search

aws-controllers-k8s / community

AWS Controllers for Kubernetes (ACK) is a project enabling you to manage AWS services from Kubernetes
https://aws-controllers-k8s.github.io/community/
Apache License 2.0
2.4k stars 253 forks source link

EC2 controller - fix metadata tags #1864

Open gecube opened 1 year ago

gecube commented 1 year ago

Describe the bug

If I am adding flag instanceMetadataTags to the instance description

apiVersion: ec2.services.k8s.aws/v1alpha1
kind: Instance
metadata:
  name: test
  namespace: infra-production
spec:
  iamInstanceProfile:
    arn: "arn:aws:iam::966321756598:instance-profile/ssm-instance-profile"
  imageID: ami-0eb260c4d5475b901
  keyName: george
  instanceType: r5n.2xlarge
  subnetID: subnet-0c72af713be937dcc # production-private-eu-west-2b
  securityGroupIDs:
    - sg-05c2348dbc876ab30
  tags:
    - key: Name
      value: test
    - key: env
      value: production
  blockDeviceMappings:
    - deviceName: "/dev/sda1"
      ebs:
        volumeSize: 500
        deleteOnTermination: false
  # this key below:
  metadataOptions:
    instanceMetadataTags: enabled

I am getting the next error when creating the EC2 instance:

2023-07-31T00:43:12.900Z    ERROR   Reconciler error    {"controller": "instance", "controllerGroup": "ec2.services.k8s.aws", "controllerKind": "Instance", "Instance": {"name":"mg-main-b","namespace":"infra-production"}, "namespace": "infra-production", "name": "mg-main-b", "reconcileID": "cc6f7fc9-7dc9-478a-9288-e33f9c23f2e8", "error": "InvalidParameterValue: 'services.k8s.aws/controller-version' is not a valid tag key. Tag keys must match pattern ([0-9a-zA-Z\\\\-_+=,.@:]{1,255}), and must not be a reserved name ('.', '..', '_index')\n\tstatus code: 400, request id: 33e80503-9d3d-4567-bf7c-954ed1afd3e5"}

If I remove 

  metadataOptions:
    instanceMetadataTags: enabled

everything is fine. The issue is the label services.k8s.aws/controller-version Probably it must be renamed to something without "/" symbol (like services.k8s.aws_controller-version but it will break the conformity between different resources and controllers)

Steps to reproduce

  1. add manifest to the cluster
  2. wait
  3. get the error below

Expected outcome

Correctly created EC2 instance.

Environment

RedbackThomson commented 1 year ago

This is one of the standardised tags that we apply to all ACK resources. These can be overridden with the Helm chart values - https://github.com/aws-controllers-k8s/ec2-controller/blob/main/helm/values.yaml#L99-L103

gecube commented 1 year ago

@RedbackThomson Hi! So I will need to change all resource tags to some custom ones without forbidden symbols? Make sense. But why not to implement it directly as current scheme breaks metadata propagation of EC2 instances? Also what will be the correct process for changing the labels? Because I am sure that the controller will lose all resources when it'd be redeployed.

ack-bot commented 8 months ago

Issues go stale after 180d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 60d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle stale

gecube commented 8 months ago

/remove-lifecycle stale

ack-bot commented 2 months ago

Issues go stale after 180d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 60d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle stale

gecube commented 2 months ago

/remove-lifecycle stale