in pkg/userdata/bottlerocket/node_userdata.go [177:265]
func generateBottlerocketNodeUserData(kubeadmBootstrapContainerUserData []byte, users []bootstrapv1.User, registryMirrorCredentials userdata.RegistryMirrorCredentials, hostname string, config etcdbootstrapv1.EtcdadmConfigSpec, log logr.Logger) ([]byte, error) {
// base64 encode the kubeadm bootstrapContainer's user data
b64KubeadmBootstrapContainerUserData := base64.StdEncoding.EncodeToString(kubeadmBootstrapContainerUserData)
// Parse out all the ssh authorized keys
sshAuthorizedKeys := getAllAuthorizedKeys(users)
// generate the userdata for the admin container
adminContainerUserData, err := generateAdminContainerUserData("InitAdminContainer", usersTemplate, sshAuthorizedKeys)
if err != nil {
return nil, err
}
b64AdminContainerUserData := base64.StdEncoding.EncodeToString(adminContainerUserData)
hostContainers := []etcdbootstrapv1.BottlerocketHostContainer{
{
Name: "admin",
Superpowered: true,
Image: config.BottlerocketConfig.AdminImage,
UserData: b64AdminContainerUserData,
},
{
Name: "kubeadm-bootstrap",
Superpowered: true,
Image: config.BottlerocketConfig.BootstrapImage,
UserData: b64KubeadmBootstrapContainerUserData,
},
}
if config.BottlerocketConfig.ControlImage != "" {
hostContainers = append(hostContainers, etcdbootstrapv1.BottlerocketHostContainer{
Name: "control",
Superpowered: false,
Image: config.BottlerocketConfig.ControlImage,
})
}
bottlerocketInput := &bottlerocketSettingsInput{
PauseContainerSource: config.BottlerocketConfig.PauseImage,
HostContainers: hostContainers,
BootstrapContainers: config.BottlerocketConfig.CustomBootstrapContainers,
Hostname: hostname,
}
if config.Proxy != nil {
bottlerocketInput.HTTPSProxyEndpoint = config.Proxy.HTTPSProxy
for _, noProxy := range config.Proxy.NoProxy {
bottlerocketInput.NoProxyEndpoints = append(bottlerocketInput.NoProxyEndpoints, strconv.Quote(noProxy))
}
}
if config.RegistryMirror != nil {
bottlerocketInput.RegistryMirrorEndpoint = config.RegistryMirror.Endpoint
if config.RegistryMirror.CACert != "" {
bottlerocketInput.RegistryMirrorCACert = base64.StdEncoding.EncodeToString([]byte(config.RegistryMirror.CACert))
}
bottlerocketInput.RegistryMirrorUsername = registryMirrorCredentials.Username
bottlerocketInput.RegistryMirrorPassword = registryMirrorCredentials.Password
}
if config.NTP != nil && config.NTP.Enabled != nil && *config.NTP.Enabled {
for _, ntpServer := range config.NTP.Servers {
bottlerocketInput.NTPServers = append(bottlerocketInput.NTPServers, strconv.Quote(ntpServer))
}
}
if config.CertBundles != nil {
for _, cert := range config.CertBundles {
cert.Data = base64.StdEncoding.EncodeToString([]byte(cert.Data))
bottlerocketInput.CertBundles = append(bottlerocketInput.CertBundles, cert)
}
}
if config.BottlerocketConfig != nil {
if config.BottlerocketConfig.Kernel != nil {
bottlerocketInput.SysctlSettings = parseSysctlSettings(config.BottlerocketConfig.Kernel.SysctlSettings)
}
if config.BottlerocketConfig.Boot != nil {
bottlerocketInput.BootKernel = parseBootSettings(config.BottlerocketConfig.Boot.BootKernelParameters)
}
}
bottlerocketNodeUserData, err := generateNodeUserData("InitBottlerocketNode", bottlerocketNodeInitSettingsTemplate, bottlerocketInput)
if err != nil {
return nil, err
}
log.Info("Generated bottlerocket bootstrap userdata", "bootstrapContainerImage", config.BottlerocketConfig.BootstrapImage)
return bottlerocketNodeUserData, nil
}