs.IntVar(&restConfigBurst, "kube-api-burst", 30,
++		"Maximum number of queries that should be allowed in one burst from the controller client to the Kubernetes API server. Default 30")
++
+ 	fs.IntVar(&webhookPort, "webhook-port", 9443,
+ 		"Webhook Server port")
+ 
+@@ -231,6 +239,8 @@ func main() {
+ 	}
+ 
+ 	restConfig := ctrl.GetConfigOrDie()
++	restConfig.QPS = restConfigQPS
++	restConfig.Burst = restConfigBurst
+ 	restConfig.UserAgent = remote.DefaultClusterAPIUserAgent("cluster-api-controller-manager")
+ 
+ 	minVer := version.MinimumKubernetesVersion
+diff --git a/test/infrastructure/docker/main.go b/test/infrastructure/docker/main.go
+index 195ded75c..2b4bb432b 100644
+--- a/test/infrastructure/docker/main.go
++++ b/test/infrastructure/docker/main.go
+@@ -67,6 +67,8 @@ var (
+ 	profilerAddress      string
+ 	syncPeriod           time.Duration
+ 	concurrency          int
++	restConfigQPS        float32
++	restConfigBurst      int
+ 	healthAddr           string
+ 	webhookPort          int
+ 	webhookCertDir       string
+@@ -99,6 +101,10 @@ func initFlags(fs *pflag.FlagSet) {
+ 		"Bind address to expose the pprof profiler (e.g. localhost:6060)")
+ 	fs.DurationVar(&syncPeriod, "sync-period", 10*time.Minute,
+ 		"The minimum interval at which watched resources are reconciled (e.g. 15m)")
++	fs.Float32Var(&restConfigQPS, "kube-api-qps", 20,
++		"Maximum queries per second from the controller client to the Kubernetes API server. Defaults to 20")
++	fs.IntVar(&restConfigBurst, "kube-api-burst", 30,
++		"Maximum number of queries that should be allowed in one burst from the controller client to the Kubernetes API server. Default 30")
+ 	fs.StringVar(&healthAddr, "health-addr", ":9440",
+ 		"The address the health endpoint binds to.")
+ 	fs.IntVar(&webhookPort, "webhook-port", 9443,
+@@ -139,6 +145,8 @@ func main() {
+ 	}
+ 
+ 	restConfig := ctrl.GetConfigOrDie()
++	restConfig.QPS = restConfigQPS
++	restConfig.Burst = restConfigBurst
+ 	restConfig.UserAgent = remote.DefaultClusterAPIUserAgent("cluster-api-docker-controller-manager")
+ 	ctrlOptions := ctrl.Options{
+ 		Scheme:                     myscheme,
+-- 
+2.39.2 (Apple Git-143)
+

From 8ce51a33b9098e98701df2895b3d5a2c5fbb59e7 Mon Sep 17 00:00:00 2001
From: Vignesh Goutham Ganesh <vgg@amazon.com>
Date: Tue, 5 Sep 2023 15:10:17 -0500
Subject: [PATCH 2/2] Fix checksums

---
 .../kubernetes-sigs/cluster-api/CHECKSUMS     | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/projects/kubernetes-sigs/cluster-api/CHECKSUMS b/projects/kubernetes-sigs/cluster-api/CHECKSUMS
index e8535a532e..4be283473c 100644
--- a/projects/kubernetes-sigs/cluster-api/CHECKSUMS
+++ b/projects/kubernetes-sigs/cluster-api/CHECKSUMS
@@ -1,10 +1,10 @@
-6c86b959123eb9e8dc7b732844fa1fc404be86bd3a6b4225ceee1374667d1964  _output/bin/cluster-api/linux-amd64/cluster-api-provider-docker-manager
-3337078a438c8c11e7d365d32e09da49d9e5761ccf6670bb2a74ac00fb630e54  _output/bin/cluster-api/linux-amd64/clusterctl
-e8cb7e0d557f505c74a74de5b1166da61c51edbb16ed388a00e19592fdd481c7  _output/bin/cluster-api/linux-amd64/kubeadm-bootstrap-manager
-269bd04dd56db20afda6f0759612a1f7792f7baafcc138def221c529d8bdc2bf  _output/bin/cluster-api/linux-amd64/kubeadm-control-plane-manager
-f4cafb4ea23f0900b7e7da3dee9fa8e866619ae48890c9edbf9de845c3ad78eb  _output/bin/cluster-api/linux-amd64/manager
-5c8335f3d33f5571173116eb8b794cd2887c4492f079e10464280e011aa20902  _output/bin/cluster-api/linux-arm64/cluster-api-provider-docker-manager
-d4c06964a6e7fabdf8acaee68be6f5a6be9541a25e0f906490a0844c2f66c76e  _output/bin/cluster-api/linux-arm64/clusterctl
-f6f11678ba58f4de93a937cc6c5de5be929c8c003552487a071fa72fbc9ce7ed  _output/bin/cluster-api/linux-arm64/kubeadm-bootstrap-manager
-c150989f8d90c9fed465d7c4a6c5af14d6288a646f032fd66d5723461a4fb397  _output/bin/cluster-api/linux-arm64/kubeadm-control-plane-manager
-e1bf069bd217743c8639df7902251852ef35139205423d2387a9e5d1b4328fed  _output/bin/cluster-api/linux-arm64/manager
+d931018668e0c06e6c36bffddfe9e03b57493d2a3991ed2795ac92c83ad8b303  _output/bin/cluster-api/linux-amd64/cluster-api-provider-docker-manager
+37f30b7c3ab003705923dcc1fe10bdad129d1e315dbb1e0fce6b3f898d246e47  _output/bin/cluster-api/linux-amd64/clusterctl
+3041d4a7580c7cd88e9462beb84e50fd0588e860210c08a261d8d3b1abdfc0d7  _output/bin/cluster-api/linux-amd64/kubeadm-bootstrap-manager
+ff565a45e8db3254b92a9f540f8c0a03d411c10ddc486efad5468afde6ad41eb  _output/bin/cluster-api/linux-amd64/kubeadm-control-plane-manager
+26a25de272aa4eb430ec7893b815661b7fa1d2905f8be97135cb10fcd0bda4a9  _output/bin/cluster-api/linux-amd64/manager
+59d2e1cb6b846352605860cf2f8f8d804368c96c8c8f1a77ad2b86d94bc99134  _output/bin/cluster-api/linux-arm64/cluster-api-provider-docker-manager
+377661c2d670ff37245cec66e012e837bea531616c605a2d52727b3555b09651  _output/bin/cluster-api/linux-arm64/clusterctl
+2f140682b42a39a05a7eaffc92d1eba24f8c47254d3403263675eb13abdcad2d  _output/bin/cluster-api/linux-arm64/kubeadm-bootstrap-manager
+23ed223089ffabdaaee1ae065fc16f6c84130d3bc2aac159e27cc3882520b9f4  _output/bin/cluster-api/linux-arm64/kubeadm-control-plane-manager
+8c51bf183f1fe142b699ea797e5831dcd7b7f5ae2658118c4dc60dc546a334cd  _output/bin/cluster-api/linux-arm64/manager