nodeadm(feat): add mime multi-part support to file config provider (#…

…1992)
awslabs · Oct 4, 2024 · 1484b5f · 1484b5f
1 parent 46aee72
commit 1484b5f
Show file tree

Hide file tree

Showing 15 changed files with 282 additions and 157 deletions.
diff --git a/nodeadm/example/node.eks.aws_v1alpha1_nodeconfig.yaml b/nodeadm/example/node.eks.aws_v1alpha1_nodeconfig.yaml
diff --git a/nodeadm/internal/api/merge_test.go b/nodeadm/internal/api/merge_test.go
@@ -95,6 +95,9 @@ func TestMerge(t *testing.T) {
 							"verbosity": 5,
 						},
 						"podsPerCore": 20,
+						"systemReserved": map[string]interface{}{
+							"cpu": "150m",
+						},
 					}),
 					Flags: []string{
 						"--node-labels=nodegroup=example",
@@ -167,6 +170,9 @@ discard_unpacked_layers = false`),
 						},
 						"maxPods":     150,
 						"podsPerCore": 20,
+						"systemReserved": map[string]interface{}{
+							"cpu": "150m",
+						},
 					}),
 					Flags: []string{
 						"--node-labels=nodegroup=example",

diff --git a/nodeadm/internal/configprovider/encoding.go b/nodeadm/internal/configprovider/encoding.go
@@ -0,0 +1,42 @@
+package configprovider
+
+import (
+	"bytes"
+	"compress/gzip"
+	"encoding/base64"
+	"fmt"
+	"io"
+)
+
+func decodeIfBase64(data []byte) ([]byte, error) {
+	e := base64.StdEncoding
+	maxDecodedLen := e.DecodedLen(len(data))
+	decodedData := make([]byte, maxDecodedLen)
+	decodedLen, err := e.Decode(decodedData, data)
+	if err != nil {
+		return data, nil
+	}
+	return decodedData[:decodedLen], nil
+}
+
+// https://en.wikipedia.org/wiki/Gzip
+const gzipMagicNumber = uint16(0x1f8b)
+
+func decompressIfGZIP(data []byte) ([]byte, error) {
+	if len(data) < 2 {
+		return data, nil
+	}
+	preamble := uint16(data[0])<<8 | uint16(data[1])
+	if preamble == gzipMagicNumber {
+		reader, err := gzip.NewReader(bytes.NewReader(data))
+		if err != nil {
+			return nil, fmt.Errorf("failed to create GZIP reader: %v", err)
+		}
+		if decompressed, err := io.ReadAll(reader); err != nil {
+			return nil, fmt.Errorf("failed to read from GZIP reader: %v", err)
+		} else {
+			return decompressed, nil
+		}
+	}
+	return data, nil
+}
diff --git a/nodeadm/internal/configprovider/file.go b/nodeadm/internal/configprovider/file.go
@@ -6,7 +6,6 @@ import (
 	"os"
 
 	internalapi "github.com/awslabs/amazon-eks-ami/nodeadm/internal/api"
-	apibridge "github.com/awslabs/amazon-eks-ami/nodeadm/internal/api/bridge"
 )
 
 type fileConfigProvider struct {
@@ -36,9 +35,5 @@ func (fcs *fileConfigProvider) Provide() (*internalapi.NodeConfig, error) {
 	if err != nil {
 		return nil, err
 	}
-	config, err := apibridge.DecodeNodeConfig(data)
-	if err != nil {
-		return nil, err
-	}
-	return config, nil
+	return parseMaybeMultipart(data)
 }
diff --git a/nodeadm/internal/configprovider/mime.go b/nodeadm/internal/configprovider/mime.go
@@ -0,0 +1,96 @@
+package configprovider
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"mime"
+	"mime/multipart"
+	"net/mail"
+	"strings"
+
+	internalapi "github.com/awslabs/amazon-eks-ami/nodeadm/internal/api"
+	apibridge "github.com/awslabs/amazon-eks-ami/nodeadm/internal/api/bridge"
+)
+
+func parseMaybeMultipart(data []byte) (*internalapi.NodeConfig, error) {
+	// if the MIME data fails to parse as a multipart document, then fall back
+	// to parsing the entire userdata as the node config.
+	if multipartReader, err := getMultipartReader(data); err == nil {
+		config, err := parseMultipart(multipartReader)
+		if err != nil {
+			return nil, err
+		}
+		return config, nil
+	} else {
+		config, err := apibridge.DecodeNodeConfig(data)
+		if err != nil {
+			return nil, err
+		}
+		return config, nil
+	}
+}
+
+func parseMultipart(userDataReader *multipart.Reader) (*internalapi.NodeConfig, error) {
+	var nodeConfigs []*internalapi.NodeConfig
+	for {
+		part, err := userDataReader.NextPart()
+		if err == io.EOF {
+			break
+		}
+		if err != nil {
+			return nil, err
+		}
+		if partHeader := part.Header.Get(contentTypeHeader); len(partHeader) > 0 {
+			mediaType, _, err := mime.ParseMediaType(partHeader)
+			if err != nil {
+				return nil, err
+			}
+			if mediaType == nodeConfigMediaType {
+				nodeConfigPart, err := io.ReadAll(part)
+				if err != nil {
+					return nil, err
+				}
+				nodeConfigPart, err = decodeIfBase64(nodeConfigPart)
+				if err != nil {
+					return nil, err
+				}
+				nodeConfigPart, err = decompressIfGZIP(nodeConfigPart)
+				if err != nil {
+					return nil, err
+				}
+				decodedConfig, err := apibridge.DecodeNodeConfig(nodeConfigPart)
+				if err != nil {
+					return nil, err
+				}
+				nodeConfigs = append(nodeConfigs, decodedConfig)
+			}
+		}
+	}
+	if len(nodeConfigs) > 0 {
+		var config = nodeConfigs[0]
+		for _, nodeConfig := range nodeConfigs[1:] {
+			if err := config.Merge(nodeConfig); err != nil {
+				return nil, err
+			}
+		}
+		return config, nil
+	} else {
+		return nil, fmt.Errorf("could not find NodeConfig within UserData")
+	}
+}
+
+func getMultipartReader(data []byte) (*multipart.Reader, error) {
+	msg, err := mail.ReadMessage(bytes.NewReader(data))
+	if err != nil {
+		return nil, err
+	}
+	mediaType, params, err := mime.ParseMediaType(msg.Header.Get(contentTypeHeader))
+	if err != nil {
+		return nil, err
+	}
+	if !strings.HasPrefix(mediaType, multipartContentTypePrefix) {
+		return nil, fmt.Errorf("MIME type is not multipart")
+	}
+	return multipart.NewReader(msg.Body, params[mimeBoundaryParam]), nil
+}
diff --git a/nodeadm/internal/configprovider/userdata.go b/nodeadm/internal/configprovider/userdata.go
@@ -1,19 +1,10 @@
 package configprovider
 
 import (
-	"bytes"
-	"compress/gzip"
-	"encoding/base64"
 	"fmt"
-	"io"
-	"mime"
-	"mime/multipart"
-	"net/mail"
-	"strings"
 
 	"github.com/awslabs/amazon-eks-ami/nodeadm/api"
 	internalapi "github.com/awslabs/amazon-eks-ami/nodeadm/internal/api"
-	apibridge "github.com/awslabs/amazon-eks-ami/nodeadm/internal/api/bridge"
 	imds "github.com/awslabs/amazon-eks-ami/nodeadm/internal/aws/imds"
 )
 
@@ -57,116 +48,5 @@ func (p *userDataConfigProvider) Provide() (*internalapi.NodeConfig, error) {
 	if err != nil {
 		return nil, fmt.Errorf("failed to decompress user data: %v", err)
 	}
-	// if the MIME data fails to parse as a multipart document, then fall back
-	// to parsing the entire userdata as the node config.
-	if multipartReader, err := getMIMEMultipartReader(userData); err == nil {
-		config, err := parseMultipart(multipartReader)
-		if err != nil {
-			return nil, err
-		}
-		return config, nil
-	} else {
-		config, err := apibridge.DecodeNodeConfig(userData)
-		if err != nil {
-			return nil, err
-		}
-		return config, nil
-	}
-}
-
-func getMIMEMultipartReader(data []byte) (*multipart.Reader, error) {
-	msg, err := mail.ReadMessage(bytes.NewReader(data))
-	if err != nil {
-		return nil, err
-	}
-	mediaType, params, err := mime.ParseMediaType(msg.Header.Get(contentTypeHeader))
-	if err != nil {
-		return nil, err
-	}
-	if !strings.HasPrefix(mediaType, multipartContentTypePrefix) {
-		return nil, fmt.Errorf("MIME type is not multipart")
-	}
-	return multipart.NewReader(msg.Body, params[mimeBoundaryParam]), nil
-}
-
-func parseMultipart(userDataReader *multipart.Reader) (*internalapi.NodeConfig, error) {
-	var nodeConfigs []*internalapi.NodeConfig
-	for {
-		part, err := userDataReader.NextPart()
-		if err == io.EOF {
-			break
-		}
-		if err != nil {
-			return nil, err
-		}
-		if partHeader := part.Header.Get(contentTypeHeader); len(partHeader) > 0 {
-			mediaType, _, err := mime.ParseMediaType(partHeader)
-			if err != nil {
-				return nil, err
-			}
-			if mediaType == nodeConfigMediaType {
-				nodeConfigPart, err := io.ReadAll(part)
-				if err != nil {
-					return nil, err
-				}
-				nodeConfigPart, err = decodeIfBase64(nodeConfigPart)
-				if err != nil {
-					return nil, err
-				}
-				nodeConfigPart, err = decompressIfGZIP(nodeConfigPart)
-				if err != nil {
-					return nil, err
-				}
-				decodedConfig, err := apibridge.DecodeNodeConfig(nodeConfigPart)
-				if err != nil {
-					return nil, err
-				}
-				nodeConfigs = append(nodeConfigs, decodedConfig)
-			}
-		}
-	}
-	if len(nodeConfigs) > 0 {
-		var config = nodeConfigs[0]
-		for _, nodeConfig := range nodeConfigs[1:] {
-			if err := config.Merge(nodeConfig); err != nil {
-				return nil, err
-			}
-		}
-		return config, nil
-	} else {
-		return nil, fmt.Errorf("could not find NodeConfig within UserData")
-	}
-}
-
-func decodeIfBase64(data []byte) ([]byte, error) {
-	e := base64.StdEncoding
-	maxDecodedLen := e.DecodedLen(len(data))
-	decodedData := make([]byte, maxDecodedLen)
-	decodedLen, err := e.Decode(decodedData, data)
-	if err != nil {
-		return data, nil
-	}
-	return decodedData[:decodedLen], nil
-}
-
-// https://en.wikipedia.org/wiki/Gzip
-const gzipMagicNumber = uint16(0x1f8b)
-
-func decompressIfGZIP(data []byte) ([]byte, error) {
-	if len(data) < 2 {
-		return data, nil
-	}
-	preamble := uint16(data[0])<<8 | uint16(data[1])
-	if preamble == gzipMagicNumber {
-		reader, err := gzip.NewReader(bytes.NewReader(data))
-		if err != nil {
-			return nil, fmt.Errorf("failed to create GZIP reader: %v", err)
-		}
-		if decompressed, err := io.ReadAll(reader); err != nil {
-			return nil, fmt.Errorf("failed to read from GZIP reader: %v", err)
-		} else {
-			return decompressed, nil
-		}
-	}
-	return data, nil
+	return parseMaybeMultipart(userData)
 }
diff --git a/nodeadm/internal/configprovider/userdata_test.go b/nodeadm/internal/configprovider/userdata_test.go
@@ -101,6 +101,8 @@ func Test_Provide(t *testing.T) {
 				"    config:",
 				"      maxPods: 150",
 				"      podsPerCore: 20",
+				"      systemReserved:",
+				"        cpu: 150m",
 				"    flags:",
 				"      - --v=5",
 				"      - --node-labels=foo=baz",
@@ -117,9 +119,10 @@ func Test_Provide(t *testing.T) {
 					},
 					Kubelet: api.KubeletOptions{
 						Config: api.InlineDocument{
-							"maxPods":     runtime.RawExtension{Raw: []byte("150")},
-							"podsPerCore": runtime.RawExtension{Raw: []byte("20")},
-							"port":        runtime.RawExtension{Raw: []byte("1010")},
+							"maxPods":        runtime.RawExtension{Raw: []byte("150")},
+							"podsPerCore":    runtime.RawExtension{Raw: []byte("20")},
+							"port":           runtime.RawExtension{Raw: []byte("1010")},
+							"systemReserved": runtime.RawExtension{Raw: []byte(`{"cpu":"150m"}`)},
 						},
 						Flags: []string{
 							"--v=2",

diff --git a/nodeadm/test/e2e/infra/aemm-inf1-config.json → ...ntime-config-neuron/aemm-inf1-config.json b/nodeadm/test/e2e/infra/aemm-inf1-config.json → ...ntime-config-neuron/aemm-inf1-config.json
diff --git a/nodeadm/test/e2e/cases/containerd-runtime-config-neuron/run.sh b/nodeadm/test/e2e/cases/containerd-runtime-config-neuron/run.sh
@@ -6,7 +6,7 @@ set -o pipefail
 
 source /helpers.sh
 
-mock::aws /etc/aemm-inf1-config.json
+mock::aws aemm-inf1-config.json
 mock::kubelet 1.27.0
 wait::dbus-ready
 

diff --git a/nodeadm/test/e2e/infra/aemm-g5-config.json → ...runtime-config-nvidia/aemm-g5-config.json b/nodeadm/test/e2e/infra/aemm-g5-config.json → ...runtime-config-nvidia/aemm-g5-config.json
diff --git a/nodeadm/test/e2e/cases/containerd-runtime-config-nvidia/run.sh b/nodeadm/test/e2e/cases/containerd-runtime-config-nvidia/run.sh
@@ -6,7 +6,7 @@ set -o pipefail
 
 source /helpers.sh
 
-mock::aws /etc/aemm-g5-config.json
+mock::aws aemm-g5-config.json
 mock::kubelet 1.27.0
 wait::dbus-ready