Add example and templates

outscale · Mar 29, 2023 · 1b4cb21 · 1b4cb21
1 parent 26f9840
commit 1b4cb21
Show file tree

Hide file tree

Showing 24 changed files with 1,722 additions and 593 deletions.
diff --git a/capm.yaml b/capm.yaml
diff --git a/example/cluster-machine-template-bastion.yaml b/example/cluster-machine-template-bastion.yaml
@@ -21,14 +21,31 @@ spec:
     name: "cluster-api-control-plane"
     namespace: default
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscCluster
 metadata:
   name: cluster-api
   namespace: default
 spec:
   network:
+    bastion:
+      clusterName: cluster-api
+      enable: true
+      name: cluster-api-vm-bastion
+      keypairName: cluster-api
+      deviceName: /dev/sda1
+      imageName: ubuntu-2004-2004-kubernetes-v1.22.11-2022-08-22
+      rootDisk:
+        rootDiskSize: 15
+        rootDiskIops: 1000
+        rootDiskType: io1
+      subnetName: cluster-api-subnet-public
+      subregionName: eu-west-2a
+      securityGroupNames:
+        - name: cluster-api-securitygroup-lb
+      vmType: "tinav4.c2r4p2"
     clusterName: cluster-api
+    subregionName: eu-west-2a
     loadBalancer:
       loadbalancername: osc-k8s
       loadbalancertype: internet-facing
@@ -38,16 +55,14 @@ spec:
     net:
       name: cluster-api-net
       clusterName: cluster-api
-      ipRange: "10.0.0.0/24"
+      ipRange: "10.0.0.0/16"
     subnets:
       - name: cluster-api-subnet-kcp
-        ipSubnetRange: "10.0.0.32/28"
+        ipSubnetRange: "10.0.4.0/24"
       - name: cluster-api-subnet-kw
-        ipSubnetRange: "10.0.0.128/26"
+        ipSubnetRange: "10.0.3.0/24"
       - name: cluster-api-subnet-public
-        ipSubnetRange: "10.0.0.8/29"
-      - name: cluster-api-subnet-nat
-        ipSubnetRange: "10.0.0.0/29"
+        ipSubnetRange: "10.0.2.0/24"
     publicIps:
       - name: cluster-api-publicip-nat
     internetService:
@@ -57,52 +72,30 @@ spec:
       clusterName: cluster-api
       name: cluster-api-natservice
       publicipname: cluster-api-publicip-nat
-      subnetname: cluster-api-subnet-nat
-
+      subnetname: cluster-api-subnet-public
     bastion:
       clusterName: cluster-api
-      enable: true
-      name: cluster-api-vm-bastion
-      keypairName: cluster-api
-      deviceName: /dev/sda1
-      imageName: ubuntu-2004-2004-kubernetes-v1.22.11-2022-08-22
-      rootDisk:
-        rootDiskSize: 15
-        rootDiskIops: 1000
-        rootDiskType: io1
-      subnetName: cluster-api-subnet-public
-      subregionName: eu-west-2a
-      securityGroupNames:
-        - name: cluster-api-securitygroup-lb
-      vmType: "tinav4.c2r4p2"
+      enable: false
     routeTables:
       - name: cluster-api-routetable-kw
         subnets:
-        - cluster-api-subnet-kw
+          - cluster-api-subnet-kw
         routes:
           - name: cluster-api-routes-kw
             targetName: cluster-api-natservice
             targetType: nat
             destination: "0.0.0.0/0"
       - name: cluster-api-routetable-kcp
         subnets:
-        - cluster-api-subnet-kcp
+          - cluster-api-subnet-kcp
         routes:
           - name: cluster-api-routes-kcp
-            targetName: cluster-api-natservice	
+            targetName: cluster-api-natservice
             targetType: nat
             destination: "0.0.0.0/0"
-      - name: cluster-api-routetable-nat
-        subnets: 
-        - cluster-api-subnet-nat
-        routes:
-          - name: cluster-api-routes-nat
-            targetName: cluster-api-internetservice
-            targetType: gateway
-            destination: "0.0.0.0/0"
       - name: cluster-api-routetable-public
         subnets:
-        - cluster-api-subnet-public
+          - cluster-api-subnet-public
         routes:
           - name: cluster-api-routes-public
             targetName: cluster-api-internetservice
@@ -116,61 +109,87 @@ spec:
             flow: Inbound
             ipProtocol: tcp
 # IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
-            ipRange: "10.0.0.128/26"
+            ipRange: "10.0.3.0/24"
             fromPortRange: 10250
             toPortRange: 10250
           - name: cluster-api-securitygrouprule-api-kubelet-kcp
             flow: Inbound
             ipProtocol: tcp
 # IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
-            ipRange: "10.0.0.32/28"
+            ipRange: "10.0.4.0/24"
             fromPortRange: 10250
             toPortRange: 10250
-          - name: cluster-api-securitygrouprule-nodeip-kw
+          - name: cluster-api-securitygrouprule-kcp-nodeip-kw
             flow: Inbound
             ipProtocol: tcp
 # IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
-            ipRange: "10.0.0.128/26"
+            ipRange: "10.0.3.0/24"
             fromPortRange: 30000
             toPortRange: 32767
-          - name: cluster-api-securitygrouprule-nodeip-kcp
+          - name: cluster-api-securitygrouprule-kcp-nodeip-kcp
             flow: Inbound
             ipProtocol: tcp
 # IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
-            ipRange: "10.0.0.32/28"
+            ipRange: "10.0.4.0/24"
             fromPortRange: 30000
             toPortRange: 32767
+          - name: cluster-api-securitygrouprule-kw-bgp
+            flow: Inbound
+            ipProtocol: tcp
+            ipRange: "10.0.0.0/16"
+            fromPortRange: 179
+            toPortRange: 179
       - name: cluster-api-securitygroups-kcp
         description: Security Group with cluster-api
         securityGroupRules:
           - name: cluster-api-securitygrouprule-api-kw
             flow: Inbound
             ipProtocol: tcp
 # IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
-            ipRange: "10.0.0.128/26"
+            ipRange: "10.0.3.0/24"
             fromPortRange: 6443
             toPortRange: 6443
           - name: cluster-api-securitygrouprule-api-kcp
             flow: Inbound
             ipProtocol: tcp
 # IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
-            ipRange: "10.0.0.32/28"
+            ipRange: "10.0.4.0/24"
             fromPortRange: 6443
             toPortRange: 6443
           - name: cluster-api-securitygrouprule-etcd
             flow: Inbound
             ipProtocol: tcp
 # IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
-            ipRange: "10.0.0.32/28"
+            ipRange: "10.0.4.0/24"
             fromPortRange: 2378
             toPortRange: 2379
           - name: cluster-api-securitygrouprule-kubelet-kcp
             flow: Inbound
             ipProtocol: tcp
 # IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
-            ipRange: "10.0.0.32/28"
+            ipRange: "10.0.4.0/24"
             fromPortRange: 10250
             toPortRange: 10252
+          - name: cluster-api-securitygrouprule-kcp-bgp
+            flow: Inbound
+            ipProtocol: tcp
+            ipRange: "10.0.0.0/16"
+            fromPortRange: 179
+            toPortRange: 179
+          - name: cluster-api-securitygrouprule-kw-nodeip-kw
+            flow: Inbound
+            ipProtocol: tcp
+# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
+            ipRange: "10.0.3.0/24"
+            fromPortRange: 30000
+            toPortRange: 32767
+          - name: cluster-api-securitygrouprule-kw-nodeip-kcp
+            flow: Inbound
+            ipProtocol: tcp
+# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
+            ipRange: "10.0.4.0/24"
+            fromPortRange: 30000
+            toPortRange: 32767
       - name: cluster-api-securitygroup-lb
         description: Security Group lb with cluster-api
         securityGroupRules:
@@ -184,6 +203,7 @@ spec:
       - name: cluster-api-securitygroups-node
         description: Security Group node with cluster-api
         tag: OscK8sMainSG 
+
 ---
 apiVersion: cluster.x-k8s.io/v1beta1
 kind: MachineDeployment
@@ -211,7 +231,7 @@ spec:
         kind: OscMachineTemplate
         namespace: default
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscMachineTemplate
 metadata:
   name: "cluster-api-md-0"
@@ -242,7 +262,7 @@ spec:
             - name: cluster-api-securitygroups-node
           vmType: "tinav4.c2r4p2"
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscMachineTemplate
 metadata:
   name: "cluster-api-control-plane"
@@ -298,7 +318,7 @@ spec:
           name: "{{ ds.meta_data.local_hostname }}"
           kubeletExtraArgs:
             cloud-provider: external
-            provider-id: osc://'{{ ds.meta_data.instance_id }}'
+            provider-id: aws://'{{ ds.meta_data.placement.availability_zone }}'/'{{ ds.meta_data.instance_id }}'
       preKubeadmCommands:
         - sh /tmp/set_runc.sh
 ---
@@ -319,7 +339,7 @@ spec:
       nodeRegistration:
         kubeletExtraArgs:
           cloud-provider: external
-          provider-id: osc://'{{ ds.meta_data.instance_id }}'
+          provider-id: aws://'{{ ds.meta_data.placement.availability_zone }}'/'{{ ds.meta_data.instance_id }}'
         name: '{{ ds.meta_data.local_hostname }}'
     files:
     - content: |
@@ -334,7 +354,7 @@ spec:
       nodeRegistration:
         kubeletExtraArgs:
           cloud-provider: external
-          provider-id: osc://'{{ ds.meta_data.instance_id }}'
+          provider-id: aws://'{{ ds.meta_data.placement.availability_zone }}'/'{{ ds.meta_data.instance_id }}'
     preKubeadmCommands:
       - sh /tmp/set_runc.sh
   version: "1.22.11"
diff --git a/example/cluster-machine-template-default.yaml b/example/cluster-machine-template-default.yaml
@@ -21,7 +21,7 @@ spec:
     name: "capo-quickstart-control-plane"
     namespace: default
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscCluster
 metadata:
   name:  capo-quickstart
@@ -94,7 +94,7 @@ spec:
           subregionName: eu-west-2a
           vmType: "tinav4.c2r4p2"
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscMachineTemplate
 metadata:
   name: "capo-quickstart-control-plane"

diff --git a/example/cluster-machine-template-simple.yaml b/example/cluster-machine-template-simple.yaml
@@ -21,13 +21,15 @@ spec:
     name: "cluster-api-control-plane"
     namespace: default
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscCluster
 metadata:
   name: cluster-api
   namespace: default
 spec:
   network:
+    bastion:
+      enable: false
     clusterName: cluster-api
     subregionName: eu-west-2a
     loadBalancer:
@@ -214,7 +216,7 @@ spec:
         kind: OscMachineTemplate
         namespace: default
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscMachineTemplate
 metadata:
   name: "cluster-api-md-0"
@@ -245,7 +247,7 @@ spec:
             - name: cluster-api-securitygroups-node
           vmType: "tinav4.c2r4p2"
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscMachineTemplate
 metadata:
   name: "cluster-api-control-plane"

diff --git a/example/clusterctl.yaml b/example/clusterctl.yaml
@@ -0,0 +1,8 @@
+providers:
+- name: "k3s"
+  url: /home/outscale/cluster-api-k3s/samples/deployment/bootstrap-k3s/v1.2.2/bootstrap-components.yaml
+  type: "BootstrapProvider"
+- name: "k3s"
+  url: /home/outscale/cluster-api-k3s/samples/deployment/control-plane-k3s/v1.2.2/control-plane-components.yaml
+  type: "ControlPlaneProvider"
+# override a pre-defined provider
diff --git a/example/hello-osc.yaml b/example/hello-osc.yaml
@@ -28,7 +28,6 @@ metadata:
 spec:
   network:
     clusterName: hello-osc
-    subregionName: eu-west-2a
     internetService:
       clusterName: hello-osc
     loadBalancer:

diff --git a/hack/boilerplate/boilerplate.py b/hack/boilerplate/boilerplate.py
@@ -123,6 +123,7 @@ def file_passes(filename, refs, regexs):
             else:
                 print('File %s has the YEAR field, but missing the year of date' % filename, file=verbose_out)
             return False
+
     if not generated:
         # Replace all occurrences of the regex "2014|2015|2016|2017|2018" with "YEAR"
         p = regexs["date"]
@@ -219,6 +220,7 @@ def main():
     regexs = get_regexs()
     refs = get_refs()
     filenames = get_files(refs.keys())
+
     for filename in filenames:
         if not file_passes(filename, refs, regexs):
             if sys.version_info[0] < 3:

diff --git a/hack/ensure-clusterctl.sh b/hack/ensure-clusterctl.sh
@@ -46,7 +46,8 @@ EOF
 
 install_clusterctl() {
     if [[ "${OSTYPE}" == "linux"* ]]; then
-      curl -sLo "clusterctl" "https://github.com/kubernetes-sigs/cluster-api/releases/download/v${MINIMUM_CLUSTERCTL_VERSION}/clusterctl-linux-amd64"
+      echo "https://github.com/kubernetes-sigs/cluster-api/releases/download/v${MINIMUM_CLUSTERCTL_VERSION}/clusterctl-linux-amd64"
+      curl -sLo  "clusterctl" "https://github.com/kubernetes-sigs/cluster-api/releases/download/v${MINIMUM_CLUSTERCTL_VERSION}/clusterctl-linux-amd64"
       copy_binary
     else
       set +x

diff --git a/metadata.yaml b/metadata.yaml
@@ -3,3 +3,6 @@ releaseSeries:
   - major: 0
     minor: 1
     contract: v1beta1
+  - major: 0
+    minor: 2
+    contract: v1beta2
diff --git a/templates/cluster-template.yaml b/templates/cluster-template.yaml
@@ -18,7 +18,7 @@ spec:
     apiVersion: controlplane.cluster.x-k8s.io/v1beta1
     name: "${CLUSTER_NAME}-control-plane"
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscCluster
 metadata:
   name: "${CLUSTER_NAME}"
@@ -62,7 +62,7 @@ spec:
         apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
         kind: OscMachineTemplate
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscMachineTemplate
 metadata:
   name: "${CLUSTER_NAME}-md-0"
@@ -85,7 +85,7 @@ spec:
           subregionName: ${OSC_SUBREGION_NAME}
           vmType: "${OSC_VM_TYPE}"
 ---
-apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
 kind: OscMachineTemplate
 metadata:
   name: "${CLUSTER_NAME}-control-plane"