Merge pull request #4230 from twz123/remove-machine-id

Replace the Machine ID usage with an "Invocation ID"

Author: twz123

cmd/controller/controller.go

@@ -216,6 +216,7 @@ func (c *command) start(ctx context.Context) error {
 	nodeComponents.Add(ctx, storageBackend)
 
 	controllerLeaseCounter := &controller.K0sControllersLeaseCounter{
+		InvocationID:      c.K0sVars.InvocationID,
 		ClusterConfig:     nodeConfig,
 		KubeClientFactory: adminClientFactory,
 	}
@@ -265,7 +266,7 @@ func (c *command) start(ctx context.Context) error {
 
 	// One leader elector per controller
 	if !c.SingleNode {
-		leaderElector = leaderelector.NewLeasePool(adminClientFactory)
+		leaderElector = leaderelector.NewLeasePool(c.K0sVars.InvocationID, adminClientFactory)
 	} else {
 		leaderElector = &leaderelector.Dummy{Leader: true}
 	}

docker-entrypoint.sh

@@ -2,11 +2,6 @@
 
 set -eu
 
-# Ensure we have some semi-random machine-id
-if [ ! -f /etc/machine-id ]; then
-  head -c16 /dev/urandom | hexdump -v -e '16/1 "%02x""\n"' >/etc/machine-id
-fi
-
 # DNS fixup adapted from kind
 # https://github.com/kubernetes-sigs/kind/blob/7568bf728147c1253e651f25edfd0e0a75534b8a/images/base/files/usr/local/bin/entrypoint#L447-L487
 

docs/external-runtime-deps.md

@@ -15,23 +15,6 @@ available on Linux):
 k0s sysinfo
 ```
 
-## A unique machine ID for multi-node setups
-
-Whenever k0s is run in a multi-node setup (i.e. the `--single` command line flag
-isn't used), k0s requires a [machine ID]: a unique host identifier that is
-somewhat stable across reboots. For Linux, this ID is read from the files
-`/var/lib/dbus/machine-id` or `/etc/machine-id`. For Windows, it's taken from
-the registry key `HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MachineGuid`.
-If neither of the OS specific sources yield a result, k0s will fallback to use a
-machine ID based on the hostname.
-
-When running k0s on top of virtualized or containerized environments, you need
-to [ensure][ensure-unique-id] that hosts get their own unique IDs, even if they
-have been created from the same image.
-
-[machine ID]: https://github.com/denisbrodbeck/machineid/blob/v1.0.1/README.md#what-you-get
-[ensure-unique-id]: https://github.com/denisbrodbeck/machineid/blob/v1.0.1/README.md#unique-key-reliability
-
 ## Linux specific
 <!--
 This piece of documentation is best-effort and considered to be augmented and

docs/raspberry-pi4.md

@@ -151,7 +151,6 @@ setup, you can invoke `k0s sysinfo`:
 
 ```console
 ubuntu@ubuntu:~$ k0s sysinfo
-Machine ID: "d84cde1f38844d1425dc04c454c5aa95e41fb11115bbb141c016f4cd3dea4f51" (from machine) (pass)
 Total memory: 3.7 GiB (pass)
 Disk space available for /var/lib/k0s: 24.3 GiB (pass)
 Operating system: Linux (pass)

go.mod

@@ -18,7 +18,6 @@ require (
 	github.com/cloudflare/cfssl v1.6.4
 	github.com/containerd/cgroups/v3 v3.0.3
 	github.com/containerd/containerd v1.7.14
-	github.com/denisbrodbeck/machineid v1.0.1
 	github.com/evanphx/json-patch v5.7.0+incompatible
 	github.com/fsnotify/fsnotify v1.7.0
 	github.com/go-logr/logr v1.4.1

go.sum

@@ -143,8 +143,6 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/daviddengcn/go-colortext v1.0.0 h1:ANqDyC0ys6qCSvuEK7l3g5RaehL/Xck9EX8ATG8oKsE=
 github.com/daviddengcn/go-colortext v1.0.0/go.mod h1:zDqEI5NVUop5QPpVJUxE9UO10hRnmkD5G4Pmri9+m4c=
-github.com/denisbrodbeck/machineid v1.0.1 h1:geKr9qtkB876mXguW2X6TU4ZynleN6ezuMSRhl4D7AQ=
-github.com/denisbrodbeck/machineid v1.0.1/go.mod h1:dJUwb7PTidGDeYyUBmXZ2GphQBbjJCrnectwCyxcUSI=
 github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 h1:aBfCb7iqHmDEIp6fBvC/hQUddQfg+3qdYjwzaiP9Hnc=
 github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI=
 github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0=

hack/ostests/modules/os/os_alpine_3_17_userdata.tftpl

@@ -1,8 +1,6 @@
 #!/usr/bin/env sh
 
 truncate -s0 /etc/motd
-rc-update add machine-id boot
-/etc/init.d/machine-id start
 
 %{if worker}
 rc-update add cgroups boot

hack/ostests/modules/os/os_centos_7.tf

@@ -34,13 +34,6 @@ locals {
       default = {
         ami_id = one(data.aws_ami.centos_7.*.id)
 
-        user_data = format("#cloud-config\n%s", jsonencode({
-          bootcmd = [
-            "rm /etc/machine-id",
-            "systemd-machine-id-setup",
-          ]
-        })),
-
         connection = {
           type     = "ssh"
           username = "centos"

internal/pkg/sysinfo/machineid/machineid.go

@@ -55,9 +55,6 @@ func (s *K0sSysinfoSpec) RunPreFlightChecks(lenient bool) error {
 func (s *K0sSysinfoSpec) NewSysinfoProbes() probes.Probes {
 	p := probes.NewRootProbes()
 
-	// https://docs.k0sproject.io/main/external-runtime-deps/#a-unique-machine-id-for-multi-node-setups
-	probes.RequireMachineID(p)
-
 	// https://docs.k0sproject.io/main/system-requirements/#minimum-memory-and-cpu-requirements
 	if s.ControllerRoleEnabled {
 		probes.AssertTotalMemory(p, 1*probes.Gi)

internal/pkg/sysinfo/machineid/machineid_test.go

@@ -24,7 +24,6 @@ RUN apk add --no-cache \
   inotify-tools
 # enable syslog and sshd
 RUN rc-update add syslog boot
-RUN rc-update add machine-id boot
 RUN rc-update add sshd default
 RUN rc-update add local default
 RUN rc-update add nginx default

internal/pkg/sysinfo/probes/machineid.go

@@ -63,7 +63,6 @@ func (s *CliSuite) TestK0sCliKubectlAndResetCommand() {
 		out, err := ssh.ExecWithOutput(s.Context(), fmt.Sprintf("%s sysinfo", s.K0sFullPath))
 		assert.NoError(t, err, "k0s sysinfo has non-zero exit code")
 		t.Logf(out)
-		assert.Regexp(t, "^Machine ID: ", out)
 		assert.Regexp(t, "\nOperating system: Linux \\(pass\\)\n", out)
 		assert.Regexp(t, "\n  Linux kernel release: ", out)
 		assert.Regexp(t, "\n  CONFIG_CGROUPS: ", out)

internal/pkg/sysinfo/sysinfo.go

@@ -34,7 +34,7 @@ const (
 
 // LeaseWatcher outlines the lease operations for the autopilot configuration.
 type LeaseWatcher interface {
-	StartWatcher(ctx context.Context, namespace string, name string) (<-chan LeaseEventStatus, <-chan error)
+	StartWatcher(ctx context.Context, namespace string, name, identity string) (<-chan LeaseEventStatus, <-chan error)
 }
 
 // NewLeaseWatcher creates a new `LeaseWatcher` using the appropriate clientset
@@ -57,7 +57,7 @@ type leaseWatcher struct {
 
 var _ LeaseWatcher = (*leaseWatcher)(nil)
 
-func (lw *leaseWatcher) StartWatcher(ctx context.Context, namespace string, name string) (<-chan LeaseEventStatus, <-chan error) {
+func (lw *leaseWatcher) StartWatcher(ctx context.Context, namespace string, name, identity string) (<-chan LeaseEventStatus, <-chan error) {
 	leaseEventStatusCh := make(chan LeaseEventStatus, 10)
 	errorCh := make(chan error, 10)
 
@@ -83,7 +83,7 @@ func (lw *leaseWatcher) StartWatcher(ctx context.Context, namespace string, name
 					leaderelection.WithNamespace(namespace),
 				}
 
-				leasePool, err := leaderelection.NewLeasePool(ctx, lw.client, name, leasePoolOpts...)
+				leasePool, err := leaderelection.NewLeasePool(ctx, lw.client, name, identity, leasePoolOpts...)
 				if err != nil {
 					errorCh <- fmt.Errorf("failed to create lease pool: %w", err)
 					cancel()

inttest/bootloose-alpine/Dockerfile

@@ -40,7 +40,7 @@ func TestLeasesInitialPending(t *testing.T) {
 	leaseWatcher, err := NewLeaseWatcher(logger, clientFactory)
 	assert.NoError(t, err)
 
-	leaseEventStatusCh, errorCh := leaseWatcher.StartWatcher(ctx, constant.AutopilotNamespace, fmt.Sprintf("%s-lease", constant.AutopilotNamespace))
+	leaseEventStatusCh, errorCh := leaseWatcher.StartWatcher(ctx, constant.AutopilotNamespace, fmt.Sprintf("%s-lease", constant.AutopilotNamespace), t.Name())
 	assert.NotNil(t, errorCh)
 	assert.NotNil(t, leaseEventStatusCh)
 

inttest/cli/cli_test.go

@@ -21,6 +21,7 @@ import (
 // TODO: decide on renaming root.RootConfig -> root.Config
 // nolint:revive
 type RootConfig struct {
+	InvocationID        string
 	KubeConfig          string
 	K0sDataDir          string
 	Mode                string

pkg/autopilot/controller/leases.go

@@ -97,7 +97,10 @@ func (c *rootController) Run(ctx context.Context) error {
 		return fmt.Errorf("unable to setup lease watcher: %w", err)
 	}
 
-	leaseEventStatusCh, errorCh := leaseWatcher.StartWatcher(ctx, apconst.AutopilotNamespace, fmt.Sprintf("%s-controller", apconst.AutopilotNamespace))
+	leaseName := fmt.Sprintf("%s-controller", apconst.AutopilotNamespace)
+	leaseIdentity := c.cfg.InvocationID
+
+	leaseEventStatusCh, errorCh := leaseWatcher.StartWatcher(ctx, apconst.AutopilotNamespace, leaseName, leaseIdentity)
 
 	var lastLeaseEventStatus LeaseEventStatus
 	var subControllerCancel context.CancelFunc

pkg/autopilot/controller/leases_test.go

@@ -49,7 +49,7 @@ func NewFakeLeaseWatcher() (LeaseWatcher, chan LeaseEventStatus) {
 }
 
 // StartWatcher for the fake LeaseWatcher just propagates the premade lease event channel
-func (lw *fakeLeaseWatcher) StartWatcher(ctx context.Context, namespace string, name string) (<-chan LeaseEventStatus, <-chan error) {
+func (lw *fakeLeaseWatcher) StartWatcher(ctx context.Context, namespace string, name, identity string) (<-chan LeaseEventStatus, <-chan error) {
 	return lw.leaseEventStatusCh, lw.errorsCh
 }
 

pkg/autopilot/controller/root/root.go

@@ -51,6 +51,7 @@ func (a *Autopilot) Start(ctx context.Context) error {
 	}
 
 	autopilotRoot, err := apcont.NewRootController(aproot.RootConfig{
+		InvocationID:        a.K0sVars.InvocationID,
 		KubeConfig:          a.K0sVars.AdminKubeConfigPath,
 		K0sDataDir:          a.K0sVars.DataDir,
 		Mode:                "controller",

pkg/autopilot/controller/root_controller.go

@@ -33,6 +33,7 @@ import (
 // K0sControllersLeaseCounter implements a component that manages a lease per controller.
 // The per-controller leases are used to determine the amount of currently running controllers
 type K0sControllersLeaseCounter struct {
+	InvocationID      string
 	ClusterConfig     *v1beta1.ClusterConfig
 	KubeClientFactory kubeutil.ClientFactoryInterface
 
@@ -62,13 +63,13 @@ func (l *K0sControllersLeaseCounter) Start(ctx context.Context) error {
 
 	// hostname used to make the lease names be clear to which controller they belong to
 	// follow kubelet convention for naming so we e.g. use lowercase hostname etc.
-	holderIdentity, err := node.GetNodename("")
+	nodeName, err := node.GetNodename("")
 	if err != nil {
 		return nil
 	}
-	leaseID := fmt.Sprintf("k0s-ctrl-%s", holderIdentity)
+	leaseName := fmt.Sprintf("k0s-ctrl-%s", nodeName)
 
-	leasePool, err := leaderelection.NewLeasePool(ctx, client, leaseID,
+	leasePool, err := leaderelection.NewLeasePool(ctx, client, leaseName, l.InvocationID,
 		leaderelection.WithLogger(log),
 		leaderelection.WithContext(ctx))
 	if err != nil {