From f90fb94516a7ff67faecd64bb5477b2ceb91aa56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20GLON?= Date: Mon, 4 Dec 2023 11:05:36 +0100 Subject: [PATCH] Feat/net/controlplane Manage FailureDomain on multipld az --- api/v1beta1/osccluster_types.go | 9 +- api/v1beta1/oscmachine_webhook.go | 12 +- api/v1beta1/types.go | 2 + cloud/scope/cluster.go | 8 + cloud/services/service/load_balancer.go | 17 +- cloud/tag/tag.go | 9 +- cluster-api-provider-outscale-manifest.yaml | 1752 +++++++++++++++++ ...tructure.cluster.x-k8s.io_oscclusters.yaml | 27 +- ....cluster.x-k8s.io_oscclustertemplates.yaml | 8 +- ...tructure.cluster.x-k8s.io_oscmachines.yaml | 8 +- ....cluster.x-k8s.io_oscmachinetemplates.yaml | 9 +- config/rbac/role.yaml | 1 - config/webhook/manifests.yaml | 2 - controllers/osccluster_controller.go | 12 +- controllers/oscmachine_controller.go | 2 + controllers/oscmachine_vm_controller.go | 15 + .../oscmachine_vm_controller_unit_test.go | 175 +- .../cluster-machine-template-multi-az.yaml | 66 +- example/cluster-machine-template-simple.yaml | 7 +- hack/ensure-clusterctl.sh | 2 +- hack/ensure-controller-gen.sh | 2 +- hack/ensure-envsubst.sh | 2 +- hack/ensure-envtest.sh | 2 +- hack/ensure-gh.sh | 2 +- hack/ensure-golangci-lint.sh | 2 +- hack/ensure-kind.sh | 2 +- hack/ensure-kubebuildertool.sh | 2 +- hack/ensure-kubectl.sh | 2 +- hack/ensure-kustomize.sh | 2 +- hack/ensure-mdbook.sh | 2 +- hack/ensure-mockgen.sh | 2 +- hack/ensure-packer.sh | 2 +- hack/ensure-tilt.sh | 2 +- hack/ensure-yamlfmt.sh | 2 +- hack/verify-buildifier.sh | 2 +- hack/verify-shellcheck.sh | 2 +- 36 files changed, 2090 insertions(+), 85 deletions(-) create mode 100644 cluster-api-provider-outscale-manifest.yaml diff --git a/api/v1beta1/osccluster_types.go b/api/v1beta1/osccluster_types.go index b8732cd1e..1a25c84a9 100644 --- a/api/v1beta1/osccluster_types.go +++ b/api/v1beta1/osccluster_types.go @@ -36,10 +36,11 @@ type OscClusterSpec struct { // OscClusterStatus defines the observed state of OscCluster type OscClusterStatus struct { - Ready bool `json:"ready,omitempty"` - Network OscNetworkResource `json:"network,omitempty"` - Conditions clusterv1.Conditions `json:"conditions,omitempty"` - VmState *VmState `json:"vmState,omitempty"` + Ready bool `json:"ready,omitempty"` + Network OscNetworkResource `json:"network,omitempty"` + FailureDomains clusterv1.FailureDomains `json:"failureDomains,omitempty"` + Conditions clusterv1.Conditions `json:"conditions,omitempty"` + VmState *VmState `json:"vmState,omitempty"` } //+kubebuilder:object:root=true diff --git a/api/v1beta1/oscmachine_webhook.go b/api/v1beta1/oscmachine_webhook.go index a962407b7..079cb3290 100644 --- a/api/v1beta1/oscmachine_webhook.go +++ b/api/v1beta1/oscmachine_webhook.go @@ -97,12 +97,22 @@ func (m *OscMachine) ValidateUpdate(oldRaw runtime.Object) error { oscMachineLog.Info("validate update old subregionName", "old subregionName", old.Spec.Node.Vm.SubregionName) oscMachineLog.Info("validate update subregionName", "subregionName", m.Spec.Node.Vm.SubregionName) - if !reflect.DeepEqual(m.Spec.Node.Vm.SubregionName, old.Spec.Node.Vm.SubregionName) { + if old.Spec.Node.Vm.SubregionName != "" && !reflect.DeepEqual(m.Spec.Node.Vm.SubregionName, old.Spec.Node.Vm.SubregionName) { allErrs = append(allErrs, field.Invalid(field.NewPath("spec", "subregionName"), m.Spec.Node.Vm.SubregionName, "field is immutable"), ) } + + oscMachineLog.Info("validate update old subnetName", "old subnetName", old.Spec.Node.Vm.SubnetName) + oscMachineLog.Info("validate update subnetName", "subnetName", m.Spec.Node.Vm.SubnetName) + + if (old.Spec.Node.Vm.SubnetName != "") && !reflect.DeepEqual(m.Spec.Node.Vm.SubnetName, old.Spec.Node.Vm.SubnetName) { + allErrs = append(allErrs, + field.Invalid(field.NewPath("spec", "subnetName"), + m.Spec.Node.Vm.SubnetName, "field is immutable"), + ) + } oscMachineLog.Info("validate update old rootDiskSize", "old rootDiskSize", old.Spec.Node.Vm.RootDisk.RootDiskSize) oscMachineLog.Info("validate update rootDiskSize", "rootDiskSize", m.Spec.Node.Vm.RootDisk.RootDiskSize) diff --git a/api/v1beta1/types.go b/api/v1beta1/types.go index 36b759b53..7bfeadcef 100644 --- a/api/v1beta1/types.go +++ b/api/v1beta1/types.go @@ -42,6 +42,8 @@ type OscNetwork struct { // The Net configuration // +optional Net OscNet `json:"net,omitempty"` + // List of subnet to spread controlPlane nodes + ControlPlaneSubnets []string `json:"controlPlaneSubnets,omitempty"` // The Subnet configuration // +optional Subnets []*OscSubnet `json:"subnets,omitempty"` diff --git a/cloud/scope/cluster.go b/cloud/scope/cluster.go index 052f056d8..d920c8cd1 100644 --- a/cloud/scope/cluster.go +++ b/cloud/scope/cluster.go @@ -225,6 +225,14 @@ func (s ClusterScope) GetLinkRouteTablesRef() map[string][]string { return s.OscCluster.Status.Network.LinkRouteTableRef } +// SetFailureDomain sets the infrastructure provider failure domain key to the spec given as input. +func (s *ClusterScope) SetFailureDomain(id string, spec clusterv1.FailureDomainSpec) { + if s.OscCluster.Status.FailureDomains == nil { + s.OscCluster.Status.FailureDomains = make(clusterv1.FailureDomains) + } + s.OscCluster.Status.FailureDomains[id] = spec +} + // SetLinkRouteTableRef set the status of route associate with a routeTables (a Map with tag name with cluster uid associate with resource response id) func (s ClusterScope) SetLinkRouteTablesRef(linkRouteTableRef map[string][]string) { s.OscCluster.Status.Network.LinkRouteTableRef = linkRouteTableRef diff --git a/cloud/services/service/load_balancer.go b/cloud/services/service/load_balancer.go index 98e7ddf86..649313e35 100644 --- a/cloud/services/service/load_balancer.go +++ b/cloud/services/service/load_balancer.go @@ -222,14 +222,15 @@ func (s *Service) GetLoadBalancer(spec *infrastructurev1beta1.OscLoadBalancer) ( readLoadBalancersResponse, httpRes, err = oscApiClient.LoadBalancerApi.ReadLoadBalancers(oscAuthClient).ReadLoadBalancersRequest(readLoadBalancerRequest).Execute() if err != nil { if httpRes != nil { - return false, fmt.Errorf("error %w httpRes %s", err, httpRes.Status) - } - requestStr := fmt.Sprintf("%v", readLoadBalancerRequest) - if reconciler.KeepRetryWithError( - requestStr, - httpRes.StatusCode, - reconciler.ThrottlingErrors) { - return false, nil + requestStr := fmt.Sprintf("%v", readLoadBalancerRequest) + if reconciler.KeepRetryWithError( + requestStr, + httpRes.StatusCode, + reconciler.ThrottlingErrors) { + return false, nil + } else { + return false, fmt.Errorf("error %w httpRes %s", err, httpRes.Status) + } } return false, err } diff --git a/cloud/tag/tag.go b/cloud/tag/tag.go index d223ec2ba..3a943dad6 100644 --- a/cloud/tag/tag.go +++ b/cloud/tag/tag.go @@ -20,11 +20,12 @@ import ( "context" "errors" "fmt" + "net/http" + "regexp" + "github.com/outscale-dev/cluster-api-provider-outscale.git/util/reconciler" osc "github.com/outscale/osc-sdk-go/v2" "k8s.io/apimachinery/pkg/util/wait" - "net/http" - "regexp" ) //go:generate ../../bin/mockgen -destination mock_tag/tag_mock.go -package mock_tag -source ./tag.go @@ -72,7 +73,9 @@ func (s *Service) ReadTag(tagKey string, tagValue string) (*osc.Tag, error) { oscAuthClient := s.scope.GetAuth() readTagsResponse, httpRes, err := oscApiClient.TagApi.ReadTags(oscAuthClient).ReadTagsRequest(readTagsRequest).Execute() if err != nil { - fmt.Printf("Error with http result %s", httpRes.Status) + if httpRes != nil { + fmt.Printf("Error with http result %s", httpRes.Status) + } return nil, err } tags, ok := readTagsResponse.GetTagsOk() diff --git a/cluster-api-provider-outscale-manifest.yaml b/cluster-api-provider-outscale-manifest.yaml new file mode 100644 index 000000000..07548199f --- /dev/null +++ b/cluster-api-provider-outscale-manifest.yaml @@ -0,0 +1,1752 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: cluster-api-provider-outscale-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: cluster-api-provider-outscale-system/cluster-api-provider-outscale-serving-cert + controller-gen.kubebuilder.io/version: v0.13.1-0.20231113150709-881ffb4682cb + labels: + cluster.x-k8s.io/v1alpha3: v1alpha3 + cluster.x-k8s.io/v1beta1: v1beta1 + name: oscclusters.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + kind: OscCluster + listKind: OscClusterList + plural: oscclusters + singular: osccluster + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: OscCluster is the Schema for the oscclusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OscClusterSpec defines the desired state of OscCluster + properties: + controlPlaneEndpoint: + description: APIEndpoint represents a reachable Kubernetes API endpoint. + properties: + host: + description: The hostname on which the API server is serving. + type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + network: + properties: + bastion: + description: The bastion configuration + properties: + clusterName: + type: string + deviceName: + type: string + enable: + type: boolean + imageId: + type: string + imageName: + type: string + keypairName: + type: string + name: + type: string + privateIps: + items: + properties: + name: + type: string + privateIp: + type: string + required: + - privateIp + type: object + type: array + publicIpName: + type: string + resourceId: + type: string + rootDisk: + properties: + rootDiskIops: + format: int32 + type: integer + rootDiskSize: + format: int32 + type: integer + rootDiskType: + type: string + type: object + securityGroupNames: + items: + properties: + name: + type: string + type: object + type: array + subnetName: + type: string + subregionName: + type: string + vmType: + type: string + type: object + clusterName: + description: The name of the cluster + type: string + controlPlaneSubnets: + description: List of subnet to spread controlPlane nodes + items: + type: string + type: array + image: + description: The image configuration + properties: + name: + type: string + resourceId: + type: string + type: object + internetService: + description: The Internet Service configuration + properties: + clusterName: + description: the name of the cluster + type: string + name: + description: The tag name associate with the Subnet + type: string + resourceId: + description: the Internet Service response + type: string + type: object + loadBalancer: + description: The Load Balancer configuration + properties: + clusterName: + type: string + healthCheck: + description: The healthCheck configuration of the Load Balancer + properties: + checkinterval: + description: the time in second between two pings + format: int32 + type: integer + healthythreshold: + description: the consecutive number of pings which are + sucessful to consider the vm healthy + format: int32 + type: integer + port: + description: the HealthCheck port number + format: int32 + type: integer + protocol: + description: The HealthCheck protocol ('HTTP'|'TCP') + type: string + timeout: + description: the Timeout to consider VM unhealthy + format: int32 + type: integer + unhealthythreshold: + description: the consecutive number of pings which are + failed to consider the vm unhealthy + format: int32 + type: integer + type: object + listener: + description: The Listener cofiguration of the loadBalancer + properties: + backendport: + description: The port on which the backend vm will listen + format: int32 + type: integer + backendprotocol: + description: The protocol ('HTTP'|'TCP') to route the + traffic to the backend vm + type: string + loadbalancerport: + description: The port on which the loadbalancer will listen + format: int32 + type: integer + loadbalancerprotocol: + description: the routing protocol ('HTTP'|'TCP') + type: string + type: object + loadbalancername: + description: The Load Balancer unique name + type: string + loadbalancertype: + description: The Load Balancer Type internet-facing or internal + type: string + securitygroupname: + description: The security group tag name associate with a + security group + type: string + subnetname: + description: The subnet tag name associate with a Subnet + type: string + type: object + natService: + description: The Nat Service configuration + properties: + clusterName: + description: The name of the cluster + type: string + name: + description: The tag name associate with the Nat Service + type: string + publicipname: + description: The Public Ip tag name associated wtih a Public + Ip + type: string + resourceId: + description: The Nat Service Id response + type: string + subnetname: + description: The subnet tag name associate with a Subnet + type: string + type: object + natServices: + description: The Nat Services configuration + items: + properties: + clusterName: + description: The name of the cluster + type: string + name: + description: The tag name associate with the Nat Service + type: string + publicipname: + description: The Public Ip tag name associated wtih a Public + Ip + type: string + resourceId: + description: The Nat Service Id response + type: string + subnetname: + description: The subnet tag name associate with a Subnet + type: string + type: object + type: array + net: + description: The Net configuration + properties: + clusterName: + description: the name of the cluster + type: string + ipRange: + description: the net ip range with CIDR notation + type: string + name: + description: the tag name associate with the Net + type: string + resourceId: + description: The Net Id response + type: string + type: object + publicIps: + description: The Public Ip configuration + items: + properties: + clusterName: + type: string + name: + description: The tag name associate with the Public Ip + type: string + resourceId: + description: The Public Ip Id response + type: string + type: object + type: array + routeTables: + description: The Route Table configuration + items: + properties: + name: + description: The tag name associate with the Route Table + type: string + resourceId: + description: The Route Table Id response + type: string + routes: + description: The Route configuration + items: + properties: + destination: + description: the destination match Ip range with CIDR + notation + type: string + name: + description: The tag name associate with the Route + type: string + resourceId: + description: The Route Id response + type: string + targetName: + description: The tag name associate with the target + resource type + type: string + targetType: + description: The target resource type which can be + Internet Service (gateway) or Nat Service (nat-service) + type: string + type: object + type: array + subnets: + description: The subnet tag name associate with a Subnet + items: + type: string + type: array + type: object + type: array + securityGroups: + items: + properties: + description: + description: The description of the security group + type: string + name: + description: The tag name associate with the security group + type: string + resourceId: + description: The Security Group Id response + type: string + securityGroupRules: + description: The Security Group Rules configuration + items: + properties: + flow: + description: The flow of the security group (inbound + or outbound) + type: string + fromPortRange: + description: The beginning of the port range + format: int32 + type: integer + ipProtocol: + description: The ip protocol name (tcp, udp, icmp + or -1) + type: string + ipRange: + description: The ip range of the security group rule + type: string + name: + description: The tag name associate with the security + group + type: string + resourceId: + description: The security group rule id + type: string + toPortRange: + description: The end of the port range + format: int32 + type: integer + type: object + type: array + tag: + type: string + type: object + type: array + subnets: + description: The Subnet configuration + items: + properties: + ipSubnetRange: + description: Subnet Ip range with CIDR notation + type: string + name: + description: The tag name associate with the Subnet + type: string + resourceId: + description: The Subnet Id response + type: string + subregionName: + description: The subregion name of the Subnet + type: string + type: object + type: array + subregionName: + description: The subregion name + type: string + type: object + type: object + status: + description: OscClusterStatus defines the observed state of OscCluster + properties: + conditions: + description: Conditions provide observations of the operational state + of a Cluster API resource. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure + domains. It allows controllers to understand how many failure + domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of FailureDomains. + type: object + network: + properties: + LoadbalancerRef: + description: Map between LoadbalancerId and LoadbalancerName + (Load Balancer tag Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + bastionref: + description: Map between InstanceId and BastionName (Bastion + tag Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + internetserviceref: + description: Map between InternetServiceId and InternetServiceName + (Internet Service tag Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + linkPublicIpRef: + description: Map between LinkPublicIpId and PublicIpName (Public + IP tag Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + linkroutetableref: + additionalProperties: + items: + type: string + type: array + description: Map between LinkRouteTableId and RouteTablesName + (Route Table tag Name with cluster UID) + type: object + natref: + description: Map between NatServiceId and NatServiceName (Nat + Service tag Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + netref: + description: Map between NetId and NetName (Net tag Name with + cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + publicipref: + description: Map between PublicIpId and PublicIpName (Public + IP tag Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + routeref: + description: Map between RouteId and RouteName (Route tag Name + with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + routetableref: + description: Map between RouteTablesId and RouteTablesName (Route + Tables tag Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + securitygroupref: + description: Map between SecurityGroupId and SecurityGroupName + (Security Group tag Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + securitygroupruleref: + description: Map between SecurityGroupRuleId and SecurityGroupName + (Security Group Rule tag Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + subnetref: + description: Map between SubnetId and SubnetName (Subnet tag + Name with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + type: object + ready: + type: boolean + vmState: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: cluster-api-provider-outscale-system/cluster-api-provider-outscale-serving-cert + controller-gen.kubebuilder.io/version: v0.13.1-0.20231113150709-881ffb4682cb + labels: + cluster.x-k8s.io/v1alpha3: v1alpha3 + cluster.x-k8s.io/v1beta1: v1beta1 + name: oscmachines.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + kind: OscMachine + listKind: OscMachineList + plural: oscmachines + singular: oscmachine + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: OscMachine is the Schema for the oscmachines API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OscMachineSpec defines the desired state of OscMachine + properties: + node: + properties: + clusterName: + type: string + image: + properties: + name: + type: string + resourceId: + type: string + type: object + keypair: + properties: + clusterName: + type: string + deleteKeypair: + type: boolean + name: + type: string + publicKey: + type: string + resourceId: + type: string + type: object + vm: + properties: + clusterName: + type: string + deviceName: + type: string + imageId: + type: string + keypairName: + type: string + loadBalancerName: + type: string + name: + type: string + privateIps: + items: + properties: + name: + type: string + privateIp: + type: string + required: + - privateIp + type: object + type: array + publicIp: + type: boolean + publicIpName: + type: string + replica: + format: int32 + type: integer + resourceId: + type: string + role: + type: string + rootDisk: + properties: + rootDiskIops: + format: int32 + type: integer + rootDiskSize: + format: int32 + type: integer + rootDiskType: + type: string + type: object + securityGroupNames: + items: + properties: + name: + type: string + type: object + type: array + subnetName: + type: string + subregionName: + type: string + vmType: + type: string + volumeDeviceName: + type: string + volumeName: + type: string + type: object + volumes: + items: + properties: + iops: + format: int32 + type: integer + name: + type: string + resourceId: + type: string + size: + format: int32 + type: integer + subregionName: + type: string + volumeType: + type: string + type: object + type: array + type: object + providerID: + type: string + type: object + status: + description: OscMachineStatus defines the observed state of OscMachine + properties: + addresses: + items: + description: NodeAddress contains information for the node's address. + properties: + address: + description: The node address. + type: string + type: + description: Node address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array + conditions: + description: Conditions provide observations of the operational state + of a Cluster API resource. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureMessage: + type: string + failureReason: + description: MachineStatusError defines errors states for Machine + objects. + type: string + node: + properties: + imageRef: + description: Map between resourceId and resourceName (tag Name + with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + keypairRef: + description: Map between resourceId and resourceName (tag Name + with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + linkPublicIpRef: + description: Map between resourceId and resourceName (tag Name + with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + publicIpIdRef: + description: Map between resourceId and resourceName (tag Name + with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + vmRef: + description: Map between resourceId and resourceName (tag Name + with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + volumeRef: + description: Map between resourceId and resourceName (tag Name + with cluster UID) + properties: + resourceMap: + additionalProperties: + type: string + type: object + type: object + type: object + ready: + type: boolean + vmState: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.1-0.20231113150709-881ffb4682cb + labels: + cluster.x-k8s.io/v1alpha3: v1alpha3 + cluster.x-k8s.io/v1beta1: v1beta1 + name: oscmachinetemplates.infrastructure.cluster.x-k8s.io +spec: + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: OscMachineTemplate + listKind: OscMachineTemplateList + plural: oscmachinetemplates + singular: oscmachinetemplate + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: OscMachineTemplate is the Schema for the OscMachineTemplate API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OscMachineTemplateSpec define oscMachine template + properties: + template: + description: OscMachineTemplateResource is the Schema for the OscMachineTemplate + api + properties: + metadata: + description: "ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. This + is a copy of customizable fields from metav1.ObjectMeta. \n + ObjectMeta is embedded in `Machine.Spec`, `MachineDeployment.Template` + and `MachineSet.Template`, which are not top-level Kubernetes + objects. Given that metav1.ObjectMeta has lots of special cases + and read-only fields which end up in the generated CRD validation, + having it as a subset simplifies the API and some issues that + can impact user experience. \n During the [upgrade to controller-tools@v2](https://github.com/kubernetes-sigs/cluster-api/pull/1054) + for v1alpha2, we noticed a failure would occur running Cluster + API test suite against the new CRDs, specifically `spec.metadata.creationTimestamp + in body must be of type string: \"null\"`. The investigation + showed that `controller-tools@v2` behaves differently than its + previous version when handling types from [metav1](k8s.io/apimachinery/pkg/apis/meta/v1) + package. \n In more details, we found that embedded (non-top + level) types that embedded `metav1.ObjectMeta` had validation + properties, including for `creationTimestamp` (metav1.Time). + The `metav1.Time` type specifies a custom json marshaller that, + when IsZero() is true, returns `null` which breaks validation + because the field isn't marked as nullable. \n In future versions, + controller-tools@v2 might allow overriding the type and validation + for embedded types. When that happens, this hack should be revisited." + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: OscMachineSpec defines the desired state of OscMachine + properties: + node: + properties: + clusterName: + type: string + image: + properties: + name: + type: string + resourceId: + type: string + type: object + keypair: + properties: + clusterName: + type: string + deleteKeypair: + type: boolean + name: + type: string + publicKey: + type: string + resourceId: + type: string + type: object + vm: + properties: + clusterName: + type: string + deviceName: + type: string + imageId: + type: string + keypairName: + type: string + loadBalancerName: + type: string + name: + type: string + privateIps: + items: + properties: + name: + type: string + privateIp: + type: string + required: + - privateIp + type: object + type: array + publicIp: + type: boolean + publicIpName: + type: string + replica: + format: int32 + type: integer + resourceId: + type: string + role: + type: string + rootDisk: + properties: + rootDiskIops: + format: int32 + type: integer + rootDiskSize: + format: int32 + type: integer + rootDiskType: + type: string + type: object + securityGroupNames: + items: + properties: + name: + type: string + type: object + type: array + subnetName: + type: string + subregionName: + type: string + vmType: + type: string + volumeDeviceName: + type: string + volumeName: + type: string + type: object + volumes: + items: + properties: + iops: + format: int32 + type: integer + name: + type: string + resourceId: + type: string + size: + format: int32 + type: integer + subregionName: + type: string + volumeType: + type: string + type: object + type: array + type: object + providerID: + type: string + type: object + required: + - spec + type: object + required: + - template + type: object + status: + properties: + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: ResourceList is a set of (resource name, quantity) pairs. + type: object + conditions: + description: Conditions provide observations of the operational state + of a Cluster API resource. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cluster-api-provider-outscale-controller-manager + namespace: cluster-api-provider-outscale-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cluster-api-provider-outscale-leader-election-role + namespace: cluster-api-provider-outscale-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cluster-api-provider-outscale-manager-role +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - clusters + verbs: + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - clusters/status + verbs: + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machines + verbs: + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machines/status + verbs: + - get + - list + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - oscclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - oscclusters/finalizers + verbs: + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - oscclusters/status + verbs: + - get + - patch + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - oscmachines + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - oscmachines/finalizers + verbs: + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - oscmachines/status + verbs: + - get + - patch + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - oscmachinetemplates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - oscmachinetemplates/status + verbs: + - get + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cluster-api-provider-outscale-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: cluster-api-provider-outscale-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cluster-api-provider-outscale-leader-election-rolebinding + namespace: cluster-api-provider-outscale-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cluster-api-provider-outscale-leader-election-role +subjects: +- kind: ServiceAccount + name: cluster-api-provider-outscale-controller-manager + namespace: cluster-api-provider-outscale-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cluster-api-provider-outscale-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-api-provider-outscale-manager-role +subjects: +- kind: ServiceAccount + name: cluster-api-provider-outscale-controller-manager + namespace: cluster-api-provider-outscale-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cluster-api-provider-outscale-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-api-provider-outscale-proxy-role +subjects: +- kind: ServiceAccount + name: cluster-api-provider-outscale-controller-manager + namespace: cluster-api-provider-outscale-system +--- +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: 4b982d66.cluster.x-k8s.io +kind: ConfigMap +metadata: + name: cluster-api-provider-outscale-manager-config + namespace: cluster-api-provider-outscale-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: cluster-api-provider-outscale-controller-manager-service + namespace: cluster-api-provider-outscale-system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: v1 +kind: Service +metadata: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: cluster-api-provider-outscale-controller-manager + namespace: cluster-api-provider-outscale-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --zap-log-level=10 + command: + - /manager + env: + - name: OSC_ACCESS_KEY + valueFrom: + secretKeyRef: + key: access_key + name: cluster-api-provider-outscale + optional: true + - name: OSC_SECRET_KEY + valueFrom: + secretKeyRef: + key: secret_key + name: cluster-api-provider-outscale + optional: true + - name: OSC_REGION + valueFrom: + secretKeyRef: + key: region + name: cluster-api-provider-outscale + optional: true + image: controller:latest + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=6 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + imagePullSecrets: + - name: regcred + securityContext: + runAsNonRoot: true + serviceAccountName: cluster-api-provider-outscale-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: cluster-api-provider-outscale-serving-cert + namespace: cluster-api-provider-outscale-system +spec: + dnsNames: + - cluster-api-provider-outscale-webhook-service.cluster-api-provider-outscale-system.svc + - cluster-api-provider-outscale-webhook-service.cluster-api-provider-outscale-system.svc.cluster.local + issuerRef: + kind: Issuer + name: cluster-api-provider-outscale-selfsigned-issuer + secretName: webhook-server-cert +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: cluster-api-provider-outscale-selfsigned-issuer + namespace: cluster-api-provider-outscale-system +spec: + selfSigned: {} +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: cluster-api-provider-outscale-system/cluster-api-provider-outscale-serving-cert + name: cluster-api-provider-outscale-mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-oscclustertemplate + failurePolicy: Fail + name: moscclustertemplate.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - oscclustertemplates + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-oscmachine + failurePolicy: Fail + name: moscmachine.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - oscmachines + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-oscmachinetemplate + failurePolicy: Fail + name: moscmachinetemplate.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - oscmachinetemplates + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: cluster-api-provider-outscale-system/cluster-api-provider-outscale-serving-cert + name: cluster-api-provider-outscale-validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-osccluster + failurePolicy: Fail + name: vosccluster.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - oscclusters + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-oscclustertemplate + failurePolicy: Fail + name: voscclustertemplate.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - oscclustertemplates + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-oscmachine + failurePolicy: Fail + name: voscmachine.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - oscmachines + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cluster-api-provider-outscale-webhook-service + namespace: cluster-api-provider-outscale-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-oscmachinetemplate + failurePolicy: Fail + name: voscmachinetemplate.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - oscmachinetemplates + sideEffects: None diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_oscclusters.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_oscclusters.yaml index f51d806d6..fd182baf3 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_oscclusters.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_oscclusters.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.1-0.20220825130208-40db49591af1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.13.1-0.20231113150709-881ffb4682cb name: oscclusters.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -111,6 +110,11 @@ spec: clusterName: description: The name of the cluster type: string + controlPlaneSubnets: + description: List of subnet to spread controlPlane nodes + items: + type: string + type: array image: description: The image configuration properties: @@ -432,6 +436,25 @@ spec: - type type: object type: array + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure + domains. It allows controllers to understand how many failure + domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of FailureDomains. + type: object network: properties: LoadbalancerRef: diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_oscclustertemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_oscclustertemplates.yaml index 5db703f53..0e29b0437 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_oscclustertemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_oscclustertemplates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.1-0.20220825130208-40db49591af1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.13.1-0.20231113150709-881ffb4682cb name: oscclustertemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -162,6 +161,11 @@ spec: clusterName: description: The name of the cluster type: string + controlPlaneSubnets: + description: List of subnet to spread controlPlane nodes + items: + type: string + type: array image: description: The image configuration properties: diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachines.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachines.yaml index 03253a547..d29df3b66 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachines.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachines.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.1-0.20220825130208-40db49591af1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.13.1-0.20231113150709-881ffb4682cb name: oscmachines.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -35,6 +34,11 @@ spec: spec: description: OscMachineSpec defines the desired state of OscMachine properties: + failureDomain: + description: FailureDomain is the failure domain unique identifier + this Machine should be attached to, as defined in Cluster API. For + this infrastructure provider, the ID is equivalent to a subnet name. + type: string node: properties: clusterName: diff --git a/config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachinetemplates.yaml b/config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachinetemplates.yaml index 93bf36a80..c8e8b589a 100644 --- a/config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachinetemplates.yaml +++ b/config/crd/bases/infrastructure.cluster.x-k8s.io_oscmachinetemplates.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.1-0.20220825130208-40db49591af1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.13.1-0.20231113150709-881ffb4682cb name: oscmachinetemplates.infrastructure.cluster.x-k8s.io spec: group: infrastructure.cluster.x-k8s.io @@ -86,6 +85,12 @@ spec: spec: description: OscMachineSpec defines the desired state of OscMachine properties: + failureDomain: + description: FailureDomain is the failure domain unique identifier + this Machine should be attached to, as defined in Cluster + API. For this infrastructure provider, the ID is equivalent + to a subnet name. + type: string node: properties: clusterName: diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 8000e2019..4b210e48e 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: manager-role rules: - apiGroups: diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml index 3bffefded..27f9768ec 100644 --- a/config/webhook/manifests.yaml +++ b/config/webhook/manifests.yaml @@ -2,7 +2,6 @@ apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: - creationTimestamp: null name: mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -69,7 +68,6 @@ webhooks: apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: - creationTimestamp: null name: validating-webhook-configuration webhooks: - admissionReviewVersions: diff --git a/controllers/osccluster_controller.go b/controllers/osccluster_controller.go index c2b194f63..a02f49248 100644 --- a/controllers/osccluster_controller.go +++ b/controllers/osccluster_controller.go @@ -19,6 +19,9 @@ package controllers import ( "context" "fmt" + "strings" + "time" + infrastructurev1beta1 "github.com/outscale-dev/cluster-api-provider-outscale.git/api/v1beta1" "github.com/outscale-dev/cluster-api-provider-outscale.git/cloud/services/compute" "github.com/outscale-dev/cluster-api-provider-outscale.git/cloud/services/net" @@ -26,8 +29,6 @@ import ( "github.com/outscale-dev/cluster-api-provider-outscale.git/cloud/services/service" apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/client-go/tools/record" - "strings" - "time" "github.com/outscale-dev/cluster-api-provider-outscale.git/cloud/scope" "github.com/outscale-dev/cluster-api-provider-outscale.git/cloud/tag" @@ -341,6 +342,13 @@ func (r *OscClusterReconciler) reconcile(ctx context.Context, clusterScope *scop } conditions.MarkTrue(osccluster, infrastructurev1beta1.SubnetsReadyCondition) + // add failureDomains + for _, kpSubnetName := range clusterScope.OscCluster.Spec.Network.ControlPlaneSubnets { + clusterScope.SetFailureDomain(kpSubnetName, clusterv1.FailureDomainSpec{ + ControlPlane: true, + }) + } + internetServiceSvc := r.getInternetServiceSvc(ctx, *clusterScope) reconcileInternetService, err := reconcileInternetService(ctx, clusterScope, internetServiceSvc, tagSvc) if err != nil { diff --git a/controllers/oscmachine_controller.go b/controllers/oscmachine_controller.go index 854dded3f..5e16a5b47 100644 --- a/controllers/oscmachine_controller.go +++ b/controllers/oscmachine_controller.go @@ -220,6 +220,8 @@ func (r *OscMachineReconciler) reconcile(ctx context.Context, machineScope *scop } } + UseFailureDomain(clusterScope, machineScope) + vmName, err := checkVmFormatParameters(machineScope, clusterScope) if err != nil { return reconcile.Result{}, fmt.Errorf("%w Can not create vm %s for OscMachine %s/%s", err, vmName, machineScope.GetNamespace(), machineScope.GetName()) diff --git a/controllers/oscmachine_vm_controller.go b/controllers/oscmachine_vm_controller.go index 876b03c95..84b61ece9 100644 --- a/controllers/oscmachine_vm_controller.go +++ b/controllers/oscmachine_vm_controller.go @@ -297,6 +297,21 @@ func checkVmPrivateIpOscDuplicateName(machineScope *scope.MachineScope) error { } } +func UseFailureDomain(clusterScope *scope.ClusterScope, machineScope *scope.MachineScope) { + if machineScope.Machine.Spec.FailureDomain != nil && machineScope.GetVm().SubnetName == "" { + machineScope.V(2).Info("Find subnet with failureDomain", "failureDomain", *machineScope.Machine.Spec.FailureDomain) + machineScope.GetVm().SubnetName = *machineScope.Machine.Spec.FailureDomain + + subnetName := machineScope.GetVm().SubnetName + "-" + clusterScope.GetUID() + subnetSpecs := clusterScope.GetSubnet() + for _, subnetSpec := range subnetSpecs { + if subnetSpec.Name+"-"+clusterScope.GetUID() == subnetName { + machineScope.GetVm().SubregionName = subnetSpec.SubregionName + } + } + } +} + // reconcileVm reconcile the vm of the machine func reconcileVm(ctx context.Context, clusterScope *scope.ClusterScope, machineScope *scope.MachineScope, vmSvc compute.OscVmInterface, volumeSvc storage.OscVolumeInterface, publicIpSvc security.OscPublicIpInterface, loadBalancerSvc service.OscLoadBalancerInterface, securityGroupSvc security.OscSecurityGroupInterface, tagSvc tag.OscTagInterface) (reconcile.Result, error) { vmSpec := machineScope.GetVm() diff --git a/controllers/oscmachine_vm_controller_unit_test.go b/controllers/oscmachine_vm_controller_unit_test.go index 0babe130a..712e721db 100644 --- a/controllers/oscmachine_vm_controller_unit_test.go +++ b/controllers/oscmachine_vm_controller_unit_test.go @@ -43,6 +43,8 @@ import ( ) var ( + failureDomainSubnet = "test-failure-domain-subnet" + failureDomainSubregion = "test-failure-domain-subregion" defaultVmClusterInitialize = infrastructurev1beta1.OscClusterSpec{ Network: infrastructurev1beta1.OscNetwork{ Net: infrastructurev1beta1.OscNet{ @@ -134,6 +136,54 @@ var ( }, }, } + failureDomainClusterInitialize = infrastructurev1beta1.OscClusterSpec{ + Network: infrastructurev1beta1.OscNetwork{ + Net: infrastructurev1beta1.OscNet{ + Name: "test-net", + IpRange: "10.0.0.0/16", + ClusterName: "test-cluster", + }, + Subnets: []*infrastructurev1beta1.OscSubnet{ + { + Name: "test-subnet", + IpSubnetRange: "10.0.0.0/24", + SubregionName: "eu-west-2a", + }, + { + Name: failureDomainSubnet, + IpSubnetRange: "10.0.0.0/24", + SubregionName: failureDomainSubregion, + }, + }, + SecurityGroups: []*infrastructurev1beta1.OscSecurityGroup{ + { + Name: "test-securitygroup", + Description: "test securitygroup", + SecurityGroupRules: []infrastructurev1beta1.OscSecurityGroupRule{ + { + Name: "test-securitygrouprule", + Flow: "Inbound", + IpProtocol: "tcp", + IpRange: "0.0.0.0/0", + FromPortRange: 6443, + ToPortRange: 6443, + }, + }, + }, + }, + LoadBalancer: infrastructurev1beta1.OscLoadBalancer{ + LoadBalancerName: "test-loadbalancer", + LoadBalancerType: "internet-facing", + SubnetName: "test-subnet", + SecurityGroupName: "test-securitygroup", + }, + PublicIps: []*infrastructurev1beta1.OscPublicIp{ + { + Name: "test-publicip", + }, + }, + }, + } defaultVmVolumeInitialize = infrastructurev1beta1.OscMachineSpec{ Node: infrastructurev1beta1.OscNode{ Volumes: []*infrastructurev1beta1.OscVolume{ @@ -221,6 +271,50 @@ var ( }, }, } + defaultFailureDomainVmInitialize = infrastructurev1beta1.OscMachineSpec{ + Node: infrastructurev1beta1.OscNode{ + Volumes: []*infrastructurev1beta1.OscVolume{ + { + Name: "test-volume", + Iops: 1000, + Size: 50, + VolumeType: "io1", + SubregionName: "eu-west-2a", + }, + }, + Vm: infrastructurev1beta1.OscVm{ + ClusterName: "test-cluster", + Name: "test-vm", + ImageId: "ami-00000000", + Role: "controlplane", + DeviceName: "/dev/sda1", + RootDisk: infrastructurev1beta1.OscRootDisk{ + RootDiskSize: 30, + RootDiskIops: 1500, + RootDiskType: "gp2", + }, + KeypairName: "rke", + SubregionName: "", + SubnetName: "", + LoadBalancerName: "test-loadbalancer", + PublicIpName: "test-publicip", + VmType: "tinav3.c2r4p2", + Replica: 1, + SecurityGroupNames: []infrastructurev1beta1.OscSecurityGroupElement{ + { + Name: "test-securitygroup", + }, + }, + PrivateIps: []infrastructurev1beta1.OscPrivateIpElement{ + { + Name: "test-privateip", + PrivateIp: "10.0.0.17", + }, + }, + }, + }, + } + defaultMultiVmInitialize = infrastructurev1beta1.OscMachineSpec{ Node: infrastructurev1beta1.OscNode{ Volumes: []*infrastructurev1beta1.OscVolume{ @@ -1783,6 +1877,56 @@ func TestCheckVmVolumeSubregionName(t *testing.T) { } } +func TestUseFailureDomain(t *testing.T) { + vmTestCases := []struct { + name string + clusterSpec infrastructurev1beta1.OscClusterSpec + machineSec clusterv1.MachineSpec + oscMachineSpec infrastructurev1beta1.OscMachineSpec + expFailureDomainSet bool + }{ + { + name: "Default cluster without FailureDomain", + clusterSpec: defaultVmClusterInitialize, + machineSec: clusterv1.MachineSpec{}, + oscMachineSpec: defaultVmInitialize, + expFailureDomainSet: false, + }, + { + name: "Cluster with FailureDomain not used (Subnet and Subregion provided)", + clusterSpec: failureDomainClusterInitialize, + machineSec: clusterv1.MachineSpec{}, + oscMachineSpec: defaultVmInitialize, + expFailureDomainSet: false, + }, + { + name: "Cluster with FailureDomain used (Subnet and Subregion not provided)", + clusterSpec: failureDomainClusterInitialize, + machineSec: clusterv1.MachineSpec{ + FailureDomain: &failureDomainSubnet, + }, + oscMachineSpec: defaultFailureDomainVmInitialize, + expFailureDomainSet: true, + }, + } + + for _, vtc := range vmTestCases { + t.Run(vtc.name, func(t *testing.T) { + + clusterScope, machineScope := SetupMachine(t, vtc.name, vtc.clusterSpec, vtc.oscMachineSpec) + machineScope.Machine.Spec = vtc.machineSec + UseFailureDomain(clusterScope, machineScope) + + if vtc.expFailureDomainSet { + assert.Equal(t, failureDomainSubnet, machineScope.GetVm().SubnetName) + assert.Equal(t, failureDomainSubregion, machineScope.GetVm().SubregionName) + } else { + assert.NotEqual(t, failureDomainSubnet, machineScope.GetVm().SubnetName) + } + }) + } +} + // TestReconcileVm has several tests to cover the code of the function reconcileVm func TestReconcileVm(t *testing.T) { vmTestCases := []struct { @@ -3474,9 +3618,9 @@ func TestReconcileDeleteVm(t *testing.T) { name string clusterSpec infrastructurev1beta1.OscClusterSpec machineSpec infrastructurev1beta1.OscMachineSpec + expListMachine bool expDeleteInboundSecurityGroupRuleFound bool expDeleteOutboundSecurityGroupRuleFound bool - expListMachine bool expUnlinkLoadBalancerBackendMachineErr error expDeleteInboundSecurityGroupRuleErr error expDeleteOutboundSecurityGroupRuleErr error @@ -3491,9 +3635,26 @@ func TestReconcileDeleteVm(t *testing.T) { name: "delete vm", clusterSpec: defaultVmClusterReconcile, machineSpec: defaultVmReconcile, + expListMachine: false, expDeleteInboundSecurityGroupRuleFound: true, expDeleteOutboundSecurityGroupRuleFound: true, - expListMachine: false, + expUnlinkLoadBalancerBackendMachineErr: nil, + expDeleteInboundSecurityGroupRuleErr: nil, + expDeleteOutboundSecurityGroupRuleErr: nil, + expSecurityGroupRuleFound: true, + expDeleteVmErr: nil, + expGetVmFound: true, + expGetVmErr: nil, + expCheckUnlinkPublicIpErr: nil, + expReconcileDeleteVmErr: nil, + }, + { + name: "delete first vm in group", + clusterSpec: defaultVmClusterReconcile, + machineSpec: vmMachine1, + expListMachine: true, + expDeleteInboundSecurityGroupRuleFound: false, + expDeleteOutboundSecurityGroupRuleFound: false, expUnlinkLoadBalancerBackendMachineErr: nil, expDeleteInboundSecurityGroupRuleErr: nil, expDeleteOutboundSecurityGroupRuleErr: nil, @@ -3525,9 +3686,9 @@ func TestReconcileDeleteVm(t *testing.T) { name: "failed to delete vm", clusterSpec: defaultVmClusterReconcile, machineSpec: defaultVmReconcile, + expListMachine: false, expDeleteInboundSecurityGroupRuleFound: true, expDeleteOutboundSecurityGroupRuleFound: true, - expListMachine: false, expUnlinkLoadBalancerBackendMachineErr: nil, expSecurityGroupRuleFound: true, expDeleteVmErr: fmt.Errorf("DeleteVm generic error"), @@ -3653,9 +3814,11 @@ func TestReconcileDeleteVm(t *testing.T) { EXPECT(). DeleteVm(gomock.Eq(vmId)). Return(vtc.expDeleteVmErr) + reconcileDeleteVm, err := reconcileDeleteVm(ctx, clusterScope, machineScope, mockOscVmInterface, mockOscPublicIpInterface, mockOscLoadBalancerInterface, mockOscSecurityGroupInterface) if err != nil { - assert.Equal(t, vtc.expReconcileDeleteVmErr.Error(), err.Error(), "reconccileDeleteVm() hould return the same error") + t.Logf(err.Error()) + assert.Equal(t, vtc.expReconcileDeleteVmErr.Error(), err.Error(), "reconcileDeleteVm() should return the same error") } else { assert.Nil(t, vtc.expReconcileDeleteVmErr) } @@ -3908,7 +4071,7 @@ func TestReconcileDeleteVmLoadBalancer(t *testing.T) { reconcileDeleteVm, err := reconcileDeleteVm(ctx, clusterScope, machineScope, mockOscVmInterface, mockOscPublicIpInterface, mockOscLoadBalancerInterface, mockOscSecurityGroupInterface) if err != nil { - assert.Equal(t, vtc.expReconcileDeleteVmErr.Error(), err.Error(), "reconccileDeleteVm() hould return the same error") + assert.Equal(t, vtc.expReconcileDeleteVmErr.Error(), err.Error(), "reconcileDeleteVm() hould return the same error") } else { assert.Nil(t, vtc.expReconcileDeleteVmErr) } @@ -4001,7 +4164,7 @@ func TestReconcileDeleteVmResourceId(t *testing.T) { reconcileDeleteVm, err := reconcileDeleteVm(ctx, clusterScope, machineScope, mockOscVmInterface, mockOscPublicIpInterface, mockOscLoadBalancerInterface, mockOscSecurityGroupInterface) if err != nil { - assert.Equal(t, vtc.expReconcileDeleteVmErr, err, "reconccileDeleteVm() hould return the same error") + assert.Equal(t, vtc.expReconcileDeleteVmErr, err, "reconcileDeleteVm() hould return the same error") } else { assert.Nil(t, vtc.expReconcileDeleteVmErr) } diff --git a/example/cluster-machine-template-multi-az.yaml b/example/cluster-machine-template-multi-az.yaml index e6f38803f..d16a8727b 100644 --- a/example/cluster-machine-template-multi-az.yaml +++ b/example/cluster-machine-template-multi-az.yaml @@ -3,7 +3,7 @@ apiVersion: cluster.x-k8s.io/v1beta1 kind: Cluster metadata: name: cluster-api-multi-az - namespace: capo-test + namespace: default labels: cni: "cluster-api-multi-az-crs-cni" ccm: "cluster-api-multi-az-crs-ccm" @@ -17,18 +17,18 @@ spec: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: OscCluster name: cluster-api-multi-az - namespace: capo-test + namespace: default controlPlaneRef: kind: KubeadmControlPlane apiVersion: controlplane.cluster.x-k8s.io/v1beta1 - name: "cluster-api-multi-az-control-plane-2a" - namespace: capo-test + name: "cluster-api-multi-az-control-plane" + namespace: default --- apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: OscCluster metadata: name: cluster-api-multi-az - namespace: capo-test + namespace: default spec: network: clusterName: cluster-api-multi-az @@ -45,6 +45,9 @@ spec: internetService: name: cluster-api-multi-az-igw clusterName: cluster-api-multi-az + controlPlaneSubnets: + - cluster-api-multi-az-subnet-2a-private + - cluster-api-multi-az-subnet-2b-private subnets: - name: cluster-api-multi-az-subnet-2a-private ipSubnetRange: "10.0.0.0/24" @@ -140,8 +143,8 @@ spec: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: OscMachineTemplate metadata: - name: cluster-api-multi-az-control-plane-2a - namespace: capo-test + name: cluster-api-multi-az-control-plane + namespace: default spec: template: spec: @@ -150,19 +153,20 @@ spec: image: name: ubuntu-2004-2004-kubernetes-v1.22.11-2022-08-22 keypair: - name: cluster-api-test + name: cluster-api deleteKeypair: false vm: clusterName: cluster-api-multi-az - name: cluster-api-multi-az-vm-control-plane-2a - keypairName: cluster-api-test + name: cluster-api-multi-az-vm-control-plane + keypairName: cluster-api rootDisk: rootDiskSize: 50 rootDiskIops: 1500 rootDiskType: gp2 deviceName: /dev/sda1 - subregionName: eu-west-2a - subnetName: cluster-api-multi-az-subnet-2a-private + # Set at empty to use the failure domain + # subregionName: "" + # subnetName: "" role: controlplane loadBalancerName: cluster-api-multi-az-lb securityGroupNames: @@ -172,16 +176,16 @@ spec: kind: KubeadmControlPlane apiVersion: controlplane.cluster.x-k8s.io/v1beta1 metadata: - name: cluster-api-multi-az-control-plane-2a - namespace: capo-test + name: cluster-api-multi-az-control-plane + namespace: default spec: - replicas: 1 + replicas: 3 machineTemplate: infrastructureRef: kind: OscMachineTemplate apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - name: cluster-api-multi-az-control-plane-2a - namespace: capo-test + name: cluster-api-multi-az-control-plane + namespace: default kubeadmConfigSpec: initConfiguration: nodeRegistration: @@ -191,10 +195,10 @@ spec: name: '{{ ds.meta_data.local_hostname }}' files: - content: | - #!/bin/bash + #!/bin/sh curl https://github.com/opencontainers/runc/releases/download/v1.1.1/runc.amd64 -Lo /tmp/runc.amd64 chmod +x /tmp/runc.amd64 - \cp -f /tmp/runc.amd64 /usr/local/sbin/runc + cp -f /tmp/runc.amd64 /usr/local/sbin/runc owner: root:root path: /tmp/set_runc.sh permissions: "0744" @@ -202,6 +206,8 @@ spec: nodeRegistration: kubeletExtraArgs: cloud-provider: external + provider-id: aws:///'{{ ds.meta_data.placement.availability_zone }}'/'{{ ds.meta_data.instance_id }}' + name: '{{ ds.meta_data.local_hostname }}' preKubeadmCommands: - sh /tmp/set_runc.sh version: "1.22.11" @@ -210,7 +216,7 @@ apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: OscMachineTemplate metadata: name: cluster-api-multi-az-worker-2a - namespace: capo-test + namespace: default spec: template: spec: @@ -224,7 +230,7 @@ spec: vm: clusterName: cluster-api-multi-az name: cluster-api-multi-az-vm-worker-2a - keypairName: cluster-api-test + keypairName: cluster-api rootDisk: rootDiskSize: 50 rootDiskIops: 1500 @@ -240,7 +246,7 @@ apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: OscMachineTemplate metadata: name: cluster-api-multi-az-worker-2b - namespace: capo-test + namespace: default spec: template: spec: @@ -254,7 +260,7 @@ spec: vm: clusterName: cluster-api-multi-az name: cluster-api-multi-az-vm-worker-2b - keypairName: cluster-api-test + keypairName: cluster-api rootDisk: rootDiskSize: 50 rootDiskIops: 1500 @@ -270,7 +276,7 @@ apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 kind: KubeadmConfigTemplate metadata: name: "cluster-api-multi-az-worker-config" - namespace: capo-test + namespace: default spec: template: spec: @@ -296,7 +302,7 @@ apiVersion: cluster.x-k8s.io/v1beta1 kind: MachineDeployment metadata: name: cluster-api-multi-az-worker-2a-md - namespace: capo-test + namespace: default spec: clusterName: cluster-api-multi-az replicas: 1 @@ -315,18 +321,18 @@ spec: name: cluster-api-multi-az-worker-config apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 kind: KubeadmConfigTemplate - namespace: capo-test + namespace: default infrastructureRef: name: cluster-api-multi-az-worker-2a apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: OscMachineTemplate - namespace: capo-test + namespace: default --- apiVersion: cluster.x-k8s.io/v1beta1 kind: MachineDeployment metadata: name: cluster-api-multi-az-worker-2b-md - namespace: capo-test + namespace: default spec: clusterName: cluster-api-multi-az replicas: 1 @@ -345,9 +351,9 @@ spec: name: cluster-api-multi-az-worker-config apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 kind: KubeadmConfigTemplate - namespace: capo-test + namespace: default infrastructureRef: name: cluster-api-multi-az-worker-2b apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: OscMachineTemplate - namespace: capo-test + namespace: default diff --git a/example/cluster-machine-template-simple.yaml b/example/cluster-machine-template-simple.yaml index 0bdc8ca5e..2b5796cf9 100644 --- a/example/cluster-machine-template-simple.yaml +++ b/example/cluster-machine-template-simple.yaml @@ -87,7 +87,7 @@ spec: destination: "0.0.0.0/0" securityGroups: - name: cluster-api-securitygroups-kw - description: Security Group with cluster-api + description: Security Group with cluster-api securityGroupRules: - name: cluster-api-securitygrouprule-api-kubelet-kw flow: Inbound @@ -332,7 +332,7 @@ spec: files: - content: | #!/bin/sh - + curl https://github.com/opencontainers/runc/releases/download/v1.1.1/runc.amd64 -Lo /tmp/runc.amd64 chmod +x /tmp/runc.amd64 cp -f /tmp/runc.amd64 /usr/local/sbin/runc @@ -371,7 +371,7 @@ spec: - content: | #!/bin/sh curl https://github.com/opencontainers/runc/releases/download/v1.1.1/runc.amd64 -Lo /tmp/runc.amd64 - chmod +x /tmp/runc.amd64 + chmod +x /tmp/runc.amd64 cp -f /tmp/runc.amd64 /usr/local/sbin/runc owner: root:root path: /tmp/set_runc.sh @@ -381,6 +381,7 @@ spec: kubeletExtraArgs: cloud-provider: external provider-id: aws:///'{{ ds.meta_data.placement.availability_zone }}'/'{{ ds.meta_data.instance_id }}' + name: '{{ ds.meta_data.local_hostname }}' preKubeadmCommands: - sh /tmp/set_runc.sh version: "1.22.11" diff --git a/hack/ensure-clusterctl.sh b/hack/ensure-clusterctl.sh index 9771f7ce9..d88b1cecf 100755 --- a/hack/ensure-clusterctl.sh +++ b/hack/ensure-clusterctl.sh @@ -45,7 +45,7 @@ EOF } install_clusterctl() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then curl -sLo "clusterctl" "https://github.com/kubernetes-sigs/cluster-api/releases/download/v${MINIMUM_CLUSTERCTL_VERSION}/clusterctl-linux-amd64" copy_binary else diff --git a/hack/ensure-controller-gen.sh b/hack/ensure-controller-gen.sh index 8833e0aff..9992a08b0 100755 --- a/hack/ensure-controller-gen.sh +++ b/hack/ensure-controller-gen.sh @@ -46,7 +46,7 @@ EOF } install_controller_gen() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/ensure-envsubst.sh b/hack/ensure-envsubst.sh index 0a1f9ce20..2fe21b3ad 100755 --- a/hack/ensure-envsubst.sh +++ b/hack/ensure-envsubst.sh @@ -25,7 +25,7 @@ check_envsubst_installed() { } install_envsubst() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/ensure-envtest.sh b/hack/ensure-envtest.sh index 8a572cba7..21dd406dd 100755 --- a/hack/ensure-envtest.sh +++ b/hack/ensure-envtest.sh @@ -45,7 +45,7 @@ EOF } install_envtest() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/ensure-gh.sh b/hack/ensure-gh.sh index 73d38dd1a..6e3778e77 100755 --- a/hack/ensure-gh.sh +++ b/hack/ensure-gh.sh @@ -53,7 +53,7 @@ EOF } install_gh() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/ensure-golangci-lint.sh b/hack/ensure-golangci-lint.sh index 0108b5985..47e6c50ed 100755 --- a/hack/ensure-golangci-lint.sh +++ b/hack/ensure-golangci-lint.sh @@ -45,7 +45,7 @@ EOF } install_golangci_lint() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/ensure-kind.sh b/hack/ensure-kind.sh index a090ec1c1..b12076331 100755 --- a/hack/ensure-kind.sh +++ b/hack/ensure-kind.sh @@ -39,7 +39,7 @@ EOF } install_kind() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then curl -sLo "kind" "https://github.com/kubernetes-sigs/kind/releases/download/${MINIMUM_KIND_VERSION}/kind-linux-amd64" copy_binary else diff --git a/hack/ensure-kubebuildertool.sh b/hack/ensure-kubebuildertool.sh index d25688270..de5f32a1c 100755 --- a/hack/ensure-kubebuildertool.sh +++ b/hack/ensure-kubebuildertool.sh @@ -52,7 +52,7 @@ EOF } install_kubebuildertool() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/ensure-kubectl.sh b/hack/ensure-kubectl.sh index cfc02b1e1..30eac7524 100755 --- a/hack/ensure-kubectl.sh +++ b/hack/ensure-kubectl.sh @@ -45,7 +45,7 @@ EOF } install_kubectl() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then curl -sLo "kubectl" "https://storage.googleapis.com/kubernetes-release/release/v${MINIMUM_KUBECTL_VERSION}/bin/linux/amd64/kubectl" copy_binary else diff --git a/hack/ensure-kustomize.sh b/hack/ensure-kustomize.sh index e930ca4d6..26ab14ba4 100755 --- a/hack/ensure-kustomize.sh +++ b/hack/ensure-kustomize.sh @@ -53,7 +53,7 @@ EOF } install_kustomize() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/ensure-mdbook.sh b/hack/ensure-mdbook.sh index 4ad099e9b..8263e257d 100755 --- a/hack/ensure-mdbook.sh +++ b/hack/ensure-mdbook.sh @@ -52,7 +52,7 @@ EOF } install_mdbook() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/ensure-mockgen.sh b/hack/ensure-mockgen.sh index 3f4094650..deded776b 100755 --- a/hack/ensure-mockgen.sh +++ b/hack/ensure-mockgen.sh @@ -44,7 +44,7 @@ EOF } install_mockgen() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/ensure-packer.sh b/hack/ensure-packer.sh index 8c45249bb..41abfb2b3 100755 --- a/hack/ensure-packer.sh +++ b/hack/ensure-packer.sh @@ -43,7 +43,7 @@ EOF } install_packer() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then curl -sLo "packer.zip" "https://releases.hashicorp.com/packer/${MINIMUM_PACKER_VERSION}/packer_${MINIMUM_PACKER_VERSION}_linux_amd64.zip" && unzip packer.zip -d packer-bin && mv packer-bin/packer . && rm -rf packer.zip packer-bin copy_binary else diff --git a/hack/ensure-tilt.sh b/hack/ensure-tilt.sh index af13a2217..67e83a90c 100755 --- a/hack/ensure-tilt.sh +++ b/hack/ensure-tilt.sh @@ -44,7 +44,7 @@ EOF } install_tilt() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then curl -fsSL "https://github.com/tilt-dev/tilt/releases/download/v$MINIMUM_TILT_VERSION/tilt.$MINIMUM_TILT_VERSION.linux.x86_64.tar.gz" | tar -xzv tilt copy_binary else diff --git a/hack/ensure-yamlfmt.sh b/hack/ensure-yamlfmt.sh index 5a1a3b63c..c1930370f 100755 --- a/hack/ensure-yamlfmt.sh +++ b/hack/ensure-yamlfmt.sh @@ -25,7 +25,7 @@ check_yamlfmt_installed() { } install_yamlfmt() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/verify-buildifier.sh b/hack/verify-buildifier.sh index b978ba53f..80c697210 100755 --- a/hack/verify-buildifier.sh +++ b/hack/verify-buildifier.sh @@ -49,7 +49,7 @@ EOF } install_buildifier() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi diff --git a/hack/verify-shellcheck.sh b/hack/verify-shellcheck.sh index c5170191b..c2d97ddf6 100755 --- a/hack/verify-shellcheck.sh +++ b/hack/verify-shellcheck.sh @@ -53,7 +53,7 @@ EOF } install_shellcheck() { - if [[ "${OSTYPE}" == "linux"* ]]; then + if [[ "${OSTYPE}" == "linux"* || "${OSTYPE}" == "darwin22"* ]]; then if ! [ -d "${BIN_ROOT}" ]; then mkdir -p "${BIN_ROOT}" fi