From 33a85904ec0ff1613a952640c3bd68f65b9e3136 Mon Sep 17 00:00:00 2001 From: Erikson Tung Date: Fri, 8 Sep 2023 17:56:33 -0700 Subject: [PATCH 1/2] testsys: support for overriding EKS service endpoint This adds the plumbing necessary to override the EKS service endpoint for the EKS cluster agent when it queries cluster metadata for populating information necessary to launch nodes into the cluster. --- tools/testsys-config/src/lib.rs | 4 ++++ tools/testsys/src/aws_k8s.rs | 8 ++++++++ 2 files changed, 12 insertions(+) diff --git a/tools/testsys-config/src/lib.rs b/tools/testsys-config/src/lib.rs index b841a72087b..867355cdb1b 100644 --- a/tools/testsys-config/src/lib.rs +++ b/tools/testsys-config/src/lib.rs @@ -360,6 +360,9 @@ pub struct DeveloperConfig { pub keep_tests_running: Option, /// Use an alternate account for image lookup pub image_account_id: Option, + /// Overrides the EKS service endpoint for TestSys agents gathering EKS cluster metadata + /// (only for pre-existing EKS clusters, does not apply to new EKS cluster creation) + pub eks_service_endpoint: Option, } impl DeveloperConfig { @@ -374,6 +377,7 @@ impl DeveloperConfig { .or(other.bottlerocket_destruction_policy), keep_tests_running: self.keep_tests_running.or(other.keep_tests_running), image_account_id: self.image_account_id.or(other.image_account_id), + eks_service_endpoint: self.eks_service_endpoint.or(other.eks_service_endpoint), } } } diff --git a/tools/testsys/src/aws_k8s.rs b/tools/testsys/src/aws_k8s.rs index 971607d9281..2fc063fabcd 100644 --- a/tools/testsys/src/aws_k8s.rs +++ b/tools/testsys/src/aws_k8s.rs @@ -106,6 +106,14 @@ impl CrdCreator for AwsK8sCreator { let eks_crd = EksClusterConfig::builder() .creation_policy(CreationPolicy::IfNotExists) + .eks_service_endpoint( + cluster_input + .crd_input + .config + .dev + .eks_service_endpoint + .clone(), + ) .assume_role(cluster_input.crd_input.config.agent_role.clone()) .config(config) .image( From 810d719cae156464ae30ff0b070f11ee6b3a6458 Mon Sep 17 00:00:00 2001 From: Erikson Tung Date: Mon, 11 Sep 2023 14:43:13 -0700 Subject: [PATCH 2/2] testsys: launch nodes in public subnets by default It's more likely for a test cluster to at least have one or more public subnets than it is for it to have at least one or more private subnet. --- tools/testsys/src/aws_resources.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/testsys/src/aws_resources.rs b/tools/testsys/src/aws_resources.rs index 5f6fc2f2772..aa97a3fb1d3 100644 --- a/tools/testsys/src/aws_resources.rs +++ b/tools/testsys/src/aws_resources.rs @@ -207,7 +207,7 @@ pub(crate) async fn ec2_crd<'a>( // Add in the EKS specific configuration. if cluster_type == ClusterType::Eks { ec2_builder - .subnet_ids_template(cluster_name, "privateSubnetIds") + .subnet_ids_template(cluster_name, "publicSubnetIds") .endpoint_template(cluster_name, "endpoint") .certificate_template(cluster_name, "certificate") .cluster_dns_ip_template(cluster_name, "clusterDnsIp") @@ -305,7 +305,7 @@ pub(crate) async fn ec2_karpenter_crd<'a>( ) .cluster_name_template(cluster_name, "clusterName") .region_template(cluster_name, "region") - .subnet_ids_template(cluster_name, "privateSubnetIds") + .subnet_ids_template(cluster_name, "publicSubnetIds") .endpoint_template(cluster_name, "endpoint") .cluster_sg_template(cluster_name, "clustersharedSg") .device_mappings(device_mappings)