move proxy to /etc/environment

canonical · Oct 16, 2024 · a7db9a6 · a7db9a6
1 parent e61a2c5
commit a7db9a6
Show file tree

Hide file tree

Showing 12 changed files with 121 additions and 131 deletions.
diff --git a/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_ck8sconfigs.yaml b/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_ck8sconfigs.yaml
@@ -51,9 +51,6 @@ spec:
                 items:
                   type: string
                 type: array
-              channel:
-                description: Channel is the channel to use for the snap install.
-                type: string
               bootstrapConfig:
                 description: BootstrapConfig is the data to be passed to the bootstrap
                   script.
@@ -87,6 +84,9 @@ spec:
                     - secret
                     type: object
                 type: object
+              channel:
+                description: Channel is the channel to use for the snap install.
+                type: string
               controlPlane:
                 description: CK8sControlPlaneConfig is configuration for the control
                   plane node.

diff --git a/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_ck8sconfigtemplates.yaml b/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_ck8sconfigtemplates.yaml
@@ -58,9 +58,6 @@ spec:
                         items:
                           type: string
                         type: array
-                      channel:
-                        description: Channel is the channel to use for the snap install.
-                        type: string
                       bootstrapConfig:
                         description: BootstrapConfig is the data to be passed to the
                           bootstrap script.
@@ -94,6 +91,9 @@ spec:
                             - secret
                             type: object
                         type: object
+                      channel:
+                        description: Channel is the channel to use for the snap install.
+                        type: string
                       controlPlane:
                         description: CK8sControlPlaneConfig is configuration for the
                           control plane node.

diff --git a/bootstrap/controllers/ck8sconfig_controller.go b/bootstrap/controllers/ck8sconfig_controller.go
@@ -378,9 +378,9 @@ func (r *CK8sConfigReconciler) joinWorker(ctx context.Context, scope *Scope) err
 			ConfigFileContents:   string(joinConfig),
 			MicroclusterAddress:  scope.Config.Spec.ControlPlaneConfig.MicroclusterAddress,
 			MicroclusterPort:     microclusterPort,
-			ContainerdHTTPProxy:  scope.Config.Spec.HTTPProxy,
-			ContainerdHTTPSProxy: scope.Config.Spec.HTTPSProxy,
-			ContainerdNoProxy:    scope.Config.Spec.NoProxy,
+			HTTPProxy:            scope.Config.Spec.HTTPProxy,
+			HTTPSProxy:           scope.Config.Spec.HTTPSProxy,
+			NoProxy:              scope.Config.Spec.NoProxy,
 			AirGapped:            scope.Config.Spec.AirGapped,
 			SnapstoreProxyScheme: scope.Config.Spec.SnapstoreProxyScheme,
 			SnapstoreProxyDomain: scope.Config.Spec.SnapstoreProxyDomain,
@@ -696,9 +696,9 @@ func (r *CK8sConfigReconciler) handleClusterNotInitialized(ctx context.Context,
 			MicroclusterAddress:  scope.Config.Spec.ControlPlaneConfig.MicroclusterAddress,
 			MicroclusterPort:     microclusterPort,
 			NodeName:             scope.Config.Spec.NodeName,
-			ContainerdHTTPProxy:  scope.Config.Spec.HTTPProxy,
-			ContainerdHTTPSProxy: scope.Config.Spec.HTTPSProxy,
-			ContainerdNoProxy:    scope.Config.Spec.NoProxy,
+			HTTPProxy:            scope.Config.Spec.HTTPProxy,
+			HTTPSProxy:           scope.Config.Spec.HTTPSProxy,
+			NoProxy:              scope.Config.Spec.NoProxy,
 			AirGapped:            scope.Config.Spec.AirGapped,
 			SnapstoreProxyScheme: scope.Config.Spec.SnapstoreProxyScheme,
 			SnapstoreProxyDomain: scope.Config.Spec.SnapstoreProxyDomain,

diff --git a/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_ck8scontrolplanes.yaml b/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_ck8scontrolplanes.yaml
@@ -246,9 +246,6 @@ spec:
                     items:
                       type: string
                     type: array
-                  channel:
-                    description: Channel is the channel to use for the snap install.
-                    type: string
                   bootstrapConfig:
                     description: BootstrapConfig is the data to be passed to the bootstrap
                       script.
@@ -282,6 +279,9 @@ spec:
                         - secret
                         type: object
                     type: object
+                  channel:
+                    description: Channel is the channel to use for the snap install.
+                    type: string
                   controlPlane:
                     description: CK8sControlPlaneConfig is configuration for the control
                       plane node.
@@ -431,14 +431,14 @@ spec:
                           the default CNI.
                         type: boolean
                     type: object
-                  noProxy:
-                    description: NoProxy is optional no proxy configuration
-                    type: string
                   localPath:
                     description: |-
                       LocalPath is the path of a local snap file in the workload cluster to use for the snap install.
                       If Channel or Revision are set, this will be ignored.
                     type: string
+                  noProxy:
+                    description: NoProxy is optional no proxy configuration
+                    type: string
                   nodeName:
                     description: |-
                       NodeName is the name to use for the kubelet of this node. It is needed for clouds

diff --git a/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_ck8scontrolplanetemplates.yaml b/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_ck8scontrolplanetemplates.yaml
@@ -221,10 +221,6 @@ spec:
                             items:
                               type: string
                             type: array
-                          channel:
-                            description: Channel is the channel to use for the snap
-                              install.
-                            type: string
                           bootstrapConfig:
                             description: BootstrapConfig is the data to be passed
                               to the bootstrap script.
@@ -258,6 +254,10 @@ spec:
                                 - secret
                                 type: object
                             type: object
+                          channel:
+                            description: Channel is the channel to use for the snap
+                              install.
+                            type: string
                           controlPlane:
                             description: CK8sControlPlaneConfig is configuration for
                               the control plane node.

diff --git a/pkg/cloudinit/common.go b/pkg/cloudinit/common.go
@@ -49,12 +49,12 @@ type BaseUserData struct {
 	SnapstoreProxyDomain string
 	// The snap store proxy ID
 	SnapstoreProxyID string
-	// ContainerdHTTPProxy is http_proxy configuration for containerd.
-	ContainerdHTTPProxy string
-	// ContainerdHTTPSProxy is https_proxy configuration for containerd.
-	ContainerdHTTPSProxy string
-	// ContainerdNoProxy is no_proxy configuration for containerd.
-	ContainerdNoProxy string
+	// HTTPProxy is http_proxy configuration.
+	HTTPProxy string
+	// HTTPSProxy is https_proxy configuration.
+	HTTPSProxy string
+	// NoProxy is no_proxy configuration.
+	NoProxy string
 	// MicroclusterAddress is the address to use for microcluster.
 	MicroclusterAddress string
 	// MicroclusterPort is the port to use for microcluster.
@@ -101,10 +101,10 @@ func NewBaseCloudConfig(data BaseUserData) (CloudConfig, error) {
 		config.RunCommands = append(config.RunCommands, "/capi/scripts/configure-snapstore-proxy.sh")
 	}
 
-	// containerd proxy configuration
-	if containerdProxyConfigFiles := getContainerdProxyConfigFiles(data); containerdProxyConfigFiles != nil {
+	// proxy configuration
+	if containerdProxyConfigFiles := getProxyConfigFiles(data); containerdProxyConfigFiles != nil {
 		config.WriteFiles = append(config.WriteFiles, containerdProxyConfigFiles...)
-		config.RunCommands = append(config.RunCommands, "/capi/scripts/configure-containerd-proxy.sh")
+		config.RunCommands = append(config.RunCommands, "/capi/scripts/configure-proxy.sh")
 	}
 
 	var configFileContents string
@@ -202,26 +202,29 @@ func getSnapstoreProxyConfigFiles(data BaseUserData) []File {
 	return []File{schemeFile, domainFile, storeIDFile}
 }
 
-func getContainerdProxyConfigFiles(data BaseUserData) []File {
-	if data.ContainerdHTTPSProxy == "" || data.ContainerdHTTPProxy == "" {
+// getProxyConfigFiles returns the node proxy config files.
+// If the HTTPProxy or HTTPPSProxy is not set, it returns nil.
+// Nil indicates that no files are returned.
+func getProxyConfigFiles(data BaseUserData) []File {
+	if data.HTTPProxy == "" || data.HTTPSProxy == "" {
 		return nil
 	}
 	return []File{
 		{
-			Path:        "/capi/etc/containerd-http-proxy",
-			Content:     data.ContainerdHTTPProxy,
+			Path:        "/capi/etc/http-proxy",
+			Content:     data.HTTPProxy,
 			Permissions: "0400",
 			Owner:       "root:root",
 		},
 		{
-			Path:        "/capi/etc/containerd-https-proxy",
-			Content:     data.ContainerdHTTPSProxy,
+			Path:        "/capi/etc/https-proxy",
+			Content:     data.HTTPSProxy,
 			Permissions: "0400",
 			Owner:       "root:root",
 		},
 		{
-			Path:        "/capi/etc/containerd-no-proxy",
-			Content:     data.ContainerdNoProxy,
+			Path:        "/capi/etc/no-proxy",
+			Content:     data.NoProxy,
 			Permissions: "0400",
 			Owner:       "root:root",
 		},

diff --git a/pkg/cloudinit/controlplane_init_test.go b/pkg/cloudinit/controlplane_init_test.go
@@ -84,7 +84,7 @@ func TestNewInitControlPlane(t *testing.T) {
 		HaveField("Path", "/capi/scripts/wait-apiserver-ready.sh"),
 		HaveField("Path", "/capi/scripts/deploy-manifests.sh"),
 		HaveField("Path", "/capi/scripts/configure-auth-token.sh"),
-		HaveField("Path", "/capi/scripts/configure-containerd-proxy.sh"),
+		HaveField("Path", "/capi/scripts/configure-proxy.sh"),
 		HaveField("Path", "/capi/scripts/configure-snapstore-proxy.sh"),
 		HaveField("Path", "/capi/scripts/configure-node-token.sh"),
 		HaveField("Path", "/capi/scripts/create-sentinel-bootstrap.sh"),
@@ -118,9 +118,9 @@ func TestNewInitControlPlaneWithOptionalProxies(t *testing.T) {
 			SnapstoreProxyScheme: "http",
 			SnapstoreProxyDomain: "snapstore.io",
 			SnapstoreProxyID:     "abcd-1234-xyz",
-			ContainerdHTTPProxy:  "http://proxy.internal",
-			ContainerdHTTPSProxy: "https://proxy.internal",
-			ContainerdNoProxy:    "10.0.0.0/8,10.152.183.1,192.168.0.0/16",
+			HTTPProxy:            "http://proxy.internal",
+			HTTPSProxy:           "https://proxy.internal",
+			NoProxy:              "10.0.0.0/8,10.152.183.1,192.168.0.0/16",
 			ConfigFileContents:   "### config file ###",
 			MicroclusterAddress:  "10.0.0.0/8",
 		},
@@ -137,7 +137,7 @@ func TestNewInitControlPlaneWithOptionalProxies(t *testing.T) {
 	g.Expect(config.RunCommands).To(Equal([]string{
 		"set -x",
 		"/capi/scripts/configure-snapstore-proxy.sh",
-		"/capi/scripts/configure-containerd-proxy.sh",
+		"/capi/scripts/configure-proxy.sh",
 		"prerun1",
 		"prerun2",
 		"/capi/scripts/install.sh",
@@ -161,14 +161,14 @@ func TestNewInitControlPlaneWithOptionalProxies(t *testing.T) {
 		HaveField("Path", "/capi/scripts/wait-apiserver-ready.sh"),
 		HaveField("Path", "/capi/scripts/deploy-manifests.sh"),
 		HaveField("Path", "/capi/scripts/configure-auth-token.sh"),
-		HaveField("Path", "/capi/scripts/configure-containerd-proxy.sh"),
+		HaveField("Path", "/capi/scripts/configure-proxy.sh"),
 		HaveField("Path", "/capi/scripts/configure-snapstore-proxy.sh"),
 		HaveField("Path", "/capi/scripts/configure-node-token.sh"),
 		HaveField("Path", "/capi/scripts/create-sentinel-bootstrap.sh"),
 		HaveField("Path", "/capi/etc/config.yaml"),
-		HaveField("Path", "/capi/etc/containerd-http-proxy"),
-		HaveField("Path", "/capi/etc/containerd-https-proxy"),
-		HaveField("Path", "/capi/etc/containerd-no-proxy"),
+		HaveField("Path", "/capi/etc/http-proxy"),
+		HaveField("Path", "/capi/etc/https-proxy"),
+		HaveField("Path", "/capi/etc/no-proxy"),
 		HaveField("Path", "/capi/etc/microcluster-address"),
 		HaveField("Path", "/capi/etc/node-name"),
 		HaveField("Path", "/capi/etc/node-token"),

diff --git a/pkg/cloudinit/controlplane_join_test.go b/pkg/cloudinit/controlplane_join_test.go
@@ -66,7 +66,7 @@ func TestNewJoinControlPlane(t *testing.T) {
 		HaveField("Path", "/capi/scripts/wait-apiserver-ready.sh"),
 		HaveField("Path", "/capi/scripts/deploy-manifests.sh"),
 		HaveField("Path", "/capi/scripts/configure-auth-token.sh"),
-		HaveField("Path", "/capi/scripts/configure-containerd-proxy.sh"),
+		HaveField("Path", "/capi/scripts/configure-proxy.sh"),
 		HaveField("Path", "/capi/scripts/configure-node-token.sh"),
 		HaveField("Path", "/capi/scripts/create-sentinel-bootstrap.sh"),
 		HaveField("Path", "/capi/scripts/configure-snapstore-proxy.sh"),
@@ -101,9 +101,9 @@ func TestNewJoinControlPlaneWithOptionalProxies(t *testing.T) {
 			SnapstoreProxyScheme: "http",
 			SnapstoreProxyDomain: "snapstore.io",
 			SnapstoreProxyID:     "abcd-1234-xyz",
-			ContainerdHTTPProxy:  "http://proxy.internal",
-			ContainerdHTTPSProxy: "https://proxy.internal",
-			ContainerdNoProxy:    "10.0.0.0/8,10.152.183.1,192.168.0.0/16",
+			HTTPProxy:            "http://proxy.internal",
+			HTTPSProxy:           "https://proxy.internal",
+			NoProxy:              "10.0.0.0/8,10.152.183.1,192.168.0.0/16",
 			ConfigFileContents:   "### config file ###",
 			MicroclusterAddress:  "10.0.0.11",
 		},
@@ -119,7 +119,7 @@ func TestNewJoinControlPlaneWithOptionalProxies(t *testing.T) {
 	g.Expect(config.RunCommands).To(Equal([]string{
 		"set -x",
 		"/capi/scripts/configure-snapstore-proxy.sh",
-		"/capi/scripts/configure-containerd-proxy.sh",
+		"/capi/scripts/configure-proxy.sh",
 		"prerun1",
 		"prerun2",
 		"/capi/scripts/install.sh",
@@ -141,14 +141,14 @@ func TestNewJoinControlPlaneWithOptionalProxies(t *testing.T) {
 		HaveField("Path", "/capi/scripts/wait-apiserver-ready.sh"),
 		HaveField("Path", "/capi/scripts/deploy-manifests.sh"),
 		HaveField("Path", "/capi/scripts/configure-auth-token.sh"),
-		HaveField("Path", "/capi/scripts/configure-containerd-proxy.sh"),
+		HaveField("Path", "/capi/scripts/configure-proxy.sh"),
 		HaveField("Path", "/capi/scripts/configure-snapstore-proxy.sh"),
 		HaveField("Path", "/capi/scripts/configure-node-token.sh"),
 		HaveField("Path", "/capi/scripts/create-sentinel-bootstrap.sh"),
 		HaveField("Path", "/capi/etc/config.yaml"),
-		HaveField("Path", "/capi/etc/containerd-http-proxy"),
-		HaveField("Path", "/capi/etc/containerd-https-proxy"),
-		HaveField("Path", "/capi/etc/containerd-no-proxy"),
+		HaveField("Path", "/capi/etc/http-proxy"),
+		HaveField("Path", "/capi/etc/https-proxy"),
+		HaveField("Path", "/capi/etc/no-proxy"),
 		HaveField("Path", "/capi/etc/microcluster-address"),
 		HaveField("Path", "/capi/etc/node-name"),
 		HaveField("Path", "/capi/etc/node-token"),

diff --git a/pkg/cloudinit/embed.go b/pkg/cloudinit/embed.go
@@ -15,18 +15,18 @@ type script string
 // NOTE(eac): If you want to use a script from pkg/cloudinit/scripts in your code (for example, you want to include a script in the user-data.txt),
 // you need to add it to the scripts map below.
 var (
-	scriptInstall                  script = "install.sh"
+	scriptInstall                 script = "install.sh"
 	scriptDisableHostServices     script = "disable-host-services.sh"
-	scriptBootstrap                script = "bootstrap.sh"
-	scriptLoadImages               script = "load-images.sh"
-	scriptConfigureAuthToken       script = "configure-auth-token.sh" // #nosec G101
-	scriptConfigureContainerdProxy script = "configure-containerd-proxy.sh"
-	scriptConfigureNodeToken       script = "configure-node-token.sh" // #nosec G101
-	scriptJoinCluster              script = "join-cluster.sh"
-	scriptWaitAPIServerReady       script = "wait-apiserver-ready.sh"
-	scriptDeployManifests          script = "deploy-manifests.sh"
-	scriptCreateSentinelBootstrap  script = "create-sentinel-bootstrap.sh"
-	scriptConfigureSnapstoreProxy  script = "configure-snapstore-proxy.sh"
+	scriptBootstrap               script = "bootstrap.sh"
+	scriptLoadImages              script = "load-images.sh"
+	scriptConfigureAuthToken      script = "configure-auth-token.sh" // #nosec G101
+	scriptConfigureProxy          script = "configure-proxy.sh"
+	scriptConfigureNodeToken      script = "configure-node-token.sh" // #nosec G101
+	scriptJoinCluster             script = "join-cluster.sh"
+	scriptWaitAPIServerReady      script = "wait-apiserver-ready.sh"
+	scriptDeployManifests         script = "deploy-manifests.sh"
+	scriptCreateSentinelBootstrap script = "create-sentinel-bootstrap.sh"
+	scriptConfigureSnapstoreProxy script = "configure-snapstore-proxy.sh"
 )
 
 func mustEmbed(s script) string {
@@ -40,17 +40,17 @@ func mustEmbed(s script) string {
 var (
 	// scripts is a map of all embedded bash scripts used in the cloud-init.
 	scripts = map[script]string{
-		scriptInstall:                  mustEmbed(scriptInstall),
+		scriptInstall:                 mustEmbed(scriptInstall),
 		scriptDisableHostServices:     mustEmbed(scriptDisableHostServices),
-		scriptBootstrap:                mustEmbed(scriptBootstrap),
-		scriptLoadImages:               mustEmbed(scriptLoadImages),
-		scriptConfigureAuthToken:       mustEmbed(scriptConfigureAuthToken),
-		scriptConfigureContainerdProxy: mustEmbed(scriptConfigureContainerdProxy),
-		scriptConfigureNodeToken:       mustEmbed(scriptConfigureNodeToken),
-		scriptJoinCluster:              mustEmbed(scriptJoinCluster),
-		scriptWaitAPIServerReady:       mustEmbed(scriptWaitAPIServerReady),
-		scriptDeployManifests:          mustEmbed(scriptDeployManifests),
-		scriptCreateSentinelBootstrap:  mustEmbed(scriptCreateSentinelBootstrap),
-		scriptConfigureSnapstoreProxy:  mustEmbed(scriptConfigureSnapstoreProxy),
+		scriptBootstrap:               mustEmbed(scriptBootstrap),
+		scriptLoadImages:              mustEmbed(scriptLoadImages),
+		scriptConfigureAuthToken:      mustEmbed(scriptConfigureAuthToken),
+		scriptConfigureProxy:          mustEmbed(scriptConfigureProxy),
+		scriptConfigureNodeToken:      mustEmbed(scriptConfigureNodeToken),
+		scriptJoinCluster:             mustEmbed(scriptJoinCluster),
+		scriptWaitAPIServerReady:      mustEmbed(scriptWaitAPIServerReady),
+		scriptDeployManifests:         mustEmbed(scriptDeployManifests),
+		scriptCreateSentinelBootstrap: mustEmbed(scriptCreateSentinelBootstrap),
+		scriptConfigureSnapstoreProxy: mustEmbed(scriptConfigureSnapstoreProxy),
 	}
 )
diff --git a/pkg/cloudinit/scripts/configure-containerd-proxy.sh b/pkg/cloudinit/scripts/configure-containerd-proxy.sh