Merge pull request #9942 from olemarkus/openstack-enable-eccm

Force external cloud controller manager on OS

pkg/model/components/openstack.go

@@ -51,6 +51,12 @@ func (b *OpenStackOptionsBulder) BuildOptions(o interface{}) error {
 	if clusterSpec.CloudConfig.Openstack.BlockStorage.CreateStorageClass == nil {
 		clusterSpec.CloudConfig.Openstack.BlockStorage.CreateStorageClass = fi.Bool(true)
 	}
+
+	if b.Context.IsKubernetesGTE("1.13.0") {
+		if clusterSpec.ExternalCloudControllerManager == nil {
+			clusterSpec.ExternalCloudControllerManager = &kops.CloudControllerManagerConfig{}
+		}
+	}
 	return nil
 
 }

upup/models/bindata.go

@@ -52,7 +52,6 @@
 // upup/models/cloudup/resources/addons/node-authorizer.addons.k8s.io/k8s-1.10.yaml.template
 // upup/models/cloudup/resources/addons/node-authorizer.addons.k8s.io/k8s-1.12.yaml.template
 // upup/models/cloudup/resources/addons/nodelocaldns.addons.k8s.io/k8s-1.12.yaml.template
-// upup/models/cloudup/resources/addons/openstack.addons.k8s.io/BUILD.bazel
 // upup/models/cloudup/resources/addons/openstack.addons.k8s.io/k8s-1.13.yaml.template
 // upup/models/cloudup/resources/addons/podsecuritypolicy.addons.k8s.io/k8s-1.10.yaml.template
 // upup/models/cloudup/resources/addons/podsecuritypolicy.addons.k8s.io/k8s-1.12.yaml.template
@@ -18707,28 +18706,6 @@ func cloudupResourcesAddonsNodelocaldnsAddonsK8sIoK8s112YamlTemplate() (*asset,
 	return a, nil
 }
 
-var _cloudupResourcesAddonsOpenstackAddonsK8sIoBuildBazel = []byte(`filegroup(
-    name = "exported_testdata",
-    srcs = glob(["**"]),
-    visibility = ["//visibility:public"],
-)
-`)
-
-func cloudupResourcesAddonsOpenstackAddonsK8sIoBuildBazelBytes() ([]byte, error) {
-	return _cloudupResourcesAddonsOpenstackAddonsK8sIoBuildBazel, nil
-}
-
-func cloudupResourcesAddonsOpenstackAddonsK8sIoBuildBazel() (*asset, error) {
-	bytes, err := cloudupResourcesAddonsOpenstackAddonsK8sIoBuildBazelBytes()
-	if err != nil {
-		return nil, err
-	}
-
-	info := bindataFileInfo{name: "cloudup/resources/addons/openstack.addons.k8s.io/BUILD.bazel", size: 0, mode: os.FileMode(0), modTime: time.Unix(0, 0)}
-	a := &asset{bytes: bytes, info: info}
-	return a, nil
-}
-
 var _cloudupResourcesAddonsOpenstackAddonsK8sIoK8s113YamlTemplate = []byte(`---
 apiVersion: v1
 kind: ServiceAccount
@@ -20507,7 +20484,6 @@ var _bindata = map[string]func() (*asset, error){
 	"cloudup/resources/addons/node-authorizer.addons.k8s.io/k8s-1.10.yaml.template":                       cloudupResourcesAddonsNodeAuthorizerAddonsK8sIoK8s110YamlTemplate,
 	"cloudup/resources/addons/node-authorizer.addons.k8s.io/k8s-1.12.yaml.template":                       cloudupResourcesAddonsNodeAuthorizerAddonsK8sIoK8s112YamlTemplate,
 	"cloudup/resources/addons/nodelocaldns.addons.k8s.io/k8s-1.12.yaml.template":                          cloudupResourcesAddonsNodelocaldnsAddonsK8sIoK8s112YamlTemplate,
-	"cloudup/resources/addons/openstack.addons.k8s.io/BUILD.bazel":                                        cloudupResourcesAddonsOpenstackAddonsK8sIoBuildBazel,
 	"cloudup/resources/addons/openstack.addons.k8s.io/k8s-1.13.yaml.template":                             cloudupResourcesAddonsOpenstackAddonsK8sIoK8s113YamlTemplate,
 	"cloudup/resources/addons/podsecuritypolicy.addons.k8s.io/k8s-1.10.yaml.template":                     cloudupResourcesAddonsPodsecuritypolicyAddonsK8sIoK8s110YamlTemplate,
 	"cloudup/resources/addons/podsecuritypolicy.addons.k8s.io/k8s-1.12.yaml.template":                     cloudupResourcesAddonsPodsecuritypolicyAddonsK8sIoK8s112YamlTemplate,
@@ -20666,7 +20642,6 @@ var _bintree = &bintree{nil, map[string]*bintree{
 					"k8s-1.12.yaml.template": {cloudupResourcesAddonsNodelocaldnsAddonsK8sIoK8s112YamlTemplate, map[string]*bintree{}},
 				}},
 				"openstack.addons.k8s.io": {nil, map[string]*bintree{
-					"BUILD.bazel":            {cloudupResourcesAddonsOpenstackAddonsK8sIoBuildBazel, map[string]*bintree{}},
 					"k8s-1.13.yaml.template": {cloudupResourcesAddonsOpenstackAddonsK8sIoK8s113YamlTemplate, map[string]*bintree{}},
 				}},
 				"podsecuritypolicy.addons.k8s.io": {nil, map[string]*bintree{

upup/models/cloudup/resources/addons/openstack.addons.k8s.io/BUILD.bazel

@@ -1,5 +0,0 @@
-filegroup(
-    name = "exported_testdata",
-    srcs = glob(["**"]),
-    visibility = ["//visibility:public"],
-)

upup/pkg/fi/cloudup/BUILD.bazel

@@ -111,7 +111,6 @@ go_test(
     ],
     data = [
         "//upup/pkg/fi/cloudup/tests:exported_testdata",  # keep
-        "//upup/models/cloudup/resources/addons/openstack.addons.k8s.io:exported_testdata",  # keep
     ],
     embed = [":go_default_library"],
     deps = [

upup/pkg/fi/cloudup/template_functions_test.go

@@ -17,14 +17,9 @@ limitations under the License.
 package cloudup
 
 import (
-	"bytes"
 	"fmt"
-	"io/ioutil"
-	"path/filepath"
 	"reflect"
-	"strings"
 	"testing"
-	"text/template"
 
 	"k8s.io/kops/pkg/apis/kops"
 	"k8s.io/kops/upup/pkg/fi"
@@ -212,64 +207,3 @@ func Test_TemplateFunctions_CloudControllerConfigArgv(t *testing.T) {
 		})
 	}
 }
-
-func Test_executeTemplate(t *testing.T) {
-	tests := []struct {
-		desc                 string
-		cluster              *kops.Cluster
-		templateFilename     string
-		expectedManifestPath string
-	}{
-		{
-			desc: "test cloud controller template",
-			cluster: &kops.Cluster{Spec: kops.ClusterSpec{
-				CloudProvider: string(kops.CloudProviderOpenstack),
-				ExternalCloudControllerManager: &kops.CloudControllerManagerConfig{
-					ClusterName: "k8s",
-					Image:       "docker.io/k8scloudprovider/openstack-cloud-controller-manager:1.13",
-				},
-			},
-			},
-			templateFilename:     "../../../models/cloudup/resources/addons/openstack.addons.k8s.io/k8s-1.13.yaml.template",
-			expectedManifestPath: "./tests/manifests/k8s-1.13.yaml",
-		},
-	}
-
-	for _, testCase := range tests {
-		t.Run(testCase.desc, func(t *testing.T) {
-			templateFileAbsolutePath, filePathError := filepath.Abs(testCase.templateFilename)
-			if filePathError != nil {
-				t.Fatalf("error getting path to template: %v", filePathError)
-			}
-
-			tpl := template.New(filepath.Base(templateFileAbsolutePath))
-
-			funcMap := make(template.FuncMap)
-			templateFunctions := TemplateFunctions{}
-			templateFunctions.Cluster = testCase.cluster
-			templateFunctions.AddTo(funcMap, nil)
-
-			tpl.Funcs(funcMap)
-
-			tpl.Option("missingkey=zero")
-			_, err := tpl.ParseFiles(templateFileAbsolutePath)
-			if err != nil {
-				t.Fatalf("error parsing template %q: %v", "template", err)
-			}
-			var buffer bytes.Buffer
-			err = tpl.Execute(&buffer, testCase.cluster.Spec)
-			if err != nil {
-				t.Fatalf("error executing template %q: %v", "template", err)
-			}
-			actualManifest := buffer.Bytes()
-			expectedFileAbsolutePath, _ := filepath.Abs(testCase.expectedManifestPath)
-			expectedManifest, _ := ioutil.ReadFile(expectedFileAbsolutePath)
-
-			actualString := strings.TrimSpace(string(actualManifest))
-			expectedString := strings.TrimSpace(string(expectedManifest))
-			if !reflect.DeepEqual(actualString, expectedString) {
-				t.Fatalf("Manifests differs: %+v instead of %+v", actualString, expectedString)
-			}
-		})
-	}
-}

upup/pkg/fi/cloudup/tests/manifests/k8s-1.13.yaml

@@ -1,214 +0,0 @@
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: cloud-controller-manager
-  namespace: kube-system
-  labels:
-    k8s-app: openstack-cloud-provider
-    k8s-addon: openstack.addons.k8s.io
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: system:cloud-node-controller
-  labels:
-    k8s-app: openstack-cloud-provider
-    k8s-addon: openstack.addons.k8s.io
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: system:cloud-node-controller
-subjects:
-- kind: ServiceAccount
-  name: cloud-node-controller
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: system:cloud-controller-manager
-  labels:
-    k8s-app: openstack-cloud-provider
-    k8s-addon: openstack.addons.k8s.io
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: system:cloud-controller-manager
-subjects:
-- kind: ServiceAccount
-  name: cloud-controller-manager
-  namespace: kube-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: system:cloud-controller-manager
-  labels:
-    k8s-app: openstack-cloud-provider
-    k8s-addon: openstack.addons.k8s.io
-rules:
-- apiGroups:
-  - coordination.k8s.io
-  resources:
-  - leases
-  verbs:
-  - get
-  - create
-  - update
-- apiGroups:
-  - ""
-  resources:
-  - events
-  verbs:
-  - create
-  - patch
-  - update
-- apiGroups:
-  - ""
-  resources:
-  - nodes
-  verbs:
-  - '*'
-- apiGroups:
-  - ""
-  resources:
-  - nodes/status
-  verbs:
-  - patch
-- apiGroups:
-  - ""
-  resources:
-  - services
-  verbs:
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - ""
-  resources:
-  - serviceaccounts
-  verbs:
-  - create
-  - get
-- apiGroups:
-  - ""
-  resources:
-  - persistentvolumes
-  verbs:
-  - '*'
-- apiGroups:
-  - ""
-  resources:
-  - endpoints
-  verbs:
-  - create
-  - get
-  - list
-  - watch
-  - update
-- apiGroups:
-  - ""
-  resources:
-  - configmaps
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - list
-  - get
-  - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: system:cloud-node-controller
-  labels:
-    k8s-app: openstack-cloud-provider
-    k8s-addon: openstack.addons.k8s.io
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - nodes
-  verbs:
-  - '*'
-- apiGroups:
-  - ""
-  resources:
-  - nodes/status
-  verbs:
-  - patch
-- apiGroups:
-  - ""
-  resources:
-  - events
-  verbs:
-  - create
-  - patch
-  - update
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  namespace: kube-system
-  name: openstack-cloud-provider
-  labels:
-    k8s-app: openstack-cloud-provider
-    k8s-addon: openstack.addons.k8s.io
-  annotations:
-    scheduler.alpha.kubernetes.io/critical-pod: ""
-spec:
-  updateStrategy:
-    type: RollingUpdate
-  selector:
-    matchLabels:
-      name: openstack-cloud-provider
-  template:
-    metadata:
-      labels:
-        name: openstack-cloud-provider
-    spec:
-      # run on the host network (don't depend on CNI)
-      hostNetwork: true
-      # run on each master node
-      nodeSelector:
-        node-role.kubernetes.io/master: ""
-      priorityClassName: system-node-critical
-      securityContext:
-        runAsUser: 1001
-      serviceAccountName: cloud-controller-manager
-      tolerations:
-      - effect: NoSchedule
-        operator: Exists
-      - key: CriticalAddonsOnly
-        operator: Exists
-      containers:
-      - name: openstack-cloud-controller-manager
-        image: "docker.io/k8scloudprovider/openstack-cloud-controller-manager:1.13"
-        args:
-          - /bin/openstack-cloud-controller-manager
-          - --v=2
-          - --cloud-provider=openstack
-          - --cluster-name=k8s
-          - --use-service-account-credentials=true
-          - --cloud-config=/etc/kubernetes/cloud.config
-          - --address=127.0.0.1
-        resources:
-          requests:
-            cpu: 200m
-        volumeMounts:
-        - mountPath: /etc/kubernetes/cloud.config
-          name: cloudconfig
-          readOnly: true
-
-      volumes:
-      - hostPath:
-          path: /etc/kubernetes/cloud.config
-        name: cloudconfig