Merge pull request #3789 from calvin0327/set-karmada-kubeconfig

karmada-operator: add karmada apiserver kubeconfig to karmada status
2023-09-19 12:06:58 +08:00 · 2023-09-19 12:06:58 +08:00 · 8d1a8007eb
parent 7c76237021 6d3bd8d507
commit 8d1a8007eb
6 changed files with 42 additions and 29 deletions
--- a/operator/pkg/controller/karmada/planner.go
+++ b/operator/pkg/controller/karmada/planner.go
@ -4,12 +4,14 @@ import (
 	"context"
 	"fmt"

+	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/client-go/rest"
 	"k8s.io/klog/v2"
 	"sigs.k8s.io/controller-runtime/pkg/client"

 	operator "github.com/karmada-io/karmada/operator/pkg"
 	operatorv1alpha1 "github.com/karmada-io/karmada/operator/pkg/apis/operator/v1alpha1"
+	"github.com/karmada-io/karmada/operator/pkg/util"
 	"github.com/karmada-io/karmada/operator/pkg/workflow"
 )

@ -111,13 +113,24 @@ func (p *Planner) preRunJob() error {
 }

 func (p *Planner) runJobErr(err error) error {
+	var errs []error
+	errs = append(errs, err)
+
 	operatorv1alpha1.KarmadaFailed(p.karmada, operatorv1alpha1.Ready, err.Error())
-	return p.Client.Status().Update(context.TODO(), p.karmada)
+	errs = append(errs, p.Client.Status().Update(context.TODO(), p.karmada))
+
+	return utilerrors.NewAggregate(errs)
 }

 func (p *Planner) afterRunJob() error {
 	if p.action == InitAction {
+		// Update the condition to Ready and set kubeconfig of karmada-apiserver to status.
 		operatorv1alpha1.KarmadaCompleted(p.karmada, operatorv1alpha1.Ready, "karmada init job is completed")
+		p.karmada.Status.SecretRef = &operatorv1alpha1.LocalSecretReference{
+			Namespace: p.karmada.GetNamespace(),
+			Name:      util.AdminKubeconfigSecretName(p.karmada.GetName()),
+		}
+
 		return p.Client.Status().Update(context.TODO(), p.karmada)
 	}

--- a/operator/pkg/controlplane/apiserver/mainfests.go
+++ b/operator/pkg/controlplane/apiserver/mainfests.go
@ -158,9 +158,9 @@ spec:
        imagePullPolicy: IfNotPresent
        command:
        - /bin/karmada-aggregated-apiserver
-        - --kubeconfig=/etc/karmada/config
-        - --authentication-kubeconfig=/etc/karmada/config
-        - --authorization-kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
+        - --authentication-kubeconfig=/etc/karmada/kubeconfig
+        - --authorization-kubeconfig=/etc/karmada/kubeconfig
        - --etcd-cafile=/etc/etcd/pki/etcd-ca.crt
        - --etcd-certfile=/etc/etcd/pki/etcd-client.crt
        - --etcd-keyfile=/etc/etcd/pki/etcd-client.key
@ -172,9 +172,9 @@ spec:
        - --audit-log-maxage=0
        - --audit-log-maxbackup=0
        volumeMounts:
-        - mountPath: /etc/karmada/config
+        - mountPath: /etc/karmada/kubeconfig
          name: kubeconfig
-          subPath: config
+          subPath: kubeconfig
        - mountPath: /etc/etcd/pki
          name: etcd-cert
          readOnly: true
--- a/operator/pkg/controlplane/manifests.go
+++ b/operator/pkg/controlplane/manifests.go
@ -39,9 +39,9 @@ spec:
        command:
        - kube-controller-manager
        - --allocate-node-cidrs=true
-        - --kubeconfig=/etc/karmada/config
-        - --authentication-kubeconfig=/etc/karmada/config
-        - --authorization-kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
+        - --authentication-kubeconfig=/etc/karmada/kubeconfig
+        - --authorization-kubeconfig=/etc/karmada/kubeconfig
        - --bind-address=0.0.0.0
        - --client-ca-file=/etc/karmada/pki/ca.crt
        - --cluster-cidr=10.244.0.0/16
@ -71,8 +71,8 @@ spec:
          mountPath: /etc/karmada/pki
          readOnly: true
        - name: kubeconfig
-          mountPath: /etc/karmada/config
-          subPath: config
+          mountPath: /etc/karmada/kubeconfig
+          subPath: kubeconfig
      volumes:
        - name: karmada-certs
          secret:
@ -111,7 +111,7 @@ spec:
        imagePullPolicy: IfNotPresent
        command:
        - /bin/karmada-controller-manager
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
        - --bind-address=0.0.0.0
        - --cluster-status-update-frequency=10s
        - --secure-port=10357
@ -129,8 +129,8 @@ spec:
          timeoutSeconds: 5
        volumeMounts:
        - name: kubeconfig
-          subPath: config
-          mountPath: /etc/karmada/config
+          subPath: kubeconfig
+          mountPath: /etc/karmada/kubeconfig
      volumes:
      - name: kubeconfig
        secret:
@ -167,7 +167,7 @@ spec:
        imagePullPolicy: IfNotPresent
        command:
        - /bin/karmada-scheduler
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
        - --bind-address=0.0.0.0
        - --secure-port=10351
        - --enable-scheduler-estimator=true
@ -184,8 +184,8 @@ spec:
          timeoutSeconds: 5
        volumeMounts:
        - name: kubeconfig
-          subPath: config
-          mountPath: /etc/karmada/config
+          subPath: kubeconfig
+          mountPath: /etc/karmada/kubeconfig
      volumes:
        - name: kubeconfig
          secret:
@ -222,7 +222,7 @@ spec:
        imagePullPolicy: IfNotPresent
        command:
        - /bin/karmada-descheduler
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
        - --bind-address=0.0.0.0
        - --leader-elect-resource-namespace={{ .SystemNamespace }}
        - --v=4
@ -237,8 +237,8 @@ spec:
          timeoutSeconds: 5
        volumeMounts:
        - name: kubeconfig
-          subPath: config
-          mountPath: /etc/karmada/config
+          subPath: kubeconfig
+          mountPath: /etc/karmada/kubeconfig
      volumes:
        - name: kubeconfig
          secret:
--- a/operator/pkg/controlplane/metricsadapter/mainfests.go
+++ b/operator/pkg/controlplane/metricsadapter/mainfests.go
@ -31,17 +31,17 @@ spec:
        imagePullPolicy: IfNotPresent
        command:
        - /bin/karmada-metrics-adapter
-        - --kubeconfig=/etc/karmada/config
-        - --authentication-kubeconfig=/etc/karmada/config
-        - --authorization-kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
+        - --authentication-kubeconfig=/etc/karmada/kubeconfig
+        - --authorization-kubeconfig=/etc/karmada/kubeconfig
        - --client-ca-file=/etc/karmada/pki/ca.crt
        - --audit-log-path=-
        - --audit-log-maxage=0
        - --audit-log-maxbackup=0
        volumeMounts:
        - name: kubeconfig
-          subPath: config
-          mountPath: /etc/karmada/config
+          subPath: kubeconfig
+          mountPath: /etc/karmada/kubeconfig
        - name: karmada-cert
          mountPath: /etc/karmada/pki
          readOnly: true
--- a/operator/pkg/controlplane/webhook/mainfests.go
+++ b/operator/pkg/controlplane/webhook/mainfests.go
@ -31,7 +31,7 @@ spec:
        imagePullPolicy: IfNotPresent
        command:
        - /bin/karmada-webhook
-        - --kubeconfig=/etc/karmada/config
+        - --kubeconfig=/etc/karmada/kubeconfig
        - --bind-address=0.0.0.0
        - --default-not-ready-toleration-seconds=30
        - --default-unreachable-toleration-seconds=30
@ -42,8 +42,8 @@ spec:
        - containerPort: 8443
        volumeMounts:
        - name: kubeconfig
-          subPath: config
-          mountPath: /etc/karmada/config
+          subPath: kubeconfig
+          mountPath: /etc/karmada/kubeconfig
        - name: cert
          mountPath: /var/serving-cert
          readOnly: true
--- a/operator/pkg/tasks/init/upload.go
+++ b/operator/pkg/tasks/init/upload.go
@ -80,7 +80,7 @@ func runUploadAdminKubeconfig(r workflow.RunData) error {
 			Name:      util.AdminKubeconfigSecretName(data.GetName()),
 			Labels:    constants.KarmadaOperatorLabel,
 		},
-		Data: map[string][]byte{"config": configBytes},
+		Data: map[string][]byte{"kubeconfig": configBytes},
 	})
 	if err != nil {
 		return fmt.Errorf("failed to create secret of kubeconfig, err: %w", err)