chore: enable scale features by default (#1099)

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
2021-06-22 11:38:47 -07:00 · 2021-06-22 11:38:47 -07:00 · 1db21a8afe
--- a/cmd/mic/main.go
+++ b/cmd/mic/main.go
@ -130,7 +130,7 @@ func main() {
 	}

 	if enableScaleFeatures {
-		klog.Infof("enabling features for scale clusters")
+		klog.Infof("enableScaleFeatures is DEPRECATED for MIC and isn't required. This flag will be removed in the next release.")
 	}

 	klog.Infof("kubeconfig (%s) cloudconfig (%s)", kubeconfig, cloudconfig)
@ -158,7 +158,6 @@ func main() {
 		IsNamespaced:                        forceNamespaced,
 		SyncRetryInterval:                   syncRetryDuration,
 		LeaderElectionCfg:                   &leaderElectionCfg,
-		EnableScaleFeatures:                 enableScaleFeatures,
 		CreateDeleteBatch:                   createDeleteBatch,
 		ImmutableUserMSIsList:               immutableUserMSIsList,
 		CMcfg:                               &cmConfig,
--- a/cmd/nmi/main.go
+++ b/cmd/nmi/main.go
@ -43,7 +43,7 @@ var (
 	retryAttemptsForAssigned           = pflag.Int("retry-attempts-for-assigned", defaultlistPodIDsRetryAttemptsForAssigned, "Number of retries in NMI to find assigned identity in ASSIGNED state")
 	findIdentityRetryIntervalInSeconds = pflag.Int("find-identity-retry-interval", defaultlistPodIDsRetryIntervalInSeconds, "Retry interval to find assigned identities in seconds")
 	enableProfile                      = pflag.Bool("enableProfile", false, "Enable/Disable pprof profiling")
-	enableScaleFeatures                = pflag.Bool("enableScaleFeatures", false, "Enable/Disable features for scale clusters")
+	enableScaleFeatures                = pflag.Bool("enableScaleFeatures", true, "Enable/Disable features for scale clusters")
 	blockInstanceMetadata              = pflag.Bool("block-instance-metadata", false, "Block instance metadata endpoints")
 	metadataHeaderRequired             = pflag.Bool("metadata-header-required", false, "Metadata header required for querying Azure Instance Metadata service")
 	prometheusPort                     = pflag.String("prometheus-port", "9090", "Prometheus port for metrics")
--- a/manifest_staging/charts/aad-pod-identity/README.md
+++ b/manifest_staging/charts/aad-pod-identity/README.md
@ -14,7 +14,7 @@ helm install aad-pod-identity aad-pod-identity/aad-pod-identity
 ## Helm chart and aad-pod-identity versions

 | Helm Chart Version | AAD Pod Identity Version | Compatible with Helm 2 |
-|--------------------|--------------------------|------------------------|
+| ------------------ | ------------------------ | ---------------------- |
 | `1.5.2`            | `1.5.2`                  | ✔️                      |
 | `1.5.3`            | `1.5.3`                  | ✔️                      |
 | `1.5.4`            | `1.5.4`                  | ✔️                      |
@ -234,7 +234,7 @@ The following is a basic example of the required change in the user-supplied val
 The following tables list the configurable parameters of the aad-pod-identity chart and their default values.

 | Parameter                                 | Description                                                                                                                                                                                                                                                                                                                   | Default                                                        |
-|-------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------|
+| ----------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------- |
 | `nameOverride`                            | String to partially override aad-pod-identity.fullname template with a string (will prepend the release name)                                                                                                                                                                                                                 | `""`                                                           |
 | `fullnameOverride`                        | String to fully override aad-pod-identity.fullname template with a string                                                                                                                                                                                                                                                     | `""`                                                           |
 | `image.repository`                        | Image repository                                                                                                                                                                                                                                                                                                              | `mcr.microsoft.com/oss/azure/aad-pod-identity`                 |
--- a/manifest_staging/charts/aad-pod-identity/values.yaml
+++ b/manifest_staging/charts/aad-pod-identity/values.yaml
@ -218,8 +218,8 @@ nmi:
  findIdentityRetryIntervalInSeconds: ""

  # Enable scale features - https://github.com/Azure/aad-pod-identity/blob/master/docs/readmes/README.featureflags.md#enable-scale-features-flag
-  # Accepted values are true/false. Default is false.
-  enableScaleFeatures: ""
+  # Accepted values are true/false. Default is true for v1.8.1+.
+  enableScaleFeatures: true

  # default value is 9090
  # prometheus port for metrics
--- a/manifest_staging/deploy/infra/deployment-rbac.yaml
+++ b/manifest_staging/deploy/infra/deployment-rbac.yaml
@ -479,6 +479,7 @@ spec:
        args:
          - "--node=$(NODE_NAME)"
          - "--http-probe-port=8085"
+          - "--enableScaleFeatures=true"
        env:
          - name: HOST_IP
            valueFrom:
--- a/manifest_staging/deploy/infra/deployment.yaml
+++ b/manifest_staging/deploy/infra/deployment.yaml
@ -435,6 +435,7 @@ spec:
        args:
          - "--node=$(NODE_NAME)"
          - "--http-probe-port=8085"
+          - "--enableScaleFeatures=true"
        env:
          - name: HOST_IP
            valueFrom:
--- a/manifest_staging/deploy/infra/managed-mode-deployment.yaml
+++ b/manifest_staging/deploy/infra/managed-mode-deployment.yaml
@ -312,6 +312,7 @@ spec:
          - "--operation-mode=managed"
          - "--forceNamespaced"
          - "--http-probe-port=8085"
+          - "--enableScaleFeatures=true"
        env:
          - name: HOST_IP
            valueFrom:
--- a/manifest_staging/deploy/infra/noazurejson/deployment-rbac.yaml
+++ b/manifest_staging/deploy/infra/noazurejson/deployment-rbac.yaml
@ -477,6 +477,7 @@ spec:
        args:
          - "--node=$(NODE_NAME)"
          - "--http-probe-port=8085"
+          - "--enableScaleFeatures=true"
        env:
          - name: HOST_IP
            valueFrom:
--- a/manifest_staging/deploy/infra/noazurejson/deployment.yaml
+++ b/manifest_staging/deploy/infra/noazurejson/deployment.yaml
@ -433,6 +433,7 @@ spec:
        args:
          - "--node=$(NODE_NAME)"
          - "--http-probe-port=8085"
+          - "--enableScaleFeatures=true"
        env:
          - name: HOST_IP
            valueFrom:
--- a/pkg/mic/mic.go
+++ b/pkg/mic/mic.go
@ -88,7 +88,6 @@ type Client struct {
 	IsNamespaced                        bool
 	SyncLoopStarted                     bool
 	syncRetryInterval                   time.Duration
-	enableScaleFeatures                 bool
 	createDeleteBatch                   int64
 	ImmutableUserMSIsMap                map[string]bool
 	identityAssignmentReconcileInterval time.Duration
@ -110,7 +109,6 @@ type Config struct {
 	IsNamespaced                        bool
 	SyncRetryInterval                   time.Duration
 	LeaderElectionCfg                   *LeaderElectionConfig
-	EnableScaleFeatures                 bool
 	CreateDeleteBatch                   int64
 	ImmutableUserMSIsList               []string
 	CMcfg                               *CMConfig
@ -216,7 +214,6 @@ func NewMICClient(cfg *Config) (*Client, error) {
 		NodeClient:                          &NodeClient{informer.Core().V1().Nodes()},
 		IsNamespaced:                        cfg.IsNamespaced,
 		syncRetryInterval:                   cfg.SyncRetryInterval,
-		enableScaleFeatures:                 cfg.EnableScaleFeatures,
 		createDeleteBatch:                   cfg.CreateDeleteBatch,
 		ImmutableUserMSIsMap:                immutableUserMSIsMap,
 		TypeUpgradeCfg:                      cfg.TypeUpgradeCfg,
--- a/test/e2e/framework/config.go
+++ b/test/e2e/framework/config.go
@ -25,7 +25,7 @@ type Config struct {
 	NMIVersion                   string        `envconfig:"NMI_VERSION" default:"v1.8.0"`
 	Registry                     string        `envconfig:"REGISTRY" default:"mcr.microsoft.com/oss/azure/aad-pod-identity"`
 	IdentityValidatorVersion     string        `envconfig:"IDENTITY_VALIDATOR_VERSION" default:"v1.8.0"`
-	EnableScaleFeatures          bool          `envconfig:"ENABLE_SCALE_FEATURES" default:"false"`
+	EnableScaleFeatures          bool          `envconfig:"ENABLE_SCALE_FEATURES" default:"true"`
 	ImmutableUserMSIs            string        `envconfig:"IMMUTABLE_IDENTITY_CLIENT_ID"`
 	NMIMode                      string        `envconfig:"NMI_MODE" default:"standard"`
 	BlockInstanceMetadata        bool          `envconfig:"BLOCK_INSTANCE_METADATA" default:"true"`
--- a/website/content/en/docs/Configure/feature_flags.md
+++ b/website/content/en/docs/Configure/feature_flags.md
@ -9,11 +9,12 @@ description: >
 ## Enable Scale Features flag

 > Available from 1.5.3 release
+> This flag is enabled by default starting from v1.8.1 release

-Aad-pod-identity adds labels to AzureAssignedIdentities which denote the nodename, podname and podnamespace.
-When the optional parameter `enableScaleFeatures` is set to `true`, the NMI watches for AzureAssignedIdentities will do a label based filtering on
-the nodename label. This approach is taken because currently K8s does not support field selectors in CRD watches. This reduces the load which
-NMIs add on API server. When this flag is enabled, NMI will no longer work for AzureAssignedIdentities which were created before 1.5.3-rc5, since
+AAD Pod Identity adds labels to `AzureAssignedIdentities` which denote the nodename, podname and podnamespace.
+When the optional parameter `enableScaleFeatures` is set to `true`, the NMI watches for `AzureAssignedIdentities` will do a label based filtering on
+the nodename label. This approach is taken because currently Kubernetes does not support field selectors in CRD watches. This reduces the load which
+NMIs add on API server. When this flag is enabled, NMI will no longer work for `AzureAssignedIdentities` which were created before 1.5.3-rc5, since
 they don't have the labels. Hence please note that this flag renders your setup incompatible with releases before 1.5.3-rc5.

 ## Batch Create Delete flag