⚠️ Support storing Ignition user data in S3 bucket for AWSMachinePool
#5172
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
(Replaces #5148 so I can do PR stacking)
What this PR does / why we need it:
EC2 user data is insecure and very limited in size (16 KB). Use the S3 bucket storage also for machine pools. The difference to
AWSMachine
is that the S3 objects must stay around because a new instance could be started by the ASG at any time, and user data with a valid token must exist. Both a lifecycle policy for regular deletion, and explicit S3 object deletion requests, are used for cleanup, so that normally, only 1-3 launch template versions' user data are stored in S3. Each launch template version relates to one S3 object.What type of PR is this?
I marked this as breaking change for now, since the default storage – in the case of
AWSMachinePool
+ Ignition user data format – changes toIgnitionStorageTypeOptionClusterObjectStore
if nothing is explicitly specified. For me, this makes sense because theAWSMachine
controller already defaulted to that storage type. It's very likely that an administrator who uses Ignition user data has also configured an S3 bucket, so I see low chances of breaking someone's workflow. If not, the reconciler will log an error and not continue, and the administrator could setAWSMachinePool.spec.ignition.storageType
toUnencryptedUserData
in order to keep machine pool related user data stored in plaintext on each EC2 instance./kind feature
Which issue(s) this PR fixes:
Didn't find an existing issue. My company ran into EC2 user data size limit problems.
Special notes for your reviewer:
This change has been successfully used in the Giant Swarm fork of CAPA since July, on production clusters. I have adapted the change to the latest upstream changes, in particular the introduction of
IgnitionStorageTypeOption
(#4700). Therefore, I retested this feature using Tilt on a plain CAPI@main + CAPA@main setup, with AWSCluster + Flatcar AMI + AWSMachinePool in my manifests.Checklist:
Release note: