build: Add update kube-vip manifests script and use kube-vip 0.8.0

Author: jimmidyson

charts/cluster-api-runtime-extensions-nutanix/templates/kube-vip/manifests/kube-vip-configmap.yaml

@@ -1,6 +1,10 @@
 # Copyright 2023 D2iQ, Inc. All rights reserved.
 # SPDX-License-Identifier: Apache-2.0
 
+#=================================================================
+#                 DO NOT EDIT THIS FILE
+#  IT HAS BEEN GENERATED BY /hack/addons/update-kube-vip-manifests.sh
+#=================================================================
 {{- if .Values.hooks.kubeVip.defaultTemplateConfigMap.create }}
 apiVersion: v1
 data:
@@ -12,61 +16,58 @@ data:
       namespace: kube-system
     spec:
       containers:
-        - name: kube-vip
-          image: ghcr.io/kube-vip/kube-vip:v0.6.4
-          imagePullPolicy: IfNotPresent
-          args:
+        - args:
             - manager
           env:
             - name: vip_arp
               value: "true"
-            - name: address
-              value: "{{ `{{ .ControlPlaneEndpoint.Host }}` }}"
             - name: port
-              value: "{{ `{{ .ControlPlaneEndpoint.Port }}` }}"
+              value: '{{ `{{ .ControlPlaneEndpoint.Port }}` }}'
+            - name: vip_nodename
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
             - name: vip_cidr
               value: "32"
+            - name: dns_mode
+              value: first
             - name: cp_enable
               value: "true"
             - name: cp_namespace
               value: kube-system
-            - name: vip_ddns
-              value: "false"
             - name: vip_leaderelection
               value: "true"
+            - name: vip_leasename
+              value: plndr-cp-lock
             - name: vip_leaseduration
               value: "15"
             - name: vip_renewdeadline
               value: "10"
             - name: vip_retryperiod
               value: "2"
-            - name: svc_enable
-              value: "false"
-            - name: lb_enable
-              value: "false"
-            - name: enableServicesElection
-              value: "false"
+            - name: address
+              value: '{{ `{{ .ControlPlaneEndpoint.Host }}` }}'
+          image: ghcr.io/kube-vip/kube-vip:v0.8.0
+          imagePullPolicy: IfNotPresent
+          name: kube-vip
+          resources: {}
           securityContext:
             capabilities:
               add:
                 - NET_ADMIN
-                - SYS_TIME
                 - NET_RAW
           volumeMounts:
             - mountPath: /etc/kubernetes/admin.conf
               name: kubeconfig
-          resources: { }
-      hostNetwork: true
       hostAliases:
         - hostnames:
             - kubernetes
           ip: 127.0.0.1
+      hostNetwork: true
       volumes:
-        - name: kubeconfig
-          hostPath:
-            type: FileOrCreate
+        - hostPath:
             path: /etc/kubernetes/admin.conf
-    status: {}
+          name: kubeconfig
 kind: ConfigMap
 metadata:
   creationTimestamp: null

hack/addons/update-kube-vip-manifests.sh

@@ -0,0 +1,51 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+readonly SCRIPT_DIR
+
+# shellcheck source=hack/common.sh
+source "${SCRIPT_DIR}/../common.sh"
+
+if [ -z "${KUBE_VIP_VERSION:-}" ]; then
+  echo "Missing argument: KUBE_VIP_VERSION"
+  exit 1
+fi
+
+ASSETS_DIR="$(mktemp -d -p "${TMPDIR:-/tmp}")"
+readonly ASSETS_DIR
+trap_add "rm -rf ${ASSETS_DIR}" EXIT
+
+readonly FILE_NAME="kube-vip.yaml"
+
+docker container run --rm ghcr.io/kube-vip/kube-vip:"${KUBE_VIP_VERSION}" \
+  manifest pod \
+  --arp \
+  --address='{{ `{{ .ControlPlaneEndpoint.Host }}` }}' \
+  --port=-99999 \
+  --controlplane \
+  --leaderElection \
+  --leaseDuration=15 \
+  --leaseRenewDuration=10 \
+  --leaseRetry=2 \
+  --prometheusHTTPServer='' |
+  gojq --yaml-input --yaml-output 'del(.metadata.creationTimestamp, .status) | .spec.containers[].imagePullPolicy |= "IfNotPresent"' |
+  sed "s/\"-99999\"/'{{ \`{{ .ControlPlaneEndpoint.Port }}\` }}'/" >"${ASSETS_DIR}/${FILE_NAME}"
+
+kubectl create configmap "{{ .Values.hooks.kubeVip.defaultTemplateConfigMap.name }}" --dry-run=client --output yaml \
+  --from-file "${ASSETS_DIR}/${FILE_NAME}" \
+  >"${ASSETS_DIR}/kube-vip-configmap.yaml"
+
+# add warning not to edit file directly
+cat <<EOF >"${GIT_REPO_ROOT}/charts/cluster-api-runtime-extensions-nutanix/templates/kube-vip/manifests/kube-vip-configmap.yaml"
+$(cat "${GIT_REPO_ROOT}/hack/license-header.yaml.txt")
+
+#=================================================================
+#                 DO NOT EDIT THIS FILE
+#  IT HAS BEEN GENERATED BY /hack/addons/update-kube-vip-manifests.sh
+#=================================================================
+{{- if .Values.hooks.kubeVip.defaultTemplateConfigMap.create }}
+$(cat "${ASSETS_DIR}/kube-vip-configmap.yaml")
+{{- end -}}
+EOF

make/addons.mk

@@ -17,8 +17,10 @@ export AWS_CCM_CHART_VERSION_128 := 0.0.8
 
 export NUTANIX_CCM_CHART_VERSION := 0.3.3
 
+export KUBE_VIP_VERSION := v0.8.0
+
 .PHONY: addons.sync
-addons.sync: $(addprefix update-addon.,calico cilium nfd cluster-autoscaler aws-ebs-csi aws-ccm.127 aws-ccm.128)
+addons.sync: $(addprefix update-addon.,calico cilium nfd cluster-autoscaler aws-ebs-csi aws-ccm.127 aws-ccm.128 kube-vip)
 
 .PHONY: update-addon.calico
 update-addon.calico: ; $(info $(M) updating calico manifests)
@@ -44,6 +46,10 @@ update-addon.aws-ebs-csi: ; $(info $(M) updating aws ebs csi manifests)
 update-addon.aws-ccm.%: ; $(info $(M) updating aws ccm $* manifests)
 	./hack/addons/update-aws-ccm.sh $(AWS_CCM_VERSION_$*) $(AWS_CCM_CHART_VERSION_$*)
 
+.PHONY: update-addon.kube-vip
+update-addon.kube-vip: ; $(info $(M) updating kube-vip manifests)
+	./hack/addons/update-kube-vip-manifests.sh
+
 .PHONY: generate-helm-configmap
 generate-helm-configmap:
 	go run hack/tools/helm-cm/main.go -kustomize-directory="./hack/addons/kustomize" -output-file="./charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml"

pkg/handlers/generic/mutation/controlplanevirtualip/inject.go

@@ -131,7 +131,10 @@ func (h *ControlPlaneVirtualIP) Mutate(
 		selectors.ControlPlane(),
 		log,
 		func(obj *controlplanev1.KubeadmControlPlaneTemplate) error {
-			virtualIPProviderFile, getFileErr := virtualIPProvider.GetFile(ctx, controlPlaneEndpointVar)
+			virtualIPProviderFile, getFileErr := virtualIPProvider.GetFile(
+				ctx,
+				controlPlaneEndpointVar,
+			)
 			if getFileErr != nil {
 				return getFileErr
 			}
@@ -148,7 +151,9 @@ func (h *ControlPlaneVirtualIP) Mutate(
 				*virtualIPProviderFile,
 			)
 
-			preKubeadmCommands, postKubeadmCommands, getCommandsErr := virtualIPProvider.GetCommands(cluster)
+			preKubeadmCommands, postKubeadmCommands, getCommandsErr := virtualIPProvider.GetCommands(
+				cluster,
+			)
 			if getCommandsErr != nil {
 				return getCommandsErr
 			}

pkg/handlers/generic/mutation/controlplanevirtualip/inject_test.go

@@ -68,7 +68,10 @@ var _ = Describe("Generate ControlPlane virtual IP patches", func() {
 									gomega.ContainSubstring("value: \"6443\""),
 								),
 								gomega.HaveKey("owner"),
-								gomega.HaveKeyWithValue("path", gomega.ContainSubstring("kube-vip")),
+								gomega.HaveKeyWithValue(
+									"path",
+									gomega.ContainSubstring("kube-vip"),
+								),
 								gomega.HaveKey("permissions"),
 							),
 						),
@@ -136,7 +139,10 @@ var _ = Describe("Generate ControlPlane virtual IP patches", func() {
 									gomega.ContainSubstring("value: \"6443\""),
 								),
 								gomega.HaveKey("owner"),
-								gomega.HaveKeyWithValue("path", gomega.ContainSubstring("kube-vip")),
+								gomega.HaveKeyWithValue(
+									"path",
+									gomega.ContainSubstring("kube-vip"),
+								),
 								gomega.HaveKey("permissions"),
 							),
 						),

pkg/handlers/generic/mutation/controlplanevirtualip/providers/kubevip.go

@@ -74,8 +74,11 @@ func (p *kubeVIPFromConfigMapProvider) GetFile(
 	}, nil
 }
 
+//
 //nolint:gocritic // No need for named return values
-func (p *kubeVIPFromConfigMapProvider) GetCommands(cluster *clusterv1.Cluster) ([]string, []string, error) {
+func (p *kubeVIPFromConfigMapProvider) GetCommands(
+	cluster *clusterv1.Cluster,
+) ([]string, []string, error) {
 	// The kube-vip static Pod uses admin.conf on the host to connect to the API server.
 	// But, starting with Kubernetes 1.29, admin.conf first gets created with no RBAC permissions.
 	// At the same time, 'kubeadm init' command waits for the API server to be reachable on the kube-vip IP.
@@ -102,15 +105,21 @@ type multipleKeysError struct {
 }
 
 func (e multipleKeysError) Error() string {
-	return fmt.Sprintf("found multiple keys in ConfigMap %q, when only 1 is expected", e.configMapKey)
+	return fmt.Sprintf(
+		"found multiple keys in ConfigMap %q, when only 1 is expected",
+		e.configMapKey,
+	)
 }
 
 type emptyValuesError struct {
 	configMapKey client.ObjectKey
 }
 
 func (e emptyValuesError) Error() string {
-	return fmt.Sprintf("could not find any keys with non-empty vaules in ConfigMap %q", e.configMapKey)
+	return fmt.Sprintf(
+		"could not find any keys with non-empty vaules in ConfigMap %q",
+		e.configMapKey,
+	)
 }
 
 func getTemplateFromConfigMap(

pkg/handlers/generic/mutation/controlplanevirtualip/providers/providers.go

@@ -28,7 +28,10 @@ type Provider interface {
 	GetCommands(cluster *clusterv1.Cluster) ([]string, []string, error)
 }
 
-func templateValues(controlPlaneEndpoint v1alpha1.ControlPlaneEndpointSpec, text string) (string, error) {
+func templateValues(
+	controlPlaneEndpoint v1alpha1.ControlPlaneEndpointSpec,
+	text string,
+) (string, error) {
 	kubeVIPTemplate, err := template.New("").Parse(text)
 	if err != nil {
 		return "", fmt.Errorf("failed to parse template: %w", err)

pkg/handlers/options/global.go

@@ -4,14 +4,14 @@
 package options
 
 import (
-	"cmp"
-
 	"github.com/spf13/pflag"
 	corev1 "k8s.io/api/core/v1"
 )
 
 func NewGlobalOptions() *GlobalOptions {
-	return &GlobalOptions{}
+	return &GlobalOptions{
+		defaultsNamespace: corev1.NamespaceDefault,
+	}
 }
 
 type GlobalOptions struct {
@@ -23,7 +23,7 @@ func (o *GlobalOptions) AddFlags(flags *pflag.FlagSet) {
 	flags.StringVar(
 		&o.defaultsNamespace,
 		"defaults-namespace",
-		corev1.NamespaceDefault,
+		o.defaultsNamespace,
 		"namespace for default configurations",
 	)
 	flags.StringVar(
@@ -35,7 +35,7 @@ func (o *GlobalOptions) AddFlags(flags *pflag.FlagSet) {
 }
 
 func (o *GlobalOptions) DefaultsNamespace() string {
-	return cmp.Or(o.defaultsNamespace, corev1.NamespaceDefault)
+	return o.defaultsNamespace
 }
 
 func (o *GlobalOptions) HelmAddonsConfigMapName() string {