Skip to content

Commit

Permalink
chrore: Add CredentialProvider to Bottlerocket settings (aws#5530)
Browse files Browse the repository at this point in the history 
Co-authored-by: Johan Vandeweerd <[email protected]>
  • Loading branch information
@johanvandeweerd @johan-vandeweerd-hs
johanvandeweerd and johan-vandeweerd-hs authored Jan 25, 2024
1 parent 6c8752c commit fc395bc
Showing 1 changed file with 41 additions and 31 deletions.
72 changes: 41 additions & 31 deletions pkg/providers/amifamily/bootstrap/bottlerocketsettings.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,51 +35,61 @@ type BottlerocketConfig struct {
Settings BottlerocketSettings `toml:"-"`
}

// BottlerocketSettings is a subset of all configuration in https://github.com/bottlerocket-os/bottlerocket/blob/develop/sources/models/src/aws-k8s-1.22/mod.rs
// BottlerocketSettings is a subset of all configuration in https://github.com/bottlerocket-os/bottlerocket/blob/d427c40931cba6e6bedc5b75e9c084a6e1818db9/sources/models/src/lib.rs#L260
// These settings apply across all K8s versions that karpenter supports.
type BottlerocketSettings struct {
Kubernetes BottlerocketKubernetes `toml:"kubernetes"`
}

// BottlerocketKubernetes is k8s specific configuration for bottlerocket api
type BottlerocketKubernetes struct {
APIServer *string `toml:"api-server"`
CloudProvider *string `toml:"cloud-provider"`
ClusterCertificate *string `toml:"cluster-certificate"`
ClusterName *string `toml:"cluster-name"`
ClusterDNSIP *string `toml:"cluster-dns-ip,omitempty"`
NodeLabels map[string]string `toml:"node-labels,omitempty"`
NodeTaints map[string][]string `toml:"node-taints,omitempty"`
MaxPods *int `toml:"max-pods,omitempty"`
StaticPods map[string]BottlerocketStaticPod `toml:"static-pods,omitempty"`
EvictionHard map[string]string `toml:"eviction-hard,omitempty"`
KubeReserved map[string]string `toml:"kube-reserved,omitempty"`
SystemReserved map[string]string `toml:"system-reserved,omitempty"`
AllowedUnsafeSysctls []string `toml:"allowed-unsafe-sysctls,omitempty"`
ServerTLSBootstrap *bool `toml:"server-tls-bootstrap,omitempty"`
RegistryQPS *int `toml:"registry-qps,omitempty"`
RegistryBurst *int `toml:"registry-burst,omitempty"`
EventQPS *int `toml:"event-qps,omitempty"`
EventBurst *int `toml:"event-burst,omitempty"`
KubeAPIQPS *int `toml:"kube-api-qps,omitempty"`
KubeAPIBurst *int `toml:"kube-api-burst,omitempty"`
ContainerLogMaxSize *string `toml:"container-log-max-size,omitempty"`
ContainerLogMaxFiles *int `toml:"container-log-max-files,omitempty"`
CPUManagerPolicy *string `toml:"cpu-manager-policy,omitempty"`
CPUManagerReconcilePeriod *string `toml:"cpu-manager-reconcile-period,omitempty"`
TopologyManagerScope *string `toml:"topology-manager-scope,omitempty"`
ImageGCHighThresholdPercent *string `toml:"image-gc-high-threshold-percent,omitempty"`
ImageGCLowThresholdPercent *string `toml:"image-gc-low-threshold-percent,omitempty"`
CPUCFSQuota *bool `toml:"cpu-cfs-quota-enforced,omitempty"`
ShutdownGracePeriod *string `toml:"shutdown-grace-period,omitempty"`
ShutdownGracePeriodForCriticalPods *string `toml:"shutdown-grace-period-for-critical-pods,omitempty"`
APIServer *string `toml:"api-server"`
CloudProvider *string `toml:"cloud-provider"`
ClusterCertificate *string `toml:"cluster-certificate"`
ClusterName *string `toml:"cluster-name"`
ClusterDNSIP *string `toml:"cluster-dns-ip,omitempty"`
CredentialProviders map[string]BottlerocketCredentialProvider `toml:"credential-providers,omitempty"`
NodeLabels map[string]string `toml:"node-labels,omitempty"`
NodeTaints map[string][]string `toml:"node-taints,omitempty"`
MaxPods *int `toml:"max-pods,omitempty"`
StaticPods map[string]BottlerocketStaticPod `toml:"static-pods,omitempty"`
EvictionHard map[string]string `toml:"eviction-hard,omitempty"`
KubeReserved map[string]string `toml:"kube-reserved,omitempty"`
SystemReserved map[string]string `toml:"system-reserved,omitempty"`
AllowedUnsafeSysctls []string `toml:"allowed-unsafe-sysctls,omitempty"`
ServerTLSBootstrap *bool `toml:"server-tls-bootstrap,omitempty"`
RegistryQPS *int `toml:"registry-qps,omitempty"`
RegistryBurst *int `toml:"registry-burst,omitempty"`
EventQPS *int `toml:"event-qps,omitempty"`
EventBurst *int `toml:"event-burst,omitempty"`
KubeAPIQPS *int `toml:"kube-api-qps,omitempty"`
KubeAPIBurst *int `toml:"kube-api-burst,omitempty"`
ContainerLogMaxSize *string `toml:"container-log-max-size,omitempty"`
ContainerLogMaxFiles *int `toml:"container-log-max-files,omitempty"`
CPUManagerPolicy *string `toml:"cpu-manager-policy,omitempty"`
CPUManagerReconcilePeriod *string `toml:"cpu-manager-reconcile-period,omitempty"`
TopologyManagerScope *string `toml:"topology-manager-scope,omitempty"`
ImageGCHighThresholdPercent *string `toml:"image-gc-high-threshold-percent,omitempty"`
ImageGCLowThresholdPercent *string `toml:"image-gc-low-threshold-percent,omitempty"`
CPUCFSQuota *bool `toml:"cpu-cfs-quota-enforced,omitempty"`
ShutdownGracePeriod *string `toml:"shutdown-grace-period,omitempty"`
ShutdownGracePeriodForCriticalPods *string `toml:"shutdown-grace-period-for-critical-pods,omitempty"`
}

type BottlerocketStaticPod struct {
Enabled *bool `toml:"enabled,omitempty"`
Manifest *string `toml:"manifest,omitempty"`
}

// BottlerocketCredentialProvider is k8s specific configuration for Bottlerocket Kubelet image credential provider
// See Bottlerocket struct at https://github.com/bottlerocket-os/bottlerocket/blob/d427c40931cba6e6bedc5b75e9c084a6e1818db9/sources/models/modeled-types/src/kubernetes.rs#L1307
type BottlerocketCredentialProvider struct {
Enabled *bool `toml:"enabled"`
CacheDuration *string `toml:"cache-duration,omitempty"`
ImagePatterns []string `toml:"image-patterns"`
Environment map[string]string `toml:"environment,omitempty"`
}

func (c *BottlerocketConfig) UnmarshalTOML(data []byte) error {
// unmarshal known settings
s := struct {
Expand Down

0 comments on commit fc395bc

Please sign in to comment.