merged ccm related changed with the new yaml templates

deepakm-ntnx · Dec 19, 2023 · f82accc · f82accc
1 parent fc1d7fd
commit f82accc
Show file tree

Hide file tree

Showing 25 changed files with 390 additions and 129 deletions.
diff --git a/Makefile b/Makefile
@@ -434,7 +434,12 @@ list-cc-cluster-resources:
 	kubectl -n capx-system get endpoints
 	kubectl get crd | grep nutanix
 	kubectl get cluster-api -A
-	kubectl -n $(TEST_NAMESPACE) get ValidatingWebhookConfiguration,MutatingWebhookConfiguration
+	kubectl -n $(TEST_NAMESPACE) get Cluster,NutanixCluster,Machine,NutanixMachine,KubeAdmControlPlane,MachineHealthCheck,nodes
+	kubectl get ValidatingWebhookConfiguration,MutatingWebhookConfiguration -A
+	kubectl -n ${TEST_NAMESPACE} get secret cluster-topology-kubeconfig -o json | jq -r .data.value | base64 --decode > cluster-topology.workload.kubeconfig
+	kubectl --kubeconfig ./cluster-topology.workload.kubeconfig get nodes,ns
+	kubectl --kubeconfig ./cluster-topology.workload.kubeconfig get nodes,ns
+	kubectl --kubeconfig ./cluster-topology.workload.kubeconfig get pods -A
 
 .PHONY: ginkgo-help
 ginkgo-help:

diff --git a/scripts/ccm_nutanix_update.sh b/scripts/ccm_nutanix_update.sh
@@ -22,4 +22,4 @@ helm template -n kube-system nutanix-cloud-provider nutanix/nutanix-cloud-provid
   --set prismCentralEndPoint='${NUTANIX_ENDPOINT}',prismCentralPort='${NUTANIX_PORT=9440}',prismCentralInsecure='${NUTANIX_INSECURE=false}' \
   --set image.repository="\${CCM_REPO=$NUTANIX_CCM_REPO}",image.tag="\${CCM_TAG=v$NUTANIX_CCM_VERSION}" \
   --set createSecret=false \
-  > templates/base/nutanix-ccm.yaml
+  > templates/base-root/nutanix-ccm.yaml
diff --git a/templates/base-root/ccm-patch.yaml b/templates/base-root/ccm-patch.yaml
@@ -0,0 +1,11 @@
+apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
+kind: KubeadmConfigTemplate
+metadata:
+  name: "${CLUSTER_NAME}-kcfg-0"
+spec:
+  template:
+    spec:
+      joinConfiguration:
+        nodeRegistration:
+          kubeletExtraArgs:
+            cloud-provider: external
diff --git a/templates/base-root/kct.yaml b/templates/base-root/kct.yaml
@@ -8,21 +8,18 @@ spec:
       joinConfiguration:
         nodeRegistration:
           kubeletExtraArgs:
-            # We have to pin the cgroupDriver to cgroupfs as kubeadm >=1.21 defaults to systemd
-            # kind will implement systemd support in: https://github.com/kubernetes-sigs/kind/issues/1726
-            #cgroup-driver: cgroupfs
+            cloud-provider: external
             eviction-hard: nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<15%,memory.available<100Mi,imagefs.inodesFree<10%
-            tls-cipher-suites: "${TLS_CIPHER_SUITES=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256}"
-      users:
-        - name: capiuser
-          lockPassword: false
-          sudo: ALL=(ALL) NOPASSWD:ALL
-          sshAuthorizedKeys:
-            - ${NUTANIX_SSH_AUTHORIZED_KEY}
-      preKubeadmCommands:
-        - echo "before kubeadm call" > /var/log/prekubeadm.log
-        - hostnamectl set-hostname "{{ ds.meta_data.hostname }}"
+            tls-cipher-suites: ${TLS_CIPHER_SUITES=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256}
       postKubeadmCommands:
-        - echo "after kubeadm call" > /var/log/postkubeadm.log
+      - echo "after kubeadm call" > /var/log/postkubeadm.log
+      preKubeadmCommands:
+      - echo "before kubeadm call" > /var/log/prekubeadm.log
+      - hostnamectl set-hostname "{{ ds.meta_data.hostname }}"
+      users:
+      - lockPassword: false
+        name: capiuser
+        sshAuthorizedKeys:
+        - ${NUTANIX_SSH_AUTHORIZED_KEY}
+        sudo: ALL=(ALL) NOPASSWD:ALL
       verbosity: 10
-      #useExperimentalRetryJoin: true
diff --git a/templates/base-root/kustomization.yaml b/templates/base-root/kustomization.yaml
@@ -3,7 +3,18 @@ kind: Kustomization
 
 namespace: "${NAMESPACE}"
 
+configMapGenerator:
+- name: nutanix-ccm
+  behavior: merge
+  files:
+  - nutanix-ccm.yaml
+
 bases:
   - ./secret.yaml
   - ./cm.yaml
-  - ./kct.yaml
+  - ./kct.yaml
+  - ./nutanix-ccm-crs.yaml
+  - ./nutanix-ccm-secret.yaml
+
+patchesStrategicMerge:
+- ./ccm-patch.yaml
diff --git a/templates/base/nutanix-ccm-crs.yaml → templates/base-root/nutanix-ccm-crs.yaml b/templates/base/nutanix-ccm-crs.yaml → templates/base-root/nutanix-ccm-crs.yaml
diff --git a/templates/base/nutanix-ccm-secret.yaml → templates/base-root/nutanix-ccm-secret.yaml b/templates/base/nutanix-ccm-secret.yaml → templates/base-root/nutanix-ccm-secret.yaml
diff --git a/templates/base/nutanix-ccm.yaml → templates/base-root/nutanix-ccm.yaml b/templates/base/nutanix-ccm.yaml → templates/base-root/nutanix-ccm.yaml
@@ -1,12 +1,3 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: user-ca-bundle
-  namespace: kube-system
-binaryData:
-  ca.crt: ${NUTANIX_ADDITIONAL_TRUST_BUNDLE=""}
----
 # Source: nutanix-cloud-provider/templates/rbac.yaml
 apiVersion: v1
 kind: ServiceAccount
@@ -34,7 +25,7 @@ data:
         },
         "additionalTrustBundle": {
           "kind": "ConfigMap",
-          "name": "user-ca-bundle",
+          "name": "${CLUSTER_NAME}-pc-trusted-ca-bundle",
           "namespace": "kube-system"
         }
       },

diff --git a/templates/base/ccm-patch.yaml b/templates/base/ccm-patch.yaml
@@ -20,21 +20,9 @@ spec:
         kubeletExtraArgs:
           cloud-provider: external
 ---
-apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
-kind: KubeadmConfigTemplate
-metadata:
-  name: "${CLUSTER_NAME}-kcfg-0"
-spec:
-  template:
-    spec:
-      joinConfiguration:
-        nodeRegistration:
-          kubeletExtraArgs:
-            cloud-provider: external
----
 apiVersion: cluster.x-k8s.io/v1beta1
 kind: Cluster
 metadata:
   labels:
     ccm: "nutanix"
-  name: "${CLUSTER_NAME}"
+  name: "${CLUSTER_NAME}"
diff --git a/templates/base/kustomization.yaml b/templates/base/kustomization.yaml
@@ -1,12 +1,6 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
-configMapGenerator:
-- name: nutanix-ccm
-  behavior: merge
-  files:
-  - nutanix-ccm.yaml
-
 namespace: "${NAMESPACE}"
 
 bases:
@@ -17,9 +11,6 @@ bases:
   - ./nmt.yaml
   - ./md.yaml
   - ./mhc.yaml
-  - ./nutanix-ccm-crs.yaml
-  - ./nutanix-ccm-secret.yaml
 
 patchesStrategicMerge:
-- ccm-patch.yaml
-
+- ./ccm-patch.yaml