From 8859229fbc548b27318d07fc4a7d154b83f753a8 Mon Sep 17 00:00:00 2001 From: Benjamin Elder <bentheelder@google.com> Date: Wed, 26 Oct 2022 08:42:57 -0700 Subject: [PATCH 01/13] version v0.18.0-alpha --- pkg/cmd/kind/version/version.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/cmd/kind/version/version.go b/pkg/cmd/kind/version/version.go index a2a033376a..0e9347841b 100644 --- a/pkg/cmd/kind/version/version.go +++ b/pkg/cmd/kind/version/version.go @@ -54,11 +54,11 @@ func DisplayVersion() string { } // versionCore is the core portion of the kind CLI version per Semantic Versioning 2.0.0 -const versionCore = "0.17.0" +const versionCore = "0.18.0" // versionPreRelease is the base pre-release portion of the kind CLI version per // Semantic Versioning 2.0.0 -const versionPreRelease = "" +const versionPreRelease = "alpha" // gitCommitCount count the commits since the last release. // It is injected at build time. From 37a3cba81a0f2e400d555c8946fd15f11aad0518 Mon Sep 17 00:00:00 2001 From: Benjamin Elder <bentheelder@google.com> Date: Wed, 26 Oct 2022 08:52:07 -0700 Subject: [PATCH 02/13] update docs for v0.17.0 --- README.md | 10 +++++----- site/config.toml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 3d7a15fcb5..05f0e52a0d 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ kind bootstraps each "node" with [kubeadm][kubeadm]. For more details see [the d For a complete [install guide] see [the documentation here][install guide]. -You can install kind with `GO111MODULE="on" go get sigs.k8s.io/kind@v0.16.0`. +You can install kind with `GO111MODULE="on" go get sigs.k8s.io/kind@v0.17.0`. **NOTE**: please use the latest go to do this. KIND is developed with the latest stable go, see [`.go-version`](./.go-version) for the exact version we're using. @@ -47,7 +47,7 @@ into your `$PATH`: On Linux: ```console -curl -Lo ./kind "https://kind.sigs.k8s.io/dl/v0.16.0/kind-$(uname)-amd64" +curl -Lo ./kind "https://kind.sigs.k8s.io/dl/v0.17.0/kind-$(uname)-amd64" chmod +x ./kind sudo mv ./kind /usr/local/bin/kind ``` @@ -68,9 +68,9 @@ On macOS via Bash: ```console # for Intel Macs -[ $(uname -m) = x86_64 ]&& curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.16.0/kind-darwin-amd64 +[ $(uname -m) = x86_64 ]&& curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.17.0/kind-darwin-amd64 # for M1 / ARM Macs -[ $(uname -m) = arm64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.16.0/kind-darwin-arm64 +[ $(uname -m) = arm64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.17.0/kind-darwin-arm64 chmod +x ./kind mv ./kind /some-dir-in-your-PATH/kind ``` @@ -78,7 +78,7 @@ mv ./kind /some-dir-in-your-PATH/kind On Windows: ```powershell -curl.exe -Lo kind-windows-amd64.exe https://kind.sigs.k8s.io/dl/v0.16.0/kind-windows-amd64 +curl.exe -Lo kind-windows-amd64.exe https://kind.sigs.k8s.io/dl/v0.17.0/kind-windows-amd64 Move-Item .\kind-windows-amd64.exe c:\some-dir-in-your-PATH\kind.exe # OR via Chocolatey (https://chocolatey.org/packages/kind) diff --git a/site/config.toml b/site/config.toml index dc71a8f173..3001160bf5 100644 --- a/site/config.toml +++ b/site/config.toml @@ -67,7 +67,7 @@ baseName = "_redirects" home = ["HTML", "REDIRECTS"] [params] -stable = "v0.16.0" +stable = "v0.17.0" # privacy settings [privacy] From 3f99311bbdef92d67182b84dc144b45cb06bfad2 Mon Sep 17 00:00:00 2001 From: Benjamin Elder <bentheelder@google.com> Date: Thu, 27 Oct 2022 08:09:09 -0700 Subject: [PATCH 03/13] fix kind version in readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 05f0e52a0d..9aedb5139d 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,9 @@ kind is a tool for running local Kubernetes clusters using Docker container "nodes". kind was primarily designed for testing Kubernetes itself, but may be used for local development or CI. -If you have [go] \([1.17+][go-supported]) and [docker] installed `go install sigs.k8s.io/kind@{{< stableVersion >}} && kind create cluster` is all you need! +If you have [go] \([1.17+][go-supported]) and [docker] installed `go install sigs.k8s.io/kind@v0.17.0 && kind create cluster` is all you need! -For older versions use `GO111MODULE="on" go get sigs.k8s.io/kind@{{< stableVersion >}}`. +For older versions use `GO111MODULE="on" go get sigs.k8s.io/kind@v0.17.0`. ![](site/static/images/kind-create-cluster.png) From 197b65602168437432208f1060d7f5765118c21c Mon Sep 17 00:00:00 2001 From: Daman <aroradaman@gmail.com> Date: Sat, 29 Oct 2022 16:10:55 +0530 Subject: [PATCH 04/13] comments-update-buildcontext --- pkg/build/nodeimage/buildcontext.go | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/pkg/build/nodeimage/buildcontext.go b/pkg/build/nodeimage/buildcontext.go index 51662396c1..ecbaf6b14e 100644 --- a/pkg/build/nodeimage/buildcontext.go +++ b/pkg/build/nodeimage/buildcontext.go @@ -48,10 +48,10 @@ type buildContext struct { builder kube.Builder } -// Build builds the cluster node image, the sourcedir must be set on +// Build builds the cluster node image, the source dir must be set on // the buildContext func (c *buildContext) Build() (err error) { - // ensure kubernetes build is up to date first + // ensure kubernetes build is up-to-date first c.logger.V(0).Info("Starting to build Kubernetes") bits, err := c.builder.Build() if err != nil { @@ -60,17 +60,17 @@ func (c *buildContext) Build() (err error) { } c.logger.V(0).Info("Finished building Kubernetes") - // then the perform the actual docker image build + // then perform the actual docker image build c.logger.V(0).Info("Building node image ...") return c.buildImage(bits) } func (c *buildContext) buildImage(bits kube.Bits) error { // create build container - // NOTE: we are using docker run + docker commit so we can install + // NOTE: we are using docker run + docker commit, so we can install // debian packages without permanently copying them into the image. // if docker gets proper squash support, we can rm them instead - // This also allows the KubeBit implementations to perform programmatic + // This also allows the KubeBit implementations to programmatically // install in the image containerID, err := c.createBuildContainer() cmder := docker.ContainerCmder(containerID) @@ -144,7 +144,7 @@ func (c *buildContext) buildImage(bits kube.Bits) error { return nil } -// returns a set of image tags that will be sideloaded +// returns a set of image tags that will be side-loaded func (c *buildContext) getBuiltImages(bits kube.Bits) (sets.String, error) { images := sets.NewString() for _, path := range bits.ImagePaths() { @@ -313,7 +313,7 @@ func (c *buildContext) prePullImagesAndWriteManifests(bits kube.Bits, parsedVers func (c *buildContext) createBuildContainer() (id string, err error) { // attempt to explicitly pull the image if it doesn't exist locally - // we don't care if this errors, we'll still try to run which also pulls + // we don't care if this returns error, we'll still try to run which also pulls _ = docker.Pull(c.logger, c.baseImage, dockerBuildOsAndArch(c.arch), 4) // this should be good enough: a specific prefix, the current unix time, // and a little random bits in case we have multiple builds simultaneously @@ -323,7 +323,7 @@ func (c *buildContext) createBuildContainer() (id string, err error) { c.baseImage, []string{ "-d", // make the client exit while the container continues to run - // the container should hang forever so we can exec in it + // the container should hang forever, so we can exec in it "--entrypoint=sleep", "--name=" + id, "--platform=" + dockerBuildOsAndArch(c.arch), From 63eabd223b044a950328c5ea1edc2fe3a9b538cb Mon Sep 17 00:00:00 2001 From: lreciomelero <lrecio@stratio.com> Date: Thu, 18 Jan 2024 18:03:01 +0100 Subject: [PATCH 05/13] Added clusterConfig creation --- .../actions/createworker/createworker.go | 55 ++++++++++++++----- .../create/actions/createworker/provider.go | 20 ++++++- pkg/cluster/internal/create/create.go | 2 +- pkg/cluster/provider.go | 2 +- pkg/cmd/kind/create/cluster/createcluster.go | 4 +- pkg/commons/cluster.go | 21 ++++--- 6 files changed, 76 insertions(+), 28 deletions(-) diff --git a/pkg/cluster/internal/create/actions/createworker/createworker.go b/pkg/cluster/internal/create/actions/createworker/createworker.go index 7e54956703..0aca799ac0 100644 --- a/pkg/cluster/internal/create/actions/createworker/createworker.go +++ b/pkg/cluster/internal/create/actions/createworker/createworker.go @@ -38,7 +38,7 @@ type action struct { avoidCreation bool keosCluster commons.KeosCluster clusterCredentials commons.ClusterCredentials - clusterConfig commons.ClusterConfig + clusterConfig *commons.ClusterConfig } type keosRegistry struct { @@ -73,7 +73,7 @@ var allowCommonEgressNetPol string var rbacInternalLoadBalancing string // NewAction returns a new action for installing default CAPI -func NewAction(vaultPassword string, descriptorPath string, moveManagement bool, avoidCreation bool, keosCluster commons.KeosCluster, clusterCredentials commons.ClusterCredentials, clusterConfig commons.ClusterConfig) actions.Action { +func NewAction(vaultPassword string, descriptorPath string, moveManagement bool, avoidCreation bool, keosCluster commons.KeosCluster, clusterCredentials commons.ClusterCredentials, clusterConfig *commons.ClusterConfig) actions.Action { return &action{ vaultPassword: vaultPassword, descriptorPath: descriptorPath, @@ -121,13 +121,22 @@ func (a *action) Execute(ctx *actions.ActionContext) error { awsEKSEnabled := a.keosCluster.Spec.InfraProvider == "aws" && a.keosCluster.Spec.ControlPlane.Managed isMachinePool := a.keosCluster.Spec.InfraProvider != "aws" && a.keosCluster.Spec.ControlPlane.Managed - privateParams := PrivateParams{ - KeosCluster: a.keosCluster, - KeosRegUrl: keosRegistry.url, - Private: a.clusterConfig.Spec.Private, + var privateParams PrivateParams + if a.clusterConfig != nil { + privateParams = PrivateParams{ + KeosCluster: a.keosCluster, + KeosRegUrl: keosRegistry.url, + Private: a.clusterConfig.Spec.Private, + } + } else { + privateParams = PrivateParams{ + KeosCluster: a.keosCluster, + KeosRegUrl: keosRegistry.url, + Private: false, + } } - if a.clusterConfig.Spec.Private { + if privateParams.Private { ctx.Status.Start("Installing Private CNI 🎖️") defer ctx.Status.End(false) c = `sed -i 's/@sha256:[[:alnum:]_-].*$//g' ` + cniDefaultFile @@ -222,7 +231,7 @@ func (a *action) Execute(ctx *actions.ActionContext) error { } } - if a.clusterConfig.Spec.Private { + if privateParams.Private { err = provider.deployCertManager(n, keosRegistry.url, "") if err != nil { return err @@ -295,7 +304,7 @@ func (a *action) Execute(ctx *actions.ActionContext) error { ctx.Status.Start("Installing keos cluster operator 💻") defer ctx.Status.End(false) - err = provider.deployClusterOperator(n, privateParams, a.clusterCredentials, keosRegistry, "", true) + err = provider.deployClusterOperator(n, privateParams, a.clusterCredentials, keosRegistry, a.clusterConfig, "", true) if err != nil { return errors.Wrap(err, "failed to deploy cluster operator") } @@ -317,11 +326,20 @@ func (a *action) Execute(ctx *actions.ActionContext) error { ctx.Status.Start("Creating the workload cluster 💥") defer ctx.Status.End(false) + if a.clusterConfig != nil { + // Apply cluster manifests + c = "kubectl apply -f " + manifestsPath + "/clusterconfig.yaml" + _, err = commons.ExecuteCommand(n, c) + if err != nil { + return errors.Wrap(err, "failed to apply clusterconfig manifests") + } + } + // Apply cluster manifests c = "kubectl apply -f " + manifestsPath + "/keoscluster.yaml" _, err = commons.ExecuteCommand(n, c) if err != nil { - return errors.Wrap(err, "failed to apply manifests") + return errors.Wrap(err, "failed to apply keoscluster manifests") } time.Sleep(20 * time.Second) @@ -498,7 +516,7 @@ func (a *action) Execute(ctx *actions.ActionContext) error { ctx.Status.Start("Installing CAPx in workload cluster 🎖️") defer ctx.Status.End(false) - if a.clusterConfig.Spec.Private { + if privateParams.Private { err = provider.deployCertManager(n, keosRegistry.url, kubeconfigPath) if err != nil { return err @@ -592,7 +610,7 @@ func (a *action) Execute(ctx *actions.ActionContext) error { " --set clusterAPIMode=incluster-incluster" + " --set replicaCount=2" - if a.clusterConfig.Spec.Private { + if privateParams.Private { c += " --set image.repository=" + keosRegistry.url + "/autoscaling/cluster-autoscaler" } @@ -607,7 +625,7 @@ func (a *action) Execute(ctx *actions.ActionContext) error { ctx.Status.Start("Installing keos cluster operator in workload cluster 💻") defer ctx.Status.End(false) - err = provider.deployClusterOperator(n, privateParams, a.clusterCredentials, keosRegistry, kubeconfigPath, true) + err = provider.deployClusterOperator(n, privateParams, a.clusterCredentials, keosRegistry, a.clusterConfig, kubeconfigPath, true) if err != nil { return errors.Wrap(err, "failed to deploy cluster operator in workload cluster") } @@ -690,6 +708,15 @@ func (a *action) Execute(ctx *actions.ActionContext) error { return errors.Wrap(err, "failed to wait for keoscluster controller ready") } + if a.clusterConfig != nil { + // Move clusterConfig to workload cluster + c = "kubectl -n " + capiClustersNamespace + " get clusterconfig " + a.clusterConfig.Metadata.Name + " -o json | kubectl apply --kubeconfig " + kubeconfigPath + " -f-" + _, err = commons.ExecuteCommand(n, c) + if err != nil { + return errors.Wrap(err, "failed to move clusterconfig to workload cluster") + } + } + // Move keoscluster to workload cluster c = "kubectl -n " + capiClustersNamespace + " get keoscluster " + a.keosCluster.Metadata.Name + " -o json | jq 'del(.status)' | kubectl apply --kubeconfig " + kubeconfigPath + " -f-" _, err = commons.ExecuteCommand(n, c) @@ -710,7 +737,7 @@ func (a *action) Execute(ctx *actions.ActionContext) error { return errors.Wrap(err, "failed to delete keoscluster in management cluster") } - err = provider.deployClusterOperator(n, privateParams, a.clusterCredentials, keosRegistry, "", false) + err = provider.deployClusterOperator(n, privateParams, a.clusterCredentials, keosRegistry, a.clusterConfig, "", false) if err != nil { return errors.Wrap(err, "failed to deploy cluster operator") } diff --git a/pkg/cluster/internal/create/actions/createworker/provider.go b/pkg/cluster/internal/create/actions/createworker/provider.go index c54513e759..6fc71a6123 100644 --- a/pkg/cluster/internal/create/actions/createworker/provider.go +++ b/pkg/cluster/internal/create/actions/createworker/provider.go @@ -56,8 +56,8 @@ const ( scName = "keos" certManagerVersion = "v1.12.3" - clusterOperatorChart = "0.2.0-SNAPSHOT" - clusterOperatorImage = "0.2.0-SNAPSHOT" + clusterOperatorChart = "0.2.0-PR154-SNAPSHOT" + clusterOperatorImage = "0.2.0-PR154-SNAPSHOT" ) const machineHealthCheckWorkerNodePath = "/kind/manifests/machinehealthcheckworkernode.yaml" @@ -273,7 +273,7 @@ func (p *Provider) deployCertManager(n nodes.Node, keosRegistryUrl string, kubec return nil } -func (p *Provider) deployClusterOperator(n nodes.Node, privateParams PrivateParams, clusterCredentials commons.ClusterCredentials, keosRegistry keosRegistry, kubeconfigPath string, firstInstallation bool) error { +func (p *Provider) deployClusterOperator(n nodes.Node, privateParams PrivateParams, clusterCredentials commons.ClusterCredentials, keosRegistry keosRegistry, clusterConfig *commons.ClusterConfig, kubeconfigPath string, firstInstallation bool) error { var c string var err error var helmRepository helmRepository @@ -319,6 +319,20 @@ func (p *Provider) deployClusterOperator(n nodes.Node, privateParams PrivatePara Flavour string `yaml:"flavour,omitempty"` Version string `yaml:"version,omitempty"` }{} + + if clusterConfig != nil { + clusterConfigYAML, err := yaml.Marshal(clusterConfig) + if err != nil { + return err + } + // Write keoscluster file + c = "echo '" + string(clusterConfigYAML) + "' > " + manifestsPath + "/clusterconfig.yaml" + _, err = commons.ExecuteCommand(n, c) + if err != nil { + return errors.Wrap(err, "failed to write the keoscluster file") + } + keosCluster.Spec.ClusterConfigRef.Name = clusterConfig.Metadata.Name + } keosClusterYAML, err := yaml.Marshal(keosCluster) if err != nil { return err diff --git a/pkg/cluster/internal/create/create.go b/pkg/cluster/internal/create/create.go index c54a894b52..04e9feacb5 100644 --- a/pkg/cluster/internal/create/create.go +++ b/pkg/cluster/internal/create/create.go @@ -63,7 +63,7 @@ type ClusterOptions struct { MoveManagement bool AvoidCreation bool KeosCluster commons.KeosCluster - ClusterConfig commons.ClusterConfig + ClusterConfig *commons.ClusterConfig ClusterCredentials commons.ClusterCredentials DockerRegUrl string diff --git a/pkg/cluster/provider.go b/pkg/cluster/provider.go index 7c3806f51b..7f1767008f 100644 --- a/pkg/cluster/provider.go +++ b/pkg/cluster/provider.go @@ -171,7 +171,7 @@ func ProviderWithPodman() ProviderOption { } // Create provisions and starts a kubernetes-in-docker cluster -func (p *Provider) Create(name string, vaultPassword string, descriptorPath string, moveManagement bool, avoidCreation bool, dockerRegUrl string, clusterConfig commons.ClusterConfig, keosCluster commons.KeosCluster, clusterCredentials commons.ClusterCredentials, options ...CreateOption) error { // apply options +func (p *Provider) Create(name string, vaultPassword string, descriptorPath string, moveManagement bool, avoidCreation bool, dockerRegUrl string, clusterConfig *commons.ClusterConfig, keosCluster commons.KeosCluster, clusterCredentials commons.ClusterCredentials, options ...CreateOption) error { // apply options opts := &internalcreate.ClusterOptions{ NameOverride: name, VaultPassword: vaultPassword, diff --git a/pkg/cmd/kind/create/cluster/createcluster.go b/pkg/cmd/kind/create/cluster/createcluster.go index eddc0214cf..e1d27f8ed1 100644 --- a/pkg/cmd/kind/create/cluster/createcluster.go +++ b/pkg/cmd/kind/create/cluster/createcluster.go @@ -188,7 +188,7 @@ func runE(logger log.Logger, streams cmd.IOStreams, flags *flagpole) error { } dockerRegUrl := "" - if clusterConfig.Spec.Private { + if clusterConfig != nil && clusterConfig.Spec.Private { configFile, err := getConfigFile(keosCluster, clusterCredentials) if err != nil { return errors.Wrap(err, "Error getting private kubeadm config") @@ -220,7 +220,7 @@ func runE(logger log.Logger, streams cmd.IOStreams, flags *flagpole) error { flags.MoveManagement, flags.AvoidCreation, dockerRegUrl, - *clusterConfig, + clusterConfig, *keosCluster, clusterCredentials, withConfig, diff --git a/pkg/commons/cluster.go b/pkg/commons/cluster.go index d7826dda4a..3155199d6e 100644 --- a/pkg/commons/cluster.go +++ b/pkg/commons/cluster.go @@ -58,7 +58,11 @@ type Metadata struct { } type ClusterConfigSpec struct { - Private bool `yaml:"private_registry,omitempty"` + Private bool `yaml:"private_registry"` +} + +type ClusterConfigRef struct { + Name string `json:"name,omitempty"` } // Spec represents the YAML structure in the spec field of the descriptor file @@ -109,6 +113,8 @@ type KeosSpec struct { } `yaml:"control_plane"` WorkerNodes WorkerNodes `yaml:"worker_nodes" validate:"required,dive"` + + ClusterConfigRef ClusterConfigRef `yaml:"cluster_config_ref,omitempty" validate:"dive"` } type Networks struct { @@ -372,6 +378,7 @@ func (s KeosSpec) Init() KeosSpec { func GetClusterDescriptor(descriptorPath string) (*KeosCluster, *ClusterConfig, error) { var keosCluster KeosCluster var clusterConfig ClusterConfig + findClusterConfig := false _, err := os.Stat(descriptorPath) if err != nil { @@ -416,6 +423,7 @@ func GetClusterDescriptor(descriptorPath string) (*KeosCluster, *ClusterConfig, keosCluster.Metadata.Namespace = "cluster-" + keosCluster.Metadata.Name case "ClusterConfig": + findClusterConfig = true clusterConfig.Spec = new(ClusterConfigSpec).Init() err = yaml.Unmarshal([]byte(manifest), &clusterConfig) if err != nil { @@ -426,7 +434,7 @@ func GetClusterDescriptor(descriptorPath string) (*KeosCluster, *ClusterConfig, if err != nil { return nil, nil, err } - + clusterConfig.Metadata.Namespace = "cluster-" + keosCluster.Metadata.Name default: return nil, nil, errors.New("Unsupported manifest kind: " + resource.Kind) } @@ -436,13 +444,12 @@ func GetClusterDescriptor(descriptorPath string) (*KeosCluster, *ClusterConfig, if reflect.DeepEqual(keosCluster, KeosCluster{}) { return nil, nil, errors.New("Keoscluster's manifest has not been found.") } - if !reflect.DeepEqual(clusterConfig, ClusterConfig{}) { - if clusterConfig.Metadata.Name != keosCluster.Metadata.Name { - return nil, nil, errors.New("ClusterConfig name does not match keoscluster name.") - } + + if findClusterConfig { + return &keosCluster, &clusterConfig, nil } - return &keosCluster, &clusterConfig, nil + return &keosCluster, nil, nil } func DecryptFile(filePath string, vaultPassword string) (string, error) { From 0555d7270709dcd00f41d6941ebe04680eafbe60 Mon Sep 17 00:00:00 2001 From: lreciomelero <lrecio@stratio.com> Date: Mon, 22 Jan 2024 13:18:34 +0100 Subject: [PATCH 06/13] added clusterconfig move --- .../create/actions/createworker/createworker.go | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/pkg/cluster/internal/create/actions/createworker/createworker.go b/pkg/cluster/internal/create/actions/createworker/createworker.go index 0aca799ac0..f83a6cb811 100644 --- a/pkg/cluster/internal/create/actions/createworker/createworker.go +++ b/pkg/cluster/internal/create/actions/createworker/createworker.go @@ -709,12 +709,27 @@ func (a *action) Execute(ctx *actions.ActionContext) error { } if a.clusterConfig != nil { + + c = "kubectl -n " + capiClustersNamespace + " patch clusterconfig " + a.clusterConfig.Metadata.Name + " -p '{\"metadata\":{\"ownerReferences\":null,\"finalizers\":null}}' --type=merge" + _, err = commons.ExecuteCommand(n, c) + if err != nil { + return errors.Wrap(err, "failed to remove clusterconfig ownerReferences and finalizers") + } + // Move clusterConfig to workload cluster c = "kubectl -n " + capiClustersNamespace + " get clusterconfig " + a.clusterConfig.Metadata.Name + " -o json | kubectl apply --kubeconfig " + kubeconfigPath + " -f-" _, err = commons.ExecuteCommand(n, c) if err != nil { return errors.Wrap(err, "failed to move clusterconfig to workload cluster") } + + // Delete clusterconfig in management cluster + c = "kubectl -n " + capiClustersNamespace + " delete clusterconfig " + a.clusterConfig.Metadata.Name + _, err = commons.ExecuteCommand(n, c) + if err != nil { + return errors.Wrap(err, "failed to delete clusterconfig in management cluster") + } + } // Move keoscluster to workload cluster From 105d4e4c8293939c2fd7ae1216f2160422ecab00 Mon Sep 17 00:00:00 2001 From: lreciomelero <lrecio@stratio.com> Date: Mon, 22 Jan 2024 13:27:42 +0100 Subject: [PATCH 07/13] added clusterconfig move --- pkg/cluster/internal/create/actions/createworker/provider.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/cluster/internal/create/actions/createworker/provider.go b/pkg/cluster/internal/create/actions/createworker/provider.go index 6fc71a6123..797cb3c637 100644 --- a/pkg/cluster/internal/create/actions/createworker/provider.go +++ b/pkg/cluster/internal/create/actions/createworker/provider.go @@ -56,8 +56,8 @@ const ( scName = "keos" certManagerVersion = "v1.12.3" - clusterOperatorChart = "0.2.0-PR154-SNAPSHOT" - clusterOperatorImage = "0.2.0-PR154-SNAPSHOT" + clusterOperatorChart = "0.2.0-SNAPSHOT" + clusterOperatorImage = "0.2.0-SNAPSHOT" ) const machineHealthCheckWorkerNodePath = "/kind/manifests/machinehealthcheckworkernode.yaml" From 123b38f2b732642f1c217f3ddd2afabdd2fa287b Mon Sep 17 00:00:00 2001 From: lreciomelero <lrecio@stratio.com> Date: Mon, 22 Jan 2024 17:45:46 +0100 Subject: [PATCH 08/13] integrating private controlplane. fully-private integration --- pkg/cluster/internal/validate/common.go | 23 +++++++++++++++++++- pkg/cluster/internal/validate/validate.go | 3 ++- pkg/cluster/provider.go | 3 ++- pkg/cmd/kind/create/cluster/createcluster.go | 2 ++ pkg/commons/cluster.go | 15 ++++++++----- 5 files changed, 37 insertions(+), 9 deletions(-) diff --git a/pkg/cluster/internal/validate/common.go b/pkg/cluster/internal/validate/common.go index 93a5cdbd74..a7b1f54269 100644 --- a/pkg/cluster/internal/validate/common.go +++ b/pkg/cluster/internal/validate/common.go @@ -34,8 +34,9 @@ const ( var k8sVersionSupported = []string{"1.24", "1.25", "1.26", "1.27", "1.28"} -func validateCommon(spec commons.KeosSpec) error { +func validateCommon(spec commons.KeosSpec, clusterConfig *commons.ClusterConfig) error { var err error + if err = validateK8SVersion(spec.K8SVersion); err != nil { return err } @@ -45,6 +46,26 @@ func validateCommon(spec commons.KeosSpec) error { if err = validateVolumes(spec); err != nil { return err } + if err = validatePublicControlPlane(spec, clusterConfig); err != nil { + return err + } + return nil +} + +func validatePublicControlPlane(spec commons.KeosSpec, clusterConfig *commons.ClusterConfig) error { + if spec.InfraProvider != "aws" { + if !spec.ControlPlane.Public { + return errors.New("spec.control_plane.public only can be false for aws or eks installations") + } + } else if !spec.ControlPlane.Public { + if clusterConfig == nil || !clusterConfig.Spec.Private { + return errors.New("If keoscluster's .spec.control_plane.public is false, clusterConfig .spec.private_registry must be true") + } + if spec.Networks.AdditionalSecurityGroup != "" { + return errors.New("If keoscluster's .spec.control_plane.public is false, its .spec.networks.additional_sg must be indicated. This sg must be created as a requirement and must allow the internal vpc traffic.") + } + } + return nil } diff --git a/pkg/cluster/internal/validate/validate.go b/pkg/cluster/internal/validate/validate.go index 135438a0d1..cf4c8328c3 100644 --- a/pkg/cluster/internal/validate/validate.go +++ b/pkg/cluster/internal/validate/validate.go @@ -24,6 +24,7 @@ type ValidateParams struct { KeosCluster commons.KeosCluster SecretsPath string VaultPassword string + ClusterConfig commons.ClusterConfig } func Cluster(params *ValidateParams) (commons.ClusterCredentials, error) { @@ -35,7 +36,7 @@ func Cluster(params *ValidateParams) (commons.ClusterCredentials, error) { return commons.ClusterCredentials{}, err } - if err := validateCommon(params.KeosCluster.Spec); err != nil { + if err := validateCommon(params.KeosCluster.Spec, ¶ms.ClusterConfig); err != nil { return commons.ClusterCredentials{}, err } diff --git a/pkg/cluster/provider.go b/pkg/cluster/provider.go index 7f1767008f..565240f3a5 100644 --- a/pkg/cluster/provider.go +++ b/pkg/cluster/provider.go @@ -255,9 +255,10 @@ func (p *Provider) CollectLogs(name, dir string) error { return p.provider.CollectLogs(dir, n) } -func (p *Provider) Validate(keosCluster commons.KeosCluster, secretsPath string, vaultPassword string) (commons.ClusterCredentials, error) { +func (p *Provider) Validate(keosCluster commons.KeosCluster, clusterConfig commons.ClusterConfig, secretsPath string, vaultPassword string) (commons.ClusterCredentials, error) { params := &internalvalidate.ValidateParams{ KeosCluster: keosCluster, + ClusterConfig: clusterConfig, SecretsPath: secretsPath, VaultPassword: vaultPassword, } diff --git a/pkg/cmd/kind/create/cluster/createcluster.go b/pkg/cmd/kind/create/cluster/createcluster.go index e1d27f8ed1..ff95d4d74b 100644 --- a/pkg/cmd/kind/create/cluster/createcluster.go +++ b/pkg/cmd/kind/create/cluster/createcluster.go @@ -180,6 +180,7 @@ func runE(logger log.Logger, streams cmd.IOStreams, flags *flagpole) error { clusterCredentials, err := provider.Validate( *keosCluster, + *clusterConfig, secretsDefaultPath, flags.VaultPassword, ) @@ -189,6 +190,7 @@ func runE(logger log.Logger, streams cmd.IOStreams, flags *flagpole) error { dockerRegUrl := "" if clusterConfig != nil && clusterConfig.Spec.Private { + configFile, err := getConfigFile(keosCluster, clusterCredentials) if err != nil { return errors.Wrap(err, "Error getting private kubeadm config") diff --git a/pkg/commons/cluster.go b/pkg/commons/cluster.go index 3155199d6e..ab08e90a13 100644 --- a/pkg/commons/cluster.go +++ b/pkg/commons/cluster.go @@ -110,6 +110,7 @@ type KeosSpec struct { AWS AWSCP `yaml:"aws,omitempty"` Azure AzureCP `yaml:"azure,omitempty"` ExtraVolumes []ExtraVolume `yaml:"extra_volumes,omitempty" validate:"dive"` + Public bool `yaml:"public" validate:"boolean"` } `yaml:"control_plane"` WorkerNodes WorkerNodes `yaml:"worker_nodes" validate:"required,dive"` @@ -118,12 +119,13 @@ type KeosSpec struct { } type Networks struct { - VPCID string `yaml:"vpc_id,omitempty"` - VPCCidrBlock string `yaml:"vpc_cidr,omitempty" validate:"omitempty,cidrv4"` - PodsCidrBlock string `yaml:"pods_cidr,omitempty" validate:"omitempty,cidrv4"` - PodsSubnets []Subnets `yaml:"pods_subnets,omitempty" validate:"dive"` - Subnets []Subnets `yaml:"subnets,omitempty" validate:"dive"` - ResourceGroup string `yaml:"resource_group,omitempty"` + VPCID string `yaml:"vpc_id,omitempty"` + VPCCidrBlock string `yaml:"vpc_cidr,omitempty" validate:"omitempty,cidrv4"` + PodsCidrBlock string `yaml:"pods_cidr,omitempty" validate:"omitempty,cidrv4"` + PodsSubnets []Subnets `yaml:"pods_subnets,omitempty" validate:"dive"` + Subnets []Subnets `yaml:"subnets,omitempty" validate:"dive"` + ResourceGroup string `yaml:"resource_group,omitempty"` + AdditionalSecurityGroup string `yaml:"additional_sg,omitempty"` } type Subnets struct { @@ -349,6 +351,7 @@ func (s ClusterConfigSpec) Init() ClusterConfigSpec { func (s KeosSpec) Init() KeosSpec { highlyAvailable := true s.ControlPlane.HighlyAvailable = &highlyAvailable + s.ControlPlane.Public = true // AKS s.ControlPlane.Azure.Tier = "Paid" From ca58ab70d134ec9d74f875a92c15ed9567c030c0 Mon Sep 17 00:00:00 2001 From: lreciomelero <lrecio@stratio.com> Date: Mon, 22 Jan 2024 17:55:15 +0100 Subject: [PATCH 09/13] integrating docker inspect for private image. fully-private integration --- .../internal/providers/docker/images.go | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/pkg/cluster/internal/providers/docker/images.go b/pkg/cluster/internal/providers/docker/images.go index c8eac0c30e..470db66dcc 100644 --- a/pkg/cluster/internal/providers/docker/images.go +++ b/pkg/cluster/internal/providers/docker/images.go @@ -62,16 +62,16 @@ func ensureNodeImages(logger log.Logger, status *cli.Status, cfg *config.Cluster return err } stratioImage := "stratio-capi-image:" + strings.Split(friendlyImageName, ":")[1] - // if dockerRegUrl != "" { - // cmd := exec.Command("docker", "inspect", "--type=image", stratioImage) - // if err := cmd.Run(); err == nil { - // logger.V(1).Infof("stratioImage: %s present locally", image) - // } else { - // err = buildStratioImage(logger, stratioImage, dockerfileDir) - // } - // } else { - // err = buildStratioImage(logger, stratioImage, dockerfileDir) - // } + if dockerRegUrl != "" { + cmd := exec.Command("docker", "inspect", "--type=image", stratioImage) + if err := cmd.Run(); err == nil { + logger.V(1).Infof("stratioImage: %s present locally", image) + } else { + err = buildStratioImage(logger, stratioImage, dockerfileDir) + } + } else { + err = buildStratioImage(logger, stratioImage, dockerfileDir) + } err = buildStratioImage(logger, stratioImage, dockerfileDir) if err != nil { status.End(false) From 23eea02a6090501ca97ed9b47d3f1969099b0ccc Mon Sep 17 00:00:00 2001 From: lreciomelero <lrecio@stratio.com> Date: Tue, 23 Jan 2024 09:51:31 +0100 Subject: [PATCH 10/13] Added new validations. fully-private integration --- pkg/cluster/internal/validate/common.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pkg/cluster/internal/validate/common.go b/pkg/cluster/internal/validate/common.go index a7b1f54269..be70d3f3a5 100644 --- a/pkg/cluster/internal/validate/common.go +++ b/pkg/cluster/internal/validate/common.go @@ -18,6 +18,7 @@ package validate import ( "fmt" + "reflect" "regexp" "strconv" "strings" @@ -61,9 +62,13 @@ func validatePublicControlPlane(spec commons.KeosSpec, clusterConfig *commons.Cl if clusterConfig == nil || !clusterConfig.Spec.Private { return errors.New("If keoscluster's .spec.control_plane.public is false, clusterConfig .spec.private_registry must be true") } - if spec.Networks.AdditionalSecurityGroup != "" { + if spec.Networks.AdditionalSecurityGroup == "" { return errors.New("If keoscluster's .spec.control_plane.public is false, its .spec.networks.additional_sg must be indicated. This sg must be created as a requirement and must allow the internal vpc traffic.") } + if spec.Networks.VPCID == "" || reflect.DeepEqual(spec.Networks.Subnets, commons.Subnets{}) { + return errors.New("If keoscluster's .spec.control_plane.public is false, its .spec.networks.vpc_id and .spec.networks.subnets must be indicated.") + + } } return nil From 9b6009f6655aa9639ec4bf252b9cfa21136a5fed Mon Sep 17 00:00:00 2001 From: lreciomelero <lrecio@stratio.com> Date: Wed, 24 Jan 2024 11:33:39 +0100 Subject: [PATCH 11/13] added sg validations --- pkg/cluster/internal/validate/aws.go | 47 +++++++++++++++++++++++++ pkg/cluster/internal/validate/common.go | 11 +++--- pkg/cluster/internal/validate/utils.go | 4 +++ pkg/commons/cluster.go | 14 ++++---- 4 files changed, 63 insertions(+), 13 deletions(-) diff --git a/pkg/cluster/internal/validate/aws.go b/pkg/cluster/internal/validate/aws.go index 1d949789e7..3ab3380089 100644 --- a/pkg/cluster/internal/validate/aws.go +++ b/pkg/cluster/internal/validate/aws.go @@ -176,6 +176,11 @@ func validateAWSNetwork(ctx context.Context, cfg aws.Config, spec commons.KeosSp } } } + if spec.Networks.AdditionalSecurityGroupId != "" { + if err := validateSecurityGroup(spec.Networks.AdditionalSecurityGroupId, spec.Networks.VPCID, cfg); err != nil { + return err + } + } } else { if len(spec.Networks.Subnets) > 0 { return errors.New("\"vpc_id\": is required when \"subnets\" is set") @@ -183,6 +188,9 @@ func validateAWSNetwork(ctx context.Context, cfg aws.Config, spec commons.KeosSp if len(spec.Networks.PodsSubnets) > 0 { return errors.New("\"vpc_id\": is required when \"pods_subnets\" is set") } + if spec.Networks.AdditionalSecurityGroupId != "" { + return errors.New("\"vpc_id\": is required when \"additional_sg_id\" is set") + } } if len(spec.Networks.Subnets) > 0 { for _, s := range spec.Networks.Subnets { @@ -194,6 +202,7 @@ func validateAWSNetwork(ctx context.Context, cfg aws.Config, spec commons.KeosSp return err } } + return nil } @@ -249,6 +258,44 @@ func getAWSRegions(config aws.Config) ([]string, error) { return regions, nil } +func validateSecurityGroup(sgId string, vpcId string, config aws.Config) error { + findSg := false + ec2Client := ec2.NewFromConfig(config) + params := ec2.DescribeSecurityGroupsInput{ + Filters: []types.Filter{ + { + Name: toPtr[string]("group-id"), + Values: []string{sgId}, + }, + }, + } + if vpcId != "" { + vpcFilter := types.Filter{Name: toPtr[string]("vpc-id"), Values: []string{vpcId}} + params.Filters = append(params.Filters, vpcFilter) + } + sgsOutput, err := ec2Client.DescribeSecurityGroups(context.Background(), ¶ms) + if err != nil { + return err + } + for _, sg := range sgsOutput.SecurityGroups { + if *sg.GroupId == sgId { + findSg = true + continue + } + } + if !findSg { + errMsg := "SecurityGroup with sg_id: " + sgId + " does not exist in" + if vpcId == "" { + errMsg += " default vpc." + } else { + errMsg += " vpc: " + vpcId + "." + } + return errors.New(errMsg) + + } + return nil +} + func getAWSVPCs(config aws.Config) ([]string, error) { vpcs := []string{} diff --git a/pkg/cluster/internal/validate/common.go b/pkg/cluster/internal/validate/common.go index be70d3f3a5..a85c1d48a3 100644 --- a/pkg/cluster/internal/validate/common.go +++ b/pkg/cluster/internal/validate/common.go @@ -18,7 +18,6 @@ package validate import ( "fmt" - "reflect" "regexp" "strconv" "strings" @@ -62,13 +61,13 @@ func validatePublicControlPlane(spec commons.KeosSpec, clusterConfig *commons.Cl if clusterConfig == nil || !clusterConfig.Spec.Private { return errors.New("If keoscluster's .spec.control_plane.public is false, clusterConfig .spec.private_registry must be true") } - if spec.Networks.AdditionalSecurityGroup == "" { - return errors.New("If keoscluster's .spec.control_plane.public is false, its .spec.networks.additional_sg must be indicated. This sg must be created as a requirement and must allow the internal vpc traffic.") - } - if spec.Networks.VPCID == "" || reflect.DeepEqual(spec.Networks.Subnets, commons.Subnets{}) { + if spec.Networks.VPCID == "" || len(spec.Networks.Subnets) == 0 { return errors.New("If keoscluster's .spec.control_plane.public is false, its .spec.networks.vpc_id and .spec.networks.subnets must be indicated.") - } + if spec.Networks.AdditionalSecurityGroupId == "" && spec.ControlPlane.Managed { + return errors.New("If keoscluster's .spec.control_plane.public is false and .spec.control_plane.managed, its .spec.networks.additional_sg must be indicated. This sg must be created as a requirement and must allow the internal vpc traffic.") + } + } return nil diff --git a/pkg/cluster/internal/validate/utils.go b/pkg/cluster/internal/validate/utils.go index dc3fa3e9f0..ee14e71bdf 100644 --- a/pkg/cluster/internal/validate/utils.go +++ b/pkg/cluster/internal/validate/utils.go @@ -72,3 +72,7 @@ func getFieldNames(s interface{}) []string { } return fieldNames } + +func toPtr[T any](v T) *T { + return &v +} diff --git a/pkg/commons/cluster.go b/pkg/commons/cluster.go index ab08e90a13..336a9f836d 100644 --- a/pkg/commons/cluster.go +++ b/pkg/commons/cluster.go @@ -119,13 +119,13 @@ type KeosSpec struct { } type Networks struct { - VPCID string `yaml:"vpc_id,omitempty"` - VPCCidrBlock string `yaml:"vpc_cidr,omitempty" validate:"omitempty,cidrv4"` - PodsCidrBlock string `yaml:"pods_cidr,omitempty" validate:"omitempty,cidrv4"` - PodsSubnets []Subnets `yaml:"pods_subnets,omitempty" validate:"dive"` - Subnets []Subnets `yaml:"subnets,omitempty" validate:"dive"` - ResourceGroup string `yaml:"resource_group,omitempty"` - AdditionalSecurityGroup string `yaml:"additional_sg,omitempty"` + VPCID string `yaml:"vpc_id,omitempty"` + VPCCidrBlock string `yaml:"vpc_cidr,omitempty" validate:"omitempty,cidrv4"` + PodsCidrBlock string `yaml:"pods_cidr,omitempty" validate:"omitempty,cidrv4"` + PodsSubnets []Subnets `yaml:"pods_subnets,omitempty" validate:"dive"` + Subnets []Subnets `yaml:"subnets,omitempty" validate:"dive"` + ResourceGroup string `yaml:"resource_group,omitempty"` + AdditionalSecurityGroupId string `yaml:"additional_sg_id,omitempty"` } type Subnets struct { From fc2296a4b48b2347a2b77be2e5db855692fe20e4 Mon Sep 17 00:00:00 2001 From: lreciomelero <lrecio@stratio.com> Date: Wed, 24 Jan 2024 17:06:19 +0100 Subject: [PATCH 12/13] changed image building --- pkg/cluster/internal/providers/docker/images.go | 1 - 1 file changed, 1 deletion(-) diff --git a/pkg/cluster/internal/providers/docker/images.go b/pkg/cluster/internal/providers/docker/images.go index 470db66dcc..28380f0573 100644 --- a/pkg/cluster/internal/providers/docker/images.go +++ b/pkg/cluster/internal/providers/docker/images.go @@ -72,7 +72,6 @@ func ensureNodeImages(logger log.Logger, status *cli.Status, cfg *config.Cluster } else { err = buildStratioImage(logger, stratioImage, dockerfileDir) } - err = buildStratioImage(logger, stratioImage, dockerfileDir) if err != nil { status.End(false) return err From dd4cf2798a9181a60dba960ce9a0dc18eaf62672 Mon Sep 17 00:00:00 2001 From: lreciomelero <lrecio@stratio.com> Date: Thu, 25 Jan 2024 16:19:03 +0100 Subject: [PATCH 13/13] fixing nil pointer bug --- .../create/actions/createworker/createworker.go | 17 +++++++++-------- .../create/actions/createworker/provider.go | 4 ++-- pkg/cluster/internal/validate/validate.go | 4 ++-- pkg/cluster/provider.go | 2 +- pkg/cmd/kind/create/cluster/createcluster.go | 2 +- 5 files changed, 15 insertions(+), 14 deletions(-) diff --git a/pkg/cluster/internal/create/actions/createworker/createworker.go b/pkg/cluster/internal/create/actions/createworker/createworker.go index c3bd9d4d05..b9e517a630 100644 --- a/pkg/cluster/internal/create/actions/createworker/createworker.go +++ b/pkg/cluster/internal/create/actions/createworker/createworker.go @@ -759,17 +759,18 @@ func (a *action) Execute(ctx *actions.ActionContext) error { ctx.Status.End(true) // End Moving the cluster-operator } - } - ctx.Status.Start("Executing post-install steps 🎖️") - defer ctx.Status.End(false) + ctx.Status.Start("Executing post-install steps 🎖️") + defer ctx.Status.End(false) - err = infra.postInstallPhase(n, kubeconfigPath) - if err != nil { - return err - } + err = infra.postInstallPhase(n, kubeconfigPath) + if err != nil { + return err + } - ctx.Status.End(true) + ctx.Status.End(true) + + } ctx.Status.Start("Generating the KEOS descriptor 📝") defer ctx.Status.End(false) diff --git a/pkg/cluster/internal/create/actions/createworker/provider.go b/pkg/cluster/internal/create/actions/createworker/provider.go index 48d2e025b6..71fe97fff8 100644 --- a/pkg/cluster/internal/create/actions/createworker/provider.go +++ b/pkg/cluster/internal/create/actions/createworker/provider.go @@ -56,8 +56,8 @@ const ( scName = "keos" certManagerVersion = "v1.12.3" - clusterOperatorChart = "0.2.0-SNAPSHOT" - clusterOperatorImage = "0.2.0-SNAPSHOT" + clusterOperatorChart = "0.2.0-PR157-SNAPSHOT" + clusterOperatorImage = "0.2.0-PR157-SNAPSHOT" postInstallAnnotation = "cluster-autoscaler.kubernetes.io/safe-to-evict-local-volumes" ) diff --git a/pkg/cluster/internal/validate/validate.go b/pkg/cluster/internal/validate/validate.go index cf4c8328c3..f82f0c364d 100644 --- a/pkg/cluster/internal/validate/validate.go +++ b/pkg/cluster/internal/validate/validate.go @@ -24,7 +24,7 @@ type ValidateParams struct { KeosCluster commons.KeosCluster SecretsPath string VaultPassword string - ClusterConfig commons.ClusterConfig + ClusterConfig *commons.ClusterConfig } func Cluster(params *ValidateParams) (commons.ClusterCredentials, error) { @@ -36,7 +36,7 @@ func Cluster(params *ValidateParams) (commons.ClusterCredentials, error) { return commons.ClusterCredentials{}, err } - if err := validateCommon(params.KeosCluster.Spec, ¶ms.ClusterConfig); err != nil { + if err := validateCommon(params.KeosCluster.Spec, params.ClusterConfig); err != nil { return commons.ClusterCredentials{}, err } diff --git a/pkg/cluster/provider.go b/pkg/cluster/provider.go index 565240f3a5..cb1a847249 100644 --- a/pkg/cluster/provider.go +++ b/pkg/cluster/provider.go @@ -255,7 +255,7 @@ func (p *Provider) CollectLogs(name, dir string) error { return p.provider.CollectLogs(dir, n) } -func (p *Provider) Validate(keosCluster commons.KeosCluster, clusterConfig commons.ClusterConfig, secretsPath string, vaultPassword string) (commons.ClusterCredentials, error) { +func (p *Provider) Validate(keosCluster commons.KeosCluster, clusterConfig *commons.ClusterConfig, secretsPath string, vaultPassword string) (commons.ClusterCredentials, error) { params := &internalvalidate.ValidateParams{ KeosCluster: keosCluster, ClusterConfig: clusterConfig, diff --git a/pkg/cmd/kind/create/cluster/createcluster.go b/pkg/cmd/kind/create/cluster/createcluster.go index ff95d4d74b..9128505147 100644 --- a/pkg/cmd/kind/create/cluster/createcluster.go +++ b/pkg/cmd/kind/create/cluster/createcluster.go @@ -180,7 +180,7 @@ func runE(logger log.Logger, streams cmd.IOStreams, flags *flagpole) error { clusterCredentials, err := provider.Validate( *keosCluster, - *clusterConfig, + clusterConfig, secretsDefaultPath, flags.VaultPassword, )