fix: add more kubernetesConfig nil checks to account for more resilience. (#816)

2019-03-20 18:45:01 -07:00 · 2019-03-20 18:45:01 -07:00 · 2132982105
--- a/pkg/engine/armvariables.go
+++ b/pkg/engine/armvariables.go
@ -50,19 +50,27 @@ func getK8sMasterVars(cs *api.ContainerService) map[string]interface{} {
 	masterProfile := cs.Properties.MasterProfile
 	profiles := cs.Properties.AgentPoolProfiles

-	useManagedIdentity := kubernetesConfig.UseManagedIdentity
-	userAssignedID := useManagedIdentity && kubernetesConfig.UserAssignedID != ""
-	userAssignedClientID := useManagedIdentity && kubernetesConfig.UserAssignedClientID != ""
-	useInstanceMetadata := kubernetesConfig.UseInstanceMetadata
-	excludeMasterFromStandardLB := to.Bool(kubernetesConfig.ExcludeMasterFromStandardLB)
-	maxLoadBalancerCount := kubernetesConfig.MaximumLoadBalancerRuleCount
+	var useManagedIdentity, userAssignedID, userAssignedClientID, enableEncryptionWithExternalKms bool
+	var excludeMasterFromStandardLB, provisionJumpbox, isPrivateCluster bool
+	var maxLoadBalancerCount int
+	var useInstanceMetadata *bool
+	if kubernetesConfig != nil {
+		useManagedIdentity = kubernetesConfig.UseManagedIdentity
+		userAssignedID = useManagedIdentity && kubernetesConfig.UserAssignedID != ""
+		userAssignedClientID = useManagedIdentity && kubernetesConfig.UserAssignedClientID != ""
+		enableEncryptionWithExternalKms = to.Bool(kubernetesConfig.EnableEncryptionWithExternalKms)
+		useInstanceMetadata = kubernetesConfig.UseInstanceMetadata
+		excludeMasterFromStandardLB = to.Bool(kubernetesConfig.ExcludeMasterFromStandardLB)
+		maxLoadBalancerCount = kubernetesConfig.MaximumLoadBalancerRuleCount
+		if kubernetesConfig.PrivateCluster != nil {
+			isPrivateCluster = to.Bool(kubernetesConfig.PrivateCluster.Enabled)
+		}
+		provisionJumpbox = kubernetesConfig.PrivateJumpboxProvision()
+	}
 	isHostedMaster := cs.Properties.IsHostedMasterProfile()
 	isMasterVMSS := masterProfile != nil && masterProfile.IsVirtualMachineScaleSets()
 	hasStorageAccountDisks := cs.Properties.HasStorageAccountDisks()
 	isCustomVnet := cs.Properties.AreAgentProfilesCustomVNET()
-	isPrivateCluster := to.Bool(kubernetesConfig.PrivateCluster.Enabled)
-	provisionJumpbox := kubernetesConfig.PrivateJumpboxProvision()
-	enableEncryptionWithExternalKms := to.Bool(kubernetesConfig.EnableEncryptionWithExternalKms)
 	hasAgentPool := len(profiles) > 0
 	hasCosmosEtcd := masterProfile != nil && to.Bool(masterProfile.CosmosEtcd)

--- a/pkg/engine/masterarmresources.go
+++ b/pkg/engine/masterarmresources.go
@ -39,7 +39,12 @@ func createKubernetesMasterResourcesVMAS(cs *api.ContainerService) []interface{}
 		masterResources = append(masterResources, createRouteTable())
 	}

-	isPrivateCluster := to.Bool(cs.Properties.OrchestratorProfile.KubernetesConfig.PrivateCluster.Enabled)
+	kubernetesConfig := cs.Properties.OrchestratorProfile.KubernetesConfig
+
+	var isPrivateCluster bool
+	if kubernetesConfig != nil && kubernetesConfig.PrivateCluster != nil {
+		isPrivateCluster = to.Bool(kubernetesConfig.PrivateCluster.Enabled)
+	}

 	if !isPrivateCluster {
 		publicIPAddress := CreatePublicIPAddress()
@ -52,14 +57,18 @@ func createKubernetesMasterResourcesVMAS(cs *api.ContainerService) []interface{}
 		masterNic := createPrivateClusterNetworkInterface(cs)
 		masterResources = append(masterResources, masterNic)

-		provisionJumpbox := cs.Properties.OrchestratorProfile.KubernetesConfig.PrivateJumpboxProvision()
+		var provisionJumpbox bool
+
+		if kubernetesConfig != nil {
+			provisionJumpbox = kubernetesConfig.PrivateJumpboxProvision()
+		}

 		if provisionJumpbox {
 			jumpboxVM := createJumpboxVirtualMachine(cs)
 			masterResources = append(masterResources, jumpboxVM)
 			jumpboxIsManagedDisks :=
-				cs.Properties.OrchestratorProfile.KubernetesConfig.PrivateJumpboxProvision() &&
-					cs.Properties.OrchestratorProfile.KubernetesConfig.PrivateCluster.JumpboxProfile.StorageProfile == api.ManagedDisks
+				kubernetesConfig.PrivateJumpboxProvision() &&
+					kubernetesConfig.PrivateCluster.JumpboxProfile.StorageProfile == api.ManagedDisks
 			if !jumpboxIsManagedDisks {
 				jumpBoxStorage := createJumpboxStorageAccount()
 				masterResources = append(masterResources, jumpBoxStorage)
@ -77,7 +86,10 @@ func createKubernetesMasterResourcesVMAS(cs *api.ContainerService) []interface{}
 		masterResources = append(masterResources, internalLB)
 	}

-	isKMSEnabled := to.Bool(cs.Properties.OrchestratorProfile.KubernetesConfig.EnableEncryptionWithExternalKms)
+	var isKMSEnabled bool
+	if kubernetesConfig != nil {
+		isKMSEnabled = to.Bool(kubernetesConfig.EnableEncryptionWithExternalKms)
+	}

 	if isKMSEnabled {
 		keyVaultStorageAccount := createKeyVaultStorageAccount()
@ -88,8 +100,9 @@ func createKubernetesMasterResourcesVMAS(cs *api.ContainerService) []interface{}
 	masterVM := CreateVirtualMachine(cs)
 	masterResources = append(masterResources, masterVM)

-	useManagedIdentity := cs.Properties.OrchestratorProfile.KubernetesConfig.UseManagedIdentity
-	userAssignedIDEnabled := useManagedIdentity && cs.Properties.OrchestratorProfile.KubernetesConfig.UserAssignedID != ""
+	var useManagedIdentity, userAssignedIDEnabled bool
+	useManagedIdentity = kubernetesConfig.UseManagedIdentity
+	userAssignedIDEnabled = useManagedIdentity && kubernetesConfig.UserAssignedID != ""

 	if useManagedIdentity && !userAssignedIDEnabled {
 		vmasRoleAssignment := createVMASRoleAssignment()
@ -136,7 +149,12 @@ func createKubernetesMasterResourcesVMSS(cs *api.ContainerService) []interface{}
 	loadBalancer := CreateLoadBalancer(cs.Properties.MasterProfile.Count, true)
 	masterResources = append(masterResources, publicIPAddress, loadBalancer)

-	isKMSEnabled := to.Bool(cs.Properties.OrchestratorProfile.KubernetesConfig.EnableEncryptionWithExternalKms)
+	kubernetesConfig := cs.Properties.OrchestratorProfile.KubernetesConfig
+
+	var isKMSEnabled bool
+	if kubernetesConfig != nil {
+		isKMSEnabled = to.Bool(kubernetesConfig.EnableEncryptionWithExternalKms)
+	}

 	if isKMSEnabled {
 		keyVaultStorageAccount := createKeyVaultStorageAccount()
--- a/pkg/engine/virtualmachines.go
+++ b/pkg/engine/virtualmachines.go
@ -17,9 +17,13 @@ import (
 func CreateVirtualMachine(cs *api.ContainerService) VirtualMachineARM {
 	hasAvailabilityZones := cs.Properties.MasterProfile.HasAvailabilityZones()
 	isStorageAccount := cs.Properties.MasterProfile.IsStorageAccount()
-	useManagedIdentity := cs.Properties.OrchestratorProfile.KubernetesConfig.UseManagedIdentity
-	userAssignedIDEnabled := cs.Properties.OrchestratorProfile.KubernetesConfig.UseManagedIdentity &&
-		cs.Properties.OrchestratorProfile.KubernetesConfig.UserAssignedID != ""
+	kubernetesConfig := cs.Properties.OrchestratorProfile.KubernetesConfig
+
+	var useManagedIdentity, userAssignedIDEnabled bool
+	if kubernetesConfig != nil {
+		useManagedIdentity = kubernetesConfig.UseManagedIdentity
+		userAssignedIDEnabled = useManagedIdentity && kubernetesConfig.UserAssignedID != ""
+	}

 	var dependencies []string
 	dependentNIC := "[concat('Microsoft.Network/networkInterfaces/', variables('masterVMNamePrefix'), 'nic-', copyIndex(variables('masterOffset')))]"
@ -143,7 +147,7 @@ func CreateVirtualMachine(cs *api.ContainerService) VirtualMachineARM {
 	storageProfile := &compute.StorageProfile{}
 	imageRef := cs.Properties.MasterProfile.ImageRef
 	useMasterCustomImage := imageRef != nil && len(imageRef.Name) > 0 && len(imageRef.ResourceGroup) > 0
-	etcdSizeGB, _ := strconv.Atoi(cs.Properties.OrchestratorProfile.KubernetesConfig.EtcdDiskSizeGB)
+	etcdSizeGB, _ := strconv.Atoi(kubernetesConfig.EtcdDiskSizeGB)
 	dataDisk := compute.DataDisk{
 		CreateOption: compute.DiskCreateOptionTypesEmpty,
 		DiskSizeGB:   to.Int32Ptr(int32(etcdSizeGB)),
@ -204,6 +208,8 @@ func createJumpboxVirtualMachine(cs *api.ContainerService) VirtualMachineARM {
 		},
 	}

+	kubernetesConfig := cs.Properties.OrchestratorProfile.KubernetesConfig
+
 	vm := compute.VirtualMachine{
 		Location: to.StringPtr("[variables('location')]"),
 		Name:     to.StringPtr("[parameters('jumpboxVMName')]"),
@ -220,12 +226,15 @@ func createJumpboxVirtualMachine(cs *api.ContainerService) VirtualMachineARM {
 		DataDisks: &[]compute.DataDisk{},
 	}

-	jumpBoxIsManagedDisks := cs.Properties.OrchestratorProfile.KubernetesConfig.PrivateJumpboxProvision() && cs.Properties.OrchestratorProfile.KubernetesConfig.PrivateCluster.JumpboxProfile.StorageProfile == api.ManagedDisks
+	var jumpBoxIsManagedDisks bool
+	if kubernetesConfig != nil && kubernetesConfig.PrivateCluster != nil {
+		jumpBoxIsManagedDisks = kubernetesConfig.PrivateJumpboxProvision() && kubernetesConfig.PrivateCluster.JumpboxProfile.StorageProfile == api.ManagedDisks
+	}

 	if jumpBoxIsManagedDisks {
 		storageProfile.OsDisk = &compute.OSDisk{
 			CreateOption: compute.DiskCreateOptionTypesFromImage,
-			DiskSizeGB:   to.Int32Ptr(int32(cs.Properties.OrchestratorProfile.KubernetesConfig.PrivateCluster.JumpboxProfile.OSDiskSizeGB)),
+			DiskSizeGB:   to.Int32Ptr(int32(kubernetesConfig.PrivateCluster.JumpboxProfile.OSDiskSizeGB)),
 			ManagedDisk: &compute.ManagedDiskParameters{
 				StorageAccountType: "[variables('vmSizesMap')[parameters('jumpboxVMSize')].storageAccountType]",
 			},
@ -291,9 +300,14 @@ func createAgentAvailabilitySetVM(cs *api.ContainerService, profile *api.AgentPo

 	isStorageAccount := profile.IsStorageAccount()
 	hasDisks := profile.HasDisks()
-	useManagedIdentity := cs.Properties.OrchestratorProfile.KubernetesConfig.UseManagedIdentity
-	userAssignedIDEnabled := cs.Properties.OrchestratorProfile.KubernetesConfig.UseManagedIdentity &&
-		cs.Properties.OrchestratorProfile.KubernetesConfig.UserAssignedID != ""
+	kubernetesConfig := cs.Properties.OrchestratorProfile.KubernetesConfig
+
+	var useManagedIdentity, userAssignedIDEnabled bool
+
+	if kubernetesConfig != nil {
+		useManagedIdentity = kubernetesConfig.UseManagedIdentity
+		userAssignedIDEnabled = useManagedIdentity && kubernetesConfig.UserAssignedID != ""
+	}

 	if isStorageAccount {
 		storageDep := fmt.Sprintf("[concat('Microsoft.Storage/storageAccounts/',variables('storageAccountPrefixes')[mod(add(div(copyIndex(variables('%[1]sOffset')),variables('maxVMsPerStorageAccount')),variables('%[1]sStorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('storageAccountPrefixes')[div(add(div(copyIndex(variables('%[1]sOffset')),variables('maxVMsPerStorageAccount')),variables('%[1]sStorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('%[1]sAccountName'))]", profile.Name)
--- a/pkg/engine/virtualmachinescalesets.go
+++ b/pkg/engine/virtualmachinescalesets.go
@ -23,9 +23,12 @@ func CreateMasterVMSS(cs *api.ContainerService) VirtualMachineScaleSetARM {

 	isCustomVnet := masterProfile.IsCustomVNET()
 	hasAvailabilityZones := masterProfile.HasAvailabilityZones()
-	useManagedIdentity := k8sConfig.UseManagedIdentity
-	userAssignedIDEnabled := k8sConfig.UseManagedIdentity &&
-		k8sConfig.UserAssignedID != ""
+
+	var useManagedIdentity, userAssignedIDEnabled bool
+	if k8sConfig != nil {
+		useManagedIdentity = k8sConfig.UseManagedIdentity
+		userAssignedIDEnabled = useManagedIdentity && k8sConfig.UserAssignedID != ""
+	}
 	isAzureCNI := orchProfile.IsAzureCNI()
 	masterCount := masterProfile.Count

@ -376,7 +379,10 @@ func CreateAgentVMSS(cs *api.ContainerService, profile *api.AgentPoolProfile) Vi
 		}
 	}

-	useManagedIdentity := k8sConfig.UseManagedIdentity
+	var useManagedIdentity bool
+	if k8sConfig != nil {
+		useManagedIdentity = k8sConfig.UseManagedIdentity
+	}
 	if useManagedIdentity {
 		userAssignedIdentityEnabled := k8sConfig.UserAssignedID != ""
 		if userAssignedIdentityEnabled {