Skip to content

feat: add kube-vip static Pod in a Nutanix handler #558

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 11 commits into from
Apr 26, 2024
Merged

feat: add kube-vip static Pod in a Nutanix handler #558

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
936211f
refactor: remove kube-vip template from Nutanix's KCP
dkoshkin Apr 22, 2024
d8e1f8d
refactor: add kube-vip static Pod to KCP in the handler
dkoshkin Apr 23, 2024
b52fa65
refactor: better handle nil virtualIPProvider
dkoshkin Apr 23, 2024
891b4a4
refactor: add VirtualIPSpec API and a handler
dkoshkin Apr 24, 2024
ba7f694
fix: kube-vip admin.conf pre/postKubeadmCommands
dkoshkin Apr 25, 2024
d7ef1fd
build: Add update kube-vip manifests script and use kube-vip 0.8.0
jimmidyson Apr 25, 2024
8f86f92
fixup! add provider field in ControlPlaneVirtualIPSpec
dkoshkin Apr 26, 2024
98ff981
fix: use KubeVIP capitalization more consistently
dkoshkin Apr 26, 2024
e569797
fix: copy and paste
dkoshkin Apr 26, 2024
48e7f72
fixup! fixup! fix linter
dkoshkin Apr 26, 2024
2bd290d
fixup! refactor: add kube-vip static Pod to KCP in the handler
dkoshkin Apr 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions api/v1alpha1/common_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,4 +37,10 @@ type ControlPlaneEndpointSpec struct {
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=65535
Port int32 `json:"port"`

// Configuration for the virtual IP provider.
// +optional
VirtualIPSpec *ControlPlaneVirtualIPSpec `json:"virtualIP,omitempty"`
}

type ControlPlaneVirtualIPSpec struct{}
3 changes: 3 additions & 0 deletions api/v1alpha1/crds/caren.nutanix.com_nutanixclusterconfigs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -476,6 +476,9 @@ spec:
maximum: 65535
minimum: 1
type: integer
virtualIP:
description: Configuration for the virtual IP provider.
type: object
required:
- host
- port
Expand Down
22 changes: 21 additions & 1 deletion api/v1alpha1/zz_generated.deepcopy.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions charts/cluster-api-runtime-extensions-nutanix/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,8 @@ A Helm chart for cluster-api-runtime-extensions-nutanix
| hooks.cni.cilium.helmAddonStrategy.defaultValueTemplateConfigMap.name | string | `"default-cilium-cni-helm-values-template"` | |
| hooks.csi.nutanix.helmAddonStrategy.defaultValueTemplateConfigMap.create | bool | `true` | |
| hooks.csi.nutanix.helmAddonStrategy.defaultValueTemplateConfigMap.name | string | `"default-nutanix-csi-helm-values-template"` | |
| hooks.kubeVip.defaultTemplateConfigMap.create | bool | `true` | |
| hooks.kubeVip.defaultTemplateConfigMap.name | string | `"default-kube-vip-template"` | |
| hooks.nfd.crsStrategy.defaultInstallationConfigMap.name | string | `"node-feature-discovery"` | |
| hooks.nfd.helmAddonStrategy.defaultValueTemplateConfigMap.create | bool | `true` | |
| hooks.nfd.helmAddonStrategy.defaultValueTemplateConfigMap.name | string | `"default-nfd-helm-values-template"` | |
Expand Down
83 changes: 1 addition & 82 deletions ...s/cluster-api-runtime-extensions-nutanix/defaultclusterclasses/nutanix-cluster-class.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -132,72 +132,7 @@ spec:
scheduler:
extraArgs:
tls-cipher-suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
files:
- content: |
apiVersion: v1
kind: Pod
metadata:
name: kube-vip
namespace: kube-system
spec:
containers:
- name: kube-vip
image: ghcr.io/kube-vip/kube-vip:v0.6.4
imagePullPolicy: IfNotPresent
args:
- manager
env:
- name: vip_arp
value: "true"
- name: address
value: "control_plane_endpoint_ip"
- name: port
value: "control_plane_endpoint_port"
- name: vip_cidr
value: "32"
- name: cp_enable
value: "true"
- name: cp_namespace
value: kube-system
- name: vip_ddns
value: "false"
- name: vip_leaderelection
value: "true"
- name: vip_leaseduration
value: "15"
- name: vip_renewdeadline
value: "10"
- name: vip_retryperiod
value: "2"
- name: svc_enable
value: "false"
- name: lb_enable
value: "false"
- name: enableServicesElection
value: "false"
securityContext:
capabilities:
add:
- NET_ADMIN
- SYS_TIME
- NET_RAW
volumeMounts:
- mountPath: /etc/kubernetes/admin.conf
name: kubeconfig
resources: {}
hostNetwork: true
hostAliases:
- hostnames:
- kubernetes
ip: 127.0.0.1
volumes:
- name: kubeconfig
hostPath:
type: FileOrCreate
path: /etc/kubernetes/admin.conf
status: {}
owner: root:root
path: /etc/kubernetes/manifests/kube-vip.yaml
files: []
initConfiguration:
nodeRegistration:
kubeletExtraArgs:
Expand All @@ -212,14 +147,6 @@ spec:
tls-cipher-suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
postKubeadmCommands:
- echo export KUBECONFIG=/etc/kubernetes/admin.conf >> /root/.bashrc
- |
KUBERNETES_VERSION_NO_V=${KUBERNETES_VERSION#v}
VERSION_TO_COMPARE=1.29.0
if [ "$(printf '%s\n' "$KUBERNETES_VERSION_NO_V" "$VERSION_TO_COMPARE" | sort -V | head -n1)" != "$KUBERNETES_VERSION_NO_V" ]; then
if [ -f /run/kubeadm/kubeadm.yaml ]; then
sed -i 's#path: /etc/kubernetes/super-admin.conf#path: /etc/kubernetes/admin.conf#' /etc/kubernetes/manifests/kube-vip.yaml;
fi
fi
- echo "after kubeadm call" > /var/log/postkubeadm.log
preKubeadmCommands:
- echo "before kubeadm call" > /var/log/prekubeadm.log
Expand All @@ -228,14 +155,6 @@ spec:
- echo "127.0.0.1 localhost" >>/etc/hosts
- echo "127.0.0.1 kubernetes" >>/etc/hosts
- echo "127.0.0.1 {{ ds.meta_data.hostname }}" >> /etc/hosts
- |
KUBERNETES_VERSION_NO_V=${KUBERNETES_VERSION#v}
VERSION_TO_COMPARE=1.29.0
if [ "$(printf '%s\n' "$KUBERNETES_VERSION_NO_V" "$VERSION_TO_COMPARE" | sort -V | head -n1)" != "$KUBERNETES_VERSION_NO_V" ]; then
if [ -f /run/kubeadm/kubeadm.yaml ]; then
sed -i 's#path: /etc/kubernetes/admin.conf#path: /etc/kubernetes/super-admin.conf#' /etc/kubernetes/manifests/kube-vip.yaml;
fi
fi
useExperimentalRetryJoin: true
verbosity: 10
---
Expand Down
75 changes: 75 additions & 0 deletions ...uster-api-runtime-extensions-nutanix/templates/kube-vip/manifests/kube-vip-configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
# Copyright 2023 D2iQ, Inc. All rights reserved.
# SPDX-License-Identifier: Apache-2.0

#=================================================================
# DO NOT EDIT THIS FILE
# IT HAS BEEN GENERATED BY /hack/addons/update-kube-vip-manifests.sh
#=================================================================
{{- if .Values.hooks.kubeVip.defaultTemplateConfigMap.create }}
apiVersion: v1
data:
kube-vip.yaml: |
apiVersion: v1
kind: Pod
metadata:
name: kube-vip
namespace: kube-system
spec:
containers:
- args:
- manager
env:
- name: vip_arp
value: "true"
- name: port
value: '{{ `{{ .ControlPlaneEndpoint.Port }}` }}'
- name: vip_nodename
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: vip_cidr
value: "32"
- name: dns_mode
value: first
- name: cp_enable
value: "true"
- name: cp_namespace
value: kube-system
- name: vip_leaderelection
value: "true"
- name: vip_leasename
value: plndr-cp-lock
- name: vip_leaseduration
value: "15"
- name: vip_renewdeadline
value: "10"
- name: vip_retryperiod
value: "2"
- name: address
value: '{{ `{{ .ControlPlaneEndpoint.Host }}` }}'
image: ghcr.io/kube-vip/kube-vip:v0.8.0
imagePullPolicy: IfNotPresent
name: kube-vip
resources: {}
securityContext:
capabilities:
add:
- NET_ADMIN
- NET_RAW
volumeMounts:
- mountPath: /etc/kubernetes/admin.conf
name: kubeconfig
hostAliases:
- hostnames:
- kubernetes
ip: 127.0.0.1
hostNetwork: true
volumes:
- hostPath:
path: /etc/kubernetes/admin.conf
name: kubeconfig
kind: ConfigMap
metadata:
creationTimestamp: null
name: '{{ .Values.hooks.kubeVip.defaultTemplateConfigMap.name }}'
{{- end -}}
4 changes: 4 additions & 0 deletions charts/cluster-api-runtime-extensions-nutanix/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,10 @@ hooks:
defaultValueTemplateConfigMap:
create: true
name: default-cluster-autoscaler-helm-values-template
kubeVip:
defaultTemplateConfigMap:
create: true
name: default-kube-vip-template

helmAddonsConfigMap: default-helm-addons-config

Expand Down
32 changes: 32 additions & 0 deletions docs/content/customization/nutanix/control-plane-endpoint.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ spec:
controlPlaneEndpoint:
host: x.x.x.x
port: 6443
virtualIP: {}
```

Applying this configuration will result in the following value being set:
Expand All @@ -36,3 +37,34 @@ spec:
host: x.x.x.x
port: 6443
```

- `KubeadmControlPlaneTemplate`

```yaml
spec:
kubeadmConfigSpec:
files:
- content: |
apiVersion: v1
kind: Pod
metadata:
name: kube-vip
namespace: kube-system
spec:
...
owner: root:root
path: /etc/kubernetes/manifests/kube-vip.yaml
permissions: "0600"
postKubeadmCommands:
# Only added for clusters version >=v1.29.0
- |-
if [ -f /run/kubeadm/kubeadm.yaml ]; then
sed -i 's#path: /etc/kubernetes/super-admin.conf#path: ...
fi
preKubeadmCommands:
# Only added for clusters version >=v1.29.0
- |-
if [ -f /run/kubeadm/kubeadm.yaml ]; then
sed -i 's#path: /etc/kubernetes/admin.conf#path: ...
fi
```
1 change: 1 addition & 0 deletions examples/capi-quick-start/nutanix-cluster-calico-crs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@ spec:
controlPlaneEndpoint:
host: ${CONTROL_PLANE_ENDPOINT_IP}
port: 6443
virtualIP: {}
prismCentralEndpoint:
credentials:
name: ${CLUSTER_NAME}-pc-creds
Expand Down
1 change: 1 addition & 0 deletions examples/capi-quick-start/nutanix-cluster-calico-helm-addon.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@ spec:
controlPlaneEndpoint:
host: ${CONTROL_PLANE_ENDPOINT_IP}
port: 6443
virtualIP: {}
prismCentralEndpoint:
credentials:
name: ${CLUSTER_NAME}-pc-creds
Expand Down
1 change: 1 addition & 0 deletions examples/capi-quick-start/nutanix-cluster-cilium-crs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@ spec:
controlPlaneEndpoint:
host: ${CONTROL_PLANE_ENDPOINT_IP}
port: 6443
virtualIP: {}
prismCentralEndpoint:
credentials:
name: ${CLUSTER_NAME}-pc-creds
Expand Down
1 change: 1 addition & 0 deletions examples/capi-quick-start/nutanix-cluster-cilium-helm-addon.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@ spec:
controlPlaneEndpoint:
host: ${CONTROL_PLANE_ENDPOINT_IP}
port: 6443
virtualIP: {}
prismCentralEndpoint:
credentials:
name: ${CLUSTER_NAME}-pc-creds
Expand Down
51 changes: 51 additions & 0 deletions hack/addons/update-kube-vip-manifests.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
#!/usr/bin/env bash
set -euo pipefail
IFS=$'\n\t'

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
readonly SCRIPT_DIR

# shellcheck source=hack/common.sh
source "${SCRIPT_DIR}/../common.sh"

if [ -z "${KUBE_VIP_VERSION:-}" ]; then
echo "Missing argument: KUBE_VIP_VERSION"
exit 1
fi

ASSETS_DIR="$(mktemp -d -p "${TMPDIR:-/tmp}")"
readonly ASSETS_DIR
trap_add "rm -rf ${ASSETS_DIR}" EXIT

readonly FILE_NAME="kube-vip.yaml"

docker container run --rm ghcr.io/kube-vip/kube-vip:"${KUBE_VIP_VERSION}" \
manifest pod \
--arp \
--address='{{ `{{ .ControlPlaneEndpoint.Host }}` }}' \
--port=-99999 \
--controlplane \
--leaderElection \
--leaseDuration=15 \
--leaseRenewDuration=10 \
--leaseRetry=2 \
--prometheusHTTPServer='' |
gojq --yaml-input --yaml-output 'del(.metadata.creationTimestamp, .status) | .spec.containers[].imagePullPolicy |= "IfNotPresent"' |
sed "s/\"-99999\"/'{{ \`{{ .ControlPlaneEndpoint.Port }}\` }}'/" >"${ASSETS_DIR}/${FILE_NAME}"

kubectl create configmap "{{ .Values.hooks.kubeVip.defaultTemplateConfigMap.name }}" --dry-run=client --output yaml \
--from-file "${ASSETS_DIR}/${FILE_NAME}" \
>"${ASSETS_DIR}/kube-vip-configmap.yaml"

# add warning not to edit file directly
cat <<EOF >"${GIT_REPO_ROOT}/charts/cluster-api-runtime-extensions-nutanix/templates/kube-vip/manifests/kube-vip-configmap.yaml"
$(cat "${GIT_REPO_ROOT}/hack/license-header.yaml.txt")

#=================================================================
# DO NOT EDIT THIS FILE
# IT HAS BEEN GENERATED BY /hack/addons/update-kube-vip-manifests.sh
#=================================================================
{{- if .Values.hooks.kubeVip.defaultTemplateConfigMap.create }}
$(cat "${ASSETS_DIR}/kube-vip-configmap.yaml")
{{- end -}}
EOF
Loading
Loading