From 6e194ab1a620182a10d32425b9c48dd9e2552b25 Mon Sep 17 00:00:00 2001 From: Arvind Iyengar Date: Wed, 27 May 2020 12:48:10 -0700 Subject: [PATCH 1/2] Revert "Add support for k8s 1.18" This reverts commit 763a896380c318fbef1825788e50528873c9976a. --- cluster/cluster.go | 10 +++++----- cluster/defaults.go | 30 ------------------------------ metadata/metadata.go | 2 +- 3 files changed, 6 insertions(+), 36 deletions(-) diff --git a/cluster/cluster.go b/cluster/cluster.go index 0d8a994e..9683b179 100644 --- a/cluster/cluster.go +++ b/cluster/cluster.go @@ -718,11 +718,6 @@ func InitClusterObject(ctx context.Context, rkeConfig *v3.RancherKubernetesEngin if len(c.CertificateDir) == 0 { c.CertificateDir = GetCertificateDirPath(c.ConfigPath, c.ConfigDir) } - // Setting cluster Defaults - err = c.setClusterDefaults(ctx, flags) - if err != nil { - return nil, err - } // We don't manage custom configuration, if it's there we just use it. if isEncryptionCustomConfig(rkeConfig) { if c.EncryptionConfig.EncryptionProviderFile, err = c.readEncryptionCustomConfig(); err != nil { @@ -734,6 +729,11 @@ func InitClusterObject(ctx context.Context, rkeConfig *v3.RancherKubernetesEngin } } + // Setting cluster Defaults + err = c.setClusterDefaults(ctx, flags) + if err != nil { + return nil, err + } // extract cluster network configuration if err = c.setNetworkOptions(); err != nil { return nil, fmt.Errorf("failed set network options: %v", err) diff --git a/cluster/defaults.go b/cluster/defaults.go index 387c8385..9a32f991 100644 --- a/cluster/defaults.go +++ b/cluster/defaults.go @@ -323,17 +323,6 @@ func (c *Cluster) setClusterServicesDefaults() { } } - - enableEncryptionByDefault, err := checkVersionNeedsEncryptionDefault(c.Version) - if err != nil { - logrus.Warnf("Cannot determine if cluster version [%s] needs to have encryption enabled by default: %v", c.Version, err) - } - if enableEncryptionByDefault && c.Services.KubeAPI.SecretsEncryptionConfig == nil { - logrus.Debugf("Enabling encryption of secret data at rest by default for cluster version [%s]", c.Version) - c.Services.KubeAPI.SecretsEncryptionConfig = &v3.SecretsEncryptionConfig{ - Enabled: true, - } - } if c.Services.KubeAPI.AuditLog != nil && c.Services.KubeAPI.AuditLog.Enabled { if c.Services.KubeAPI.AuditLog.Configuration == nil { @@ -724,22 +713,3 @@ func checkVersionNeedsKubeAPIAuditLog(k8sVersion string) (bool, error) { logrus.Debugf("Cluster version [%s] does not need to have kube-api audit log enabled", k8sVersion[1:]) return false, nil } - -func checkVersionNeedsEncryptionDefault(k8sVersion string) (bool, error) { - toMatch, err := semver.Make(k8sVersion[1:]) - if err != nil { - return false, fmt.Errorf("Cluster version [%s] can not be parsed as semver", k8sVersion[1:]) - } - logrus.Debugf("Checking if cluster version [%s] needs to have encryption enabled by default", k8sVersion[1:]) - // encryption turned on by default in k8s 1.18.0 and up - clusterDefaultEncryptionRange, err := semver.ParseRange(">=1.18.0-rancher0") - if err != nil { - return false, errors.New("Failed to parse semver range while checking if encryption is enabled by default") - } - if clusterDefaultEncryptionRange(toMatch) { - logrus.Debugf("Cluster version [%s] needs to have encryption enabled by default", k8sVersion[1:]) - return true, nil - } - logrus.Debugf("Cluster version [%s] does not need to have encryption enabled by default", k8sVersion[1:]) - return false, nil -} diff --git a/metadata/metadata.go b/metadata/metadata.go index 8924398f..3fde6005 100644 --- a/metadata/metadata.go +++ b/metadata/metadata.go @@ -90,7 +90,7 @@ func readFile(file string) ([]byte, error) { return ioutil.ReadFile(file) } -const RKEVersionDev = "v1.1.1-rc100" +const RKEVersionDev = "v0.2.3" func initAddonTemplates(data kdm.Data) { K8sVersionToTemplates = data.K8sVersionedTemplates From 3d1e86779f862f25f2175c4e1db6510ee663263b Mon Sep 17 00:00:00 2001 From: Arvind Iyengar Date: Wed, 27 May 2020 12:49:25 -0700 Subject: [PATCH 2/2] undo reverting RKEVersionDev bump --- metadata/metadata.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata/metadata.go b/metadata/metadata.go index 3fde6005..8924398f 100644 --- a/metadata/metadata.go +++ b/metadata/metadata.go @@ -90,7 +90,7 @@ func readFile(file string) ([]byte, error) { return ioutil.ReadFile(file) } -const RKEVersionDev = "v0.2.3" +const RKEVersionDev = "v1.1.1-rc100" func initAddonTemplates(data kdm.Data) { K8sVersionToTemplates = data.K8sVersionedTemplates