-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: send provider enum values for insecureKubeletReadonlyPortEnabled
#2145
fix: send provider enum values for insecureKubeletReadonlyPortEnabled
#2145
Conversation
45cb295
to
0761cc9
Compare
/gcbrun |
Hmm, looks like we are getting lower-case in
|
I'll take a look. I thought I checked for any spots I'd missed, but apparently not. |
Thanks @wyardley! Probably needs a |
Got to take a look. Doesn't look like it will work exactly as-is -- will make the adjustment that I think it needs and will build and push the results. edit: See if what's there now looks good to you |
/gcbrun |
Thanks @wyardley - Yes, this looks good, and less complicated that what I suggested. |
I was expecting we might need to update the test asset, however this is unexpected. The node_pool_defaults plan now looks good:
However the default-node-pool is showing
|
It’s because at API level, it’s a bool, and this is the API response vs the terraform state so I think this is expected, if unintuitive. I can update that value shortly. |
Hey @wyardley! I'm not thinking the string vs bool types, but we set the cluster default to false, and the default node pool is showing true? Perhaps there is something special about the default node pool. |
Let me look. If we only set |
Yeah, that is my guess as well. |
So a couple questions:
Also, should I try to squeeze this in the same PR? |
Thanks for digging into this @wyardley!
I think that would be the ideal situation for the default node pool - do an explicit lookup, failing that use the cluster default, failing that then set
Yeah, the best practice recommendation is to remove the default node pool, but it's not required. Due it's typical removal, I suspect it's been an accidental oversight theses weren't added, and so should be updated to match.
I'm comfortable if everything is in a single PR, however I can certainly open a seperate PR to add kubelet_config to the default node pool to keep the PRs more focused. Let me know your preference. |
I pushed up an update of what I have so far (only updated one of the tests). I'm going to do what I probably should have done sooner, and actually run this locally, so I can try a few things a bit faster. |
/gcbrun |
Fixing one minor issue with that, and will push again.
Yes, I think that would be a good idea, especially since it may need to include some additional items, and you probably have a better idea of where exactly it should go. |
51e02c2
to
bd221b2
Compare
insecureKubeletReadonlyPortEnabled
insecureKubeletReadonlyPortEnabled
to node_config
/gcbrun |
~@apeabody I can add a dumb fix for this in the short term, but this can probably be removed when support is dropped for TPG 5.x.~ |
Yeah, actually, that's probably the needed / correct fix here. Do you want to send that through first and I'll rebase off of it? |
Yes, that is the plan, hopefully by tomorrow get it merged in. |
insecureKubeletReadonlyPortEnabled
to node_config
insecureKubeletReadonlyPortEnabled
to kubelet_config
Hi @wyardley - #2147 is merged, can you rebase this as needed? Thanks! |
Add `insecureKubeletReadonlyPortEnabled` to `node_config.kubelet_config` for the default node-pool and for additional pools. It may also be necessary to define the top level `node_config` more broadly for the case where `remove_default_node_pool` is set to false, which should probably be handled separately. Also, the upstream provider (intentionally) uses an enum of `"TRUE"` / `"FALSE"` vs. a boolean. Update the code to follow this, and add a test case that covers the cluster level setting vs node pool one. Fixes terraform-google-modules#2013 Co-authored-by: Andrew Peabody <[email protected]>
bd221b2
to
a88d1ae
Compare
insecureKubeletReadonlyPortEnabled
to kubelet_config
insecureKubeletReadonlyPortEnabled
/gcbrun |
FYI: Looks like the Windows node pool test has recently started timing out (tests are failing around 59-61 minutes), may need to adjust that test. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the contribution @wyardley!
Add
insecureKubeletReadonlyPortEnabled
tonode_config.kubelet_config
for the default node-pool and for additional pools. It may also be necessary to define the top levelnode_config
more broadly for the case whereremove_default_node_pool
is set to false, which should probably be handled separately.Also, the upstream provider (intentionally) uses an enum of
"TRUE"
/"FALSE"
vs. a boolean. Update the code to follow this, and add a test case (also suggested by @apeabody) that covers the cluster level setting vs node pool one.Fixes #2013