From 3c470ed51dde8e48943a47e4f01ba891fb43e1d1 Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Tue, 4 Jun 2024 11:34:49 +0200 Subject: [PATCH 01/23] replace gardener-extension-networking-cilium by fork --- go.mod | 7 ++++++- go.sum | 24 ++++++++++++++++++++---- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 822ee9cc..0dab9cb5 100644 --- a/go.mod +++ b/go.mod @@ -2,13 +2,15 @@ module github.com/metal-stack/gardener-extension-provider-metal go 1.22 +replace github.com/gardener/gardener-extension-networking-cilium => github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240510132804-f1f2b0fdce23 + require ( github.com/Masterminds/semver v1.5.0 github.com/Masterminds/semver/v3 v3.2.1 github.com/ahmetb/gen-crd-api-reference-docs v0.3.0 github.com/coreos/go-systemd/v22 v22.5.0 github.com/gardener/etcd-druid v0.19.2 - github.com/gardener/gardener v1.80.7 + github.com/gardener/gardener v1.81.0 github.com/gardener/gardener-extension-networking-calico v1.36.1 github.com/gardener/gardener-extension-networking-cilium v1.26.0 github.com/gardener/machine-controller-manager v0.49.3 @@ -41,6 +43,7 @@ require ( github.com/BurntSushi/toml v1.3.2 // indirect github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/sprig v2.22.0+incompatible // indirect + github.com/Masterminds/sprig/v3 v3.2.2 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/blang/semver/v4 v4.0.0 // indirect @@ -122,7 +125,9 @@ require ( github.com/prometheus/procfs v0.13.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/segmentio/asm v1.2.0 // indirect + github.com/shopspring/decimal v1.2.0 // indirect github.com/spf13/afero v1.11.0 // indirect + github.com/spf13/cast v1.6.0 // indirect github.com/stretchr/objx v0.5.2 // indirect go.mongodb.org/mongo-driver v1.14.0 // indirect go.opentelemetry.io/otel v1.24.0 // indirect diff --git a/go.sum b/go.sum index 6661519c..5f4e805d 100644 --- a/go.sum +++ b/go.sum @@ -604,10 +604,13 @@ github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJ github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= +github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60= github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= +github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmyxvxX8= +github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/ahmetb/gen-crd-api-reference-docs v0.3.0 h1:+XfOU14S4bGuwyvCijJwhhBIjYN+YXS18jrCY2EzJaY= @@ -718,6 +721,8 @@ github.com/fluent/fluent-operator/v2 v2.2.0 h1:97CiP6WKOHRM7zY/zCynX187Rg+T8hgx2 github.com/fluent/fluent-operator/v2 v2.2.0/go.mod h1:v/q0zLEOWP6MKHP7xvrhtASZTwlrk4LcCne/kgPQ7J0= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= +github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= +github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= @@ -725,12 +730,10 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/gardener/etcd-druid v0.19.2 h1:Z8TTbmVUxZ7UWU5iJAwUHUI6A9E5Mfd5JcvokVfYH1A= github.com/gardener/etcd-druid v0.19.2/go.mod h1:0Q9nKPiONDac/Gr0SZYFkVXHGt/Yt//rcRfDIUfftZo= -github.com/gardener/gardener v1.80.7 h1:Ex0raWkTu3JjPVYOMyHpK3ZetohrMfwAXAU+btM18Kc= -github.com/gardener/gardener v1.80.7/go.mod h1:lE2AGgezR4QZbYJhs0nTPw2dDFY0puYreIYPbDS8HWc= +github.com/gardener/gardener v1.81.0 h1:pFmDRTCnImXD4H1B6guBZRtCUBBTonib8Ua5DmGlUSk= +github.com/gardener/gardener v1.81.0/go.mod h1:HPeLu4C0lD0B4m40pdMxIy9tiIOrAe1GLCTKnKqgmdg= github.com/gardener/gardener-extension-networking-calico v1.36.1 h1:WyAdADamhxQgcCBrQOZAeSM/wm/urmmwBaqd2YLc7MY= github.com/gardener/gardener-extension-networking-calico v1.36.1/go.mod h1:GFmktIEzLxrOV6uNrCREeKjIkwYK6TlVOEPP7dffjAM= -github.com/gardener/gardener-extension-networking-cilium v1.26.0 h1:hghmB83FfCzUqFX/q9lxh/u5CsqjEKf6ANQdDGYFcXk= -github.com/gardener/gardener-extension-networking-cilium v1.26.0/go.mod h1:ixbT/aEudk7+5IJpsZJB34ZjR+oLvn0WZd+xMdIVu9M= github.com/gardener/hvpa-controller/api v0.5.0 h1:f4F3O7YUrenwh4S3TgPREPiB287JjjUiUL18OqPLyAA= github.com/gardener/hvpa-controller/api v0.5.0/go.mod h1:QQl3ELkCaki+8RhXl0FZMfvnm0WCGwGJlGmrxJj6lvM= github.com/gardener/machine-controller-manager v0.49.3 h1:/ghxZVMij00SpeaORMZJlodosePWWByrIOr8fcp45sU= @@ -910,6 +913,7 @@ github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -947,12 +951,14 @@ github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= @@ -1025,6 +1031,8 @@ github.com/metal-stack/firewall-controller-manager v0.4.0 h1:a2vskWMCjaDw7PhwLpm github.com/metal-stack/firewall-controller-manager v0.4.0/go.mod h1:tp/yt1nv3P1pmNnkW4r4LJqLTxjZhZ8IgANXQvx/HFg= github.com/metal-stack/firewall-controller/v2 v2.3.3 h1:4NrSFGl9NdUHQpKZK867ti6z0bPvZNPuP3ec1a7vGT8= github.com/metal-stack/firewall-controller/v2 v2.3.3/go.mod h1:Zo3HIlqqzWyvPGIpfWzsxkQjrIkmZHYtKgld71q24FE= +github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240510132804-f1f2b0fdce23 h1:NIloWL0ES3VscClkU49BqeCzqBcsniQv6xFx+D7aRII= +github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240510132804-f1f2b0fdce23/go.mod h1:m2c6m3UNI3fLiqna/2m40Tdveep4CLUByIRfci2yw64= github.com/metal-stack/metal-go v0.31.1 h1:1U31FuqhUveKxlIYrlrzjIhQLEqrlsm7ohZnZGMZz/E= github.com/metal-stack/metal-go v0.31.1/go.mod h1:3MJTYCS4YJz8D8oteTKhjpaAKNMMjMKYDrIy9awHGtQ= github.com/metal-stack/metal-lib v0.16.2 h1:RJls/Spai4h5xr3BEmQt9UdWNN4RB9+SOINoZcjYaA8= @@ -1035,12 +1043,14 @@ github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8/go.mod h1:mC1jAcsrzbxHt8iiaC+zU4b1ylILSosueou12R++wfY= github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3/go.mod h1:RagcQ7I8IeTMnF8JTXieKnO4Z6JCsikNEzj0DwauVzE= +github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4= github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= @@ -1170,6 +1180,8 @@ github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfF github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk= github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys= github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs= +github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ= +github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= @@ -1181,6 +1193,9 @@ github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= +github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= +github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= @@ -1268,6 +1283,7 @@ golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= From 4cf8fe6041d2c29bcfdf6e71da9fb84536a75dfa Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Tue, 4 Jun 2024 14:07:04 +0200 Subject: [PATCH 02/23] add more cilium defaults --- pkg/admission/mutator/config.go | 19 ++++++++++++++++--- pkg/admission/mutator/defaulter.go | 18 ++++++++++++++++++ pkg/controller/controlplane/add.go | 2 +- .../infrastructure/actuator_force_delete.go | 14 ++++++++++++++ 4 files changed, 49 insertions(+), 4 deletions(-) create mode 100644 pkg/controller/infrastructure/actuator_force_delete.go diff --git a/pkg/admission/mutator/config.go b/pkg/admission/mutator/config.go index d58f4e25..a6e78098 100644 --- a/pkg/admission/mutator/config.go +++ b/pkg/admission/mutator/config.go @@ -7,10 +7,15 @@ import ( calicoextensionv1alpha1 "github.com/gardener/gardener-extension-networking-calico/pkg/apis/calico/v1alpha1" ciliumextensionv1alpha1 "github.com/gardener/gardener-extension-networking-cilium/pkg/apis/cilium/v1alpha1" + gardenv1beta1 "github.com/gardener/gardener/pkg/apis/core/v1beta1" ) type config struct{} +func (c *config) ipFamilies() []string { + return c.slice("DEFAULTER_IPFAMILIES", []string{string(gardenv1beta1.IPFamilyIPv4)}) +} + func (c *config) allowedPrivilegedContainers() bool { return c.bool("DEFAULTER_ALLOWEDPRIVILEGEDCONTAINERS", true) } @@ -60,7 +65,7 @@ func (c *config) ciliumKubeProxyEnabled() bool { } func (c *config) ciliumPSPEnabled() bool { - return c.bool("DEFAULTER_CILIUMPSPENABLED", true) + return c.bool("DEFAULTER_CILIUMPSPENABLED", false) } func (c *config) ciliumTunnel() ciliumextensionv1alpha1.TunnelMode { @@ -68,7 +73,15 @@ func (c *config) ciliumTunnel() ciliumextensionv1alpha1.TunnelMode { } func (c *config) ciliumDevices() []string { - return c.slice("DEFAULTER_CILIUMDEVICES", []string{"lan+"}) + return c.slice("DEFAULTER_CILIUMDEVICES", []string{"lan+", "lo"}) +} + +func (c *config) ciliumDirectRoutingDevice() string { + return c.string("DEFAULTER_CILIUMDIRECTROUTINGDEVICE", "lo") +} + +func (c *config) bgpControlPlaneEnabled() bool { + return c.bool("DEFAULTER_CILIUMBGPCONTROLPLANE", true) } func (c *config) ciliumIPv4NativeRoutingCIDREnabled() bool { @@ -76,7 +89,7 @@ func (c *config) ciliumIPv4NativeRoutingCIDREnabled() bool { } func (c *config) ciliumLoadBalancingMode() ciliumextensionv1alpha1.LoadBalancingMode { - return ciliumextensionv1alpha1.LoadBalancingMode(c.string("DEFAULTER_CILIUMLOADBALANCINGMODE", string(ciliumextensionv1alpha1.DSR))) + return ciliumextensionv1alpha1.LoadBalancingMode(c.string("DEFAULTER_CILIUMLOADBALANCINGMODE", string(ciliumextensionv1alpha1.SNAT))) } func (c *config) ciliumMTU() int { diff --git a/pkg/admission/mutator/defaulter.go b/pkg/admission/mutator/defaulter.go index 9fa40c99..bde95767 100644 --- a/pkg/admission/mutator/defaulter.go +++ b/pkg/admission/mutator/defaulter.go @@ -96,6 +96,14 @@ func (d *defaulter) defaultNetworking(shoot *gardenv1beta1.Shoot) error { shoot.Spec.Networking = &gardenv1beta1.Networking{} } + if shoot.Spec.Networking.IPFamilies == nil || len(shoot.Spec.Networking.IPFamilies) == 0 { + ipFamiles := make([]gardenv1beta1.IPFamily, 0) + for _, f := range d.c.ipFamilies() { + ipFamiles = append(ipFamiles, gardenv1beta1.IPFamily(f)) + } + shoot.Spec.Networking.IPFamilies = ipFamiles + } + if pointer.SafeDeref(shoot.Spec.Networking.Type) == "" { shoot.Spec.Networking.Type = pointer.Pointer(d.c.networkType()) } @@ -202,6 +210,16 @@ func (d *defaulter) defaultCiliumConfig(shoot *gardenv1beta1.Shoot) error { networkConfig.Devices = d.c.ciliumDevices() } + if networkConfig.DirectRoutingDevice == nil { + networkConfig.DirectRoutingDevice = pointer.Pointer(d.c.ciliumDirectRoutingDevice()) + } + + if networkConfig.BGPControlPlane == nil { + networkConfig.BGPControlPlane = &ciliumextensionv1alpha1.BGPControlPlane{ + Enabled: d.c.bgpControlPlaneEnabled(), + } + } + if networkConfig.IPv4NativeRoutingCIDREnabled == nil { networkConfig.IPv4NativeRoutingCIDREnabled = pointer.Pointer(d.c.ciliumIPv4NativeRoutingCIDREnabled()) } diff --git a/pkg/controller/controlplane/add.go b/pkg/controller/controlplane/add.go index 24bf3b06..b82fca07 100644 --- a/pkg/controller/controlplane/add.go +++ b/pkg/controller/controlplane/add.go @@ -51,7 +51,7 @@ func AddToManagerWithOptions(ctx context.Context, mgr manager.Manager, opts AddO secretConfigsFunc, shootAccessSecretsFunc, nil, nil, nil, controlPlaneChart, cpShootChart, nil, storageClassChart, nil, NewValuesProvider(mgr, opts.ControllerConfig), extensionscontroller.ChartRendererFactoryFunc(util.NewChartRendererForShoot), - imagevector.ImageVector(), "", opts.ShootWebhookConfig, opts.WebhookServerNamespace, defaultServer.Options.Port, + imagevector.ImageVector(), "", opts.ShootWebhookConfig, opts.WebhookServerNamespace, int32(defaultServer.Options.Port), ) if err != nil { return err diff --git a/pkg/controller/infrastructure/actuator_force_delete.go b/pkg/controller/infrastructure/actuator_force_delete.go new file mode 100644 index 00000000..b0a93f8f --- /dev/null +++ b/pkg/controller/infrastructure/actuator_force_delete.go @@ -0,0 +1,14 @@ +package infrastructure + +import ( + "context" + + extensionscontroller "github.com/gardener/gardener/extensions/pkg/controller" + extensionsv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1" + "github.com/go-logr/logr" +) + +func (a *actuator) ForceDelete(context.Context, logr.Logger, *extensionsv1alpha1.Infrastructure, *extensionscontroller.Cluster) error { + // TODO: implement + return nil +} From d553d421722aa24c61e18508359f813bd35182cc Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Tue, 4 Jun 2024 14:43:17 +0200 Subject: [PATCH 03/23] fix missing function --- go.mod | 4 ++-- go.sum | 2 ++ pkg/controller/worker/actuator.go | 5 +++++ pkg/webhook/controlplane/ensurer.go | 5 +++-- 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 0dab9cb5..f59543b5 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,6 @@ go 1.22 replace github.com/gardener/gardener-extension-networking-cilium => github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240510132804-f1f2b0fdce23 require ( - github.com/Masterminds/semver v1.5.0 github.com/Masterminds/semver/v3 v3.2.1 github.com/ahmetb/gen-crd-api-reference-docs v0.3.0 github.com/coreos/go-systemd/v22 v22.5.0 @@ -22,7 +21,7 @@ require ( github.com/metal-stack/firewall-controller-manager v0.4.0 github.com/metal-stack/firewall-controller/v2 v2.3.3 github.com/metal-stack/metal-go v0.31.1 - github.com/metal-stack/metal-lib v0.16.2 + github.com/metal-stack/metal-lib v0.16.3 github.com/onsi/ginkgo v1.16.5 github.com/onsi/gomega v1.33.1 github.com/spf13/cobra v1.8.0 @@ -42,6 +41,7 @@ require ( require ( github.com/BurntSushi/toml v1.3.2 // indirect github.com/Masterminds/goutils v1.1.1 // indirect + github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/sprig v2.22.0+incompatible // indirect github.com/Masterminds/sprig/v3 v3.2.2 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect diff --git a/go.sum b/go.sum index 5f4e805d..8c83102b 100644 --- a/go.sum +++ b/go.sum @@ -1037,6 +1037,8 @@ github.com/metal-stack/metal-go v0.31.1 h1:1U31FuqhUveKxlIYrlrzjIhQLEqrlsm7ohZnZ github.com/metal-stack/metal-go v0.31.1/go.mod h1:3MJTYCS4YJz8D8oteTKhjpaAKNMMjMKYDrIy9awHGtQ= github.com/metal-stack/metal-lib v0.16.2 h1:RJls/Spai4h5xr3BEmQt9UdWNN4RB9+SOINoZcjYaA8= github.com/metal-stack/metal-lib v0.16.2/go.mod h1:nyNGI4DZFOcWbSoq2Y6V3SHpFxuXBIqYBZHTb6cy//s= +github.com/metal-stack/metal-lib v0.16.3 h1:xJr6P9GauQK49aoFH0bFyye5kRGmt87PomokulUm4Go= +github.com/metal-stack/metal-lib v0.16.3/go.mod h1:nyNGI4DZFOcWbSoq2Y6V3SHpFxuXBIqYBZHTb6cy//s= github.com/metal-stack/security v0.8.0 h1:tVaSDB9m5clwYrnLyaXfPy7mQlJTnmeoHscG+RUy/xo= github.com/metal-stack/security v0.8.0/go.mod h1:7GAcQb+pOgflW30ohJygxpqc3i0dQ2ahGJK1CU5tqa0= github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= diff --git a/pkg/controller/worker/actuator.go b/pkg/controller/worker/actuator.go index 8f00ff73..7942c1d9 100644 --- a/pkg/controller/worker/actuator.go +++ b/pkg/controller/worker/actuator.go @@ -155,6 +155,11 @@ func (a *actuator) Delete(ctx context.Context, log logr.Logger, worker *extensio return a.firewallDelete(ctx, log, cluster) } +func (a *actuator) ForceDelete(context.Context, logr.Logger, *extensionsv1alpha1.Worker, *extensionscontroller.Cluster) error { + // TODO: implement + return nil +} + func (a *actuator) Migrate(ctx context.Context, log logr.Logger, worker *extensionsv1alpha1.Worker, cluster *extensionscontroller.Cluster) error { err := a.workerActuator.Migrate(ctx, log, worker, cluster) if err != nil { diff --git a/pkg/webhook/controlplane/ensurer.go b/pkg/webhook/controlplane/ensurer.go index b4660a5c..8bc01313 100644 --- a/pkg/webhook/controlplane/ensurer.go +++ b/pkg/webhook/controlplane/ensurer.go @@ -6,9 +6,10 @@ import ( "fmt" "strings" - "github.com/Masterminds/semver" + "github.com/Masterminds/semver/v3" "github.com/coreos/go-systemd/v22/unit" extensionswebhook "github.com/gardener/gardener/extensions/pkg/webhook" + extensionscontextwebhook "github.com/gardener/gardener/extensions/pkg/webhook/context" gcontext "github.com/gardener/gardener/extensions/pkg/webhook/context" "github.com/gardener/gardener/extensions/pkg/webhook/controlplane" @@ -137,7 +138,7 @@ func ensureKubeletCommandLineArgs(command []string) []string { } // EnsureKubeletConfiguration ensures that the kubelet configuration conforms to the provider requirements. -func (e *ensurer) EnsureKubeletConfiguration(ctx context.Context, gctx gcontext.GardenContext, kubeletVersion *semver.Version, new, _ *kubeletconfigv1beta1.KubeletConfiguration) error { +func (e *ensurer) EnsureKubeletConfiguration(ctx context.Context, gctx extensionscontextwebhook.GardenContext, kubeletVersion *semver.Version, new, _ *kubeletconfigv1beta1.KubeletConfiguration) error { // Make sure CSI-related feature gates are not enabled // TODO Leaving these enabled shouldn't do any harm, perhaps remove this code when properly tested? // FIXME Why ? From 31b5ee99e4130f1ca8f45695695a9e23a416d351 Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Tue, 4 Jun 2024 15:03:23 +0200 Subject: [PATCH 04/23] fix test --- pkg/admission/mutator/defaulter_test.go | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/pkg/admission/mutator/defaulter_test.go b/pkg/admission/mutator/defaulter_test.go index cd81cdfc..d51b925f 100644 --- a/pkg/admission/mutator/defaulter_test.go +++ b/pkg/admission/mutator/defaulter_test.go @@ -273,9 +273,10 @@ func Test_defaulter_defaultShoot(t *testing.T) { }, }, Networking: &gardenv1beta1.Networking{ - Type: pointer.Pointer("calico"), - Pods: pointer.Pointer("10.240.0.0/13"), - Services: pointer.Pointer("10.248.0.0/18"), + Type: pointer.Pointer("calico"), + Pods: pointer.Pointer("10.240.0.0/13"), + Services: pointer.Pointer("10.248.0.0/18"), + IPFamilies: []gardenv1beta1.IPFamily{gardenv1beta1.IPFamilyIPv4}, ProviderConfig: &runtime.RawExtension{ Object: &calicoextensionv1alpha1.NetworkConfig{ Backend: pointer.Pointer(calicoextensionv1alpha1.None), @@ -352,20 +353,23 @@ func Test_defaulter_defaultShoot(t *testing.T) { }, }, Networking: &gardenv1beta1.Networking{ - Type: pointer.Pointer("cilium"), - Pods: pointer.Pointer("10.240.0.0/13"), - Services: pointer.Pointer("10.248.0.0/18"), + Type: pointer.Pointer("cilium"), + Pods: pointer.Pointer("10.240.0.0/13"), + Services: pointer.Pointer("10.248.0.0/18"), + IPFamilies: []gardenv1beta1.IPFamily{gardenv1beta1.IPFamilyIPv4}, ProviderConfig: &runtime.RawExtension{ Object: &ciliumextensionv1alpha1.NetworkConfig{ - PSPEnabled: pointer.Pointer(true), + PSPEnabled: pointer.Pointer(false), Hubble: &ciliumextensionv1alpha1.Hubble{ Enabled: true, }, TunnelMode: pointer.Pointer(ciliumextensionv1alpha1.Disabled), MTU: pointer.Pointer(1440), - Devices: []string{"lan+"}, - LoadBalancingMode: pointer.Pointer(ciliumextensionv1alpha1.DSR), + Devices: []string{"lan+", "lo"}, + DirectRoutingDevice: pointer.Pointer("lo"), + LoadBalancingMode: pointer.Pointer(ciliumextensionv1alpha1.SNAT), IPv4NativeRoutingCIDREnabled: pointer.Pointer(true), + BGPControlPlane: &ciliumextensionv1alpha1.BGPControlPlane{Enabled: true}, }, }, }, From 2c9aa0db9a483b3e19f77c2e3f7ddfac9f9d1f65 Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Thu, 6 Jun 2024 15:18:09 +0200 Subject: [PATCH 05/23] add loadbalancer env var --- .../control-plane/templates/cloud-controller-manager.yaml | 2 ++ charts/internal/control-plane/values.yaml | 1 + pkg/controller/controlplane/valuesprovider.go | 6 ++++++ 3 files changed, 9 insertions(+) diff --git a/charts/internal/control-plane/templates/cloud-controller-manager.yaml b/charts/internal/control-plane/templates/cloud-controller-manager.yaml index 27f091bd..8f878675 100644 --- a/charts/internal/control-plane/templates/cloud-controller-manager.yaml +++ b/charts/internal/control-plane/templates/cloud-controller-manager.yaml @@ -100,6 +100,8 @@ spec: value: {{ .Values.cloudControllerManager.additionalNetworks }} - name: METAL_SSH_PUBLICKEY value: {{ .Values.cloudControllerManager.sshPublicKey | quote }} + - name: LOADBALANCER + value: {{ .Values.cloudControllerManager.loadBalancer }} livenessProbe: httpGet: path: /healthz diff --git a/charts/internal/control-plane/values.yaml b/charts/internal/control-plane/values.yaml index 357d35ec..94e66c39 100644 --- a/charts/internal/control-plane/values.yaml +++ b/charts/internal/control-plane/values.yaml @@ -37,6 +37,7 @@ cloudControllerManager: clusterID: cluster-id defaultExternalNetwork: external-network-id additionalNetworks: internet,mpls + loadbalancer: metallb sshPublicKey: publickey metal: endpoint: api-url diff --git a/pkg/controller/controlplane/valuesprovider.go b/pkg/controller/controlplane/valuesprovider.go index 94f0ebd0..a6e18604 100644 --- a/pkg/controller/controlplane/valuesprovider.go +++ b/pkg/controller/controlplane/valuesprovider.go @@ -740,6 +740,11 @@ func getCCMChartValues( return nil, fmt.Errorf("secret %q not found", metal.CloudControllerManagerServerName) } + loadbalancer := "metallb" + if pointer.SafeDeref(cluster.Shoot.Spec.Networking.Type) == "cilium" { + loadbalancer = "cilium" + } + values := map[string]interface{}{ "pspDisabled": gardencorev1beta1helper.IsPSPDisabled(cluster.Shoot), "cloudControllerManager": map[string]interface{}{ @@ -751,6 +756,7 @@ func getCCMChartValues( "podNetwork": extensionscontroller.GetPodNetwork(cluster), "defaultExternalNetwork": defaultExternalNetwork, "additionalNetworks": strings.Join(infrastructureConfig.Firewall.Networks, ","), + "loadbalancer": loadbalancer, "sshPublicKey": string(sshSecret.Data["id_rsa.pub"]), "metal": map[string]interface{}{ "endpoint": mcp.Endpoint, From 613b687788bfcd3de9b1df8170c37b0d7c758a84 Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Wed, 19 Jun 2024 12:20:52 +0200 Subject: [PATCH 06/23] Use loadBalancer instead of loadbalancer --- charts/internal/control-plane/values.yaml | 2 +- pkg/controller/controlplane/valuesprovider.go | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/internal/control-plane/values.yaml b/charts/internal/control-plane/values.yaml index 94e66c39..ffdda191 100644 --- a/charts/internal/control-plane/values.yaml +++ b/charts/internal/control-plane/values.yaml @@ -37,7 +37,7 @@ cloudControllerManager: clusterID: cluster-id defaultExternalNetwork: external-network-id additionalNetworks: internet,mpls - loadbalancer: metallb + loadBalancer: metallb sshPublicKey: publickey metal: endpoint: api-url diff --git a/pkg/controller/controlplane/valuesprovider.go b/pkg/controller/controlplane/valuesprovider.go index f4944d0c..7612750f 100644 --- a/pkg/controller/controlplane/valuesprovider.go +++ b/pkg/controller/controlplane/valuesprovider.go @@ -740,9 +740,9 @@ func getCCMChartValues( return nil, fmt.Errorf("secret %q not found", metal.CloudControllerManagerServerName) } - loadbalancer := "metallb" + loadBalancer := "metallb" if pointer.SafeDeref(cluster.Shoot.Spec.Networking.Type) == "cilium" { - loadbalancer = "cilium" + loadBalancer = "cilium" } values := map[string]interface{}{ @@ -756,7 +756,7 @@ func getCCMChartValues( "podNetwork": extensionscontroller.GetPodNetwork(cluster), "defaultExternalNetwork": defaultExternalNetwork, "additionalNetworks": strings.Join(infrastructureConfig.Firewall.Networks, ","), - "loadbalancer": loadbalancer, + "loadBalancer": loadBalancer, "sshPublicKey": string(sshSecret.Data["id_rsa.pub"]), "metal": map[string]interface{}{ "endpoint": mcp.Endpoint, From 0449a531cc5cedea259b9c6a2b9e46718ed59ac0 Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Thu, 20 Jun 2024 14:50:59 +0200 Subject: [PATCH 07/23] remove ip families defaults --- pkg/admission/mutator/defaulter.go | 8 -------- 1 file changed, 8 deletions(-) diff --git a/pkg/admission/mutator/defaulter.go b/pkg/admission/mutator/defaulter.go index bde95767..5e021177 100644 --- a/pkg/admission/mutator/defaulter.go +++ b/pkg/admission/mutator/defaulter.go @@ -96,14 +96,6 @@ func (d *defaulter) defaultNetworking(shoot *gardenv1beta1.Shoot) error { shoot.Spec.Networking = &gardenv1beta1.Networking{} } - if shoot.Spec.Networking.IPFamilies == nil || len(shoot.Spec.Networking.IPFamilies) == 0 { - ipFamiles := make([]gardenv1beta1.IPFamily, 0) - for _, f := range d.c.ipFamilies() { - ipFamiles = append(ipFamiles, gardenv1beta1.IPFamily(f)) - } - shoot.Spec.Networking.IPFamilies = ipFamiles - } - if pointer.SafeDeref(shoot.Spec.Networking.Type) == "" { shoot.Spec.Networking.Type = pointer.Pointer(d.c.networkType()) } From 22781771fc3ad604ecaffaf66f5c3883d9690589 Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Thu, 20 Jun 2024 14:51:47 +0200 Subject: [PATCH 08/23] use dsr instead of snat as default --- pkg/admission/mutator/config.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/admission/mutator/config.go b/pkg/admission/mutator/config.go index a6e78098..090f004f 100644 --- a/pkg/admission/mutator/config.go +++ b/pkg/admission/mutator/config.go @@ -89,7 +89,7 @@ func (c *config) ciliumIPv4NativeRoutingCIDREnabled() bool { } func (c *config) ciliumLoadBalancingMode() ciliumextensionv1alpha1.LoadBalancingMode { - return ciliumextensionv1alpha1.LoadBalancingMode(c.string("DEFAULTER_CILIUMLOADBALANCINGMODE", string(ciliumextensionv1alpha1.SNAT))) + return ciliumextensionv1alpha1.LoadBalancingMode(c.string("DEFAULTER_CILIUMLOADBALANCINGMODE", string(ciliumextensionv1alpha1.DSR))) } func (c *config) ciliumMTU() int { From 9091e2b2c4a75a3545104e62897057932fe7f8c2 Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Thu, 20 Jun 2024 14:52:47 +0200 Subject: [PATCH 09/23] check if metallb needs to be deployed --- .../internal/shoot-control-plane/templates/metallb-crds.yaml | 2 ++ charts/internal/shoot-control-plane/templates/metallb.yaml | 2 ++ charts/internal/shoot-control-plane/values.yaml | 3 +++ pkg/controller/controlplane/valuesprovider.go | 5 +++++ 4 files changed, 12 insertions(+) diff --git a/charts/internal/shoot-control-plane/templates/metallb-crds.yaml b/charts/internal/shoot-control-plane/templates/metallb-crds.yaml index 8eeaee92..f47f1383 100644 --- a/charts/internal/shoot-control-plane/templates/metallb-crds.yaml +++ b/charts/internal/shoot-control-plane/templates/metallb-crds.yaml @@ -1,3 +1,4 @@ +{{- if .Values.metallb.enabled }} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -1057,3 +1058,4 @@ spec: storage: true subresources: status: {} +{{- end }} diff --git a/charts/internal/shoot-control-plane/templates/metallb.yaml b/charts/internal/shoot-control-plane/templates/metallb.yaml index 29b9e6a2..806a5fb8 100644 --- a/charts/internal/shoot-control-plane/templates/metallb.yaml +++ b/charts/internal/shoot-control-plane/templates/metallb.yaml @@ -1,3 +1,4 @@ +{{- if .Values.metallb.enabled }} apiVersion: v1 kind: Namespace metadata: @@ -768,3 +769,4 @@ roleRef: subjects: - kind: ServiceAccount name: controller +{{- end }} diff --git a/charts/internal/shoot-control-plane/values.yaml b/charts/internal/shoot-control-plane/values.yaml index 50b00353..ccbc671c 100644 --- a/charts/internal/shoot-control-plane/values.yaml +++ b/charts/internal/shoot-control-plane/values.yaml @@ -17,6 +17,9 @@ duros: enabled: false endpoints: [] +metallb: + enabled: true + nodeInit: enabled: true diff --git a/pkg/controller/controlplane/valuesprovider.go b/pkg/controller/controlplane/valuesprovider.go index 7612750f..8b7a4bc0 100644 --- a/pkg/controller/controlplane/valuesprovider.go +++ b/pkg/controller/controlplane/valuesprovider.go @@ -493,10 +493,14 @@ func (vp *valuesProvider) getControlPlaneShootChartValues(ctx context.Context, c "enabled": vp.controllerConfig.Storage.Duros.Enabled, } + metallbValues := map[string]any{ + "enabled": true, + } nodeInitValues := map[string]any{ "enabled": true, } if pointer.SafeDeref(pointer.SafeDeref(cluster.Shoot.Spec.Networking).Type) == "cilium" { + metallbValues["enabled"] = false nodeInitValues["enabled"] = false } @@ -614,6 +618,7 @@ func (vp *valuesProvider) getControlPlaneShootChartValues(ctx context.Context, c "apiserverIPs": apiserverIPs, "nodeCIDR": nodeCIDR, "duros": durosValues, + "metallb": metallbValues, "nodeInit": nodeInitValues, "restrictEgress": map[string]any{ // FIXME remove "enabled": cpConfig.FeatureGates.RestrictEgress != nil && *cpConfig.FeatureGates.RestrictEgress, From 4a3c8e5237b390746370ffc4de0372ef6ce1a36d Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Thu, 20 Jun 2024 14:59:24 +0200 Subject: [PATCH 10/23] fix test --- pkg/admission/mutator/defaulter_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/admission/mutator/defaulter_test.go b/pkg/admission/mutator/defaulter_test.go index d51b925f..41450c53 100644 --- a/pkg/admission/mutator/defaulter_test.go +++ b/pkg/admission/mutator/defaulter_test.go @@ -367,7 +367,7 @@ func Test_defaulter_defaultShoot(t *testing.T) { MTU: pointer.Pointer(1440), Devices: []string{"lan+", "lo"}, DirectRoutingDevice: pointer.Pointer("lo"), - LoadBalancingMode: pointer.Pointer(ciliumextensionv1alpha1.SNAT), + LoadBalancingMode: pointer.Pointer(ciliumextensionv1alpha1.DSR), IPv4NativeRoutingCIDREnabled: pointer.Pointer(true), BGPControlPlane: &ciliumextensionv1alpha1.BGPControlPlane{Enabled: true}, }, From 64be1f1b9799e0d8cbfe953ba210ebe9e5b35703 Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Thu, 20 Jun 2024 15:02:34 +0200 Subject: [PATCH 11/23] remove ip families from test --- go.sum | 2 -- pkg/admission/mutator/defaulter_test.go | 14 ++++++-------- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/go.sum b/go.sum index 8c83102b..0d5c19bc 100644 --- a/go.sum +++ b/go.sum @@ -1035,8 +1035,6 @@ github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.2024051013 github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240510132804-f1f2b0fdce23/go.mod h1:m2c6m3UNI3fLiqna/2m40Tdveep4CLUByIRfci2yw64= github.com/metal-stack/metal-go v0.31.1 h1:1U31FuqhUveKxlIYrlrzjIhQLEqrlsm7ohZnZGMZz/E= github.com/metal-stack/metal-go v0.31.1/go.mod h1:3MJTYCS4YJz8D8oteTKhjpaAKNMMjMKYDrIy9awHGtQ= -github.com/metal-stack/metal-lib v0.16.2 h1:RJls/Spai4h5xr3BEmQt9UdWNN4RB9+SOINoZcjYaA8= -github.com/metal-stack/metal-lib v0.16.2/go.mod h1:nyNGI4DZFOcWbSoq2Y6V3SHpFxuXBIqYBZHTb6cy//s= github.com/metal-stack/metal-lib v0.16.3 h1:xJr6P9GauQK49aoFH0bFyye5kRGmt87PomokulUm4Go= github.com/metal-stack/metal-lib v0.16.3/go.mod h1:nyNGI4DZFOcWbSoq2Y6V3SHpFxuXBIqYBZHTb6cy//s= github.com/metal-stack/security v0.8.0 h1:tVaSDB9m5clwYrnLyaXfPy7mQlJTnmeoHscG+RUy/xo= diff --git a/pkg/admission/mutator/defaulter_test.go b/pkg/admission/mutator/defaulter_test.go index 41450c53..246c8d45 100644 --- a/pkg/admission/mutator/defaulter_test.go +++ b/pkg/admission/mutator/defaulter_test.go @@ -273,10 +273,9 @@ func Test_defaulter_defaultShoot(t *testing.T) { }, }, Networking: &gardenv1beta1.Networking{ - Type: pointer.Pointer("calico"), - Pods: pointer.Pointer("10.240.0.0/13"), - Services: pointer.Pointer("10.248.0.0/18"), - IPFamilies: []gardenv1beta1.IPFamily{gardenv1beta1.IPFamilyIPv4}, + Type: pointer.Pointer("calico"), + Pods: pointer.Pointer("10.240.0.0/13"), + Services: pointer.Pointer("10.248.0.0/18"), ProviderConfig: &runtime.RawExtension{ Object: &calicoextensionv1alpha1.NetworkConfig{ Backend: pointer.Pointer(calicoextensionv1alpha1.None), @@ -353,10 +352,9 @@ func Test_defaulter_defaultShoot(t *testing.T) { }, }, Networking: &gardenv1beta1.Networking{ - Type: pointer.Pointer("cilium"), - Pods: pointer.Pointer("10.240.0.0/13"), - Services: pointer.Pointer("10.248.0.0/18"), - IPFamilies: []gardenv1beta1.IPFamily{gardenv1beta1.IPFamilyIPv4}, + Type: pointer.Pointer("cilium"), + Pods: pointer.Pointer("10.240.0.0/13"), + Services: pointer.Pointer("10.248.0.0/18"), ProviderConfig: &runtime.RawExtension{ Object: &ciliumextensionv1alpha1.NetworkConfig{ PSPEnabled: pointer.Pointer(false), From 02c608ded59b921b963687b4ba522562cb570c3f Mon Sep 17 00:00:00 2001 From: Ilja Rotar Date: Mon, 24 Jun 2024 14:53:51 +0200 Subject: [PATCH 12/23] skip metallb health check for cilium --- pkg/admission/mutator/config.go | 5 ----- pkg/controller/healthcheck/add.go | 9 +++++++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/pkg/admission/mutator/config.go b/pkg/admission/mutator/config.go index 090f004f..d0fd7b5f 100644 --- a/pkg/admission/mutator/config.go +++ b/pkg/admission/mutator/config.go @@ -7,15 +7,10 @@ import ( calicoextensionv1alpha1 "github.com/gardener/gardener-extension-networking-calico/pkg/apis/calico/v1alpha1" ciliumextensionv1alpha1 "github.com/gardener/gardener-extension-networking-cilium/pkg/apis/cilium/v1alpha1" - gardenv1beta1 "github.com/gardener/gardener/pkg/apis/core/v1beta1" ) type config struct{} -func (c *config) ipFamilies() []string { - return c.slice("DEFAULTER_IPFAMILIES", []string{string(gardenv1beta1.IPFamilyIPv4)}) -} - func (c *config) allowedPrivilegedContainers() bool { return c.bool("DEFAULTER_ALLOWEDPRIVILEGEDCONTAINERS", true) } diff --git a/pkg/controller/healthcheck/add.go b/pkg/controller/healthcheck/add.go index 48264b46..fc2239fb 100644 --- a/pkg/controller/healthcheck/add.go +++ b/pkg/controller/healthcheck/add.go @@ -7,6 +7,7 @@ import ( healthcheckconfig "github.com/gardener/gardener/extensions/pkg/apis/config" "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/config" "github.com/metal-stack/gardener-extension-provider-metal/pkg/metal" + "github.com/metal-stack/metal-lib/pkg/pointer" extensionscontroller "github.com/gardener/gardener/extensions/pkg/controller" genericcontrolplaneactuator "github.com/gardener/gardener/extensions/pkg/controller/controlplane/genericactuator" @@ -48,6 +49,9 @@ func RegisterHealthChecks(ctx context.Context, mgr manager.Manager, opts AddOpti durosPreCheck := func(_ context.Context, _ client.Client, _ client.Object, _ *extensionscontroller.Cluster) bool { return opts.ControllerConfig.Storage.Duros.Enabled } + metallbPreCheck := func(_ context.Context, _ client.Client, _ client.Object, cluster *extensionscontroller.Cluster) bool { + return pointer.SafeDeref(cluster.Shoot.Spec.Networking.Type) == "calico" + } if err := healthcheck.DefaultRegistration( ctx, @@ -83,10 +87,11 @@ func RegisterHealthChecks(ctx context.Context, mgr manager.Manager, opts AddOpti { ConditionType: string(gardencorev1beta1.ShootSystemComponentsHealthy), HealthCheck: CheckMetalLB(), + PreCheckFunc: metallbPreCheck, }, }, // TODO(acumino): Remove this condition in a future release. - sets.New[gardencorev1beta1.ConditionType](gardencorev1beta1.ShootSystemComponentsHealthy), + sets.New(gardencorev1beta1.ShootSystemComponentsHealthy), ); err != nil { return err } @@ -115,7 +120,7 @@ func RegisterHealthChecks(ctx context.Context, mgr manager.Manager, opts AddOpti }, }, // TODO(acumino): Remove this condition in a future release. - sets.New[gardencorev1beta1.ConditionType](gardencorev1beta1.ShootSystemComponentsHealthy), + sets.New(gardencorev1beta1.ShootSystemComponentsHealthy), ) } From 8b4fb721addb86f5b66e13a7c7401f4373996647 Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Wed, 3 Jul 2024 13:29:33 +0200 Subject: [PATCH 13/23] Skip rbac for metallb crds for cilium --- .../shoot-control-plane/templates/rbac-node-controller.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/internal/shoot-control-plane/templates/rbac-node-controller.yaml b/charts/internal/shoot-control-plane/templates/rbac-node-controller.yaml index 8088c610..1fa884e2 100644 --- a/charts/internal/shoot-control-plane/templates/rbac-node-controller.yaml +++ b/charts/internal/shoot-control-plane/templates/rbac-node-controller.yaml @@ -139,6 +139,7 @@ rules: - get - create - update +{{- if .Values.metallb.enabled }} - apiGroups: - metallb.io resources: @@ -156,7 +157,6 @@ rules: resources: - ipaddresspools verbs: - - create - create - delete - get @@ -176,6 +176,7 @@ rules: - patch - update - watch +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding From d9ca0c0e08144c0102f928a10785a023217ee1da Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Wed, 3 Jul 2024 13:33:47 +0200 Subject: [PATCH 14/23] Add rbac for cilium crds --- .../templates/rbac-node-controller.yaml | 26 +++++++++++++++++++ .../internal/shoot-control-plane/values.yaml | 3 +++ pkg/controller/controlplane/valuesprovider.go | 8 +++++- 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/charts/internal/shoot-control-plane/templates/rbac-node-controller.yaml b/charts/internal/shoot-control-plane/templates/rbac-node-controller.yaml index 1fa884e2..c585ef61 100644 --- a/charts/internal/shoot-control-plane/templates/rbac-node-controller.yaml +++ b/charts/internal/shoot-control-plane/templates/rbac-node-controller.yaml @@ -139,6 +139,32 @@ rules: - get - create - update +{{- if .Values.cilium.enabled }} +- apiGroups: + - cilium.io + resources: + - ciliumbgppeeringpolicies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cilium.io + resources: + - ciliumloadbalancerippools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +{{- end }} {{- if .Values.metallb.enabled }} - apiGroups: - metallb.io diff --git a/charts/internal/shoot-control-plane/values.yaml b/charts/internal/shoot-control-plane/values.yaml index ccbc671c..0f3b0314 100644 --- a/charts/internal/shoot-control-plane/values.yaml +++ b/charts/internal/shoot-control-plane/values.yaml @@ -17,6 +17,9 @@ duros: enabled: false endpoints: [] +cilium: + enabled: false + metallb: enabled: true diff --git a/pkg/controller/controlplane/valuesprovider.go b/pkg/controller/controlplane/valuesprovider.go index 8b7a4bc0..fe1f5e0f 100644 --- a/pkg/controller/controlplane/valuesprovider.go +++ b/pkg/controller/controlplane/valuesprovider.go @@ -29,9 +29,10 @@ import ( apismetal "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal" "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/helper" - metalclient "github.com/metal-stack/gardener-extension-provider-metal/pkg/metal/client" metalgo "github.com/metal-stack/metal-go" + metalclient "github.com/metal-stack/gardener-extension-provider-metal/pkg/metal/client" + admissionregistrationv1 "k8s.io/api/admissionregistration/v1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -493,6 +494,9 @@ func (vp *valuesProvider) getControlPlaneShootChartValues(ctx context.Context, c "enabled": vp.controllerConfig.Storage.Duros.Enabled, } + ciliumValues := map[string]any{ + "enabled": false, + } metallbValues := map[string]any{ "enabled": true, } @@ -500,6 +504,7 @@ func (vp *valuesProvider) getControlPlaneShootChartValues(ctx context.Context, c "enabled": true, } if pointer.SafeDeref(pointer.SafeDeref(cluster.Shoot.Spec.Networking).Type) == "cilium" { + ciliumValues["enabled"] = true metallbValues["enabled"] = false nodeInitValues["enabled"] = false } @@ -618,6 +623,7 @@ func (vp *valuesProvider) getControlPlaneShootChartValues(ctx context.Context, c "apiserverIPs": apiserverIPs, "nodeCIDR": nodeCIDR, "duros": durosValues, + "cilium": ciliumValues, "metallb": metallbValues, "nodeInit": nodeInitValues, "restrictEgress": map[string]any{ // FIXME remove From 0382528732b785f7cf385819f37b1da2279c5737 Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Thu, 1 Aug 2024 07:37:38 +0200 Subject: [PATCH 15/23] DROP: Checkout pull request HEAD commit instead of merge commit --- .github/workflows/docker.yaml | 2 ++ .github/workflows/test.yaml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 73f1642f..fe739201 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -30,6 +30,8 @@ jobs: - name: Checkout uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} - name: Make tag run: | diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 5b65624b..de1eebc6 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -19,6 +19,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} - name: Set up Go 1.22 uses: actions/setup-go@v5 From f88b1348e1c788fceb08125efe6b8fd1c617f004 Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Wed, 7 Aug 2024 14:57:20 +0200 Subject: [PATCH 16/23] DROP: Allow building container image on merge conflicts --- .github/workflows/docker.yaml | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index fe739201..174b67c1 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -1,15 +1,7 @@ --- name: Docker Build Action on: - pull_request: - branches: - - master - release: - types: - - published push: - branches: - - master env: REGISTRY: ghcr.io @@ -33,15 +25,9 @@ jobs: with: ref: ${{ github.event.pull_request.head.sha }} - - name: Make tag - run: | - [ "${GITHUB_EVENT_NAME}" == 'pull_request' ] && echo "tag=${GITHUB_HEAD_REF##*/}" >> $GITHUB_ENV || true - [ "${GITHUB_EVENT_NAME}" == 'release' ] && echo "tag=${GITHUB_REF##*/}" >> $GITHUB_ENV || true - [ "${GITHUB_EVENT_NAME}" == 'push' ] && echo "tag=latest" >> $GITHUB_ENV || true - - name: Build and push image uses: docker/build-push-action@v5 with: context: . push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.tag }} + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:update-cilium-extension From 9fb55ebbb5923535abec1f843e3c06a38023190c Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Thu, 5 Sep 2024 19:14:54 +0200 Subject: [PATCH 17/23] Use update cilium extension --- go.mod | 13 +++++++------ go.sum | 26 ++++++++++++++------------ 2 files changed, 21 insertions(+), 18 deletions(-) diff --git a/go.mod b/go.mod index b1180a81..8cc0cc20 100644 --- a/go.mod +++ b/go.mod @@ -2,14 +2,14 @@ module github.com/metal-stack/gardener-extension-provider-metal go 1.22 -replace github.com/gardener/gardener-extension-networking-cilium => github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240510132804-f1f2b0fdce23 +replace github.com/gardener/gardener-extension-networking-cilium => github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240905135331-af877fc185c9 require ( github.com/Masterminds/semver/v3 v3.2.1 github.com/ahmetb/gen-crd-api-reference-docs v0.3.0 github.com/coreos/go-systemd/v22 v22.5.0 - github.com/gardener/etcd-druid v0.20.1 - github.com/gardener/gardener v1.83.3 + github.com/gardener/etcd-druid v0.21.0 + github.com/gardener/gardener v1.86.0 github.com/gardener/gardener-extension-networking-calico v1.36.1 github.com/gardener/gardener-extension-networking-cilium v1.26.0 github.com/gardener/machine-controller-manager v0.50.1 @@ -30,7 +30,7 @@ require ( k8s.io/api v0.29.3 k8s.io/apiextensions-apiserver v0.29.3 k8s.io/apimachinery v0.29.3 - k8s.io/autoscaler/vertical-pod-autoscaler v0.14.0 + k8s.io/autoscaler/vertical-pod-autoscaler v1.0.0 k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible k8s.io/code-generator v0.29.3 k8s.io/component-base v0.29.3 @@ -92,6 +92,7 @@ require ( github.com/huandu/xstrings v1.4.0 // indirect github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/ironcore-dev/vgopath v0.1.3 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/kubernetes-csi/external-snapshotter/client/v4 v4.2.0 // indirect @@ -155,8 +156,8 @@ require ( gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - istio.io/api v0.0.0-20230217221049-9d422bf48675 // indirect - istio.io/client-go v1.17.1 // indirect + istio.io/api v1.19.2-0.20231011000955-f3015ebb5bd4 // indirect + istio.io/client-go v1.19.3 // indirect k8s.io/apiserver v0.28.3 // indirect k8s.io/cluster-bootstrap v0.28.3 // indirect k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 // indirect diff --git a/go.sum b/go.sum index 950ee452..d9287d70 100644 --- a/go.sum +++ b/go.sum @@ -728,10 +728,10 @@ github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/gardener/etcd-druid v0.20.1 h1:o6F4higujfg7dvBXvk+yPb86+3t2+XLE0Hmw5W1kXtM= -github.com/gardener/etcd-druid v0.20.1/go.mod h1:1tAeHycB0Vb2GfCX6sUCc6V6frGrCQI//quVg4K3GNA= -github.com/gardener/gardener v1.83.3 h1:ZnN5W0JWeUrheHHVpLfZc2xnl/vxLTQNRKCEB2VqrEM= -github.com/gardener/gardener v1.83.3/go.mod h1:WbCEy0CuG3fk1QFDeQeagwvWRtA7FaiuP9ska9EA7Xc= +github.com/gardener/etcd-druid v0.21.0 h1:kgr3KR+lVL4+k2WD+9PMrTY1eePkQ7CZHSCB5A+Q9TQ= +github.com/gardener/etcd-druid v0.21.0/go.mod h1:1tAeHycB0Vb2GfCX6sUCc6V6frGrCQI//quVg4K3GNA= +github.com/gardener/gardener v1.86.0 h1:r0DjNZbUc2F/feWDrySZ/AU/5LAr0LoKXdraFtPb6NQ= +github.com/gardener/gardener v1.86.0/go.mod h1:8eHlXs2EkaghrgQwK8qEiVw3dZGpNJaq+I9IkPpReA4= github.com/gardener/gardener-extension-networking-calico v1.36.1 h1:WyAdADamhxQgcCBrQOZAeSM/wm/urmmwBaqd2YLc7MY= github.com/gardener/gardener-extension-networking-calico v1.36.1/go.mod h1:GFmktIEzLxrOV6uNrCREeKjIkwYK6TlVOEPP7dffjAM= github.com/gardener/hvpa-controller/api v0.5.0 h1:f4F3O7YUrenwh4S3TgPREPiB287JjjUiUL18OqPLyAA= @@ -963,6 +963,8 @@ github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/ironcore-dev/vgopath v0.1.3 h1:/g3QJ29VrUkYEy52kcUhtvQ3mxfbMIlI1uvEbmt6S4E= +github.com/ironcore-dev/vgopath v0.1.3/go.mod h1:edfsCmU2M4r2N+t4RebSluq//tF3vzogyiDDhcf7MXs= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= @@ -1031,8 +1033,8 @@ github.com/metal-stack/firewall-controller-manager v0.4.0 h1:a2vskWMCjaDw7PhwLpm github.com/metal-stack/firewall-controller-manager v0.4.0/go.mod h1:tp/yt1nv3P1pmNnkW4r4LJqLTxjZhZ8IgANXQvx/HFg= github.com/metal-stack/firewall-controller/v2 v2.3.3 h1:4NrSFGl9NdUHQpKZK867ti6z0bPvZNPuP3ec1a7vGT8= github.com/metal-stack/firewall-controller/v2 v2.3.3/go.mod h1:Zo3HIlqqzWyvPGIpfWzsxkQjrIkmZHYtKgld71q24FE= -github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240510132804-f1f2b0fdce23 h1:NIloWL0ES3VscClkU49BqeCzqBcsniQv6xFx+D7aRII= -github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240510132804-f1f2b0fdce23/go.mod h1:m2c6m3UNI3fLiqna/2m40Tdveep4CLUByIRfci2yw64= +github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240905135331-af877fc185c9 h1:NGR27T+gfrAGd6VdsopTzWaG5gUnWVm0xCVvrpERjAg= +github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20240905135331-af877fc185c9/go.mod h1:nQK3cNZMAYxBehNipEW+1I0VsEDKfeVkNCNlb2ix6to= github.com/metal-stack/metal-go v0.31.1 h1:1U31FuqhUveKxlIYrlrzjIhQLEqrlsm7ohZnZGMZz/E= github.com/metal-stack/metal-go v0.31.1/go.mod h1:3MJTYCS4YJz8D8oteTKhjpaAKNMMjMKYDrIy9awHGtQ= github.com/metal-stack/metal-lib v0.17.2 h1:T1rxCPgagHW/M0wWSrOj4hWsPZMSt1pYw90Z3vBm88Q= @@ -2000,10 +2002,10 @@ honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las= -istio.io/api v0.0.0-20230217221049-9d422bf48675 h1:dxHqYbJwurfq+x2OOG4WP+NkbyjURgcP9PQTsxh7HXM= -istio.io/api v0.0.0-20230217221049-9d422bf48675/go.mod h1:owGDRg9uqMob8CN1gxaOzk6nJxnbT8wrP7PmggpJHHY= -istio.io/client-go v1.17.1 h1:W0kQXYCzIluA/20zLzxeNF7bNMJXXArmGYRt/MIg2io= -istio.io/client-go v1.17.1/go.mod h1:mLTRYYFxHctzUbt8Iclgj+Sueq34+qC2ZEJTn6BxRuE= +istio.io/api v1.19.2-0.20231011000955-f3015ebb5bd4 h1:NoiArVONh9DPs/DovhCCl771BUeEkKp+/GhsRB1YbOk= +istio.io/api v1.19.2-0.20231011000955-f3015ebb5bd4/go.mod h1:KstZe4bKbXouALUJ5PqpjNEhu5nj90HrDFitZfpNhlU= +istio.io/client-go v1.19.3 h1:nxNcBhtpJJmSoiTbCzO4Ay4Y1qve4Uct6oiqPSJVNMg= +istio.io/client-go v1.19.3/go.mod h1:ra3fVlXcquh7EuQnNssuLxfp6lFv/nx5314PvNEzOUs= k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM= k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc= k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08= @@ -2013,8 +2015,8 @@ k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb k8s.io/apiserver v0.28.3 h1:8Ov47O1cMyeDzTXz0rwcfIIGAP/dP7L8rWbEljRcg5w= k8s.io/apiserver v0.28.3/go.mod h1:YIpM+9wngNAv8Ctt0rHG4vQuX/I5rvkEMtZtsxW2rNM= k8s.io/autoscaler/vertical-pod-autoscaler v0.9.0/go.mod h1:PwWTGRRCxefhAezrDbG/tRYSAW7etHjjMPAr8fXKVAA= -k8s.io/autoscaler/vertical-pod-autoscaler v0.14.0 h1:HkQHkcuwVP3BgJpVqTGeYHro83qGBj8mWotygHZND1k= -k8s.io/autoscaler/vertical-pod-autoscaler v0.14.0/go.mod h1:w6/LjLR3DPQd57vlgvgbpzpuJKsCiily0+OzQI+nyfI= +k8s.io/autoscaler/vertical-pod-autoscaler v1.0.0 h1:y0TgWoHaeYEv3L1MfLC+D2WVxyN1fGr6axURHXq+wHE= +k8s.io/autoscaler/vertical-pod-autoscaler v1.0.0/go.mod h1:w6/LjLR3DPQd57vlgvgbpzpuJKsCiily0+OzQI+nyfI= k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4= k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo= k8s.io/cluster-bootstrap v0.28.3 h1:hGK3mJsmVGGvRJ61nyQcYNR9g/IYax75TbJcylTmZts= From 3e2115d1d09783c7202464d8e69fe1a3cd72a944 Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Thu, 5 Sep 2024 19:17:40 +0200 Subject: [PATCH 18/23] It is unnecessary to specify "--devices=lo,..." with Cilium 1.15.8 --- pkg/admission/mutator/config.go | 2 +- pkg/admission/mutator/defaulter_test.go | 9 +++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/pkg/admission/mutator/config.go b/pkg/admission/mutator/config.go index d0fd7b5f..b3efbbb5 100644 --- a/pkg/admission/mutator/config.go +++ b/pkg/admission/mutator/config.go @@ -68,7 +68,7 @@ func (c *config) ciliumTunnel() ciliumextensionv1alpha1.TunnelMode { } func (c *config) ciliumDevices() []string { - return c.slice("DEFAULTER_CILIUMDEVICES", []string{"lan+", "lo"}) + return c.slice("DEFAULTER_CILIUMDEVICES", []string{"lan+"}) } func (c *config) ciliumDirectRoutingDevice() string { diff --git a/pkg/admission/mutator/defaulter_test.go b/pkg/admission/mutator/defaulter_test.go index 246c8d45..c704a6db 100644 --- a/pkg/admission/mutator/defaulter_test.go +++ b/pkg/admission/mutator/defaulter_test.go @@ -8,13 +8,14 @@ import ( gardenv1beta1 "github.com/gardener/gardener/pkg/apis/core/v1beta1" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" + "github.com/stretchr/testify/require" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/serializer" + "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal" "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/helper" "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/install" metalv1alpha1 "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/v1alpha1" - "github.com/stretchr/testify/require" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/serializer" "github.com/metal-stack/metal-lib/pkg/pointer" ) @@ -363,7 +364,7 @@ func Test_defaulter_defaultShoot(t *testing.T) { }, TunnelMode: pointer.Pointer(ciliumextensionv1alpha1.Disabled), MTU: pointer.Pointer(1440), - Devices: []string{"lan+", "lo"}, + Devices: []string{"lan+"}, DirectRoutingDevice: pointer.Pointer("lo"), LoadBalancingMode: pointer.Pointer(ciliumextensionv1alpha1.DSR), IPv4NativeRoutingCIDREnabled: pointer.Pointer(true), From f06cf651f498b69ff7b0f7b4a2d648290536bf66 Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Thu, 5 Sep 2024 19:44:35 +0200 Subject: [PATCH 19/23] Revert "It is unnecessary to specify "--devices=lo,..." with Cilium 1.15.8" This reverts commit 3e2115d1d09783c7202464d8e69fe1a3cd72a944. --- pkg/admission/mutator/config.go | 2 +- pkg/admission/mutator/defaulter_test.go | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/pkg/admission/mutator/config.go b/pkg/admission/mutator/config.go index b3efbbb5..d0fd7b5f 100644 --- a/pkg/admission/mutator/config.go +++ b/pkg/admission/mutator/config.go @@ -68,7 +68,7 @@ func (c *config) ciliumTunnel() ciliumextensionv1alpha1.TunnelMode { } func (c *config) ciliumDevices() []string { - return c.slice("DEFAULTER_CILIUMDEVICES", []string{"lan+"}) + return c.slice("DEFAULTER_CILIUMDEVICES", []string{"lan+", "lo"}) } func (c *config) ciliumDirectRoutingDevice() string { diff --git a/pkg/admission/mutator/defaulter_test.go b/pkg/admission/mutator/defaulter_test.go index c704a6db..246c8d45 100644 --- a/pkg/admission/mutator/defaulter_test.go +++ b/pkg/admission/mutator/defaulter_test.go @@ -8,14 +8,13 @@ import ( gardenv1beta1 "github.com/gardener/gardener/pkg/apis/core/v1beta1" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" - "github.com/stretchr/testify/require" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/serializer" - "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal" "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/helper" "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/install" metalv1alpha1 "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/v1alpha1" + "github.com/stretchr/testify/require" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/serializer" "github.com/metal-stack/metal-lib/pkg/pointer" ) @@ -364,7 +363,7 @@ func Test_defaulter_defaultShoot(t *testing.T) { }, TunnelMode: pointer.Pointer(ciliumextensionv1alpha1.Disabled), MTU: pointer.Pointer(1440), - Devices: []string{"lan+"}, + Devices: []string{"lan+", "lo"}, DirectRoutingDevice: pointer.Pointer("lo"), LoadBalancingMode: pointer.Pointer(ciliumextensionv1alpha1.DSR), IPv4NativeRoutingCIDREnabled: pointer.Pointer(true), From b37b15cb6b4b50b3ca087052e86a12f7e7a69266 Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Thu, 10 Oct 2024 08:43:37 +0200 Subject: [PATCH 20/23] Fix go.sum --- go.sum | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/go.sum b/go.sum index 62c1ab11..85cebab0 100644 --- a/go.sum +++ b/go.sum @@ -102,8 +102,6 @@ github.com/gardener/gardener v1.92.3 h1:T50oc8Hd+TCA75+S12PAsHvV/ZpEjZgsQE+uxhf4 github.com/gardener/gardener v1.92.3/go.mod h1:ZKZdpH2nUFp3ZWSAGndgKPXnK0FrDx+mps511GE16Dg= github.com/gardener/gardener-extension-networking-calico v1.39.1 h1:x/PeBSXTasyeSHY6Q0czp9mhCsF0N1FHsH3j0/EEqMc= github.com/gardener/gardener-extension-networking-calico v1.39.1/go.mod h1:02QjW3PPk4gzGZAcKiEMBtUOfBw+6rPgYt4ZGRkbJbY= -github.com/gardener/gardener-extension-networking-cilium v1.34.0 h1:GpTNR6Ra+J8jv77S9GCh+JnpA+MN2/42TbkcZWcOB7Y= -github.com/gardener/gardener-extension-networking-cilium v1.34.0/go.mod h1:2b2ED5C7Nch4r772YKRDEpC/9Ak8SJB9gblDqBfysYM= github.com/gardener/hvpa-controller/api v0.15.0 h1:igsalL5Z6kFMn1+Kv1Eq0cRjYW+4oBA1aEY/yDO2QtI= github.com/gardener/hvpa-controller/api v0.15.0/go.mod h1:fqb4wNrQLESDKpm7ppXyCM2Gvx96wRlLL35aH0ge07U= github.com/gardener/machine-controller-manager v0.52.0 h1:irhpamQ/QXixCXJpNKRL71aM3FAdNO1HxZwA54jvncI= @@ -297,6 +295,8 @@ github.com/metal-stack/firewall-controller-manager v0.4.2 h1:Ye+m0TzMFhemiQFLp5w github.com/metal-stack/firewall-controller-manager v0.4.2/go.mod h1:tp/yt1nv3P1pmNnkW4r4LJqLTxjZhZ8IgANXQvx/HFg= github.com/metal-stack/firewall-controller/v2 v2.3.3 h1:4NrSFGl9NdUHQpKZK867ti6z0bPvZNPuP3ec1a7vGT8= github.com/metal-stack/firewall-controller/v2 v2.3.3/go.mod h1:Zo3HIlqqzWyvPGIpfWzsxkQjrIkmZHYtKgld71q24FE= +github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20241010063608-cadb628ce245 h1:I09XiwynXKkC3UX5bp0WaaRcR+F70wck4f7pQmEh/f8= +github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20241010063608-cadb628ce245/go.mod h1:2b2ED5C7Nch4r772YKRDEpC/9Ak8SJB9gblDqBfysYM= github.com/metal-stack/metal-go v0.32.3 h1:rM+Re3iLVuGN9GOQzV4HKodUmlhuimdbCaXbaCBfVy4= github.com/metal-stack/metal-go v0.32.3/go.mod h1:3MJTYCS4YJz8D8oteTKhjpaAKNMMjMKYDrIy9awHGtQ= github.com/metal-stack/metal-lib v0.18.0 h1:dHUzJRIaQZ2kcKV5Iwx6oqE+sSF3+trXKVOHbfML3Eg= From cd62740e09d5f76660bce2dfd5aad3037a0ef09b Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Wed, 16 Oct 2024 08:19:20 +0200 Subject: [PATCH 21/23] Revert "DROP: Allow building container image on merge conflicts" This reverts commit f88b1348e1c788fceb08125efe6b8fd1c617f004. --- .github/workflows/docker.yaml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 68660213..17a98645 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -1,7 +1,15 @@ --- name: Docker Build Action on: + pull_request: + branches: + - master + release: + types: + - published push: + branches: + - master env: REGISTRY: ghcr.io @@ -25,9 +33,15 @@ jobs: with: ref: ${{ github.event.pull_request.head.sha }} + - name: Make tag + run: | + [ "${GITHUB_EVENT_NAME}" == 'pull_request' ] && echo "tag=${GITHUB_HEAD_REF##*/}" >> $GITHUB_ENV || true + [ "${GITHUB_EVENT_NAME}" == 'release' ] && echo "tag=${GITHUB_REF##*/}" >> $GITHUB_ENV || true + [ "${GITHUB_EVENT_NAME}" == 'push' ] && echo "tag=latest" >> $GITHUB_ENV || true + - name: Build and push image uses: docker/build-push-action@v6 with: context: . push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:update-cilium-extension + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.tag }} From fc0d62654ed6ae6546c7c94e18ef47d645e6dc5b Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Wed, 16 Oct 2024 08:19:20 +0200 Subject: [PATCH 22/23] Revert "DROP: Checkout pull request HEAD commit instead of merge commit" This reverts commit 0382528732b785f7cf385819f37b1da2279c5737. --- .github/workflows/docker.yaml | 2 -- .github/workflows/test.yaml | 2 -- 2 files changed, 4 deletions(-) diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 17a98645..5c158fb4 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -30,8 +30,6 @@ jobs: - name: Checkout uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - name: Make tag run: | diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 15dd901f..65260214 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -19,8 +19,6 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - name: Setup Go uses: actions/setup-go@v5 From 511064099c46269323d7f9b995cbb2df33c661bd Mon Sep 17 00:00:00 2001 From: Robert Volkmann Date: Wed, 16 Oct 2024 13:50:35 +0200 Subject: [PATCH 23/23] Use gardener extension networking cilium 1.35.0 --- go.mod | 14 ++++++-------- go.sum | 24 ++++++++++++------------ 2 files changed, 18 insertions(+), 20 deletions(-) diff --git a/go.mod b/go.mod index 3d100352..256f9887 100644 --- a/go.mod +++ b/go.mod @@ -2,8 +2,6 @@ module github.com/metal-stack/gardener-extension-provider-metal go 1.22.2 -replace github.com/gardener/gardener-extension-networking-cilium => github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20241010063608-cadb628ce245 - require ( github.com/Masterminds/semver/v3 v3.2.1 github.com/ahmetb/gen-crd-api-reference-docs v0.3.0 @@ -11,7 +9,7 @@ require ( github.com/gardener/etcd-druid v0.22.0 github.com/gardener/gardener v1.95.6 github.com/gardener/gardener-extension-networking-calico v1.39.1 - github.com/gardener/gardener-extension-networking-cilium v1.34.0 + github.com/gardener/gardener-extension-networking-cilium v1.35.0 github.com/gardener/machine-controller-manager v0.53.0 github.com/go-logr/logr v1.4.2 github.com/go-openapi/strfmt v0.23.0 @@ -27,13 +25,13 @@ require ( github.com/spf13/cobra v1.8.1 github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.9.0 - k8s.io/api v0.29.4 + k8s.io/api v0.29.5 k8s.io/apiextensions-apiserver v0.29.4 - k8s.io/apimachinery v0.29.4 + k8s.io/apimachinery v0.29.5 k8s.io/autoscaler/vertical-pod-autoscaler v1.1.1 - k8s.io/client-go v0.29.4 - k8s.io/code-generator v0.29.4 - k8s.io/component-base v0.29.4 + k8s.io/client-go v0.29.5 + k8s.io/code-generator v0.29.5 + k8s.io/component-base v0.29.5 k8s.io/kubelet v0.29.4 sigs.k8s.io/controller-runtime v0.17.5 sigs.k8s.io/yaml v1.4.0 diff --git a/go.sum b/go.sum index 41e1287c..667edd7d 100644 --- a/go.sum +++ b/go.sum @@ -102,6 +102,8 @@ github.com/gardener/gardener v1.95.6 h1:s57+CL1WeZRV0demFDWJda/cerGPSknb7ZZEKU2S github.com/gardener/gardener v1.95.6/go.mod h1:dPyPIfT8n77FopQO/z1CXplkBGV5oN4LAQDhr5obOVI= github.com/gardener/gardener-extension-networking-calico v1.39.1 h1:x/PeBSXTasyeSHY6Q0czp9mhCsF0N1FHsH3j0/EEqMc= github.com/gardener/gardener-extension-networking-calico v1.39.1/go.mod h1:02QjW3PPk4gzGZAcKiEMBtUOfBw+6rPgYt4ZGRkbJbY= +github.com/gardener/gardener-extension-networking-cilium v1.35.0 h1:yKkiOcs1YybHEiExR2tOLD5lF3c96fS6RrNvit1xdM8= +github.com/gardener/gardener-extension-networking-cilium v1.35.0/go.mod h1:zMsv8Hv+MSr3R/OQ0a+fJesygCXJNuIUPmcRol/R4W8= github.com/gardener/hvpa-controller/api v0.15.0 h1:igsalL5Z6kFMn1+Kv1Eq0cRjYW+4oBA1aEY/yDO2QtI= github.com/gardener/hvpa-controller/api v0.15.0/go.mod h1:fqb4wNrQLESDKpm7ppXyCM2Gvx96wRlLL35aH0ge07U= github.com/gardener/machine-controller-manager v0.53.0 h1:g2O0F7nEYZ9LjyPY6Gew8+q0n+rU88deexNq5k8CKks= @@ -295,8 +297,6 @@ github.com/metal-stack/firewall-controller-manager v0.4.2 h1:Ye+m0TzMFhemiQFLp5w github.com/metal-stack/firewall-controller-manager v0.4.2/go.mod h1:tp/yt1nv3P1pmNnkW4r4LJqLTxjZhZ8IgANXQvx/HFg= github.com/metal-stack/firewall-controller/v2 v2.3.3 h1:4NrSFGl9NdUHQpKZK867ti6z0bPvZNPuP3ec1a7vGT8= github.com/metal-stack/firewall-controller/v2 v2.3.3/go.mod h1:Zo3HIlqqzWyvPGIpfWzsxkQjrIkmZHYtKgld71q24FE= -github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20241010063608-cadb628ce245 h1:I09XiwynXKkC3UX5bp0WaaRcR+F70wck4f7pQmEh/f8= -github.com/metal-stack/gardener-extension-networking-cilium v1.16.1-0.20241010063608-cadb628ce245/go.mod h1:2b2ED5C7Nch4r772YKRDEpC/9Ak8SJB9gblDqBfysYM= github.com/metal-stack/metal-go v0.32.3 h1:rM+Re3iLVuGN9GOQzV4HKodUmlhuimdbCaXbaCBfVy4= github.com/metal-stack/metal-go v0.32.3/go.mod h1:3MJTYCS4YJz8D8oteTKhjpaAKNMMjMKYDrIy9awHGtQ= github.com/metal-stack/metal-lib v0.18.0 h1:dHUzJRIaQZ2kcKV5Iwx6oqE+sSF3+trXKVOHbfML3Eg= @@ -679,25 +679,25 @@ istio.io/api v1.21.2/go.mod h1:TFCMUCAHRjxBv1CsIsFCsYHPHi4axVI4vdIzVr8eFjY= istio.io/client-go v1.21.1 h1:gAZCeG4pV2o2L6WaD/MLruNB+tBxa+Y21BuRJmFYlAI= istio.io/client-go v1.21.1/go.mod h1:mqwsapfu4b1FG47puY9H8y4+ga1+d+hxfdosNQ1HclY= k8s.io/api v0.19.0/go.mod h1:I1K45XlvTrDjmj5LoM5LuP/KYrhWbjUKT/SoPG0qTjw= -k8s.io/api v0.29.4 h1:WEnF/XdxuCxdG3ayHNRR8yH3cI1B/llkWBma6bq4R3w= -k8s.io/api v0.29.4/go.mod h1:DetSv0t4FBTcEpfA84NJV3g9a7+rSzlUHk5ADAYHUv0= +k8s.io/api v0.29.5 h1:levS+umUigHCfI3riD36pMY1vQEbrzh4r1ivVWAhHaI= +k8s.io/api v0.29.5/go.mod h1:7b18TtPcJzdjk7w5zWyIHgoAtpGeRvGGASxlS7UZXdQ= k8s.io/apiextensions-apiserver v0.29.4 h1:M7hbuHU/ckbibR7yPbe6DyNWgTFKNmZDbdZKD8q1Smk= k8s.io/apiextensions-apiserver v0.29.4/go.mod h1:TTDC9fB+0kHY2rogf5hgBR03KBKCwED+GHUsXGpR7SM= k8s.io/apimachinery v0.19.0/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= -k8s.io/apimachinery v0.29.4 h1:RaFdJiDmuKs/8cm1M6Dh1Kvyh59YQFDcFuFTSmXes6Q= -k8s.io/apimachinery v0.29.4/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= +k8s.io/apimachinery v0.29.5 h1:Hofa2BmPfpoT+IyDTlcPdCHSnHtEQMoJYGVoQpRTfv4= +k8s.io/apimachinery v0.29.5/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= k8s.io/apiserver v0.29.4 h1:wPwGOO58GQOpRiZu59P5eRoDcB7QtV+QBglkRiXwCiM= k8s.io/apiserver v0.29.4/go.mod h1:VqTF9t98HVfhKZVRohCPezsdUt9u2g3bHKftxGcXoRo= k8s.io/autoscaler/vertical-pod-autoscaler v1.1.1 h1:cz1xqf+WccJcvEaDd9sefJVx7bEldJT5RLQWViRgoTI= k8s.io/autoscaler/vertical-pod-autoscaler v1.1.1/go.mod h1:J2cNKnieE7r4bInjpQDBq93D50aD/CmspSi6xRUfKk4= k8s.io/client-go v0.19.0/go.mod h1:H9E/VT95blcFQnlyShFgnFT9ZnJOAceiUHM3MlRC+mU= -k8s.io/client-go v0.29.4 h1:79ytIedxVfyXV8rpH3jCBW0u+un0fxHDwX5F9K8dPR8= -k8s.io/client-go v0.29.4/go.mod h1:kC1thZQ4zQWYwldsfI088BbK6RkxK+aF5ebV8y9Q4tk= +k8s.io/client-go v0.29.5 h1:nlASXmPQy190qTteaVP31g3c/wi2kycznkTP7Sv1zPc= +k8s.io/client-go v0.29.5/go.mod h1:aY5CnqUUvXYccJhm47XHoPcRyX6vouHdIBHaKZGTbK4= k8s.io/code-generator v0.19.0/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= -k8s.io/code-generator v0.29.4 h1:8ESudFNbY5/9BzB8KOEFG2uV9Q0AQxkc4mrQESr30Ks= -k8s.io/code-generator v0.29.4/go.mod h1:7TYnI0dYItL2cKuhhgPSuF3WED9uMdELgbVXFfn/joE= -k8s.io/component-base v0.29.4 h1:xeKzuuHI/1tjleu5jycDAcYbhAxeGHCQBZUY2eRIkOo= -k8s.io/component-base v0.29.4/go.mod h1:pYjt+oEZP9gtmwSikwAJgfSBikqKX2gOqRat0QjmQt0= +k8s.io/code-generator v0.29.5 h1:WqSdBPVV1B3jsPnKtPS39U02zj6Q7+FsjhAj1EPBJec= +k8s.io/code-generator v0.29.5/go.mod h1:7TYnI0dYItL2cKuhhgPSuF3WED9uMdELgbVXFfn/joE= +k8s.io/component-base v0.29.5 h1:Ptj8AzG+p8c2a839XriHwxakDpZH9uvIgYz+o1agjg8= +k8s.io/component-base v0.29.5/go.mod h1:9nBUoPxW/yimISIgAG7sJDrUGJlu7t8HnDafIrOdU8Q= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20201203183100-97869a43a9d9/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=