From 915cc0b83999ca3ca2e52b357d361104e236609e Mon Sep 17 00:00:00 2001 From: Mohamed Belgaied Hassine Date: Thu, 27 Oct 2022 11:01:09 +0000 Subject: [PATCH 1/2] Refining the Bootstrap API First commit - drafting data struct docs Signed-off-by: Mohamed Belgaied Hassine Added UML file for documenting structs Signed-off-by: Mohamed Belgaied Hassine Adding first version of RKE2Config structs Signed-off-by: Mohamed Belgaied Hassine Updating go modules because of changes in imports Signed-off-by: Mohamed Belgaied Hassine did a go mod tidy Signed-off-by: Mohamed Belgaied Hassine re-generated CRDs using make generate Signed-off-by: Mohamed Belgaied Hassine fixed refactoring issue in webhook configuration Signed-off-by: Mohamed Belgaied Hassine Dot at the end of comment line Co-authored-by: Alexander Demicev Signed-off-by: Mohamed Belgaied Hassine Dot at the end of comment line Co-authored-by: Alexander Demicev Signed-off-by: Mohamed Belgaied Hassine Adding dots in comment end of lines when necessary Signed-off-by: Mohamed Belgaied Hassine Small improvements in comment formatting Signed-off-by: Mohamed Belgaied Hassine Removed DeployRKE2Commands attribute because of duplicate usage Signed-off-by: Mohamed Belgaied Hassine Replaced SecretRef and ConfigMapRef types by the generic v1.ObjectReference type Signed-off-by: Mohamed Belgaied Hassine fixed additional issue with webhook refactoring Signed-off-by: Mohamed Belgaied Hassine simplified EtcdBackupConfig struct field names Signed-off-by: Mohamed Belgaied Hassine removed Snapshotter attribute from RKE2Agent/ServerConfig Signed-off-by: Mohamed Belgaied Hassine changed ResolvConf attribute to reference a ConfigMap instead of a string with a path Signed-off-by: Mohamed Belgaied Hassine changed EtcdMetricsExposed to EtcdMetricsExposurePolicy to replace bool with enum Signed-off-by: Mohamed Belgaied Hassine replaced bool fields with enums as recommended by KubeAPI best practices Signed-off-by: Mohamed Belgaied Hassine Capitalize acronym in KubeAPIServer Signed-off-by: Mohamed Belgaied Hassine Co-authored-by: Alexander Demicev Fixed small issues related to capitalization of KubeAPIServer attribute Signed-off-by: Mohamed Belgaied Hassine fixed issue of Kubebuilder enum validation + moved validation tags to structs fields instead of types Signed-off-by: Mohamed Belgaied Hassine Changed LbServerPort to LoadBalancerPort with type int Signed-off-by: Mohamed Belgaied Hassine capitalized some acronym attributes Signed-off-by: Mohamed Belgaied Hassine Removed some unnecessary structs and annotations from Registry struct, will use another struct for marshalling yaml Signed-off-by: Mohamed Belgaied Hassine Modify TLSConfig for registries to reference a single tls secret instead of three secrets Signed-off-by: Mohamed Belgaied Hassine removed duplicate attributes between agent and server, and put them their own common struct Signed-off-by: Mohamed Belgaied Hassine removed BootstrapData field in RKE2ConfigStatus struct Signed-off-by: Mohamed Belgaied Hassine Small comment changes Signed-off-by: Mohamed Belgaied Hassine moved multiple disableXXX attributes to single DisableComponents struct Signed-off-by: Mohamed Belgaied Hassine refactoring back to bool and adding constants Signed-off-by: Mohamed Belgaied Hassine Changed all Rke2Xxx structs to RKE2Xxx Signed-off-by: Mohamed Belgaied Hassine --- bootstrap/api/v1alpha1/rke2config_types.go | 519 +++++++- bootstrap/api/v1alpha1/rke2config_webhook.go | 14 +- .../api/v1alpha1/rke2configtemplate_types.go | 26 +- .../v1alpha1/rke2configtemplate_webhook.go | 24 +- bootstrap/api/v1alpha1/webhook_suite_test.go | 4 +- .../api/v1alpha1/zz_generated.deepcopy.go | 488 ++++++-- ...ootstrap.cluster.x-k8s.io_rke2configs.yaml | 1086 ++++++++++++++++- ....cluster.x-k8s.io_rke2configtemplates.yaml | 12 +- .../controllers/rke2config_controller.go | 2 +- bootstrap/main.go | 4 +- .../api/v1alpha1/rke2controlplane_types.go | 26 +- .../api/v1alpha1/rke2controlplane_webhook.go | 14 +- .../rke2controlplanetemplate_types.go | 26 +- .../rke2controlplanetemplate_webhook.go | 14 +- .../api/v1alpha1/webhook_suite_test.go | 4 +- .../api/v1alpha1/zz_generated.deepcopy.go | 76 +- ...ne.cluster.x-k8s.io_rke2controlplanes.yaml | 12 +- ...er.x-k8s.io_rke2controlplanetemplates.yaml | 16 +- .../rke2controlplane_controller.go | 12 +- controlplane/main.go | 12 +- ...er API Provider - Data Type definitions.md | 518 ++++++++ docs/Structures Relationships.uml | 264 ++++ go.mod | 10 +- go.sum | 23 +- 24 files changed, 2944 insertions(+), 262 deletions(-) create mode 100644 docs/RKE2 Cluster API Provider - Data Type definitions.md create mode 100644 docs/Structures Relationships.uml diff --git a/bootstrap/api/v1alpha1/rke2config_types.go b/bootstrap/api/v1alpha1/rke2config_types.go index 3eb4142..c48245d 100644 --- a/bootstrap/api/v1alpha1/rke2config_types.go +++ b/bootstrap/api/v1alpha1/rke2config_types.go @@ -17,48 +17,525 @@ limitations under the License. package v1alpha1 import ( + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" ) // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. -// Rke2ConfigSpec defines the desired state of Rke2Config -type Rke2ConfigSpec struct { - // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - // Important: Run "make" to regenerate code after modifying this file +// RKE2ConfigSpec defines the desired state of RKE2Config. +type RKE2ConfigSpec struct { + // Files specifies extra files to be passed to user_data upon creation. + //+optional + Files []File `json:"files,omitempty"` - // Foo is an example field of Rke2Config. Edit rke2config_types.go to remove/update - Foo string `json:"foo,omitempty"` + // PreRKE2Commands specifies extra commands to run before rke2 setup runs. + //+optional + PreRKE2Commands []string `json:"preRKE2Commands,omitempty"` + + // PostRKE2Commands specifies extra commands to run after rke2 setup runs. + //+optional + PostRKE2Commands []string `json:"postRKE2Commands,omitempty"` + + // AgentConfig specifies configuration for the agent nodes. + //+optional + AgentConfig RKE2AgentConfig `json:"agentConfig,omitempty"` + + // ServerConfig specifies configuration for the agent nodes. + //+optional + ServerConfig RKE2ServerConfig `json:"serverConfig,omitempty"` + + // PrivateRegistriesConfig defines the containerd configuration for private registries and local registry mirrors. + //+optional + PrivateRegistriesConfig Registry `json:"privateRegistriesConfig,omitempty"` + + // Version specifies the rke2 version. + //+optional + Version string `json:"version,omitempty"` } -// Rke2ConfigStatus defines the observed state of Rke2Config -type Rke2ConfigStatus struct { - // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster - // Important: Run "make" to regenerate code after modifying this file +type RKE2ServerConfig struct { + // RKE2CommonNodeConfig is an inline struct that references common attribtes between agent and server nodes + RKE2CommonNodeConfig `json:",inline"` + + // BindAddress describes the rke2 bind address (default: 0.0.0.0). + //+optional + BindAddress string `json:"bindAddress,omitempty"` + + // AdvertiseAddress IP address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip). + //+optional + AdvertiseAddress string `json:"advertiseAddress,omitempty"` + + // TLSSan Add additional hostname or IP as a Subject Alternative Name in the TLS cert. + //+optional + TLSSan []string `json:"tlsSan,omitempty"` + + // ServiceNodePortRange is the port range to reserve for services with NodePort visibility (default: "30000-32767"). + //+optional + ServiceNodePortRange string `json:"service-node-port-range,omitempty"` + + // ClusterDNS is the cluster IP for CoreDNS service. Should be in your service-cidr range (default: 10.43.0.10). + //+optional + ClusterDNS string `json:"clusterDNS,omitempty"` + + // ClusterDomain is the cluster domain name (default: "cluster.local"). + //+optional + ClusterDomain string `json:"clusterDomain,omitempty"` + + // ExposeEtcdMetrics defines the policy for ETCD Metrics exposure. + // if value is true, ETCD metrics will be exposed + // if value is false, ETCD metrics will NOT be exposed + // +optional + ExposeEtcdMetrics bool `json:"exposeEtcdMetrics,omitempty"` + + // EtcdBackupConfig defines how RKE2 will snapshot ETCD: target storage, schedule, etc. + //+optional + EtcdBackupConfig EtcdBackupConfig `json:"etcdBackupConfig,omitempty"` + + // DisableComponents lists Kubernetes components and RKE2 plugin components that will be disabled. + //+optional + DisableComponents DisableComponents `json:"disableComponents,omitempty"` + + // LoadBalancerPort Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer (default: 6444). + //+optional + LoadBalancerPort int `json:"lbServerPort,omitempty"` + + // CNI describes the CNI Plugins to deploy, one of none, calico, canal, cilium; optionally with multus as the first value to enable the multus meta-plugin (default: canal). + // +kubebuilder:validation:Enum=none;calico;canal;cilium + //+optional + CNI CNI `json:"cni,omitempty"` + + // PauseImage Override image to use for pause. + //+optional + PauseImage string `json:"pauseImage,omitempty"` + + // RuntimeImage Override image to use for runtime binaries (containerd, kubectl, crictl, etc). + //+optional + RuntimeImage string `json:"runtimeImage,omitempty"` + + // CloudProviderName Cloud provider name. + //+optional + CloudProviderName string `json:"cloudProviderName,omitempty"` + + // CloudProviderConfigMap is a reference to a ConfigMap containing Cloud provider configuration. + //+optional + CloudProviderConfigMap corev1.ObjectReference `json:"cloudProviderConfigMap,omitempty"` + + // NOTE: this was only profile, changed it to cisProfile. + + // AuditPolicySecret Path to the file that defines the audit policy configuration. + //+optional + AuditPolicySecret corev1.ObjectReference `json:"auditPolicySecret,omitempty"` + + // ControlPlaneResourceRequests Control Plane resource requests. + //+optional + ControlPlaneResourceRequests string `json:"controlPlaneResourceRequests,omitempty"` + + // ControlPlaneResourceLimits Control Plane resource limits. + //+optional + ControlPlaneResourceLimits string `json:"controlPlaneResourceLimits,omitempty"` + + // Etcd defines optional custom configuration of ETCD. + //+optional + Etcd ComponentConfig `json:"etcd,omitempty"` + + // KubeAPIServer defines optional custom configuration of the Kube API Server. + //+optional + KubeAPIServer ComponentConfig `json:"kubeAPIServer,omitempty"` + + // KubeControllerManager defines optional custom configuration of the Kube Controller Manager. + //+optional + KubeControllerManager ComponentConfig `json:"kubeControllerManager,omitempty"` + + // KubeScheduler defines optional custom configuration of the Kube Scheduler. + //+optional + KubeScheduler ComponentConfig `json:"kubeScheduler,omitempty"` + + // CloudControllerManager defines optional custom configuration of the Cloud Controller Manager. + //+optional + CloudControllerManager ComponentConfig `json:"cloudControllerManager,omitempty"` } -//+kubebuilder:object:root=true -//+kubebuilder:subresource:status +type RKE2AgentConfig struct { + // RKE2CommonNodeConfig is an inline struct that references common attribtes between agent and server nodes + RKE2CommonNodeConfig `json:",inline"` +} -// Rke2Config is the Schema for the rke2configs API -type Rke2Config struct { +// RKE2CommonNodeConfig describes some attributes that are common to agent and server nodes +type RKE2CommonNodeConfig struct { + // DataDir Folder to hold state. + //+optional + DataDir string `json:"dataDir,omitempty"` + + // NodeLabels Registering and starting kubelet with set of labels. + //+optional + NodeLabels []string `json:"nodeLabels,omitempty"` + + // NodeTaints Registering kubelet with set of taints. + //+optional + NodeTaints []string `json:"nodeTaints,omitempty"` + + // NodeNamePrefix Prefix to the Node Name that CAPI will generate. + //+optional + NodeNamePrefix string `json:"nodeName,omitempty"` + + // ImageCredentialProviderConfigMap is a reference to the ConfigMap that contains credential provider plugin config + // The configMap should contain a YAML file content + a Path to the Binaries for Credential Provider. + //+optional + ImageCredentialProviderConfigMap corev1.ObjectReference `json:"imageCredentialProviderConfigMap,omitempty"` + + // TODO: Remove ContainerRuntimeEndpoint since this feature will probably not be offered by CAPI Bootstrap provider? + + // ContainerRuntimeEndpoint Disable embedded containerd and use alternative CRI implementation. + //+optional + ContainerRuntimeEndpoint string `json:"containerRuntimeEndpoint,omitempty"` + + // TODO: Find a way to handle IP addresses that should be advertised but that RKE2 cannot find on the host (Example: Elastic IPs on Cloud Providers). + + // NodeIp IPv4/IPv6 addresses to advertise for node. + //+optional. + //NodeIp string `json:"nodeIp,omitempty"` + + // NodeExternalIp IPv4/IPv6 external IP addresses to advertise for node. + //+optional + // NodeExternalIp string `json:"nodeExternalIp,omitempty"` + + // CISProfile activates CIS compliance of RKE2 for a certain profile + // +kubebuilder:validation:Enum=cis-1.23 + //+optional + CISProfile CISProfile `json:"cisProfile,omitempty"` + + // ResolvConf is a reference to a ConfigMap containing resolv.conf content for the node. + //+optional + ResolvConf corev1.ObjectReference `json:"resolvConf,omitempty"` + + // ProtectKernelDefaults defines Kernel tuning behavior. If true, error if kernel tunables are different than kubelet defaults. + // if false, kernel tunable can be different from kubelet defaults + //+optional + ProtectKernelDefaults bool `json:"protectKernelDefaults,omitempty"` + + // SystemDefaultRegistry Private registry to be used for all system images. + //+optional + SystemDefaultRegistry string `json:"systemDefaultRegistry,omitempty"` + + // EnableContainerdSElinux defines the policy for enabling SELinux for Containerd + // if value is true, Containerd will run with selinux-enabled=true flag + // if value is false, Containerd will run without the above flag + //+optional + EnableContainerdSElinux bool `json:"enableContainerdSElinux,omitempty"` + + // KubeletPath Override kubelet binary path. + //+optional + KubeletPath string `json:"kubeletPath,omitempty"` + + // KubeletArgs Customized flag for kubelet process. + //+optional + Kubelet ComponentConfig `json:"kubelet,omitempty"` + + // KubeProxyArgs Customized flag for kube-proxy process. + //+optional + KubeProxy ComponentConfig `json:"kubeProxy,omitempty"` +} + +// DisableComponents describes components of RKE2 (Kubernetes components and plugin components) that should be disabled +type DisableComponents struct { + // KubernetesComponents is a list of Kubernetes components to disable. + // +kubebuilder:validation:Enum=scheduler;kubeProxy;cloudController + KubernetesComponents []DisabledKubernetesComponent `json:"kubernetesComponents,omitempty"` + + // PluginComponents is a list of PluginComponents to disable. + // +kubebuilder:validation:Enum=rke2-coredns;rke2-ingress-nginx;rke2-metrics-server + PluginComponents []DisabledPluginComponent `json:"pluginComponents,omitempty"` +} + +// RKE2ConfigStatus defines the observed state of RKE2Config. +type RKE2ConfigStatus struct { + // Ready indicates the BootstrapData field is ready to be consumed. + Ready bool `json:"ready,omitempty"` + + // DataSecretName is the name of the secret that stores the bootstrap data script. + //+optional + DataSecretName *string `json:"dataSecretName,omitempty"` + + // FailureReason will be set on non-retryable errors. + //+optional + FailureReason string `json:"failureReason,omitempty"` + + // FailureMessage will be set on non-retryable errors. + //+optional + FailureMessage string `json:"failureMessage,omitempty"` + + // ObservedGeneration is the latest generation observed by the controller. + //+optional + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // Conditions defines current service state of the RKE2Config. + //+optional + Conditions clusterv1.Conditions `json:"conditions,omitempty"` +} + +// +kubebuilder:object:root=true +// +kubebuilder:subresource:status + +// RKE2Config is the Schema for the rke2configs API. +type RKE2Config struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec Rke2ConfigSpec `json:"spec,omitempty"` - Status Rke2ConfigStatus `json:"status,omitempty"` + Spec RKE2ConfigSpec `json:"spec,omitempty"` + Status RKE2ConfigStatus `json:"status,omitempty"` } -//+kubebuilder:object:root=true +func (c *RKE2Config) GetConditions() clusterv1.Conditions { + return c.Status.Conditions +} -// Rke2ConfigList contains a list of Rke2Config -type Rke2ConfigList struct { +func (c *RKE2Config) SetConditions(conditions clusterv1.Conditions) { + c.Status.Conditions = conditions +} + +// +kubebuilder:object:root=true + +// RKE2ConfigList contains a list of RKE2Config. +type RKE2ConfigList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []Rke2Config `json:"items"` + Items []RKE2Config `json:"items"` +} + +// DisabledItem selects a plugin Components to be disabled. +type DisabledPluginComponent string + +const ( + // CoreDNS references the RKE2 Plugin "rke2-coredns" + CoreDNS DisabledPluginComponent = "rke2-coredns" + // IngressNginx references the RKE2 Plugin "rke2-ingress-nginx" + IngressNginx DisabledPluginComponent = "rke2-ingress-nginx" + // MetricsServer references the RKE2 Plugin "rke2-metrics-server" + MetricsServer DisabledPluginComponent = "rke2-metrics-server" +) + +// CISProfile defines the CIS Benchmark profile to be activated in RKE2. +type CISProfile string + +const ( + // CIS1_23 references RKE2's CIS Profile "cis-1.23" + CIS1_23 CISProfile = "cis-1.23" +) + +// CNI defines the Cni options for deploying RKE2. +type CNI string + +const ( + // Cilium references the RKE2 CNI Plugin "cilium" + Cilium CNI = "cilium" + // Calico references the RKE2 CNI Plugin "calico" + Calico CNI = "calico" + // Canal references the RKE2 CNI Plugin "canal" + Canal CNI = "canal" + // None means that no CNI Plugin will be installed with RKE2, letting the operator install his own CNI afterwards. + None CNI = "none" +) + +// Encoding specifies the cloud-init file encoding. +type Encoding string + +const ( + // Base64 implies the contents of the file are encoded as base64. + Base64 Encoding = "base64" + // Gzip implies the contents of the file are encoded with gzip. + Gzip Encoding = "gzip" + // GzipBase64 implies the contents of the file are first base64 encoded and then gzip encoded. + GzipBase64 Encoding = "gzip+base64" +) + +// DisabledKubernetesComponent is an enum field that can take one of the following values: scheduler, kubeProxy or cloudController. +type DisabledKubernetesComponent string + +const ( + // Scheduler references the Kube Scheduler Kubernetes components of the control plane/server nodes + Scheduler DisabledKubernetesComponent = "scheduler" + + // KubeProxy references the Kube Proxy Kubernetes components on the agents + KubeProxy DisabledKubernetesComponent = "kubeProxy" + + // CloudController references the Cloud Controller Manager Kubernetes Components on the control plane / server nodes + CloudController DisabledKubernetesComponent = "cloudController" +) + +// File defines the input for generating write_files in cloud-init. +type File struct { + // Path specifies the full path on disk where to store the file. + Path string `json:"path"` + + // Owner specifies the ownership of the file, e.g. "root:root". + //+optional + Owner string `json:"owner,omitempty"` + + // Permissions specifies the permissions to assign to the file, e.g. "0640". + //+optional + Permissions string `json:"permissions,omitempty"` + + // Encoding specifies the encoding of the file contents. + // +kubebuilder:validation:Enum=base64;gzip;gzip+base64 + //+optional + Encoding Encoding `json:"encoding,omitempty"` + + // Content is the actual content of the file. + //+optional + Content string `json:"content,omitempty"` + + // ContentFrom is a referenced source of content to populate the file. + //+optional + ContentFrom *FileSource `json:"contentFrom,omitempty"` +} + +// FileSource is a union of all possible external source types for file data. +// Only one field may be populated in any given instance. Developers adding new +// sources of data for target systems should add them here. +type FileSource struct { + // Secret represents a secret that should populate this file. + Secret SecretFileSource `json:"secret"` +} + +// Adapts a Secret into a FileSource. +// +// The contents of the target Secret's Data field will be presented +// as files using the keys in the Data field as the file names. +type SecretFileSource struct { + // Name of the secret in the RKE2BootstrapConfig's namespace to use. + Name string `json:"name"` + + // Key is the key in the secret's data map for this value. + Key string `json:"key"` +} + +type EtcdBackupConfig struct { + // EnableAutomaticSnapshots defines the policy for ETCD snapshots. true means automatic snapshots will be scheduled, false means automatic snapshots will not be scheduled. + //+optional + EnableAutomaticSnapshots bool `json:"enableAutomaticSnapshots,omitempty"` + + // SnapshotName Set the base name of etcd snapshots. Default: etcd-snapshot- (default: "etcd-snapshot"). + //+optional + SnapshotName string `json:"snapshotName,omitempty"` + + // ScheduleCron Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *"). + //+optional + ScheduleCron string `json:"scheduleCron,omitempty"` + + // Retention Number of snapshots to retain Default: 5 (default: 5). + //+optional + Retention string `json:"retention,omitempty"` + + // Directory Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots). + //+optional + Directory string `json:"directory,omitempty"` + + // S3 Enable backup to an S3-compatible Object Store. + //+optional + S3 EtcdS3 `json:"s3,omitempty"` +} + +// Registry is registry settings including mirrors, TLS, and credentials. +type Registry struct { + // Mirrors are namespace to mirror mapping for all namespaces. + //+optional + Mirrors map[string]Mirror `json:"mirrors,omitempty"` + + // Configs are configs for each registry. + // The key is the FDQN or IP of the registry. + //+optional + Configs map[string]RegistryConfig `json:"configs,omitempty"` +} + +// Mirror contains the config related to the registry mirror. +type Mirror struct { + // Endpoints are endpoints for a namespace. CRI plugin will try the endpoints + // one by one until a working one is found. The endpoint must be a valid url + // with host specified. + // The scheme, host and path from the endpoint URL will be used. + //+optional + Endpoints []string `json:"endpoint,omitempty"` + + // Rewrites are repository rewrite rules for a namespace. When fetching image resources + // from an endpoint and a key matches the repository via regular expression matching + // it will be replaced with the corresponding value from the map in the resource request. + //+optional + Rewrites map[string]string `json:"rewrite,omitempty"` +} + +// RegistryConfig contains configuration used to communicate with the registry. +type RegistryConfig struct { + // Auth si a reference to a Secret containing information to authenticate to the registry. + // The Secret must provite a username and a password data entry. + //+optional + AuthSecret corev1.ObjectReference `json:"authSecret,omitempty"` + // TLS is a pair of CA/Cert/Key which then are used when creating the transport + // that communicates with the registry. + //+optional + TLS TLSConfig `json:"tls,omitempty"` +} + +// TLSConfig contains the CA/Cert/Key used for a registry. +type TLSConfig struct { + // TLSConfigSecret is a reference to a secret of type `kubernetes.io/tls` thich has up to 3 entries: tls.crt, tls.key and ca.crt + // which describe the TLS configuration necessary to connect to the registry. + // +optional + TLSConfigSecret corev1.ObjectReference `json:"tlsConfigSecret,omitempty"` + + // EnforceSSLVerify may be set to false to skip verifying the registry's certificate, default is true. + //+optional + EnforceSSLVerify bool `json:"enforceSslVerify,omitempty"` +} + +type EtcdS3 struct { + // Endpoint S3 endpoint url (default: "s3.amazonaws.com"). + Endpoint string `json:"endpoint"` + + // EndpointCA references the Secret that contains a custom CA that should be trusted to connect to S3 endpoint. + //+optional + EndpointCA corev1.ObjectReference `json:"endpointCA,omitempty"` + + // EnforceSSLVerify may be set to false to skip verifying the registry's certificate, default is true. + //+optional + EnforceSSLVerify bool `json:"enforceSslVerify,omitempty"` + + // S3CredentialSecret is a reference to a Secret containing the Access Key and Secret Key necessary to access the target S3 Bucket. + S3CredentialSecret corev1.ObjectReference `json:"S3CredentialSecret"` + + // Bucket S3 bucket name. + //+optional + Bucket string `json:"bucket,omitempty"` + + // Region S3 region / bucket location (optional) (default: "us-east-1"). + //+optional + Region string `json:"region,omitempty"` + + // Folder S3 folder. + //+optional + Folder string `json:"folder,omitempty"` +} + +type ComponentConfig struct { + // ExtraEnv is a map of environment variables to pass on to a Kubernetes Component command. + //+optional + ExtraEnv map[string]string `json:"extraEnv,omitempty"` + + // ExtraArgs is a map of command line arguments to pass to a Kubernetes Component command. + //+optional + ExtraArgs map[string]string `json:"extraArgs,omitempty"` + + //ExtraMounts is a map of volume mounts to be added for the Kubernetes component StaticPod + //+optional + ExtraMounts map[string]string `json:"extraMounts,omitempty"` + + //OverrideImage is a string that references a container image to override the default one for the Kubernetes Component + //+optional + OverrideImage string `json:"overrideImage,omitempty"` } func init() { - SchemeBuilder.Register(&Rke2Config{}, &Rke2ConfigList{}) + SchemeBuilder.Register(&RKE2Config{}, &RKE2ConfigList{}) } diff --git a/bootstrap/api/v1alpha1/rke2config_webhook.go b/bootstrap/api/v1alpha1/rke2config_webhook.go index e455fcb..23f94e6 100644 --- a/bootstrap/api/v1alpha1/rke2config_webhook.go +++ b/bootstrap/api/v1alpha1/rke2config_webhook.go @@ -26,7 +26,7 @@ import ( // log is for logging in this package. var rke2configlog = logf.Log.WithName("rke2config-resource") -func (r *Rke2Config) SetupWebhookWithManager(mgr ctrl.Manager) error { +func (r *RKE2Config) SetupWebhookWithManager(mgr ctrl.Manager) error { return ctrl.NewWebhookManagedBy(mgr). For(r). Complete() @@ -36,10 +36,10 @@ func (r *Rke2Config) SetupWebhookWithManager(mgr ctrl.Manager) error { //+kubebuilder:webhook:path=/mutate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2config,mutating=true,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configs,verbs=create;update,versions=v1alpha1,name=mrke2config.kb.io,admissionReviewVersions=v1 -var _ webhook.Defaulter = &Rke2Config{} +var _ webhook.Defaulter = &RKE2Config{} // Default implements webhook.Defaulter so a webhook will be registered for the type -func (r *Rke2Config) Default() { +func (r *RKE2Config) Default() { rke2configlog.Info("default", "name", r.Name) // TODO(user): fill in your defaulting logic. @@ -48,10 +48,10 @@ func (r *Rke2Config) Default() { // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. //+kubebuilder:webhook:path=/validate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2config,mutating=false,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configs,verbs=create;update,versions=v1alpha1,name=vrke2config.kb.io,admissionReviewVersions=v1 -var _ webhook.Validator = &Rke2Config{} +var _ webhook.Validator = &RKE2Config{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2Config) ValidateCreate() error { +func (r *RKE2Config) ValidateCreate() error { rke2configlog.Info("validate create", "name", r.Name) // TODO(user): fill in your validation logic upon object creation. @@ -59,7 +59,7 @@ func (r *Rke2Config) ValidateCreate() error { } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2Config) ValidateUpdate(old runtime.Object) error { +func (r *RKE2Config) ValidateUpdate(old runtime.Object) error { rke2configlog.Info("validate update", "name", r.Name) // TODO(user): fill in your validation logic upon object update. @@ -67,7 +67,7 @@ func (r *Rke2Config) ValidateUpdate(old runtime.Object) error { } // ValidateDelete implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2Config) ValidateDelete() error { +func (r *RKE2Config) ValidateDelete() error { rke2configlog.Info("validate delete", "name", r.Name) // TODO(user): fill in your validation logic upon object deletion. diff --git a/bootstrap/api/v1alpha1/rke2configtemplate_types.go b/bootstrap/api/v1alpha1/rke2configtemplate_types.go index 8b80551..a8e5940 100644 --- a/bootstrap/api/v1alpha1/rke2configtemplate_types.go +++ b/bootstrap/api/v1alpha1/rke2configtemplate_types.go @@ -23,17 +23,17 @@ import ( // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. -// Rke2ConfigTemplateSpec defines the desired state of Rke2ConfigTemplate -type Rke2ConfigTemplateSpec struct { +// RKE2ConfigTemplateSpec defines the desired state of RKE2ConfigTemplate +type RKE2ConfigTemplateSpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file - // Foo is an example field of Rke2ConfigTemplate. Edit rke2configtemplate_types.go to remove/update + // Foo is an example field of RKE2ConfigTemplate. Edit RKE2configtemplate_types.go to remove/update Foo string `json:"foo,omitempty"` } -// Rke2ConfigTemplateStatus defines the observed state of Rke2ConfigTemplate -type Rke2ConfigTemplateStatus struct { +// RKE2ConfigTemplateStatus defines the observed state of RKE2ConfigTemplate +type RKE2ConfigTemplateStatus struct { // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster // Important: Run "make" to regenerate code after modifying this file } @@ -41,24 +41,24 @@ type Rke2ConfigTemplateStatus struct { //+kubebuilder:object:root=true //+kubebuilder:subresource:status -// Rke2ConfigTemplate is the Schema for the rke2configtemplates API -type Rke2ConfigTemplate struct { +// RKE2ConfigTemplate is the Schema for the RKE2configtemplates API +type RKE2ConfigTemplate struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec Rke2ConfigTemplateSpec `json:"spec,omitempty"` - Status Rke2ConfigTemplateStatus `json:"status,omitempty"` + Spec RKE2ConfigTemplateSpec `json:"spec,omitempty"` + Status RKE2ConfigTemplateStatus `json:"status,omitempty"` } //+kubebuilder:object:root=true -// Rke2ConfigTemplateList contains a list of Rke2ConfigTemplate -type Rke2ConfigTemplateList struct { +// RKE2ConfigTemplateList contains a list of RKE2ConfigTemplate +type RKE2ConfigTemplateList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []Rke2ConfigTemplate `json:"items"` + Items []RKE2ConfigTemplate `json:"items"` } func init() { - SchemeBuilder.Register(&Rke2ConfigTemplate{}, &Rke2ConfigTemplateList{}) + SchemeBuilder.Register(&RKE2ConfigTemplate{}, &RKE2ConfigTemplateList{}) } diff --git a/bootstrap/api/v1alpha1/rke2configtemplate_webhook.go b/bootstrap/api/v1alpha1/rke2configtemplate_webhook.go index 7b27a64..92aa66b 100644 --- a/bootstrap/api/v1alpha1/rke2configtemplate_webhook.go +++ b/bootstrap/api/v1alpha1/rke2configtemplate_webhook.go @@ -24,9 +24,9 @@ import ( ) // log is for logging in this package. -var rke2configtemplatelog = logf.Log.WithName("rke2configtemplate-resource") +var RKE2configtemplatelog = logf.Log.WithName("RKE2configtemplate-resource") -func (r *Rke2ConfigTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error { +func (r *RKE2ConfigTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error { return ctrl.NewWebhookManagedBy(mgr). For(r). Complete() @@ -36,11 +36,11 @@ func (r *Rke2ConfigTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error { //+kubebuilder:webhook:path=/mutate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2configtemplate,mutating=true,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configtemplates,verbs=create;update,versions=v1alpha1,name=mrke2configtemplate.kb.io,admissionReviewVersions=v1 -var _ webhook.Defaulter = &Rke2ConfigTemplate{} +var _ webhook.Defaulter = &RKE2ConfigTemplate{} // Default implements webhook.Defaulter so a webhook will be registered for the type -func (r *Rke2ConfigTemplate) Default() { - rke2configtemplatelog.Info("default", "name", r.Name) +func (r *RKE2ConfigTemplate) Default() { + RKE2configtemplatelog.Info("default", "name", r.Name) // TODO(user): fill in your defaulting logic. } @@ -48,27 +48,27 @@ func (r *Rke2ConfigTemplate) Default() { // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. //+kubebuilder:webhook:path=/validate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2configtemplate,mutating=false,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configtemplates,verbs=create;update,versions=v1alpha1,name=vrke2configtemplate.kb.io,admissionReviewVersions=v1 -var _ webhook.Validator = &Rke2ConfigTemplate{} +var _ webhook.Validator = &RKE2ConfigTemplate{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2ConfigTemplate) ValidateCreate() error { - rke2configtemplatelog.Info("validate create", "name", r.Name) +func (r *RKE2ConfigTemplate) ValidateCreate() error { + RKE2configtemplatelog.Info("validate create", "name", r.Name) // TODO(user): fill in your validation logic upon object creation. return nil } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2ConfigTemplate) ValidateUpdate(old runtime.Object) error { - rke2configtemplatelog.Info("validate update", "name", r.Name) +func (r *RKE2ConfigTemplate) ValidateUpdate(old runtime.Object) error { + RKE2configtemplatelog.Info("validate update", "name", r.Name) // TODO(user): fill in your validation logic upon object update. return nil } // ValidateDelete implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2ConfigTemplate) ValidateDelete() error { - rke2configtemplatelog.Info("validate delete", "name", r.Name) +func (r *RKE2ConfigTemplate) ValidateDelete() error { + RKE2configtemplatelog.Info("validate delete", "name", r.Name) // TODO(user): fill in your validation logic upon object deletion. return nil diff --git a/bootstrap/api/v1alpha1/webhook_suite_test.go b/bootstrap/api/v1alpha1/webhook_suite_test.go index df6e80c..606c0b8 100644 --- a/bootstrap/api/v1alpha1/webhook_suite_test.go +++ b/bootstrap/api/v1alpha1/webhook_suite_test.go @@ -102,10 +102,10 @@ var _ = BeforeSuite(func() { }) Expect(err).NotTo(HaveOccurred()) - err = (&Rke2Config{}).SetupWebhookWithManager(mgr) + err = (&RKE2Config{}).SetupWebhookWithManager(mgr) Expect(err).NotTo(HaveOccurred()) - err = (&Rke2ConfigTemplate{}).SetupWebhookWithManager(mgr) + err = (&RKE2ConfigTemplate{}).SetupWebhookWithManager(mgr) Expect(err).NotTo(HaveOccurred()) //+kubebuilder:scaffold:webhook diff --git a/bootstrap/api/v1alpha1/zz_generated.deepcopy.go b/bootstrap/api/v1alpha1/zz_generated.deepcopy.go index 5e251b7..f1cc625 100644 --- a/bootstrap/api/v1alpha1/zz_generated.deepcopy.go +++ b/bootstrap/api/v1alpha1/zz_generated.deepcopy.go @@ -23,10 +23,334 @@ package v1alpha1 import ( "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/cluster-api/api/v1beta1" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2Config) DeepCopyInto(out *Rke2Config) { +func (in *ComponentConfig) DeepCopyInto(out *ComponentConfig) { + *out = *in + if in.ExtraEnv != nil { + in, out := &in.ExtraEnv, &out.ExtraEnv + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.ExtraArgs != nil { + in, out := &in.ExtraArgs, &out.ExtraArgs + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.ExtraMounts != nil { + in, out := &in.ExtraMounts, &out.ExtraMounts + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComponentConfig. +func (in *ComponentConfig) DeepCopy() *ComponentConfig { + if in == nil { + return nil + } + out := new(ComponentConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DisableComponents) DeepCopyInto(out *DisableComponents) { + *out = *in + if in.KubernetesComponents != nil { + in, out := &in.KubernetesComponents, &out.KubernetesComponents + *out = make([]DisabledKubernetesComponent, len(*in)) + copy(*out, *in) + } + if in.PluginComponents != nil { + in, out := &in.PluginComponents, &out.PluginComponents + *out = make([]DisabledPluginComponent, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DisableComponents. +func (in *DisableComponents) DeepCopy() *DisableComponents { + if in == nil { + return nil + } + out := new(DisableComponents) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EtcdBackupConfig) DeepCopyInto(out *EtcdBackupConfig) { + *out = *in + out.S3 = in.S3 +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdBackupConfig. +func (in *EtcdBackupConfig) DeepCopy() *EtcdBackupConfig { + if in == nil { + return nil + } + out := new(EtcdBackupConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EtcdS3) DeepCopyInto(out *EtcdS3) { + *out = *in + out.EndpointCA = in.EndpointCA + out.S3CredentialSecret = in.S3CredentialSecret +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdS3. +func (in *EtcdS3) DeepCopy() *EtcdS3 { + if in == nil { + return nil + } + out := new(EtcdS3) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *File) DeepCopyInto(out *File) { + *out = *in + if in.ContentFrom != nil { + in, out := &in.ContentFrom, &out.ContentFrom + *out = new(FileSource) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new File. +func (in *File) DeepCopy() *File { + if in == nil { + return nil + } + out := new(File) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FileSource) DeepCopyInto(out *FileSource) { + *out = *in + out.Secret = in.Secret +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FileSource. +func (in *FileSource) DeepCopy() *FileSource { + if in == nil { + return nil + } + out := new(FileSource) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Mirror) DeepCopyInto(out *Mirror) { + *out = *in + if in.Endpoints != nil { + in, out := &in.Endpoints, &out.Endpoints + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Rewrites != nil { + in, out := &in.Rewrites, &out.Rewrites + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Mirror. +func (in *Mirror) DeepCopy() *Mirror { + if in == nil { + return nil + } + out := new(Mirror) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RKE2AgentConfig) DeepCopyInto(out *RKE2AgentConfig) { + *out = *in + in.RKE2CommonNodeConfig.DeepCopyInto(&out.RKE2CommonNodeConfig) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2AgentConfig. +func (in *RKE2AgentConfig) DeepCopy() *RKE2AgentConfig { + if in == nil { + return nil + } + out := new(RKE2AgentConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RKE2CommonNodeConfig) DeepCopyInto(out *RKE2CommonNodeConfig) { + *out = *in + if in.NodeLabels != nil { + in, out := &in.NodeLabels, &out.NodeLabels + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.NodeTaints != nil { + in, out := &in.NodeTaints, &out.NodeTaints + *out = make([]string, len(*in)) + copy(*out, *in) + } + out.ImageCredentialProviderConfigMap = in.ImageCredentialProviderConfigMap + out.ResolvConf = in.ResolvConf + in.Kubelet.DeepCopyInto(&out.Kubelet) + in.KubeProxy.DeepCopyInto(&out.KubeProxy) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2CommonNodeConfig. +func (in *RKE2CommonNodeConfig) DeepCopy() *RKE2CommonNodeConfig { + if in == nil { + return nil + } + out := new(RKE2CommonNodeConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RKE2Config) DeepCopyInto(out *RKE2Config) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2Config. +func (in *RKE2Config) DeepCopy() *RKE2Config { + if in == nil { + return nil + } + out := new(RKE2Config) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *RKE2Config) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RKE2ConfigList) DeepCopyInto(out *RKE2ConfigList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]RKE2Config, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigList. +func (in *RKE2ConfigList) DeepCopy() *RKE2ConfigList { + if in == nil { + return nil + } + out := new(RKE2ConfigList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *RKE2ConfigList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RKE2ConfigSpec) DeepCopyInto(out *RKE2ConfigSpec) { + *out = *in + if in.Files != nil { + in, out := &in.Files, &out.Files + *out = make([]File, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PreRKE2Commands != nil { + in, out := &in.PreRKE2Commands, &out.PreRKE2Commands + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.PostRKE2Commands != nil { + in, out := &in.PostRKE2Commands, &out.PostRKE2Commands + *out = make([]string, len(*in)) + copy(*out, *in) + } + in.AgentConfig.DeepCopyInto(&out.AgentConfig) + in.ServerConfig.DeepCopyInto(&out.ServerConfig) + in.PrivateRegistriesConfig.DeepCopyInto(&out.PrivateRegistriesConfig) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigSpec. +func (in *RKE2ConfigSpec) DeepCopy() *RKE2ConfigSpec { + if in == nil { + return nil + } + out := new(RKE2ConfigSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RKE2ConfigStatus) DeepCopyInto(out *RKE2ConfigStatus) { + *out = *in + if in.DataSecretName != nil { + in, out := &in.DataSecretName, &out.DataSecretName + *out = new(string) + **out = **in + } + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make(v1beta1.Conditions, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigStatus. +func (in *RKE2ConfigStatus) DeepCopy() *RKE2ConfigStatus { + if in == nil { + return nil + } + out := new(RKE2ConfigStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RKE2ConfigTemplate) DeepCopyInto(out *RKE2ConfigTemplate) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) @@ -34,18 +358,18 @@ func (in *Rke2Config) DeepCopyInto(out *Rke2Config) { out.Status = in.Status } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2Config. -func (in *Rke2Config) DeepCopy() *Rke2Config { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigTemplate. +func (in *RKE2ConfigTemplate) DeepCopy() *RKE2ConfigTemplate { if in == nil { return nil } - out := new(Rke2Config) + out := new(RKE2ConfigTemplate) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rke2Config) DeepCopyObject() runtime.Object { +func (in *RKE2ConfigTemplate) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -53,31 +377,31 @@ func (in *Rke2Config) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ConfigList) DeepCopyInto(out *Rke2ConfigList) { +func (in *RKE2ConfigTemplateList) DeepCopyInto(out *RKE2ConfigTemplateList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]Rke2Config, len(*in)) + *out = make([]RKE2ConfigTemplate, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigList. -func (in *Rke2ConfigList) DeepCopy() *Rke2ConfigList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigTemplateList. +func (in *RKE2ConfigTemplateList) DeepCopy() *RKE2ConfigTemplateList { if in == nil { return nil } - out := new(Rke2ConfigList) + out := new(RKE2ConfigTemplateList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rke2ConfigList) DeepCopyObject() runtime.Object { +func (in *RKE2ConfigTemplateList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -85,120 +409,138 @@ func (in *Rke2ConfigList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ConfigSpec) DeepCopyInto(out *Rke2ConfigSpec) { +func (in *RKE2ConfigTemplateSpec) DeepCopyInto(out *RKE2ConfigTemplateSpec) { *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigSpec. -func (in *Rke2ConfigSpec) DeepCopy() *Rke2ConfigSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigTemplateSpec. +func (in *RKE2ConfigTemplateSpec) DeepCopy() *RKE2ConfigTemplateSpec { if in == nil { return nil } - out := new(Rke2ConfigSpec) + out := new(RKE2ConfigTemplateSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ConfigStatus) DeepCopyInto(out *Rke2ConfigStatus) { +func (in *RKE2ConfigTemplateStatus) DeepCopyInto(out *RKE2ConfigTemplateStatus) { *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigStatus. -func (in *Rke2ConfigStatus) DeepCopy() *Rke2ConfigStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ConfigTemplateStatus. +func (in *RKE2ConfigTemplateStatus) DeepCopy() *RKE2ConfigTemplateStatus { if in == nil { return nil } - out := new(Rke2ConfigStatus) + out := new(RKE2ConfigTemplateStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ConfigTemplate) DeepCopyInto(out *Rke2ConfigTemplate) { +func (in *RKE2ServerConfig) DeepCopyInto(out *RKE2ServerConfig) { *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - out.Status = in.Status + in.RKE2CommonNodeConfig.DeepCopyInto(&out.RKE2CommonNodeConfig) + if in.TLSSan != nil { + in, out := &in.TLSSan, &out.TLSSan + *out = make([]string, len(*in)) + copy(*out, *in) + } + out.EtcdBackupConfig = in.EtcdBackupConfig + in.DisableComponents.DeepCopyInto(&out.DisableComponents) + out.CloudProviderConfigMap = in.CloudProviderConfigMap + out.AuditPolicySecret = in.AuditPolicySecret + in.Etcd.DeepCopyInto(&out.Etcd) + in.KubeAPIServer.DeepCopyInto(&out.KubeAPIServer) + in.KubeControllerManager.DeepCopyInto(&out.KubeControllerManager) + in.KubeScheduler.DeepCopyInto(&out.KubeScheduler) + in.CloudControllerManager.DeepCopyInto(&out.CloudControllerManager) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigTemplate. -func (in *Rke2ConfigTemplate) DeepCopy() *Rke2ConfigTemplate { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ServerConfig. +func (in *RKE2ServerConfig) DeepCopy() *RKE2ServerConfig { if in == nil { return nil } - out := new(Rke2ConfigTemplate) + out := new(RKE2ServerConfig) in.DeepCopyInto(out) return out } -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rke2ConfigTemplate) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ConfigTemplateList) DeepCopyInto(out *Rke2ConfigTemplateList) { +func (in *Registry) DeepCopyInto(out *Registry) { *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Rke2ConfigTemplate, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) + if in.Mirrors != nil { + in, out := &in.Mirrors, &out.Mirrors + *out = make(map[string]Mirror, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } + } + if in.Configs != nil { + in, out := &in.Configs, &out.Configs + *out = make(map[string]RegistryConfig, len(*in)) + for key, val := range *in { + (*out)[key] = val } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigTemplateList. -func (in *Rke2ConfigTemplateList) DeepCopy() *Rke2ConfigTemplateList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Registry. +func (in *Registry) DeepCopy() *Registry { if in == nil { return nil } - out := new(Rke2ConfigTemplateList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rke2ConfigTemplateList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ConfigTemplateSpec) DeepCopyInto(out *Rke2ConfigTemplateSpec) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigTemplateSpec. -func (in *Rke2ConfigTemplateSpec) DeepCopy() *Rke2ConfigTemplateSpec { - if in == nil { - return nil - } - out := new(Rke2ConfigTemplateSpec) + out := new(Registry) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ConfigTemplateStatus) DeepCopyInto(out *Rke2ConfigTemplateStatus) { +func (in *RegistryConfig) DeepCopyInto(out *RegistryConfig) { *out = *in + out.AuthSecret = in.AuthSecret + out.TLS = in.TLS } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ConfigTemplateStatus. -func (in *Rke2ConfigTemplateStatus) DeepCopy() *Rke2ConfigTemplateStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegistryConfig. +func (in *RegistryConfig) DeepCopy() *RegistryConfig { if in == nil { return nil } - out := new(Rke2ConfigTemplateStatus) + out := new(RegistryConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretFileSource) DeepCopyInto(out *SecretFileSource) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretFileSource. +func (in *SecretFileSource) DeepCopy() *SecretFileSource { + if in == nil { + return nil + } + out := new(SecretFileSource) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSConfig) DeepCopyInto(out *TLSConfig) { + *out = *in + out.TLSConfigSecret = in.TLSConfigSecret +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSConfig. +func (in *TLSConfig) DeepCopy() *TLSConfig { + if in == nil { + return nil + } + out := new(TLSConfig) in.DeepCopyInto(out) return out } diff --git a/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configs.yaml b/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configs.yaml index 595af08..90c7f7e 100644 --- a/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configs.yaml +++ b/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configs.yaml @@ -9,8 +9,8 @@ metadata: spec: group: bootstrap.cluster.x-k8s.io names: - kind: Rke2Config - listKind: Rke2ConfigList + kind: RKE2Config + listKind: RKE2ConfigList plural: rke2configs singular: rke2config scope: Namespaced @@ -18,7 +18,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Rke2Config is the Schema for the rke2configs API + description: RKE2Config is the Schema for the rke2configs API. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -33,15 +33,1085 @@ spec: metadata: type: object spec: - description: Rke2ConfigSpec defines the desired state of Rke2Config + description: RKE2ConfigSpec defines the desired state of RKE2Config. properties: - foo: - description: Foo is an example field of Rke2Config. Edit rke2config_types.go - to remove/update + agentConfig: + description: AgentConfig specifies configuration for the agent nodes. + properties: + cisProfile: + description: CISProfile activates CIS compliance of RKE2 for a + certain profile + enum: + - cis-1.23 + type: string + containerRuntimeEndpoint: + description: ContainerRuntimeEndpoint Disable embedded containerd + and use alternative CRI implementation. + type: string + dataDir: + description: DataDir Folder to hold state. + type: string + enableContainerdSElinux: + description: EnableContainerdSElinux defines the policy for enabling + SELinux for Containerd if value is true, Containerd will run + with selinux-enabled=true flag if value is false, Containerd + will run without the above flag + type: boolean + imageCredentialProviderConfigMap: + description: ImageCredentialProviderConfigMap is a reference to + the ConfigMap that contains credential provider plugin config + The configMap should contain a YAML file content + a Path to + the Binaries for Credential Provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + kubeProxy: + description: KubeProxyArgs Customized flag for kube-proxy process. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubelet: + description: KubeletArgs Customized flag for kubelet process. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubeletPath: + description: KubeletPath Override kubelet binary path. + type: string + nodeLabels: + description: NodeLabels Registering and starting kubelet with + set of labels. + items: + type: string + type: array + nodeName: + description: NodeNamePrefix Prefix to the Node Name that CAPI + will generate. + type: string + nodeTaints: + description: NodeTaints Registering kubelet with set of taints. + items: + type: string + type: array + protectKernelDefaults: + description: ProtectKernelDefaults defines Kernel tuning behavior. + If true, error if kernel tunables are different than kubelet + defaults. if false, kernel tunable can be different from kubelet + defaults + type: boolean + resolvConf: + description: ResolvConf is a reference to a ConfigMap containing + resolv.conf content for the node. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + systemDefaultRegistry: + description: SystemDefaultRegistry Private registry to be used + for all system images. + type: string + type: object + files: + description: Files specifies extra files to be passed to user_data + upon creation. + items: + description: File defines the input for generating write_files in + cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to + populate the file. + properties: + secret: + description: Secret represents a secret that should populate + this file. + properties: + key: + description: Key is the key in the secret's data map + for this value. + type: string + name: + description: Name of the secret in the RKE2BootstrapConfig's + namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. + "root:root". + type: string + path: + description: Path specifies the full path on disk where to store + the file. + type: string + permissions: + description: Permissions specifies the permissions to assign + to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + postRKE2Commands: + description: PostRKE2Commands specifies extra commands to run after + rke2 setup runs. + items: + type: string + type: array + preRKE2Commands: + description: PreRKE2Commands specifies extra commands to run before + rke2 setup runs. + items: + type: string + type: array + privateRegistriesConfig: + description: PrivateRegistriesConfig defines the containerd configuration + for private registries and local registry mirrors. + properties: + configs: + additionalProperties: + description: RegistryConfig contains configuration used to communicate + with the registry. + properties: + authSecret: + description: Auth si a reference to a Secret containing + information to authenticate to the registry. The Secret + must provite a username and a password data entry. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + tls: + description: TLS is a pair of CA/Cert/Key which then are + used when creating the transport that communicates with + the registry. + properties: + enforceSslVerify: + description: EnforceSSLVerify may be set to false to + skip verifying the registry's certificate, default + is true. + type: boolean + tlsConfigSecret: + description: 'TLSConfigSecret is a reference to a secret + of type `kubernetes.io/tls` thich has up to 3 entries: + tls.crt, tls.key and ca.crt which describe the TLS + configuration necessary to connect to the registry.' + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: object + type: object + description: Configs are configs for each registry. The key is + the FDQN or IP of the registry. + type: object + mirrors: + additionalProperties: + description: Mirror contains the config related to the registry + mirror. + properties: + endpoint: + description: Endpoints are endpoints for a namespace. CRI + plugin will try the endpoints one by one until a working + one is found. The endpoint must be a valid url with host + specified. The scheme, host and path from the endpoint + URL will be used. + items: + type: string + type: array + rewrite: + additionalProperties: + type: string + description: Rewrites are repository rewrite rules for a + namespace. When fetching image resources from an endpoint + and a key matches the repository via regular expression + matching it will be replaced with the corresponding value + from the map in the resource request. + type: object + type: object + description: Mirrors are namespace to mirror mapping for all namespaces. + type: object + type: object + serverConfig: + description: ServerConfig specifies configuration for the agent nodes. + properties: + advertiseAddress: + description: 'AdvertiseAddress IP address that apiserver uses + to advertise to members of the cluster (default: node-external-ip/node-ip).' + type: string + auditPolicySecret: + description: AuditPolicySecret Path to the file that defines the + audit policy configuration. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + bindAddress: + description: 'BindAddress describes the rke2 bind address (default: + 0.0.0.0).' + type: string + cisProfile: + description: CISProfile activates CIS compliance of RKE2 for a + certain profile + enum: + - cis-1.23 + type: string + cloudControllerManager: + description: CloudControllerManager defines optional custom configuration + of the Cloud Controller Manager. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + cloudProviderConfigMap: + description: CloudProviderConfigMap is a reference to a ConfigMap + containing Cloud provider configuration. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + cloudProviderName: + description: CloudProviderName Cloud provider name. + type: string + clusterDNS: + description: 'ClusterDNS is the cluster IP for CoreDNS service. + Should be in your service-cidr range (default: 10.43.0.10).' + type: string + clusterDomain: + description: 'ClusterDomain is the cluster domain name (default: + "cluster.local").' + type: string + cni: + description: 'CNI describes the CNI Plugins to deploy, one of + none, calico, canal, cilium; optionally with multus as the first + value to enable the multus meta-plugin (default: canal).' + enum: + - none + - calico + - canal + - cilium + type: string + containerRuntimeEndpoint: + description: ContainerRuntimeEndpoint Disable embedded containerd + and use alternative CRI implementation. + type: string + controlPlaneResourceLimits: + description: ControlPlaneResourceLimits Control Plane resource + limits. + type: string + controlPlaneResourceRequests: + description: ControlPlaneResourceRequests Control Plane resource + requests. + type: string + dataDir: + description: DataDir Folder to hold state. + type: string + disableComponents: + description: DisableComponents lists Kubernetes components and + RKE2 plugin components that will be disabled. + properties: + kubernetesComponents: + description: KubernetesComponents is a list of Kubernetes + components to disable. + enum: + - scheduler + - kubeProxy + - cloudController + items: + description: 'DisabledKubernetesComponent is an enum field + that can take one of the following values: scheduler, + kubeProxy or cloudController.' + type: string + type: array + pluginComponents: + description: PluginComponents is a list of PluginComponents + to disable. + enum: + - rke2-coredns + - rke2-ingress-nginx + - rke2-metrics-server + items: + description: DisabledItem selects a plugin Components to + be disabled. + type: string + type: array + type: object + enableContainerdSElinux: + description: EnableContainerdSElinux defines the policy for enabling + SELinux for Containerd if value is true, Containerd will run + with selinux-enabled=true flag if value is false, Containerd + will run without the above flag + type: boolean + etcd: + description: Etcd defines optional custom configuration of ETCD. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + etcdBackupConfig: + description: 'EtcdBackupConfig defines how RKE2 will snapshot + ETCD: target storage, schedule, etc.' + properties: + directory: + description: 'Directory Directory to save db snapshots. (Default + location: ${data-dir}/db/snapshots).' + type: string + enableAutomaticSnapshots: + description: EnableAutomaticSnapshots defines the policy for + ETCD snapshots. true means automatic snapshots will be scheduled, + false means automatic snapshots will not be scheduled. + type: boolean + retention: + description: 'Retention Number of snapshots to retain Default: + 5 (default: 5).' + type: string + s3: + description: S3 Enable backup to an S3-compatible Object Store. + properties: + S3CredentialSecret: + description: S3CredentialSecret is a reference to a Secret + containing the Access Key and Secret Key necessary to + access the target S3 Bucket. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + bucket: + description: Bucket S3 bucket name. + type: string + endpoint: + description: 'Endpoint S3 endpoint url (default: "s3.amazonaws.com").' + type: string + endpointCA: + description: EndpointCA references the Secret that contains + a custom CA that should be trusted to connect to S3 + endpoint. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + enforceSslVerify: + description: EnforceSSLVerify may be set to false to skip + verifying the registry's certificate, default is true. + type: boolean + folder: + description: Folder S3 folder. + type: string + region: + description: 'Region S3 region / bucket location (optional) + (default: "us-east-1").' + type: string + required: + - S3CredentialSecret + - endpoint + type: object + scheduleCron: + description: 'ScheduleCron Snapshot interval time in cron + spec. eg. every 5 hours ''* */5 * * *'' (default: "0 */12 + * * *").' + type: string + snapshotName: + description: 'SnapshotName Set the base name of etcd snapshots. + Default: etcd-snapshot- (default: "etcd-snapshot").' + type: string + type: object + exposeEtcdMetrics: + description: ExposeEtcdMetrics defines the policy for ETCD Metrics + exposure. if value is true, ETCD metrics will be exposed if + value is false, ETCD metrics will NOT be exposed + type: boolean + imageCredentialProviderConfigMap: + description: ImageCredentialProviderConfigMap is a reference to + the ConfigMap that contains credential provider plugin config + The configMap should contain a YAML file content + a Path to + the Binaries for Credential Provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + kubeAPIServer: + description: KubeAPIServer defines optional custom configuration + of the Kube API Server. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubeControllerManager: + description: KubeControllerManager defines optional custom configuration + of the Kube Controller Manager. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubeProxy: + description: KubeProxyArgs Customized flag for kube-proxy process. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubeScheduler: + description: KubeScheduler defines optional custom configuration + of the Kube Scheduler. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubelet: + description: KubeletArgs Customized flag for kubelet process. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubeletPath: + description: KubeletPath Override kubelet binary path. + type: string + lbServerPort: + description: 'LoadBalancerPort Local port for supervisor client + load-balancer. If the supervisor and apiserver are not colocated + an additional port 1 less than this port will also be used for + the apiserver client load-balancer (default: 6444).' + type: integer + nodeLabels: + description: NodeLabels Registering and starting kubelet with + set of labels. + items: + type: string + type: array + nodeName: + description: NodeNamePrefix Prefix to the Node Name that CAPI + will generate. + type: string + nodeTaints: + description: NodeTaints Registering kubelet with set of taints. + items: + type: string + type: array + pauseImage: + description: PauseImage Override image to use for pause. + type: string + protectKernelDefaults: + description: ProtectKernelDefaults defines Kernel tuning behavior. + If true, error if kernel tunables are different than kubelet + defaults. if false, kernel tunable can be different from kubelet + defaults + type: boolean + resolvConf: + description: ResolvConf is a reference to a ConfigMap containing + resolv.conf content for the node. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + runtimeImage: + description: RuntimeImage Override image to use for runtime binaries + (containerd, kubectl, crictl, etc). + type: string + service-node-port-range: + description: 'ServiceNodePortRange is the port range to reserve + for services with NodePort visibility (default: "30000-32767").' + type: string + systemDefaultRegistry: + description: SystemDefaultRegistry Private registry to be used + for all system images. + type: string + tlsSan: + description: TLSSan Add additional hostname or IP as a Subject + Alternative Name in the TLS cert. + items: + type: string + type: array + type: object + version: + description: Version specifies the rke2 version. type: string type: object status: - description: Rke2ConfigStatus defines the observed state of Rke2Config + description: RKE2ConfigStatus defines the observed state of RKE2Config. + properties: + conditions: + description: Conditions defines current service state of the RKE2Config. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. + type: string + failureMessage: + description: FailureMessage will be set on non-retryable errors. + type: string + failureReason: + description: FailureReason will be set on non-retryable errors. + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + ready: + description: Ready indicates the BootstrapData field is ready to be + consumed. + type: boolean type: object type: object served: true diff --git a/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configtemplates.yaml b/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configtemplates.yaml index 4d98d1e..8c4e125 100644 --- a/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configtemplates.yaml +++ b/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configtemplates.yaml @@ -9,8 +9,8 @@ metadata: spec: group: bootstrap.cluster.x-k8s.io names: - kind: Rke2ConfigTemplate - listKind: Rke2ConfigTemplateList + kind: RKE2ConfigTemplate + listKind: RKE2ConfigTemplateList plural: rke2configtemplates singular: rke2configtemplate scope: Namespaced @@ -18,7 +18,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Rke2ConfigTemplate is the Schema for the rke2configtemplates + description: RKE2ConfigTemplate is the Schema for the RKE2configtemplates API properties: apiVersion: @@ -34,15 +34,15 @@ spec: metadata: type: object spec: - description: Rke2ConfigTemplateSpec defines the desired state of Rke2ConfigTemplate + description: RKE2ConfigTemplateSpec defines the desired state of RKE2ConfigTemplate properties: foo: - description: Foo is an example field of Rke2ConfigTemplate. Edit rke2configtemplate_types.go + description: Foo is an example field of RKE2ConfigTemplate. Edit RKE2configtemplate_types.go to remove/update type: string type: object status: - description: Rke2ConfigTemplateStatus defines the observed state of Rke2ConfigTemplate + description: RKE2ConfigTemplateStatus defines the observed state of RKE2ConfigTemplate type: object type: object served: true diff --git a/bootstrap/internal/controllers/rke2config_controller.go b/bootstrap/internal/controllers/rke2config_controller.go index 05dab1b..ef5b922 100644 --- a/bootstrap/internal/controllers/rke2config_controller.go +++ b/bootstrap/internal/controllers/rke2config_controller.go @@ -57,6 +57,6 @@ func (r *Rke2ConfigReconciler) Reconcile(ctx context.Context, req ctrl.Request) // SetupWithManager sets up the controller with the Manager. func (r *Rke2ConfigReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). - For(&bootstrapv1.Rke2Config{}). + For(&bootstrapv1.RKE2Config{}). Complete(r) } diff --git a/bootstrap/main.go b/bootstrap/main.go index 1e16d03..4e86c96 100644 --- a/bootstrap/main.go +++ b/bootstrap/main.go @@ -96,11 +96,11 @@ func main() { setupLog.Error(err, "unable to create controller", "controller", "Rke2Config") os.Exit(1) } - if err = (&bootstrapv1.Rke2Config{}).SetupWebhookWithManager(mgr); err != nil { + if err = (&bootstrapv1.RKE2Config{}).SetupWebhookWithManager(mgr); err != nil { setupLog.Error(err, "unable to create webhook", "webhook", "Rke2Config") os.Exit(1) } - if err = (&bootstrapv1.Rke2ConfigTemplate{}).SetupWebhookWithManager(mgr); err != nil { + if err = (&bootstrapv1.RKE2ConfigTemplate{}).SetupWebhookWithManager(mgr); err != nil { setupLog.Error(err, "unable to create webhook", "webhook", "Rke2ConfigTemplate") os.Exit(1) } diff --git a/controlplane/api/v1alpha1/rke2controlplane_types.go b/controlplane/api/v1alpha1/rke2controlplane_types.go index 7b29b97..d7f182f 100644 --- a/controlplane/api/v1alpha1/rke2controlplane_types.go +++ b/controlplane/api/v1alpha1/rke2controlplane_types.go @@ -23,17 +23,17 @@ import ( // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. -// Rke2ControlPlaneSpec defines the desired state of Rke2ControlPlane -type Rke2ControlPlaneSpec struct { +// RKE2ControlPlaneSpec defines the desired state of RKE2ControlPlane +type RKE2ControlPlaneSpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file - // Foo is an example field of Rke2ControlPlane. Edit rke2controlplane_types.go to remove/update + // Foo is an example field of RKE2ControlPlane. Edit rke2controlplane_types.go to remove/update Foo string `json:"foo,omitempty"` } -// Rke2ControlPlaneStatus defines the observed state of Rke2ControlPlane -type Rke2ControlPlaneStatus struct { +// RKE2ControlPlaneStatus defines the observed state of RKE2ControlPlane +type RKE2ControlPlaneStatus struct { // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster // Important: Run "make" to regenerate code after modifying this file } @@ -41,24 +41,24 @@ type Rke2ControlPlaneStatus struct { //+kubebuilder:object:root=true //+kubebuilder:subresource:status -// Rke2ControlPlane is the Schema for the rke2controlplanes API -type Rke2ControlPlane struct { +// RKE2ControlPlane is the Schema for the rke2controlplanes API +type RKE2ControlPlane struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec Rke2ControlPlaneSpec `json:"spec,omitempty"` - Status Rke2ControlPlaneStatus `json:"status,omitempty"` + Spec RKE2ControlPlaneSpec `json:"spec,omitempty"` + Status RKE2ControlPlaneStatus `json:"status,omitempty"` } //+kubebuilder:object:root=true -// Rke2ControlPlaneList contains a list of Rke2ControlPlane -type Rke2ControlPlaneList struct { +// RKE2ControlPlaneList contains a list of RKE2ControlPlane +type RKE2ControlPlaneList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []Rke2ControlPlane `json:"items"` + Items []RKE2ControlPlane `json:"items"` } func init() { - SchemeBuilder.Register(&Rke2ControlPlane{}, &Rke2ControlPlaneList{}) + SchemeBuilder.Register(&RKE2ControlPlane{}, &RKE2ControlPlaneList{}) } diff --git a/controlplane/api/v1alpha1/rke2controlplane_webhook.go b/controlplane/api/v1alpha1/rke2controlplane_webhook.go index e1afec3..9e16f6e 100644 --- a/controlplane/api/v1alpha1/rke2controlplane_webhook.go +++ b/controlplane/api/v1alpha1/rke2controlplane_webhook.go @@ -26,7 +26,7 @@ import ( // log is for logging in this package. var rke2controlplanelog = logf.Log.WithName("rke2controlplane-resource") -func (r *Rke2ControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error { +func (r *RKE2ControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error { return ctrl.NewWebhookManagedBy(mgr). For(r). Complete() @@ -36,10 +36,10 @@ func (r *Rke2ControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error { //+kubebuilder:webhook:path=/mutate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplane,mutating=true,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanes,verbs=create;update,versions=v1alpha1,name=mrke2controlplane.kb.io,admissionReviewVersions=v1 -var _ webhook.Defaulter = &Rke2ControlPlane{} +var _ webhook.Defaulter = &RKE2ControlPlane{} // Default implements webhook.Defaulter so a webhook will be registered for the type -func (r *Rke2ControlPlane) Default() { +func (r *RKE2ControlPlane) Default() { rke2controlplanelog.Info("default", "name", r.Name) // TODO(user): fill in your defaulting logic. @@ -48,10 +48,10 @@ func (r *Rke2ControlPlane) Default() { // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. //+kubebuilder:webhook:path=/validate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplane,mutating=false,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanes,verbs=create;update,versions=v1alpha1,name=vrke2controlplane.kb.io,admissionReviewVersions=v1 -var _ webhook.Validator = &Rke2ControlPlane{} +var _ webhook.Validator = &RKE2ControlPlane{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2ControlPlane) ValidateCreate() error { +func (r *RKE2ControlPlane) ValidateCreate() error { rke2controlplanelog.Info("validate create", "name", r.Name) // TODO(user): fill in your validation logic upon object creation. @@ -59,7 +59,7 @@ func (r *Rke2ControlPlane) ValidateCreate() error { } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2ControlPlane) ValidateUpdate(old runtime.Object) error { +func (r *RKE2ControlPlane) ValidateUpdate(old runtime.Object) error { rke2controlplanelog.Info("validate update", "name", r.Name) // TODO(user): fill in your validation logic upon object update. @@ -67,7 +67,7 @@ func (r *Rke2ControlPlane) ValidateUpdate(old runtime.Object) error { } // ValidateDelete implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2ControlPlane) ValidateDelete() error { +func (r *RKE2ControlPlane) ValidateDelete() error { rke2controlplanelog.Info("validate delete", "name", r.Name) // TODO(user): fill in your validation logic upon object deletion. diff --git a/controlplane/api/v1alpha1/rke2controlplanetemplate_types.go b/controlplane/api/v1alpha1/rke2controlplanetemplate_types.go index aa20e70..5d45b52 100644 --- a/controlplane/api/v1alpha1/rke2controlplanetemplate_types.go +++ b/controlplane/api/v1alpha1/rke2controlplanetemplate_types.go @@ -23,17 +23,17 @@ import ( // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. -// Rke2ControlPlaneTemplateSpec defines the desired state of Rke2ControlPlaneTemplate -type Rke2ControlPlaneTemplateSpec struct { +// RKE2ControlPlaneTemplateSpec defines the desired state of RKE2ControlPlaneTemplate +type RKE2ControlPlaneTemplateSpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file - // Foo is an example field of Rke2ControlPlaneTemplate. Edit rke2controlplanetemplate_types.go to remove/update + // Foo is an example field of RKE2ControlPlaneTemplate. Edit rke2controlplanetemplate_types.go to remove/update Foo string `json:"foo,omitempty"` } -// Rke2ControlPlaneTemplateStatus defines the observed state of Rke2ControlPlaneTemplate -type Rke2ControlPlaneTemplateStatus struct { +// RKE2ControlPlaneTemplateStatus defines the observed state of RKE2ControlPlaneTemplate +type RKE2ControlPlaneTemplateStatus struct { // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster // Important: Run "make" to regenerate code after modifying this file } @@ -41,24 +41,24 @@ type Rke2ControlPlaneTemplateStatus struct { //+kubebuilder:object:root=true //+kubebuilder:subresource:status -// Rke2ControlPlaneTemplate is the Schema for the rke2controlplanetemplates API -type Rke2ControlPlaneTemplate struct { +// RKE2ControlPlaneTemplate is the Schema for the rke2controlplanetemplates API +type RKE2ControlPlaneTemplate struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec Rke2ControlPlaneTemplateSpec `json:"spec,omitempty"` - Status Rke2ControlPlaneTemplateStatus `json:"status,omitempty"` + Spec RKE2ControlPlaneTemplateSpec `json:"spec,omitempty"` + Status RKE2ControlPlaneTemplateStatus `json:"status,omitempty"` } //+kubebuilder:object:root=true -// Rke2ControlPlaneTemplateList contains a list of Rke2ControlPlaneTemplate -type Rke2ControlPlaneTemplateList struct { +// RKE2ControlPlaneTemplateList contains a list of RKE2ControlPlaneTemplate +type RKE2ControlPlaneTemplateList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []Rke2ControlPlaneTemplate `json:"items"` + Items []RKE2ControlPlaneTemplate `json:"items"` } func init() { - SchemeBuilder.Register(&Rke2ControlPlaneTemplate{}, &Rke2ControlPlaneTemplateList{}) + SchemeBuilder.Register(&RKE2ControlPlaneTemplate{}, &RKE2ControlPlaneTemplateList{}) } diff --git a/controlplane/api/v1alpha1/rke2controlplanetemplate_webhook.go b/controlplane/api/v1alpha1/rke2controlplanetemplate_webhook.go index b05cf94..9f630a6 100644 --- a/controlplane/api/v1alpha1/rke2controlplanetemplate_webhook.go +++ b/controlplane/api/v1alpha1/rke2controlplanetemplate_webhook.go @@ -26,7 +26,7 @@ import ( // log is for logging in this package. var rke2controlplanetemplatelog = logf.Log.WithName("rke2controlplanetemplate-resource") -func (r *Rke2ControlPlaneTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error { +func (r *RKE2ControlPlaneTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error { return ctrl.NewWebhookManagedBy(mgr). For(r). Complete() @@ -36,10 +36,10 @@ func (r *Rke2ControlPlaneTemplate) SetupWebhookWithManager(mgr ctrl.Manager) err //+kubebuilder:webhook:path=/mutate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplanetemplate,mutating=true,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanetemplates,verbs=create;update,versions=v1alpha1,name=mrke2controlplanetemplate.kb.io,admissionReviewVersions=v1 -var _ webhook.Defaulter = &Rke2ControlPlaneTemplate{} +var _ webhook.Defaulter = &RKE2ControlPlaneTemplate{} // Default implements webhook.Defaulter so a webhook will be registered for the type -func (r *Rke2ControlPlaneTemplate) Default() { +func (r *RKE2ControlPlaneTemplate) Default() { rke2controlplanetemplatelog.Info("default", "name", r.Name) // TODO(user): fill in your defaulting logic. @@ -48,10 +48,10 @@ func (r *Rke2ControlPlaneTemplate) Default() { // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. //+kubebuilder:webhook:path=/validate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplanetemplate,mutating=false,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanetemplates,verbs=create;update,versions=v1alpha1,name=vrke2controlplanetemplate.kb.io,admissionReviewVersions=v1 -var _ webhook.Validator = &Rke2ControlPlaneTemplate{} +var _ webhook.Validator = &RKE2ControlPlaneTemplate{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2ControlPlaneTemplate) ValidateCreate() error { +func (r *RKE2ControlPlaneTemplate) ValidateCreate() error { rke2controlplanetemplatelog.Info("validate create", "name", r.Name) // TODO(user): fill in your validation logic upon object creation. @@ -59,7 +59,7 @@ func (r *Rke2ControlPlaneTemplate) ValidateCreate() error { } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2ControlPlaneTemplate) ValidateUpdate(old runtime.Object) error { +func (r *RKE2ControlPlaneTemplate) ValidateUpdate(old runtime.Object) error { rke2controlplanetemplatelog.Info("validate update", "name", r.Name) // TODO(user): fill in your validation logic upon object update. @@ -67,7 +67,7 @@ func (r *Rke2ControlPlaneTemplate) ValidateUpdate(old runtime.Object) error { } // ValidateDelete implements webhook.Validator so a webhook will be registered for the type -func (r *Rke2ControlPlaneTemplate) ValidateDelete() error { +func (r *RKE2ControlPlaneTemplate) ValidateDelete() error { rke2controlplanetemplatelog.Info("validate delete", "name", r.Name) // TODO(user): fill in your validation logic upon object deletion. diff --git a/controlplane/api/v1alpha1/webhook_suite_test.go b/controlplane/api/v1alpha1/webhook_suite_test.go index 233f346..b1dd83b 100644 --- a/controlplane/api/v1alpha1/webhook_suite_test.go +++ b/controlplane/api/v1alpha1/webhook_suite_test.go @@ -102,10 +102,10 @@ var _ = BeforeSuite(func() { }) Expect(err).NotTo(HaveOccurred()) - err = (&Rke2ControlPlane{}).SetupWebhookWithManager(mgr) + err = (&RKE2ControlPlane{}).SetupWebhookWithManager(mgr) Expect(err).NotTo(HaveOccurred()) - err = (&Rke2ControlPlaneTemplate{}).SetupWebhookWithManager(mgr) + err = (&RKE2ControlPlaneTemplate{}).SetupWebhookWithManager(mgr) Expect(err).NotTo(HaveOccurred()) //+kubebuilder:scaffold:webhook diff --git a/controlplane/api/v1alpha1/zz_generated.deepcopy.go b/controlplane/api/v1alpha1/zz_generated.deepcopy.go index 42263db..85f39e2 100644 --- a/controlplane/api/v1alpha1/zz_generated.deepcopy.go +++ b/controlplane/api/v1alpha1/zz_generated.deepcopy.go @@ -26,7 +26,7 @@ import ( ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ControlPlane) DeepCopyInto(out *Rke2ControlPlane) { +func (in *RKE2ControlPlane) DeepCopyInto(out *RKE2ControlPlane) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) @@ -34,18 +34,18 @@ func (in *Rke2ControlPlane) DeepCopyInto(out *Rke2ControlPlane) { out.Status = in.Status } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlane. -func (in *Rke2ControlPlane) DeepCopy() *Rke2ControlPlane { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlane. +func (in *RKE2ControlPlane) DeepCopy() *RKE2ControlPlane { if in == nil { return nil } - out := new(Rke2ControlPlane) + out := new(RKE2ControlPlane) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rke2ControlPlane) DeepCopyObject() runtime.Object { +func (in *RKE2ControlPlane) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -53,31 +53,31 @@ func (in *Rke2ControlPlane) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ControlPlaneList) DeepCopyInto(out *Rke2ControlPlaneList) { +func (in *RKE2ControlPlaneList) DeepCopyInto(out *RKE2ControlPlaneList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]Rke2ControlPlane, len(*in)) + *out = make([]RKE2ControlPlane, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneList. -func (in *Rke2ControlPlaneList) DeepCopy() *Rke2ControlPlaneList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneList. +func (in *RKE2ControlPlaneList) DeepCopy() *RKE2ControlPlaneList { if in == nil { return nil } - out := new(Rke2ControlPlaneList) + out := new(RKE2ControlPlaneList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rke2ControlPlaneList) DeepCopyObject() runtime.Object { +func (in *RKE2ControlPlaneList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -85,37 +85,37 @@ func (in *Rke2ControlPlaneList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ControlPlaneSpec) DeepCopyInto(out *Rke2ControlPlaneSpec) { +func (in *RKE2ControlPlaneSpec) DeepCopyInto(out *RKE2ControlPlaneSpec) { *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneSpec. -func (in *Rke2ControlPlaneSpec) DeepCopy() *Rke2ControlPlaneSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneSpec. +func (in *RKE2ControlPlaneSpec) DeepCopy() *RKE2ControlPlaneSpec { if in == nil { return nil } - out := new(Rke2ControlPlaneSpec) + out := new(RKE2ControlPlaneSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ControlPlaneStatus) DeepCopyInto(out *Rke2ControlPlaneStatus) { +func (in *RKE2ControlPlaneStatus) DeepCopyInto(out *RKE2ControlPlaneStatus) { *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneStatus. -func (in *Rke2ControlPlaneStatus) DeepCopy() *Rke2ControlPlaneStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneStatus. +func (in *RKE2ControlPlaneStatus) DeepCopy() *RKE2ControlPlaneStatus { if in == nil { return nil } - out := new(Rke2ControlPlaneStatus) + out := new(RKE2ControlPlaneStatus) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ControlPlaneTemplate) DeepCopyInto(out *Rke2ControlPlaneTemplate) { +func (in *RKE2ControlPlaneTemplate) DeepCopyInto(out *RKE2ControlPlaneTemplate) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) @@ -123,18 +123,18 @@ func (in *Rke2ControlPlaneTemplate) DeepCopyInto(out *Rke2ControlPlaneTemplate) out.Status = in.Status } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneTemplate. -func (in *Rke2ControlPlaneTemplate) DeepCopy() *Rke2ControlPlaneTemplate { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneTemplate. +func (in *RKE2ControlPlaneTemplate) DeepCopy() *RKE2ControlPlaneTemplate { if in == nil { return nil } - out := new(Rke2ControlPlaneTemplate) + out := new(RKE2ControlPlaneTemplate) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rke2ControlPlaneTemplate) DeepCopyObject() runtime.Object { +func (in *RKE2ControlPlaneTemplate) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -142,31 +142,31 @@ func (in *Rke2ControlPlaneTemplate) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ControlPlaneTemplateList) DeepCopyInto(out *Rke2ControlPlaneTemplateList) { +func (in *RKE2ControlPlaneTemplateList) DeepCopyInto(out *RKE2ControlPlaneTemplateList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]Rke2ControlPlaneTemplate, len(*in)) + *out = make([]RKE2ControlPlaneTemplate, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneTemplateList. -func (in *Rke2ControlPlaneTemplateList) DeepCopy() *Rke2ControlPlaneTemplateList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneTemplateList. +func (in *RKE2ControlPlaneTemplateList) DeepCopy() *RKE2ControlPlaneTemplateList { if in == nil { return nil } - out := new(Rke2ControlPlaneTemplateList) + out := new(RKE2ControlPlaneTemplateList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rke2ControlPlaneTemplateList) DeepCopyObject() runtime.Object { +func (in *RKE2ControlPlaneTemplateList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -174,31 +174,31 @@ func (in *Rke2ControlPlaneTemplateList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ControlPlaneTemplateSpec) DeepCopyInto(out *Rke2ControlPlaneTemplateSpec) { +func (in *RKE2ControlPlaneTemplateSpec) DeepCopyInto(out *RKE2ControlPlaneTemplateSpec) { *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneTemplateSpec. -func (in *Rke2ControlPlaneTemplateSpec) DeepCopy() *Rke2ControlPlaneTemplateSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneTemplateSpec. +func (in *RKE2ControlPlaneTemplateSpec) DeepCopy() *RKE2ControlPlaneTemplateSpec { if in == nil { return nil } - out := new(Rke2ControlPlaneTemplateSpec) + out := new(RKE2ControlPlaneTemplateSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rke2ControlPlaneTemplateStatus) DeepCopyInto(out *Rke2ControlPlaneTemplateStatus) { +func (in *RKE2ControlPlaneTemplateStatus) DeepCopyInto(out *RKE2ControlPlaneTemplateStatus) { *out = *in } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rke2ControlPlaneTemplateStatus. -func (in *Rke2ControlPlaneTemplateStatus) DeepCopy() *Rke2ControlPlaneTemplateStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneTemplateStatus. +func (in *RKE2ControlPlaneTemplateStatus) DeepCopy() *RKE2ControlPlaneTemplateStatus { if in == nil { return nil } - out := new(Rke2ControlPlaneTemplateStatus) + out := new(RKE2ControlPlaneTemplateStatus) in.DeepCopyInto(out) return out } diff --git a/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanes.yaml b/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanes.yaml index c016116..630ca4b 100644 --- a/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanes.yaml +++ b/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanes.yaml @@ -9,8 +9,8 @@ metadata: spec: group: controlplane.cluster.x-k8s.io names: - kind: Rke2ControlPlane - listKind: Rke2ControlPlaneList + kind: RKE2ControlPlane + listKind: RKE2ControlPlaneList plural: rke2controlplanes singular: rke2controlplane scope: Namespaced @@ -18,7 +18,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Rke2ControlPlane is the Schema for the rke2controlplanes API + description: RKE2ControlPlane is the Schema for the rke2controlplanes API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -33,15 +33,15 @@ spec: metadata: type: object spec: - description: Rke2ControlPlaneSpec defines the desired state of Rke2ControlPlane + description: RKE2ControlPlaneSpec defines the desired state of RKE2ControlPlane properties: foo: - description: Foo is an example field of Rke2ControlPlane. Edit rke2controlplane_types.go + description: Foo is an example field of RKE2ControlPlane. Edit rke2controlplane_types.go to remove/update type: string type: object status: - description: Rke2ControlPlaneStatus defines the observed state of Rke2ControlPlane + description: RKE2ControlPlaneStatus defines the observed state of RKE2ControlPlane type: object type: object served: true diff --git a/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanetemplates.yaml b/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanetemplates.yaml index 4d8536a..f59f807 100644 --- a/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanetemplates.yaml +++ b/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanetemplates.yaml @@ -9,8 +9,8 @@ metadata: spec: group: controlplane.cluster.x-k8s.io names: - kind: Rke2ControlPlaneTemplate - listKind: Rke2ControlPlaneTemplateList + kind: RKE2ControlPlaneTemplate + listKind: RKE2ControlPlaneTemplateList plural: rke2controlplanetemplates singular: rke2controlplanetemplate scope: Namespaced @@ -18,7 +18,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Rke2ControlPlaneTemplate is the Schema for the rke2controlplanetemplates + description: RKE2ControlPlaneTemplate is the Schema for the rke2controlplanetemplates API properties: apiVersion: @@ -34,17 +34,17 @@ spec: metadata: type: object spec: - description: Rke2ControlPlaneTemplateSpec defines the desired state of - Rke2ControlPlaneTemplate + description: RKE2ControlPlaneTemplateSpec defines the desired state of + RKE2ControlPlaneTemplate properties: foo: - description: Foo is an example field of Rke2ControlPlaneTemplate. + description: Foo is an example field of RKE2ControlPlaneTemplate. Edit rke2controlplanetemplate_types.go to remove/update type: string type: object status: - description: Rke2ControlPlaneTemplateStatus defines the observed state - of Rke2ControlPlaneTemplate + description: RKE2ControlPlaneTemplateStatus defines the observed state + of RKE2ControlPlaneTemplate type: object type: object served: true diff --git a/controlplane/internal/controllers/rke2controlplane_controller.go b/controlplane/internal/controllers/rke2controlplane_controller.go index 40a0d05..0bb8acb 100644 --- a/controlplane/internal/controllers/rke2controlplane_controller.go +++ b/controlplane/internal/controllers/rke2controlplane_controller.go @@ -27,8 +27,8 @@ import ( controlplanev1 "github.com/rancher-sandbox/cluster-api-provider-rke2/controlplane/api/v1alpha1" ) -// Rke2ControlPlaneReconciler reconciles a Rke2ControlPlane object -type Rke2ControlPlaneReconciler struct { +// RKE2ControlPlaneReconciler reconciles a RKE2ControlPlane object +type RKE2ControlPlaneReconciler struct { client.Client Scheme *runtime.Scheme } @@ -42,13 +42,13 @@ type Rke2ControlPlaneReconciler struct { // Reconcile is part of the main kubernetes reconciliation loop which aims to // move the current state of the cluster closer to the desired state. // TODO(user): Modify the Reconcile function to compare the state specified by -// the Rke2ControlPlane object against the actual cluster state, and then +// the RKE2ControlPlane object against the actual cluster state, and then // perform operations to make the cluster state reflect the state specified by // the user. // // For more details, check Reconcile and its Result here: // - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.12.2/pkg/reconcile -func (r *Rke2ControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { +func (r *RKE2ControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { _ = log.FromContext(ctx) // TODO(user): your logic here @@ -57,8 +57,8 @@ func (r *Rke2ControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Req } // SetupWithManager sets up the controller with the Manager. -func (r *Rke2ControlPlaneReconciler) SetupWithManager(mgr ctrl.Manager) error { +func (r *RKE2ControlPlaneReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). - For(&controlplanev1.Rke2ControlPlane{}). + For(&controlplanev1.RKE2ControlPlane{}). Complete(r) } diff --git a/controlplane/main.go b/controlplane/main.go index 3752770..dd47813 100644 --- a/controlplane/main.go +++ b/controlplane/main.go @@ -89,19 +89,19 @@ func main() { os.Exit(1) } - if err = (&controllers.Rke2ControlPlaneReconciler{ + if err = (&controllers.RKE2ControlPlaneReconciler{ Client: mgr.GetClient(), Scheme: mgr.GetScheme(), }).SetupWithManager(mgr); err != nil { - setupLog.Error(err, "unable to create controller", "controller", "Rke2ControlPlane") + setupLog.Error(err, "unable to create controller", "controller", "RKE2ControlPlane") os.Exit(1) } - if err = (&controlplanev1.Rke2ControlPlane{}).SetupWebhookWithManager(mgr); err != nil { - setupLog.Error(err, "unable to create webhook", "webhook", "Rke2ControlPlane") + if err = (&controlplanev1.RKE2ControlPlane{}).SetupWebhookWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create webhook", "webhook", "RKE2ControlPlane") os.Exit(1) } - if err = (&controlplanev1.Rke2ControlPlaneTemplate{}).SetupWebhookWithManager(mgr); err != nil { - setupLog.Error(err, "unable to create webhook", "webhook", "Rke2ControlPlaneTemplate") + if err = (&controlplanev1.RKE2ControlPlaneTemplate{}).SetupWebhookWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create webhook", "webhook", "RKE2ControlPlaneTemplate") os.Exit(1) } //+kubebuilder:scaffold:builder diff --git a/docs/RKE2 Cluster API Provider - Data Type definitions.md b/docs/RKE2 Cluster API Provider - Data Type definitions.md new file mode 100644 index 0000000..9ce3593 --- /dev/null +++ b/docs/RKE2 Cluster API Provider - Data Type definitions.md @@ -0,0 +1,518 @@ +# RKE2 Cluster API Provider - Data Type definitions + +## Introduction + +The Cluster API Bootstrap provider for RKE2 has a goal of provisioning RKE2 on a Cluster API machine. It relies on `cloud-init` to provision files, modify configuration and run commands on the machine. + +The idea is that the provider gives the user a large choice of configuration options, but uses as many sensible default as possible to avoid overburdening the user. + +Therefore a particular attention has to be given to the kinds of manifests the end user should write. This document aims at documenting the process with which the data types for these manifests have been thought through. + +## Configuration options + +RKE2 is a very configurable Kubernetes distribution. The main ways to configure RKE2 are as follows: + +- config.yaml file (default location at /etc/rancher/rke2/): configuration options for RKE2 that are described in this [documentation page]([Server Configuration Reference - RKE2 - Rancher's Next Generation Kubernetes Distribution](https://docs.rke2.io/install/install_options/server_config/)) + +- registries.yaml () + +- Environement variables for versions, etc. (options documented [here]([Overview - RKE2 - Rancher's Next Generation Kubernetes Distribution](https://docs.rke2.io/install/install_options/install_options/#configuring-the-linux-installation-script))) + +- Possibly automatically deploy manifests in `/var/lib/rancher/rke2/server/manifests/` + +- Should be possible to deploy in **Air-Gapped** mode + + +Question: Should the use be able to uninstall ? + +### First configuration section: config.yaml + +In order to make RKE2 installation sufficiently configurable, we rely on the documentation page above and implement all options. + +This is what the page shows for RKE2 **servers**: + +``` + --config FILE, -c FILE (config) Load configuration from FILE (default: "/etc/rancher/rke2/config.yaml") [$RKE2_CONFIG_FILE] + --debug (logging) Turn on debug logs [$RKE2_DEBUG] + --bind-address value (listener) rke2 bind address (default: 0.0.0.0) + --advertise-address value (listener) IPv4 address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip) + --tls-san value (listener) Add additional hostnames or IPv4/IPv6 addresses as Subject Alternative Names on the server TLS cert + --data-dir value, -d value (data) Folder to hold state (default: "/var/lib/rancher/rke2") + --cluster-cidr value (networking) IPv4/IPv6 network CIDRs to use for pod IPs (default: 10.42.0.0/16) + --service-cidr value (networking) IPv4/IPv6 network CIDRs to use for service IPs (default: 10.43.0.0/16) + --service-node-port-range value (networking) Port range to reserve for services with NodePort visibility (default: "30000-32767") + --cluster-dns value (networking) IPv4 Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10) + --cluster-domain value (networking) Cluster Domain (default: "cluster.local") + --token value, -t value (cluster) Shared secret used to join a server or agent to a cluster [$RKE2_TOKEN] + --token-file value (cluster) File containing the cluster-secret/token [$RKE2_TOKEN_FILE] + --write-kubeconfig value, -o value (client) Write kubeconfig for admin client to this file [$RKE2_KUBECONFIG_OUTPUT] + --write-kubeconfig-mode value (client) Write kubeconfig with this mode [$RKE2_KUBECONFIG_MODE] + --kube-apiserver-arg value (flags) Customized flag for kube-apiserver process + --etcd-arg value (flags) Customized flag for etcd process + --kube-controller-manager-arg value (flags) Customized flag for kube-controller-manager process + --kube-scheduler-arg value (flags) Customized flag for kube-scheduler process + --etcd-expose-metrics (db) Expose etcd metrics to client interface. (Default false) + --etcd-disable-snapshots (db) Disable automatic etcd snapshots + --etcd-snapshot-name value (db) Set the base name of etcd snapshots. Default: etcd-snapshot- (default: "etcd-snapshot") + --etcd-snapshot-schedule-cron value (db) Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *") + --etcd-snapshot-retention value (db) Number of snapshots to retain Default: 5 (default: 5) + --etcd-snapshot-dir value (db) Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots) + --etcd-s3 (db) Enable backup to S3 + --etcd-s3-endpoint value (db) S3 endpoint url (default: "s3.amazonaws.com") + --etcd-s3-endpoint-ca value (db) S3 custom CA cert to connect to S3 endpoint + --etcd-s3-skip-ssl-verify (db) Disables S3 SSL certificate validation + --etcd-s3-access-key value (db) S3 access key [$AWS_ACCESS_KEY_ID] + --etcd-s3-secret-key value (db) S3 secret key [$AWS_SECRET_ACCESS_KEY] + --etcd-s3-bucket value (db) S3 bucket name + --etcd-s3-region value (db) S3 region / bucket location (optional) (default: "us-east-1") + --etcd-s3-folder value (db) S3 folder + --disable value (components) Do not deploy packaged components and delete any deployed components (valid items: rke2-coredns, rke2-ingress-nginx, rke2-metrics-server) + --disable-scheduler (components) Disable Kubernetes default scheduler + --disable-cloud-controller (components) Disable rke2 default cloud controller manager + --disable-kube-proxy (components) Disable running kube-proxy + --node-name value (agent/node) Node name [$RKE2_NODE_NAME] + --node-label value (agent/node) Registering and starting kubelet with set of labels + --node-taint value (agent/node) Registering kubelet with set of taints + --image-credential-provider-bin-dir value (agent/node) The path to the directory where credential provider plugin binaries are located (default: "/var/lib/rancher/credentialprovider/bin") + --image-credential-provider-config value (agent/node) The path to the credential provider plugin config file (default: "/var/lib/rancher/credentialprovider/config.yaml") + --container-runtime-endpoint value (agent/runtime) Disable embedded containerd and use alternative CRI implementation + --snapshotter value (agent/runtime) Override default containerd snapshotter (default: "overlayfs") + --private-registry value (agent/runtime) Private registry configuration file (default: "/etc/rancher/rke2/registries.yaml") + --node-ip value, -i value (agent/networking) IPv4/IPv6 addresses to advertise for node + --node-external-ip value (agent/networking) IPv4/IPv6 external IP addresses to advertise for node + --resolv-conf value (agent/networking) Kubelet resolv.conf file [$RKE2_RESOLV_CONF] + --kubelet-arg value (agent/flags) Customized flag for kubelet process + --kube-proxy-arg value (agent/flags) Customized flag for kube-proxy process + --protect-kernel-defaults (agent/node) Kernel tuning behavior. If set, error if kernel tunables are different than kubelet defaults. + --agent-token value (experimental/cluster) Shared secret used to join agents to the cluster, but not servers [$RKE2_AGENT_TOKEN] + --agent-token-file value (experimental/cluster) File containing the agent secret [$RKE2_AGENT_TOKEN_FILE] + --server value, -s value (experimental/cluster) Server to connect to, used to join a cluster [$RKE2_URL] + --cluster-reset (experimental/cluster) Forget all peers and become sole member of a new cluster [$RKE2_CLUSTER_RESET] + --cluster-reset-restore-path value (db) Path to snapshot file to be restored + --system-default-registry value (image) Private registry to be used for all system images [$RKE2_SYSTEM_DEFAULT_REGISTRY] + --selinux (agent/node) Enable SELinux in containerd [$RKE2_SELINUX] + --lb-server-port value (agent/node) Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer. (default: 6444) [$RKE2_LB_SERVER_PORT] + --cni value (networking) CNI Plugins to deploy, one of none, calico, canal, cilium; optionally with multus as the first value to enable the multus meta-plugin (default: canal) [$RKE2_CNI] + --kube-apiserver-image value (image) Override image to use for kube-apiserver [$RKE2_KUBE_APISERVER_IMAGE] + --kube-controller-manager-image value (image) Override image to use for kube-controller-manager [$RKE2_KUBE_CONTROLLER_MANAGER_IMAGE] + --kube-proxy-image value (image) Override image to use for kube-proxy [$RKE2_KUBE_PROXY_IMAGE] + --kube-scheduler-image value (image) Override image to use for kube-scheduler [$RKE2_KUBE_SCHEDULER_IMAGE] + --pause-image value (image) Override image to use for pause [$RKE2_PAUSE_IMAGE] + --runtime-image value (image) Override image to use for runtime binaries (containerd, kubectl, crictl, etc) [$RKE2_RUNTIME_IMAGE] + --etcd-image value (image) Override image to use for etcd [$RKE2_ETCD_IMAGE] + --kubelet-path value (experimental/agent) Override kubelet binary path [$RKE2_KUBELET_PATH] + --cloud-provider-name value (cloud provider) Cloud provider name [$RKE2_CLOUD_PROVIDER_NAME] + --cloud-provider-config value (cloud provider) Cloud provider configuration file path [$RKE2_CLOUD_PROVIDER_CONFIG] + --profile value (security) Validate system configuration against the selected benchmark (valid items: cis-1.23 ) [$RKE2_CIS_PROFILE] + --audit-policy-file value (security) Path to the file that defines the audit policy configuration [$RKE2_AUDIT_POLICY_FILE] + --control-plane-resource-requests value (components) Control Plane resource requests [$RKE2_CONTROL_PLANE_RESOURCE_REQUESTS] + --control-plane-resource-limits value (components) Control Plane resource limits [$RKE2_CONTROL_PLANE_RESOURCE_LIMITS] + --kube-apiserver-extra-mount value (components) kube-apiserver extra volume mounts [$RKE2_KUBE_APISERVER_EXTRA_MOUNT] + --kube-scheduler-extra-mount value (components) kube-scheduler extra volume mounts [$RKE2_KUBE_SCHEDULER_EXTRA_MOUNT] + --kube-controller-manager-extra-mount value (components) kube-controller-manager extra volume mounts [$RKE2_KUBE_CONTROLLER_MANAGER_EXTRA_MOUNT] + --kube-proxy-extra-mount value (components) kube-proxy extra volume mounts [$RKE2_KUBE_PROXY_EXTRA_MOUNT] + --etcd-extra-mount value (components) etcd extra volume mounts [$RKE2_ETCD_EXTRA_MOUNT] + --cloud-controller-manager-extra-mount value (components) cloud-controller-manager extra volume mounts [$RKE2_CLOUD_CONTROLLER_MANAGER_EXTRA_MOUNT] + --kube-apiserver-extra-env value (components) kube-apiserver extra environment variables [$RKE2_KUBE_APISERVER_EXTRA_ENV] + --kube-scheduler-extra-env value (components) kube-scheduler extra environment variables [$RKE2_KUBE_SCHEDULER_EXTRA_ENV] + --kube-controller-manager-extra-env value (components) kube-controller-manager extra environment variables [$RKE2_KUBE_CONTROLLER_MANAGER_EXTRA_ENV] + --kube-proxy-extra-env value (components) kube-proxy extra environment variables [$RKE2_KUBE_PROXY_EXTRA_ENV] + --etcd-extra-env value (components) etcd extra environment variables [$RKE2_ETCD_EXTRA_ENV] + --cloud-controller-manager-extra-env value (components) cloud-controller-manager extra environment variables [$RKE2_CLOUD_CONTROLLER_MANAGER_EXTRA_ENV]``` +``` + +In order to transform that into a struct, we can use the following regex which catches each line with its formatting: + +```regex + *--([a-z0-9\-]*) (value(, \-[a-z] value){0,1}){0,1} *\([a-z/]*\) ([\u\l ,\d/\.\-]*)(.*$) +``` + +with the following for replacement: + +```regex +// $1 $4\n//+optional\n$1\n$5\n\n +``` + +This will create a pseudo-struct definition that does not satisfy the Kubernetes API and Golang guidelines for attribute naming + +### Filtering previous + +- Token + +- TokenFile + + +Are probably not needed since the token can be generated automatically and should not necessarily be known to/provided by the user. After some work on the attribute formatting and some clean up, we can get the first workable intermediate result. + +### Intermediate result + +This shows a first usable intermediate result: + +```go +type RKE2ServerConfig struct { + // Debug is boolean that turns on debug logs if true (default: false) + //+optional + Debug bool `json:"debug,omitempty"` + + // BindAddress describes the rke2 bind address (default: 0.0.0.0) + // +optional + BindAddress string `json:"bindAddress,omitempty"` + + // AdvertiseAddress IP address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip) + // +optional + AdvertiseAddress string `json:"advertiseAddress,omitempty"` + + // TLSSan Add additional hostname or IP as a Subject Alternative Name in the TLS cert + // +optional + TLSSan []string `json:"tlsSan,omitempty"` + + // DataDir is the Folder to hold RKE2's state (default: "/var/lib/rancher/rke2") + //+optional + DataDir string `json:"data-dir,omitempty"` + + // ClusterCidr Network CIDR to use for pod IPs (default: "10.42.0.0/16") + // +optional + ClusterCidr string `json:"clusterCidr,omitempty"` + + // ServiceCidr Network CIDR to use for services IPs (default: "10.43.0.0/16") + // +optional + ServiceCidr string `json:"serviceCidr,omitempty"` + + // ServiceNodePortRange is the port range to reserve for services with NodePort visibility (default: "30000-32767") + //+optional + ServiceNodePortRange string `json:"service-node-port-range,omitempty"` + + // ClusterDNS Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10) + // +optional + ClusterDNS string `json:"clusterDNS,omitempty"` + + // ClusterDomain Cluster Domain (default: "cluster.local") + // +optional + ClusterDomain string `json:"clusterDomain,omitempty"` + + // TODO: Remove both Token and TokenFile attributes + + // token Shared secret used to join a server or agent to a cluster + //+optional + //Token string `json:"token,omitempty"` + + // token-file File containing the cluster-secret/token + //+optional + //TokenFile string `json:"token-file,omitempty"` + + // WriteKubeconfig path to which kubeconfig file for admin client will be written + // +optional + WriteKubeconfig string `json:"writeKubeconfig,omitempty"` + + // WriteKubeconfigMode Write kubeconfig with this mode + // +optional + WriteKubeconfigMode string `json:"writeKubeconfigMode,omitempty"` + + // KubeApiserverArgs Customized flag for kube-apiserver process + // +optional + KubeApiserverArgs []string `json:"kubeApiserverArgs,omitempty"` + + // EtcdArgs Customized flag for etcd process + // +optional + EtcdArgs []string `json:"etcdArgs,omitempty"` + + // KubeControllerManagerArgs Customized flag for kube-controller-manager process + // +optional + KubeControllerManagerArgs []string `json:"kubeControllerManagerArgs,omitempty"` + + // KubeSchedulerArgs Customized flag for kube-scheduler process + // +optional + KubeSchedulerArgs []string `json:"kubeSchedulerArgs,omitempty"` + + // EtcdExposeMetrics Expose etcd metrics to client interface. (Default false) + // +optional + EtcdExposeMetrics string `json:"etcdExposeMetrics,omitempty"` + + // EtcdDisableSnapshots Disable automatic etcd snapshots + // +optional + EtcdDisableSnapshots string `json:"etcdDisableSnapshots,omitempty"` + + // EtcdSnapshotName Set the base name of etcd snapshots. Default: etcd-snapshot- (default: "etcd-snapshot") + // +optional + EtcdSnapshotName string `json:"etcdSnapshotName,omitempty"` + + // EtcdSnapshotScheduleCron Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *") + // +optional + EtcdSnapshotScheduleCron string `json:"etcdSnapshotScheduleCron,omitempty"` + + // EtcdSnapshotRetention Number of snapshots to retain Default: 5 (default: 5) + // +optional + EtcdSnapshotRetention string `json:"etcdSnapshotRetention,omitempty"` + + // EtcdSnapshotDir Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots) + // +optional + EtcdSnapshotDir string `json:"etcdSnapshotDir,omitempty"` + + // EtcdS3 Enable backup to S3 + // +optional + EtcdS3 string `json:"etcdS3,omitempty"` + + // EtcdS3Endpoint S3 endpoint url (default: "s3.amazonaws.com") + // +optional + EtcdS3Endpoint string `json:"etcdS3Endpoint,omitempty"` + + // EtcdS3EndpointCa S3 custom CA cert to connect to S3 endpoint + // +optional + EtcdS3EndpointCa string `json:"etcdS3EndpointCa,omitempty"` + + // EtcdS3SkipSslVerify Disables S3 SSL certificate validation + // +optional + EtcdS3SkipSslVerify string `json:"etcdS3SkipSslVerify,omitempty"` + + // EtcdS3AccessKey S3 access key + // +optional + EtcdS3AccessKey string `json:"etcdS3AccessKey,omitempty"` + + // EtcdS3SecretKey S3 secret key + // +optional + EtcdS3SecretKey string `json:"etcdS3SecretKey,omitempty"` + + // EtcdS3Bucket S3 bucket name + // +optional + EtcdS3Bucket string `json:"etcdS3Bucket,omitempty"` + + // EtcdS3Region S3 region / bucket location (optional) (default: "us-east-1") + // +optional + EtcdS3Region string `json:"etcdS3Region,omitempty"` + + // EtcdS3Folder S3 folder + // +optional + EtcdS3Folder string `json:"etcdS3Folder,omitempty"` + + // Disable Do not deploy packaged components and delete any deployed components (valid items: rke2-coredns, rke2-ingress-nginx, rke2-metrics-server) + // +optional + Disable []DisabledItem `json:"disable,omitempty"` + + // DisableScheduler Disable Kubernetes default scheduler + // +optional + DisableScheduler string `json:"disable-scheduler,omitempty"` + + // DisableCloudController Disable rke2 default cloud controller manager + // +optional + DisableCloudController string `json:"disableCloudController,omitempty"` + + // DisableKubeProxy Disable running kube-proxy + // +optional + DisableKubeProxy string `json:"disableKubeProxy,omitempty"` + + // NodeName Node name + // +optional + NodeName string `json:"nodeName,omitempty"` + + // NodeLabel Registering and starting kubelet with set of labels + // +optional + NodeLabel string `json:"nodeLabel,omitempty"` + + // NodeTaint Registering kubelet with set of taints + // +optional + NodeTaint string `json:"nodeTaint,omitempty"` + + // ImageCredentialProviderBinDir The path to the directory where credential provider plugin binaries are located (default: "/var/lib/rancher/credentialprovider/bin") + // +optional + ImageCredentialProviderBinDir string `json:"imageCredentialProviderBinDir,omitempty"` + + // ImageCredentialProviderConfig The path to the credential provider plugin config file (default: "/var/lib/rancher/credentialprovider/config.yaml") + // +optional + ImageCredentialProviderConfig string `json:"imageCredentialProviderConfig,omitempty"` + + // ContainerRuntimeEndpoint Disable embedded containerd and use alternative CRI implementation + // +optional + ContainerRuntimeEndpoint string `json:"containerRuntimeEndpoint,omitempty"` + + // Snapshotter Override default containerd snapshotter (default: "overlayfs") + // +optional + Snapshotter string `json:"snapshotter,omitempty"` + + // TODO: Decide if user should be able to do this here, registries.yaml might integrated in ConfigSpec. + + // PrivateRegistry Private registry configuration file (default: "/etc/rancher/rke2/registries.yaml") + // +optional + PrivateRegistry string `json:"privateRegistry,omitempty"` + + // NodeIp IPv4/IPv6 addresses to advertise for node + // +optional + NodeIp string `json:"nodeIp,omitempty"` + + // NodeExternalIp IPv4/IPv6 external IP addresses to advertise for node + // +optional + NodeExternalIp string `json:"nodeExternalIp,omitempty"` + + // ResolvConf Kubelet resolv.conf file + // +optional + ResolvConf string `json:"resolvConf,omitempty"` + + // KubeletArgs Customized flag for kubelet process + // +optional + KubeletArgs []string `json:"kubeletArgs,omitempty"` + + // KubeProxyArgs Customized flag for kube-proxy process + // +optional + KubeProxyArgs []string `json:"kubeProxyArgs,omitempty"` + + // ProtectKernelDefaults Kernel tuning behavior. If set, error if kernel tunables are different than kubelet defaults. + // +optional + ProtectKernelDefaults string `json:"protectKernelDefaults,omitempty"` + + // AgentToken Shared secret used to join agents to the cluster, but not servers + // +optional + AgentToken string `json:"agentToken,omitempty"` + + // AgentTokenFile File containing the agent secret + // +optional + AgentTokenFile string `json:"agentTokenFile,omitempty"` + + // Server Server to connect to, used to join a cluster + // +optional + Server string `json:"server,omitempty"` + + // ClusterReset Forget all peers and become sole member of a new cluster + // +optional + ClusterReset string `json:"clusterReset,omitempty"` + + // ClusterResetRestorePath Path to snapshot file to be restored + // +optional + ClusterResetRestorePath string `json:"clusterResetRestorePath,omitempty"` + + // SystemDefaultRegistry Private registry to be used for all system images + // +optional + SystemDefaultRegistry string `json:"systemDefaultRegistry,omitempty"` + + // Selinux Enable SELinux in containerd + // +optional + Selinux string `json:"selinux,omitempty"` + + // LbServerPort Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer. (default: 6444) + // +optional + LbServerPort string `json:"lbServerPort,omitempty"` + + // Cni CNI Plugins to deploy, one of none, calico, canal, cilium; optionally with multus as the first value to enable the multus meta-plugin (default: canal) + // +optional + Cni Cni `json:"cni,omitempty"` + + // KubeApiserverImage Override image to use for kube-apiserver + // +optional + KubeApiserverImage string `json:"kubeApiserverImage,omitempty"` + + // KubeControllerManagerImage Override image to use for kube-controller-manager + // +optional + KubeControllerManagerImage string `json:"kubeControllerManagerImage,omitempty"` + + // KubeProxyImage Override image to use for kube-proxy + // +optional + KubeProxyImage string `json:"kubeProxyImage,omitempty"` + + // KubeSchedulerImage Override image to use for kube-scheduler + // +optional + KubeSchedulerImage string `json:"kubeSchedulerImage,omitempty"` + + // PauseImage Override image to use for pause + // +optional + PauseImage string `json:"pauseImage,omitempty"` + + // RuntimeImage Override image to use for runtime binaries (containerd, kubectl, crictl, etc) + // +optional + RuntimeImage string `json:"runtimeImage,omitempty"` + + // EtcdImage Override image to use for etcd + // +optional + EtcdImage string `json:"etcdImage,omitempty"` + + // KubeletPath Override kubelet binary path + // +optional + KubeletPath string `json:"kubeletPath,omitempty"` + + // CloudProviderName Cloud provider name + // + // +optional + CloudProviderName string `json:"cloudProviderName,omitempty"` + + // CloudProviderConfig Cloud provider configuration file path + // + // +optional + CloudProviderConfig string `json:"cloudProviderConfig,omitempty"` + + // NOTE: this was only profile, changed it to cisProfile + + // CisProfile Validate system configuration against the selected benchmark (valid items: cis-1.23 ) + // +optional + CisProfile CisProfile `json:"cisProfile,omitempty"` + + // AuditPolicyFile Path to the file that defines the audit policy configuration + // +optional + AuditPolicyFile string `json:"auditPolicyFile,omitempty"` + + // ControlPlaneResourceRequests Control Plane resource requests + // +optional + ControlPlaneResourceRequests string `json:"controlPlaneResourceRequests,omitempty"` + + // ControlPlaneResourceLimits Control Plane resource limits + // +optional + ControlPlaneResourceLimits string `json:"controlPlaneResourceLimits,omitempty"` + + // KubeApiserverExtraMount kube-apiserver extra volume mounts + // +optional + KubeApiserverExtraMount string `json:"kubeApiserverExtraMount,omitempty"` + + // KubeSchedulerExtraMount kube-scheduler extra volume mounts + // +optional + KubeSchedulerExtraMount string `json:"kubeSchedulerExtraMount,omitempty"` + + // KubeControllerManagerExtraMount kube-controller-manager extra volume mounts + // +optional + KubeControllerManagerExtraMount string `json:"kubeControllerManagerExtraMount,omitempty"` + + // KubeProxyExtraMount kube-proxy extra volume mounts + // +optional + KubeProxyExtraMount string `json:"kubeProxyExtraMount,omitempty"` + + // EtcdExtraMount etcd extra volume mounts + // +optional + EtcdExtraMount string `json:"etcdExtraMount,omitempty"` + + // CloudControllerManagerExtraMount cloud-controller-manager extra volume mounts + // +optional + CloudControllerManagerExtraMount string `json:"cloudControllerManagerExtraMount,omitempty"` + + // KubeApiserverExtraEnv kube-apiserver extra environment variables + // +optional + KubeApiserverExtraEnv string `json:"kubeApiserverExtraEnv,omitempty"` + + // KubeSchedulerExtraEnv kube-scheduler extra environment variables + // +optional + KubeSchedulerExtraEnv string `json:"kubeSchedulerExtraEnv,omitempty"` + + // KubeControllerManagerExtraEnv kube-controller-manager extra environment variables + // +optional + KubeControllerManagerExtraEnv string `json:"kubeControllerManagerExtraEnv,omitempty"` + + // KubeProxyExtraEnv kube-proxy extra environment variables + // +optional + KubeProxyExtraEnv string `json:"kubeProxyExtraEnv,omitempty"` + + // EtcdExtraEnv etcd extra environment variables + // +optional + EtcdExtraEnv string `json:"etcdExtraEnv,omitempty"` + + // CloudControllerManagerExtraEnv cloud-controller-manager extra environment variables + // +optional + CloudControllerManagerExtraEnv string `json:"cloudControllerManagerExtraEnv,omitempty"` +} + + +// DisabledItem selects a plugin Components to be disabled +// +kubebuilder:validation:enum=rke2-coredns;rke2-ingress-nginx;rke2-metrics-server +type DisabledItem string + +// CisProfile defines the CIS Benchmark profile to be activated in RKE2 +// +kubebuilder:validation:enum=cis-1.23 +type CisProfile string + +// Cni defines the Cni options for deploying RKE2 +// +kubebuilder:validation:enum=none;calico;canal;cilium +type Cni string +``` diff --git a/docs/Structures Relationships.uml b/docs/Structures Relationships.uml new file mode 100644 index 0000000..9ce371d --- /dev/null +++ b/docs/Structures Relationships.uml @@ -0,0 +1,264 @@ +@startuml +namespace v1beta1 { + class AuthConfig << (S,Aquamarine) >> { + + Username string + + Password string + + Auth string + + IdentityToken string + + } + class ComponentConfig << (S,Aquamarine) >> { + + ExtraEnv map[string]string + + ExtraArgs map[string]string + + ExtraMounts map[string]string + + OverrideImage string + + } + class EtcdBackupConfig << (S,Aquamarine) >> { + + EtcdDisableSnapshots bool + + EtcdSnapshotName string + + EtcdSnapshotScheduleCron string + + EtcdSnapshotRetention string + + EtcdSnapshotDir string + + EtcdS3 EtcdS3 + + } + class EtcdS3 << (S,Aquamarine) >> { + + Endpoint string + + EndpointCa string + + SkipSslVerify string + + AccessKey string + + SecretKey string + + Bucket string + + Region string + + Folder string + + } + class File << (S,Aquamarine) >> { + + Path string + + Owner string + + Permissions string + + Encoding Encoding + + Content string + + ContentFrom *FileSource + + + DeepCopyInto(out *File) + + DeepCopy() *File + + } + class FileSource << (S,Aquamarine) >> { + + Secret SecretFileSource + + + DeepCopyInto(out *FileSource) + + DeepCopy() *FileSource + + } + class Mirror << (S,Aquamarine) >> { + + Endpoints []string + + Rewrites map[string]string + + } + class RKE2AgentConfig << (S,Aquamarine) >> { + + NodeLabels []string + + NodeTaints []string + + PrivateRegistry string + + KubeletArgs []string + + KubeProxyArgs []string + + NodeName string + + + DeepCopyInto(out *RKE2AgentConfig) + + DeepCopy() *RKE2AgentConfig + + } + class RKE2Config << (S,Aquamarine) >> { + + Spec RKE2ConfigSpec + + Status RKE2ConfigStatus + + + GetConditions() v1beta1.Conditions + + SetConditions(conditions v1beta1.Conditions) + + DeepCopyInto(out *RKE2Config) + + DeepCopy() *RKE2Config + + DeepCopyObject() runtime.Object + + } + class RKE2ConfigList << (S,Aquamarine) >> { + + Items []RKE2Config + + + DeepCopyInto(out *RKE2ConfigList) + + DeepCopy() *RKE2ConfigList + + DeepCopyObject() runtime.Object + + } + class RKE2ConfigSpec << (S,Aquamarine) >> { + + Files []File + + PreRKE2Commands []string + + DeployRKE2Commands []string + + PostRKE2Commands []string + + AgentConfig RKE2AgentConfig + + ServerConfig RKE2ServerConfig + + PrivateRegistriesConfig Registry + + Version string + + + DeepCopyInto(out *RKE2ConfigSpec) + + DeepCopy() *RKE2ConfigSpec + + } + class RKE2ConfigStatus << (S,Aquamarine) >> { + + Ready bool + + BootstrapData []byte + + DataSecretName *string + + FailureReason string + + FailureMessage string + + ObservedGeneration int64 + + Conditions v1beta1.Conditions + + + DeepCopyInto(out *RKE2ConfigStatus) + + DeepCopy() *RKE2ConfigStatus + + } + class RKE2ConfigTemplate << (S,Aquamarine) >> { + + Spec RKE2ConfigTemplateSpec + + + DeepCopyInto(out *RKE2ConfigTemplate) + + DeepCopy() *RKE2ConfigTemplate + + DeepCopyObject() runtime.Object + + } + class RKE2ConfigTemplateList << (S,Aquamarine) >> { + + Items []RKE2ConfigTemplate + + + DeepCopyInto(out *RKE2ConfigTemplateList) + + DeepCopy() *RKE2ConfigTemplateList + + DeepCopyObject() runtime.Object + + } + class RKE2ConfigTemplateResource << (S,Aquamarine) >> { + + Spec RKE2ConfigSpec + + + DeepCopyInto(out *RKE2ConfigTemplateResource) + + DeepCopy() *RKE2ConfigTemplateResource + + } + class RKE2ConfigTemplateSpec << (S,Aquamarine) >> { + + Template RKE2ConfigTemplateResource + + + DeepCopyInto(out *RKE2ConfigTemplateSpec) + + DeepCopy() *RKE2ConfigTemplateSpec + + } + class RKE2ServerConfig << (S,Aquamarine) >> { + + BindAddress string + + AdvertiseAddress string + + TLSSan []string + + DataDir string + + ServiceNodePortRange string + + ClusterDNS string + + ClusterDomain string + + WriteKubeconfig string + + WriteKubeconfigMode string + + EtcdExposeMetrics string + + EtcdBackupConfig EtcdBackupConfig + + Disable []DisabledItem + + DisableScheduler string + + DisableCloudController string + + DisableKubeProxy string + + NodeName string + + NodeLabel string + + NodeTaint string + + ImageCredentialProviderBinDir string + + ImageCredentialProviderConfig string + + ContainerRuntimeEndpoint string + + Snapshotter string + + PrivateRegistry string + + NodeIp string + + NodeExternalIp string + + ResolvConf string + + ProtectKernelDefaults string + + SystemDefaultRegistry string + + Selinux string + + LbServerPort string + + Cni Cni + + PauseImage string + + RuntimeImage string + + KubeletPath string + + CloudProviderName string + + CloudProviderConfig string + + CisProfile CisProfile + + AuditPolicyFile string + + ControlPlaneResourceRequests string + + ControlPlaneResourceLimits string + + Etcd ComponentConfig + + KubeApiServer ComponentConfig + + KubeControllerManager ComponentConfig + + KubeScheduler ComponentConfig + + KubeProxy ComponentConfig + + CloudControllerManager ComponentConfig + + Kubelet ComponentConfig + + + DeepCopyInto(out *RKE2ServerConfig) + + DeepCopy() *RKE2ServerConfig + + } + class Registry << (S,Aquamarine) >> { + + Mirrors map[string]Mirror + + Configs map[string]RegistryConfig + + } + class RegistryConfig << (S,Aquamarine) >> { + + Auth *AuthConfig + + TLS *TLSConfig + + } + class SecretFileSource << (S,Aquamarine) >> { + + Name string + + Key string + + + DeepCopyInto(out *SecretFileSource) + + DeepCopy() *SecretFileSource + + } + class TLSConfig << (S,Aquamarine) >> { + + CAFile string + + CertFile string + + KeyFile string + + InsecureSkipVerify bool + + } + class v1beta1.CisProfile << (T, #FF7700) >> { + } + class v1beta1.Cni << (T, #FF7700) >> { + } + class v1beta1.DisabledItem << (T, #FF7700) >> { + } + class v1beta1.Encoding << (T, #FF7700) >> { + } +} + +"v1beta1.RKE2ConfigList" *-- "v1beta1.RKE2Config" +"v1beta1.RKE2Config" *-- "v1beta1.RKE2ConfigStatus" +"v1beta1.RKE2Config" *-- "v1beta1.RKE2ConfigSpec" +"v1beta1.RKE2ConfigSpec" *-- "v1beta1.RKE2ServerConfig" +"v1beta1.RKE2ConfigSpec" *-- "v1beta1.File" +"v1beta1.RKE2ConfigSpec" *-- "v1beta1.RKE2AgentConfig" +"v1beta1.RKE2ServerConfig" *-- "v1beta1.EtcdBackupConfig" +"v1beta1.EtcdBackupConfig" *-- "v1beta1.EtcdS3" +"v1beta1.RKE2ServerConfig" *-- "v1beta1.CisProfile" +"v1beta1.RKE2ServerConfig" *-- "v1beta1.Cni" +"v1beta1.RKE2ServerConfig" *-- "v1beta1.DisabledItem" +"v1beta1.RKE2ConfigSpec" *-- "v1beta1.Registry" +"v1beta1.RKE2ServerConfig" *-- "v1beta1.ComponentConfig" +"v1beta1.Registry" *-- "v1beta1.Mirror" +"v1beta1.Registry" *-- "v1beta1.RegistryConfig" +"v1beta1.RegistryConfig" *-- "v1beta1.AuthConfig" +"v1beta1.RegistryConfig" *-- "v1beta1.TLSConfig" +"v1beta1.File" *-- "v1beta1.FileSource" +"v1beta1.File" *-- "v1beta1.Encoding" +"v1beta1.FileSource" *-- "v1beta1.SecretFileSource" + +"v1beta1.RKE2ConfigTemplateList" *-- "v1beta1.RKE2ConfigTemplate" +"v1beta1.RKE2ConfigTemplate" *-- "v1beta1.RKE2ConfigTemplateSpec" +"v1beta1.RKE2ConfigTemplateSpec" *-- "v1beta1.RKE2ConfigTemplateResource" +"v1beta1.RKE2ConfigTemplateResource" *-- "v1beta1.RKE2ConfigSpec" + + +@enduml \ No newline at end of file diff --git a/go.mod b/go.mod index 7a3199a..a11719e 100644 --- a/go.mod +++ b/go.mod @@ -9,6 +9,7 @@ require ( k8s.io/api v0.25.3 k8s.io/apimachinery v0.25.3 k8s.io/client-go v0.25.3 + sigs.k8s.io/cluster-api v1.2.5 sigs.k8s.io/controller-runtime v0.13.1 ) @@ -23,6 +24,7 @@ require ( github.com/PuerkitoBio/purell v1.1.1 // indirect github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect github.com/beorn7/perks v1.0.1 // indirect + github.com/blang/semver v3.5.1+incompatible // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/emicklei/go-restful/v3 v3.8.0 // indirect @@ -39,8 +41,8 @@ require ( github.com/golang/protobuf v1.5.2 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect github.com/google/go-cmp v0.5.9 // indirect - github.com/google/gofuzz v1.1.0 // indirect - github.com/google/uuid v1.1.2 // indirect + github.com/google/gofuzz v1.2.0 // indirect + github.com/google/uuid v1.2.0 // indirect github.com/imdario/mergo v0.3.12 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect @@ -58,9 +60,9 @@ require ( go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect go.uber.org/zap v1.21.0 // indirect - golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd // indirect + golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 // indirect golang.org/x/net v0.1.0 // indirect - golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect + golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb // indirect golang.org/x/sys v0.1.0 // indirect golang.org/x/term v0.1.0 // indirect golang.org/x/text v0.4.0 // indirect diff --git a/go.sum b/go.sum index 87ce007..daefd0b 100644 --- a/go.sum +++ b/go.sum @@ -79,6 +79,8 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= +github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -201,8 +203,8 @@ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= @@ -222,8 +224,9 @@ github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs= +github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= @@ -369,8 +372,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd h1:XcWmESyNjXJMLahc3mqVQJcgSTDxFxhETVlfk9uGc38= -golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 h1:kUhD7nTDoI3fVd9G4ORWrbV5NY0liEs/Jg2pv5f+bBA= +golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -448,6 +451,7 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -465,8 +469,8 @@ golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb h1:8tDJ3aechhddbdPAxpycgXHJRMLpk/Ab+aa4OgdN5/g= +golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -537,11 +541,13 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0 h1:g6Z6vPFA9dYBAF7DWcH6sCcOntplXsDKcliusYijMlw= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -552,6 +558,7 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -806,6 +813,8 @@ k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/ rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= +sigs.k8s.io/cluster-api v1.2.5 h1:Am4W5ITO0v5FUNkfCuD6gwE29phDt1gyQY9EGWnTYIU= +sigs.k8s.io/cluster-api v1.2.5/go.mod h1:Ye5gn15u+q6VcE+Se7nBMSo6INm55F+zBcCiWzrjxFc= sigs.k8s.io/controller-runtime v0.13.1 h1:tUsRCSJVM1QQOOeViGeX3GMT3dQF1eePPw6sEE3xSlg= sigs.k8s.io/controller-runtime v0.13.1/go.mod h1:Zbz+el8Yg31jubvAEyglRZGdLAjplZl+PgtYNI6WNTI= sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= From 57c6795ecf4ba6333a42db52bfb88c2cca2b0668 Mon Sep 17 00:00:00 2001 From: Mohamed Belgaied Hassine Date: Fri, 11 Nov 2022 13:33:42 +0000 Subject: [PATCH 2/2] Refining the Control Plane API Moved RKE2ServerConfig relevant parts to Control Plane API Signed-off-by: Mohamed Belgaied Hassine standardized comment spacing to a single space Signed-off-by: Mohamed Belgaied Hassine Added ManifestsConfigMapReference to the control plane for the possibility to automatically deploy manifests Signed-off-by: Mohamed Belgaied Hassine Added NTP Field to the common node configuration Signed-off-by: Mohamed Belgaied Hassine Adding Status fields in the Control API and clarifying bootstrap import Signed-off-by: Mohamed Belgaied Hassine Adding fields from RKE2ConfigSpec to RKE2ControlPlaneSpec and removing RKE2CommonNodeConf struct Signed-off-by: Mohamed Belgaied Hassine fixed LoadBalancerPort json name Signed-off-by: Mohamed Belgaied Hassine Removed fields for requests and limits of the control plane components from the API Signed-off-by: Mohamed Belgaied Hassine Removed some unnecessary comments generated by kubebuilder Signed-off-by: Mohamed Belgaied Hassine --- bootstrap/api/v1alpha1/rke2config_types.go | 231 +----- bootstrap/api/v1alpha1/rke2config_webhook.go | 7 - .../v1alpha1/rke2configtemplate_webhook.go | 7 - .../api/v1alpha1/zz_generated.deepcopy.go | 121 +-- ...ootstrap.cluster.x-k8s.io_rke2configs.yaml | 633 +-------------- .../api/v1alpha1/rke2controlplane_types.go | 247 +++++- .../api/v1alpha1/rke2controlplane_webhook.go | 8 - .../rke2controlplanetemplate_webhook.go | 7 - .../api/v1alpha1/zz_generated.deepcopy.go | 123 ++- ...ne.cluster.x-k8s.io_rke2controlplanes.yaml | 751 +++++++++++++++++- 10 files changed, 1157 insertions(+), 978 deletions(-) diff --git a/bootstrap/api/v1alpha1/rke2config_types.go b/bootstrap/api/v1alpha1/rke2config_types.go index c48245d..457683e 100644 --- a/bootstrap/api/v1alpha1/rke2config_types.go +++ b/bootstrap/api/v1alpha1/rke2config_types.go @@ -43,10 +43,6 @@ type RKE2ConfigSpec struct { //+optional AgentConfig RKE2AgentConfig `json:"agentConfig,omitempty"` - // ServerConfig specifies configuration for the agent nodes. - //+optional - ServerConfig RKE2ServerConfig `json:"serverConfig,omitempty"` - // PrivateRegistriesConfig defines the containerd configuration for private registries and local registry mirrors. //+optional PrivateRegistriesConfig Registry `json:"privateRegistriesConfig,omitempty"` @@ -56,115 +52,8 @@ type RKE2ConfigSpec struct { Version string `json:"version,omitempty"` } -type RKE2ServerConfig struct { - // RKE2CommonNodeConfig is an inline struct that references common attribtes between agent and server nodes - RKE2CommonNodeConfig `json:",inline"` - - // BindAddress describes the rke2 bind address (default: 0.0.0.0). - //+optional - BindAddress string `json:"bindAddress,omitempty"` - - // AdvertiseAddress IP address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip). - //+optional - AdvertiseAddress string `json:"advertiseAddress,omitempty"` - - // TLSSan Add additional hostname or IP as a Subject Alternative Name in the TLS cert. - //+optional - TLSSan []string `json:"tlsSan,omitempty"` - - // ServiceNodePortRange is the port range to reserve for services with NodePort visibility (default: "30000-32767"). - //+optional - ServiceNodePortRange string `json:"service-node-port-range,omitempty"` - - // ClusterDNS is the cluster IP for CoreDNS service. Should be in your service-cidr range (default: 10.43.0.10). - //+optional - ClusterDNS string `json:"clusterDNS,omitempty"` - - // ClusterDomain is the cluster domain name (default: "cluster.local"). - //+optional - ClusterDomain string `json:"clusterDomain,omitempty"` - - // ExposeEtcdMetrics defines the policy for ETCD Metrics exposure. - // if value is true, ETCD metrics will be exposed - // if value is false, ETCD metrics will NOT be exposed - // +optional - ExposeEtcdMetrics bool `json:"exposeEtcdMetrics,omitempty"` - - // EtcdBackupConfig defines how RKE2 will snapshot ETCD: target storage, schedule, etc. - //+optional - EtcdBackupConfig EtcdBackupConfig `json:"etcdBackupConfig,omitempty"` - - // DisableComponents lists Kubernetes components and RKE2 plugin components that will be disabled. - //+optional - DisableComponents DisableComponents `json:"disableComponents,omitempty"` - - // LoadBalancerPort Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer (default: 6444). - //+optional - LoadBalancerPort int `json:"lbServerPort,omitempty"` - - // CNI describes the CNI Plugins to deploy, one of none, calico, canal, cilium; optionally with multus as the first value to enable the multus meta-plugin (default: canal). - // +kubebuilder:validation:Enum=none;calico;canal;cilium - //+optional - CNI CNI `json:"cni,omitempty"` - - // PauseImage Override image to use for pause. - //+optional - PauseImage string `json:"pauseImage,omitempty"` - - // RuntimeImage Override image to use for runtime binaries (containerd, kubectl, crictl, etc). - //+optional - RuntimeImage string `json:"runtimeImage,omitempty"` - - // CloudProviderName Cloud provider name. - //+optional - CloudProviderName string `json:"cloudProviderName,omitempty"` - - // CloudProviderConfigMap is a reference to a ConfigMap containing Cloud provider configuration. - //+optional - CloudProviderConfigMap corev1.ObjectReference `json:"cloudProviderConfigMap,omitempty"` - - // NOTE: this was only profile, changed it to cisProfile. - - // AuditPolicySecret Path to the file that defines the audit policy configuration. - //+optional - AuditPolicySecret corev1.ObjectReference `json:"auditPolicySecret,omitempty"` - - // ControlPlaneResourceRequests Control Plane resource requests. - //+optional - ControlPlaneResourceRequests string `json:"controlPlaneResourceRequests,omitempty"` - - // ControlPlaneResourceLimits Control Plane resource limits. - //+optional - ControlPlaneResourceLimits string `json:"controlPlaneResourceLimits,omitempty"` - - // Etcd defines optional custom configuration of ETCD. - //+optional - Etcd ComponentConfig `json:"etcd,omitempty"` - - // KubeAPIServer defines optional custom configuration of the Kube API Server. - //+optional - KubeAPIServer ComponentConfig `json:"kubeAPIServer,omitempty"` - - // KubeControllerManager defines optional custom configuration of the Kube Controller Manager. - //+optional - KubeControllerManager ComponentConfig `json:"kubeControllerManager,omitempty"` - - // KubeScheduler defines optional custom configuration of the Kube Scheduler. - //+optional - KubeScheduler ComponentConfig `json:"kubeScheduler,omitempty"` - - // CloudControllerManager defines optional custom configuration of the Cloud Controller Manager. - //+optional - CloudControllerManager ComponentConfig `json:"cloudControllerManager,omitempty"` -} - -type RKE2AgentConfig struct { - // RKE2CommonNodeConfig is an inline struct that references common attribtes between agent and server nodes - RKE2CommonNodeConfig `json:",inline"` -} - // RKE2CommonNodeConfig describes some attributes that are common to agent and server nodes -type RKE2CommonNodeConfig struct { +type RKE2AgentConfig struct { // DataDir Folder to hold state. //+optional DataDir string `json:"dataDir,omitempty"` @@ -181,6 +70,10 @@ type RKE2CommonNodeConfig struct { //+optional NodeNamePrefix string `json:"nodeName,omitempty"` + // NTP specifies NTP configuration + // +optional + NTP *NTP `json:"ntp,omitempty"` + // ImageCredentialProviderConfigMap is a reference to the ConfigMap that contains credential provider plugin config // The configMap should contain a YAML file content + a Path to the Binaries for Credential Provider. //+optional @@ -239,15 +132,15 @@ type RKE2CommonNodeConfig struct { KubeProxy ComponentConfig `json:"kubeProxy,omitempty"` } -// DisableComponents describes components of RKE2 (Kubernetes components and plugin components) that should be disabled -type DisableComponents struct { - // KubernetesComponents is a list of Kubernetes components to disable. - // +kubebuilder:validation:Enum=scheduler;kubeProxy;cloudController - KubernetesComponents []DisabledKubernetesComponent `json:"kubernetesComponents,omitempty"` +// NTP defines input for generated ntp in cloud-init. +type NTP struct { + // Servers specifies which NTP servers to use + // +optional + Servers []string `json:"servers,omitempty"` - // PluginComponents is a list of PluginComponents to disable. - // +kubebuilder:validation:Enum=rke2-coredns;rke2-ingress-nginx;rke2-metrics-server - PluginComponents []DisabledPluginComponent `json:"pluginComponents,omitempty"` + // Enabled specifies whether NTP should be enabled + // +optional + Enabled *bool `json:"enabled,omitempty"` } // RKE2ConfigStatus defines the observed state of RKE2Config. @@ -305,18 +198,6 @@ type RKE2ConfigList struct { Items []RKE2Config `json:"items"` } -// DisabledItem selects a plugin Components to be disabled. -type DisabledPluginComponent string - -const ( - // CoreDNS references the RKE2 Plugin "rke2-coredns" - CoreDNS DisabledPluginComponent = "rke2-coredns" - // IngressNginx references the RKE2 Plugin "rke2-ingress-nginx" - IngressNginx DisabledPluginComponent = "rke2-ingress-nginx" - // MetricsServer references the RKE2 Plugin "rke2-metrics-server" - MetricsServer DisabledPluginComponent = "rke2-metrics-server" -) - // CISProfile defines the CIS Benchmark profile to be activated in RKE2. type CISProfile string @@ -325,20 +206,6 @@ const ( CIS1_23 CISProfile = "cis-1.23" ) -// CNI defines the Cni options for deploying RKE2. -type CNI string - -const ( - // Cilium references the RKE2 CNI Plugin "cilium" - Cilium CNI = "cilium" - // Calico references the RKE2 CNI Plugin "calico" - Calico CNI = "calico" - // Canal references the RKE2 CNI Plugin "canal" - Canal CNI = "canal" - // None means that no CNI Plugin will be installed with RKE2, letting the operator install his own CNI afterwards. - None CNI = "none" -) - // Encoding specifies the cloud-init file encoding. type Encoding string @@ -351,20 +218,6 @@ const ( GzipBase64 Encoding = "gzip+base64" ) -// DisabledKubernetesComponent is an enum field that can take one of the following values: scheduler, kubeProxy or cloudController. -type DisabledKubernetesComponent string - -const ( - // Scheduler references the Kube Scheduler Kubernetes components of the control plane/server nodes - Scheduler DisabledKubernetesComponent = "scheduler" - - // KubeProxy references the Kube Proxy Kubernetes components on the agents - KubeProxy DisabledKubernetesComponent = "kubeProxy" - - // CloudController references the Cloud Controller Manager Kubernetes Components on the control plane / server nodes - CloudController DisabledKubernetesComponent = "cloudController" -) - // File defines the input for generating write_files in cloud-init. type File struct { // Path specifies the full path on disk where to store the file. @@ -412,32 +265,6 @@ type SecretFileSource struct { Key string `json:"key"` } -type EtcdBackupConfig struct { - // EnableAutomaticSnapshots defines the policy for ETCD snapshots. true means automatic snapshots will be scheduled, false means automatic snapshots will not be scheduled. - //+optional - EnableAutomaticSnapshots bool `json:"enableAutomaticSnapshots,omitempty"` - - // SnapshotName Set the base name of etcd snapshots. Default: etcd-snapshot- (default: "etcd-snapshot"). - //+optional - SnapshotName string `json:"snapshotName,omitempty"` - - // ScheduleCron Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *"). - //+optional - ScheduleCron string `json:"scheduleCron,omitempty"` - - // Retention Number of snapshots to retain Default: 5 (default: 5). - //+optional - Retention string `json:"retention,omitempty"` - - // Directory Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots). - //+optional - Directory string `json:"directory,omitempty"` - - // S3 Enable backup to an S3-compatible Object Store. - //+optional - S3 EtcdS3 `json:"s3,omitempty"` -} - // Registry is registry settings including mirrors, TLS, and credentials. type Registry struct { // Mirrors are namespace to mirror mapping for all namespaces. @@ -490,34 +317,6 @@ type TLSConfig struct { EnforceSSLVerify bool `json:"enforceSslVerify,omitempty"` } -type EtcdS3 struct { - // Endpoint S3 endpoint url (default: "s3.amazonaws.com"). - Endpoint string `json:"endpoint"` - - // EndpointCA references the Secret that contains a custom CA that should be trusted to connect to S3 endpoint. - //+optional - EndpointCA corev1.ObjectReference `json:"endpointCA,omitempty"` - - // EnforceSSLVerify may be set to false to skip verifying the registry's certificate, default is true. - //+optional - EnforceSSLVerify bool `json:"enforceSslVerify,omitempty"` - - // S3CredentialSecret is a reference to a Secret containing the Access Key and Secret Key necessary to access the target S3 Bucket. - S3CredentialSecret corev1.ObjectReference `json:"S3CredentialSecret"` - - // Bucket S3 bucket name. - //+optional - Bucket string `json:"bucket,omitempty"` - - // Region S3 region / bucket location (optional) (default: "us-east-1"). - //+optional - Region string `json:"region,omitempty"` - - // Folder S3 folder. - //+optional - Folder string `json:"folder,omitempty"` -} - type ComponentConfig struct { // ExtraEnv is a map of environment variables to pass on to a Kubernetes Component command. //+optional @@ -527,11 +326,11 @@ type ComponentConfig struct { //+optional ExtraArgs map[string]string `json:"extraArgs,omitempty"` - //ExtraMounts is a map of volume mounts to be added for the Kubernetes component StaticPod + // ExtraMounts is a map of volume mounts to be added for the Kubernetes component StaticPod //+optional ExtraMounts map[string]string `json:"extraMounts,omitempty"` - //OverrideImage is a string that references a container image to override the default one for the Kubernetes Component + // OverrideImage is a string that references a container image to override the default one for the Kubernetes Component //+optional OverrideImage string `json:"overrideImage,omitempty"` } diff --git a/bootstrap/api/v1alpha1/rke2config_webhook.go b/bootstrap/api/v1alpha1/rke2config_webhook.go index 23f94e6..94e8855 100644 --- a/bootstrap/api/v1alpha1/rke2config_webhook.go +++ b/bootstrap/api/v1alpha1/rke2config_webhook.go @@ -32,8 +32,6 @@ func (r *RKE2Config) SetupWebhookWithManager(mgr ctrl.Manager) error { Complete() } -// TODO(user): EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! - //+kubebuilder:webhook:path=/mutate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2config,mutating=true,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configs,verbs=create;update,versions=v1alpha1,name=mrke2config.kb.io,admissionReviewVersions=v1 var _ webhook.Defaulter = &RKE2Config{} @@ -42,10 +40,8 @@ var _ webhook.Defaulter = &RKE2Config{} func (r *RKE2Config) Default() { rke2configlog.Info("default", "name", r.Name) - // TODO(user): fill in your defaulting logic. } -// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. //+kubebuilder:webhook:path=/validate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2config,mutating=false,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configs,verbs=create;update,versions=v1alpha1,name=vrke2config.kb.io,admissionReviewVersions=v1 var _ webhook.Validator = &RKE2Config{} @@ -54,7 +50,6 @@ var _ webhook.Validator = &RKE2Config{} func (r *RKE2Config) ValidateCreate() error { rke2configlog.Info("validate create", "name", r.Name) - // TODO(user): fill in your validation logic upon object creation. return nil } @@ -62,7 +57,6 @@ func (r *RKE2Config) ValidateCreate() error { func (r *RKE2Config) ValidateUpdate(old runtime.Object) error { rke2configlog.Info("validate update", "name", r.Name) - // TODO(user): fill in your validation logic upon object update. return nil } @@ -70,6 +64,5 @@ func (r *RKE2Config) ValidateUpdate(old runtime.Object) error { func (r *RKE2Config) ValidateDelete() error { rke2configlog.Info("validate delete", "name", r.Name) - // TODO(user): fill in your validation logic upon object deletion. return nil } diff --git a/bootstrap/api/v1alpha1/rke2configtemplate_webhook.go b/bootstrap/api/v1alpha1/rke2configtemplate_webhook.go index 92aa66b..9d58415 100644 --- a/bootstrap/api/v1alpha1/rke2configtemplate_webhook.go +++ b/bootstrap/api/v1alpha1/rke2configtemplate_webhook.go @@ -32,8 +32,6 @@ func (r *RKE2ConfigTemplate) SetupWebhookWithManager(mgr ctrl.Manager) error { Complete() } -// TODO(user): EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! - //+kubebuilder:webhook:path=/mutate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2configtemplate,mutating=true,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configtemplates,verbs=create;update,versions=v1alpha1,name=mrke2configtemplate.kb.io,admissionReviewVersions=v1 var _ webhook.Defaulter = &RKE2ConfigTemplate{} @@ -42,10 +40,8 @@ var _ webhook.Defaulter = &RKE2ConfigTemplate{} func (r *RKE2ConfigTemplate) Default() { RKE2configtemplatelog.Info("default", "name", r.Name) - // TODO(user): fill in your defaulting logic. } -// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. //+kubebuilder:webhook:path=/validate-bootstrap-cluster-x-k8s-io-v1alpha1-rke2configtemplate,mutating=false,failurePolicy=fail,sideEffects=None,groups=bootstrap.cluster.x-k8s.io,resources=rke2configtemplates,verbs=create;update,versions=v1alpha1,name=vrke2configtemplate.kb.io,admissionReviewVersions=v1 var _ webhook.Validator = &RKE2ConfigTemplate{} @@ -54,7 +50,6 @@ var _ webhook.Validator = &RKE2ConfigTemplate{} func (r *RKE2ConfigTemplate) ValidateCreate() error { RKE2configtemplatelog.Info("validate create", "name", r.Name) - // TODO(user): fill in your validation logic upon object creation. return nil } @@ -62,7 +57,6 @@ func (r *RKE2ConfigTemplate) ValidateCreate() error { func (r *RKE2ConfigTemplate) ValidateUpdate(old runtime.Object) error { RKE2configtemplatelog.Info("validate update", "name", r.Name) - // TODO(user): fill in your validation logic upon object update. return nil } @@ -70,6 +64,5 @@ func (r *RKE2ConfigTemplate) ValidateUpdate(old runtime.Object) error { func (r *RKE2ConfigTemplate) ValidateDelete() error { RKE2configtemplatelog.Info("validate delete", "name", r.Name) - // TODO(user): fill in your validation logic upon object deletion. return nil } diff --git a/bootstrap/api/v1alpha1/zz_generated.deepcopy.go b/bootstrap/api/v1alpha1/zz_generated.deepcopy.go index f1cc625..9086735 100644 --- a/bootstrap/api/v1alpha1/zz_generated.deepcopy.go +++ b/bootstrap/api/v1alpha1/zz_generated.deepcopy.go @@ -62,64 +62,6 @@ func (in *ComponentConfig) DeepCopy() *ComponentConfig { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *DisableComponents) DeepCopyInto(out *DisableComponents) { - *out = *in - if in.KubernetesComponents != nil { - in, out := &in.KubernetesComponents, &out.KubernetesComponents - *out = make([]DisabledKubernetesComponent, len(*in)) - copy(*out, *in) - } - if in.PluginComponents != nil { - in, out := &in.PluginComponents, &out.PluginComponents - *out = make([]DisabledPluginComponent, len(*in)) - copy(*out, *in) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DisableComponents. -func (in *DisableComponents) DeepCopy() *DisableComponents { - if in == nil { - return nil - } - out := new(DisableComponents) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EtcdBackupConfig) DeepCopyInto(out *EtcdBackupConfig) { - *out = *in - out.S3 = in.S3 -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdBackupConfig. -func (in *EtcdBackupConfig) DeepCopy() *EtcdBackupConfig { - if in == nil { - return nil - } - out := new(EtcdBackupConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *EtcdS3) DeepCopyInto(out *EtcdS3) { - *out = *in - out.EndpointCA = in.EndpointCA - out.S3CredentialSecret = in.S3CredentialSecret -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdS3. -func (in *EtcdS3) DeepCopy() *EtcdS3 { - if in == nil { - return nil - } - out := new(EtcdS3) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *File) DeepCopyInto(out *File) { *out = *in @@ -184,23 +126,32 @@ func (in *Mirror) DeepCopy() *Mirror { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RKE2AgentConfig) DeepCopyInto(out *RKE2AgentConfig) { +func (in *NTP) DeepCopyInto(out *NTP) { *out = *in - in.RKE2CommonNodeConfig.DeepCopyInto(&out.RKE2CommonNodeConfig) + if in.Servers != nil { + in, out := &in.Servers, &out.Servers + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2AgentConfig. -func (in *RKE2AgentConfig) DeepCopy() *RKE2AgentConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NTP. +func (in *NTP) DeepCopy() *NTP { if in == nil { return nil } - out := new(RKE2AgentConfig) + out := new(NTP) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RKE2CommonNodeConfig) DeepCopyInto(out *RKE2CommonNodeConfig) { +func (in *RKE2AgentConfig) DeepCopyInto(out *RKE2AgentConfig) { *out = *in if in.NodeLabels != nil { in, out := &in.NodeLabels, &out.NodeLabels @@ -212,18 +163,23 @@ func (in *RKE2CommonNodeConfig) DeepCopyInto(out *RKE2CommonNodeConfig) { *out = make([]string, len(*in)) copy(*out, *in) } + if in.NTP != nil { + in, out := &in.NTP, &out.NTP + *out = new(NTP) + (*in).DeepCopyInto(*out) + } out.ImageCredentialProviderConfigMap = in.ImageCredentialProviderConfigMap out.ResolvConf = in.ResolvConf in.Kubelet.DeepCopyInto(&out.Kubelet) in.KubeProxy.DeepCopyInto(&out.KubeProxy) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2CommonNodeConfig. -func (in *RKE2CommonNodeConfig) DeepCopy() *RKE2CommonNodeConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2AgentConfig. +func (in *RKE2AgentConfig) DeepCopy() *RKE2AgentConfig { if in == nil { return nil } - out := new(RKE2CommonNodeConfig) + out := new(RKE2AgentConfig) in.DeepCopyInto(out) return out } @@ -308,7 +264,6 @@ func (in *RKE2ConfigSpec) DeepCopyInto(out *RKE2ConfigSpec) { copy(*out, *in) } in.AgentConfig.DeepCopyInto(&out.AgentConfig) - in.ServerConfig.DeepCopyInto(&out.ServerConfig) in.PrivateRegistriesConfig.DeepCopyInto(&out.PrivateRegistriesConfig) } @@ -438,36 +393,6 @@ func (in *RKE2ConfigTemplateStatus) DeepCopy() *RKE2ConfigTemplateStatus { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RKE2ServerConfig) DeepCopyInto(out *RKE2ServerConfig) { - *out = *in - in.RKE2CommonNodeConfig.DeepCopyInto(&out.RKE2CommonNodeConfig) - if in.TLSSan != nil { - in, out := &in.TLSSan, &out.TLSSan - *out = make([]string, len(*in)) - copy(*out, *in) - } - out.EtcdBackupConfig = in.EtcdBackupConfig - in.DisableComponents.DeepCopyInto(&out.DisableComponents) - out.CloudProviderConfigMap = in.CloudProviderConfigMap - out.AuditPolicySecret = in.AuditPolicySecret - in.Etcd.DeepCopyInto(&out.Etcd) - in.KubeAPIServer.DeepCopyInto(&out.KubeAPIServer) - in.KubeControllerManager.DeepCopyInto(&out.KubeControllerManager) - in.KubeScheduler.DeepCopyInto(&out.KubeScheduler) - in.CloudControllerManager.DeepCopyInto(&out.CloudControllerManager) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ServerConfig. -func (in *RKE2ServerConfig) DeepCopy() *RKE2ServerConfig { - if in == nil { - return nil - } - out := new(RKE2ServerConfig) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Registry) DeepCopyInto(out *Registry) { *out = *in diff --git a/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configs.yaml b/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configs.yaml index 90c7f7e..9578492 100644 --- a/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configs.yaml +++ b/bootstrap/config/crd/bases/bootstrap.cluster.x-k8s.io_rke2configs.yaml @@ -167,6 +167,18 @@ spec: items: type: string type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object protectKernelDefaults: description: ProtectKernelDefaults defines Kernel tuning behavior. If true, error if kernel tunables are different than kubelet @@ -420,627 +432,6 @@ spec: description: Mirrors are namespace to mirror mapping for all namespaces. type: object type: object - serverConfig: - description: ServerConfig specifies configuration for the agent nodes. - properties: - advertiseAddress: - description: 'AdvertiseAddress IP address that apiserver uses - to advertise to members of the cluster (default: node-external-ip/node-ip).' - type: string - auditPolicySecret: - description: AuditPolicySecret Path to the file that defines the - audit policy configuration. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - bindAddress: - description: 'BindAddress describes the rke2 bind address (default: - 0.0.0.0).' - type: string - cisProfile: - description: CISProfile activates CIS compliance of RKE2 for a - certain profile - enum: - - cis-1.23 - type: string - cloudControllerManager: - description: CloudControllerManager defines optional custom configuration - of the Cloud Controller Manager. - properties: - extraArgs: - additionalProperties: - type: string - description: ExtraArgs is a map of command line arguments - to pass to a Kubernetes Component command. - type: object - extraEnv: - additionalProperties: - type: string - description: ExtraEnv is a map of environment variables to - pass on to a Kubernetes Component command. - type: object - extraMounts: - additionalProperties: - type: string - description: ExtraMounts is a map of volume mounts to be added - for the Kubernetes component StaticPod - type: object - overrideImage: - description: OverrideImage is a string that references a container - image to override the default one for the Kubernetes Component - type: string - type: object - cloudProviderConfigMap: - description: CloudProviderConfigMap is a reference to a ConfigMap - containing Cloud provider configuration. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - cloudProviderName: - description: CloudProviderName Cloud provider name. - type: string - clusterDNS: - description: 'ClusterDNS is the cluster IP for CoreDNS service. - Should be in your service-cidr range (default: 10.43.0.10).' - type: string - clusterDomain: - description: 'ClusterDomain is the cluster domain name (default: - "cluster.local").' - type: string - cni: - description: 'CNI describes the CNI Plugins to deploy, one of - none, calico, canal, cilium; optionally with multus as the first - value to enable the multus meta-plugin (default: canal).' - enum: - - none - - calico - - canal - - cilium - type: string - containerRuntimeEndpoint: - description: ContainerRuntimeEndpoint Disable embedded containerd - and use alternative CRI implementation. - type: string - controlPlaneResourceLimits: - description: ControlPlaneResourceLimits Control Plane resource - limits. - type: string - controlPlaneResourceRequests: - description: ControlPlaneResourceRequests Control Plane resource - requests. - type: string - dataDir: - description: DataDir Folder to hold state. - type: string - disableComponents: - description: DisableComponents lists Kubernetes components and - RKE2 plugin components that will be disabled. - properties: - kubernetesComponents: - description: KubernetesComponents is a list of Kubernetes - components to disable. - enum: - - scheduler - - kubeProxy - - cloudController - items: - description: 'DisabledKubernetesComponent is an enum field - that can take one of the following values: scheduler, - kubeProxy or cloudController.' - type: string - type: array - pluginComponents: - description: PluginComponents is a list of PluginComponents - to disable. - enum: - - rke2-coredns - - rke2-ingress-nginx - - rke2-metrics-server - items: - description: DisabledItem selects a plugin Components to - be disabled. - type: string - type: array - type: object - enableContainerdSElinux: - description: EnableContainerdSElinux defines the policy for enabling - SELinux for Containerd if value is true, Containerd will run - with selinux-enabled=true flag if value is false, Containerd - will run without the above flag - type: boolean - etcd: - description: Etcd defines optional custom configuration of ETCD. - properties: - extraArgs: - additionalProperties: - type: string - description: ExtraArgs is a map of command line arguments - to pass to a Kubernetes Component command. - type: object - extraEnv: - additionalProperties: - type: string - description: ExtraEnv is a map of environment variables to - pass on to a Kubernetes Component command. - type: object - extraMounts: - additionalProperties: - type: string - description: ExtraMounts is a map of volume mounts to be added - for the Kubernetes component StaticPod - type: object - overrideImage: - description: OverrideImage is a string that references a container - image to override the default one for the Kubernetes Component - type: string - type: object - etcdBackupConfig: - description: 'EtcdBackupConfig defines how RKE2 will snapshot - ETCD: target storage, schedule, etc.' - properties: - directory: - description: 'Directory Directory to save db snapshots. (Default - location: ${data-dir}/db/snapshots).' - type: string - enableAutomaticSnapshots: - description: EnableAutomaticSnapshots defines the policy for - ETCD snapshots. true means automatic snapshots will be scheduled, - false means automatic snapshots will not be scheduled. - type: boolean - retention: - description: 'Retention Number of snapshots to retain Default: - 5 (default: 5).' - type: string - s3: - description: S3 Enable backup to an S3-compatible Object Store. - properties: - S3CredentialSecret: - description: S3CredentialSecret is a reference to a Secret - containing the Access Key and Secret Key necessary to - access the target S3 Bucket. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - bucket: - description: Bucket S3 bucket name. - type: string - endpoint: - description: 'Endpoint S3 endpoint url (default: "s3.amazonaws.com").' - type: string - endpointCA: - description: EndpointCA references the Secret that contains - a custom CA that should be trusted to connect to S3 - endpoint. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - enforceSslVerify: - description: EnforceSSLVerify may be set to false to skip - verifying the registry's certificate, default is true. - type: boolean - folder: - description: Folder S3 folder. - type: string - region: - description: 'Region S3 region / bucket location (optional) - (default: "us-east-1").' - type: string - required: - - S3CredentialSecret - - endpoint - type: object - scheduleCron: - description: 'ScheduleCron Snapshot interval time in cron - spec. eg. every 5 hours ''* */5 * * *'' (default: "0 */12 - * * *").' - type: string - snapshotName: - description: 'SnapshotName Set the base name of etcd snapshots. - Default: etcd-snapshot- (default: "etcd-snapshot").' - type: string - type: object - exposeEtcdMetrics: - description: ExposeEtcdMetrics defines the policy for ETCD Metrics - exposure. if value is true, ETCD metrics will be exposed if - value is false, ETCD metrics will NOT be exposed - type: boolean - imageCredentialProviderConfigMap: - description: ImageCredentialProviderConfigMap is a reference to - the ConfigMap that contains credential provider plugin config - The configMap should contain a YAML file content + a Path to - the Binaries for Credential Provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - kubeAPIServer: - description: KubeAPIServer defines optional custom configuration - of the Kube API Server. - properties: - extraArgs: - additionalProperties: - type: string - description: ExtraArgs is a map of command line arguments - to pass to a Kubernetes Component command. - type: object - extraEnv: - additionalProperties: - type: string - description: ExtraEnv is a map of environment variables to - pass on to a Kubernetes Component command. - type: object - extraMounts: - additionalProperties: - type: string - description: ExtraMounts is a map of volume mounts to be added - for the Kubernetes component StaticPod - type: object - overrideImage: - description: OverrideImage is a string that references a container - image to override the default one for the Kubernetes Component - type: string - type: object - kubeControllerManager: - description: KubeControllerManager defines optional custom configuration - of the Kube Controller Manager. - properties: - extraArgs: - additionalProperties: - type: string - description: ExtraArgs is a map of command line arguments - to pass to a Kubernetes Component command. - type: object - extraEnv: - additionalProperties: - type: string - description: ExtraEnv is a map of environment variables to - pass on to a Kubernetes Component command. - type: object - extraMounts: - additionalProperties: - type: string - description: ExtraMounts is a map of volume mounts to be added - for the Kubernetes component StaticPod - type: object - overrideImage: - description: OverrideImage is a string that references a container - image to override the default one for the Kubernetes Component - type: string - type: object - kubeProxy: - description: KubeProxyArgs Customized flag for kube-proxy process. - properties: - extraArgs: - additionalProperties: - type: string - description: ExtraArgs is a map of command line arguments - to pass to a Kubernetes Component command. - type: object - extraEnv: - additionalProperties: - type: string - description: ExtraEnv is a map of environment variables to - pass on to a Kubernetes Component command. - type: object - extraMounts: - additionalProperties: - type: string - description: ExtraMounts is a map of volume mounts to be added - for the Kubernetes component StaticPod - type: object - overrideImage: - description: OverrideImage is a string that references a container - image to override the default one for the Kubernetes Component - type: string - type: object - kubeScheduler: - description: KubeScheduler defines optional custom configuration - of the Kube Scheduler. - properties: - extraArgs: - additionalProperties: - type: string - description: ExtraArgs is a map of command line arguments - to pass to a Kubernetes Component command. - type: object - extraEnv: - additionalProperties: - type: string - description: ExtraEnv is a map of environment variables to - pass on to a Kubernetes Component command. - type: object - extraMounts: - additionalProperties: - type: string - description: ExtraMounts is a map of volume mounts to be added - for the Kubernetes component StaticPod - type: object - overrideImage: - description: OverrideImage is a string that references a container - image to override the default one for the Kubernetes Component - type: string - type: object - kubelet: - description: KubeletArgs Customized flag for kubelet process. - properties: - extraArgs: - additionalProperties: - type: string - description: ExtraArgs is a map of command line arguments - to pass to a Kubernetes Component command. - type: object - extraEnv: - additionalProperties: - type: string - description: ExtraEnv is a map of environment variables to - pass on to a Kubernetes Component command. - type: object - extraMounts: - additionalProperties: - type: string - description: ExtraMounts is a map of volume mounts to be added - for the Kubernetes component StaticPod - type: object - overrideImage: - description: OverrideImage is a string that references a container - image to override the default one for the Kubernetes Component - type: string - type: object - kubeletPath: - description: KubeletPath Override kubelet binary path. - type: string - lbServerPort: - description: 'LoadBalancerPort Local port for supervisor client - load-balancer. If the supervisor and apiserver are not colocated - an additional port 1 less than this port will also be used for - the apiserver client load-balancer (default: 6444).' - type: integer - nodeLabels: - description: NodeLabels Registering and starting kubelet with - set of labels. - items: - type: string - type: array - nodeName: - description: NodeNamePrefix Prefix to the Node Name that CAPI - will generate. - type: string - nodeTaints: - description: NodeTaints Registering kubelet with set of taints. - items: - type: string - type: array - pauseImage: - description: PauseImage Override image to use for pause. - type: string - protectKernelDefaults: - description: ProtectKernelDefaults defines Kernel tuning behavior. - If true, error if kernel tunables are different than kubelet - defaults. if false, kernel tunable can be different from kubelet - defaults - type: boolean - resolvConf: - description: ResolvConf is a reference to a ConfigMap containing - resolv.conf content for the node. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - runtimeImage: - description: RuntimeImage Override image to use for runtime binaries - (containerd, kubectl, crictl, etc). - type: string - service-node-port-range: - description: 'ServiceNodePortRange is the port range to reserve - for services with NodePort visibility (default: "30000-32767").' - type: string - systemDefaultRegistry: - description: SystemDefaultRegistry Private registry to be used - for all system images. - type: string - tlsSan: - description: TLSSan Add additional hostname or IP as a Subject - Alternative Name in the TLS cert. - items: - type: string - type: array - type: object version: description: Version specifies the rke2 version. type: string diff --git a/controlplane/api/v1alpha1/rke2controlplane_types.go b/controlplane/api/v1alpha1/rke2controlplane_types.go index d7f182f..75f1cf2 100644 --- a/controlplane/api/v1alpha1/rke2controlplane_types.go +++ b/controlplane/api/v1alpha1/rke2controlplane_types.go @@ -17,25 +17,132 @@ limitations under the License. package v1alpha1 import ( + bootstrapv1 "github.com/rancher-sandbox/cluster-api-provider-rke2/bootstrap/api/v1alpha1" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" ) -// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! -// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. - // RKE2ControlPlaneSpec defines the desired state of RKE2ControlPlane type RKE2ControlPlaneSpec struct { - // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - // Important: Run "make" to regenerate code after modifying this file + // bootstrapv1.RKE2AgentConfig references fields from the Agent Configuration in the Bootstrap Provider because an RKE2 Server node also has an agent + bootstrapv1.RKE2AgentConfig `json:",inline"` - // Foo is an example field of RKE2ControlPlane. Edit rke2controlplane_types.go to remove/update - Foo string `json:"foo,omitempty"` + // ServerConfig specifies configuration for the agent nodes. + //+optional + ServerConfig RKE2ServerConfig `json:"serverConfig,omitempty"` + + // ManifestsConfigMapReference references a ConfigMap which contains Kubernetes manifests to be deployed automatically on the cluster + // Each data entry in the ConfigMap will be will be copied to a folder on the control plane nodes that RKE2 scans and uses to deploy manifests. + //+optional + ManifestsConfigMapReference corev1.ObjectReference `json:"manifestsConfigMapReference,omitempty"` +} + +type RKE2ServerConfig struct { + // BindAddress describes the rke2 bind address (default: 0.0.0.0). + //+optional + BindAddress string `json:"bindAddress,omitempty"` + + // AdvertiseAddress IP address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip). + //+optional + AdvertiseAddress string `json:"advertiseAddress,omitempty"` + + // TLSSan Add additional hostname or IP as a Subject Alternative Name in the TLS cert. + //+optional + TLSSan []string `json:"tlsSan,omitempty"` + + // ServiceNodePortRange is the port range to reserve for services with NodePort visibility (default: "30000-32767"). + //+optional + ServiceNodePortRange string `json:"service-node-port-range,omitempty"` + + // ClusterDNS is the cluster IP for CoreDNS service. Should be in your service-cidr range (default: 10.43.0.10). + //+optional + ClusterDNS string `json:"clusterDNS,omitempty"` + + // ClusterDomain is the cluster domain name (default: "cluster.local"). + //+optional + ClusterDomain string `json:"clusterDomain,omitempty"` + + // DisableComponents lists Kubernetes components and RKE2 plugin components that will be disabled. + //+optional + DisableComponents DisableComponents `json:"disableComponents,omitempty"` + + // LoadBalancerPort Local port for supervisor client load-balancer. If the supervisor and apiserver are not colocated an additional port 1 less than this port will also be used for the apiserver client load-balancer (default: 6444). + //+optional + LoadBalancerPort int `json:"loadBalancerPort,omitempty"` + + // CNI describes the CNI Plugins to deploy, one of none, calico, canal, cilium; optionally with multus as the first value to enable the multus meta-plugin (default: canal). + // +kubebuilder:validation:Enum=none;calico;canal;cilium + //+optional + CNI CNI `json:"cni,omitempty"` + + // PauseImage Override image to use for pause. + //+optional + PauseImage string `json:"pauseImage,omitempty"` + + // RuntimeImage Override image to use for runtime binaries (containerd, kubectl, crictl, etc). + //+optional + RuntimeImage string `json:"runtimeImage,omitempty"` + + // CloudProviderName Cloud provider name. + //+optional + CloudProviderName string `json:"cloudProviderName,omitempty"` + + // CloudProviderConfigMap is a reference to a ConfigMap containing Cloud provider configuration. + //+optional + CloudProviderConfigMap corev1.ObjectReference `json:"cloudProviderConfigMap,omitempty"` + + // NOTE: this was only profile, changed it to cisProfile. + + // AuditPolicySecret Path to the file that defines the audit policy configuration. + //+optional + AuditPolicySecret corev1.ObjectReference `json:"auditPolicySecret,omitempty"` + + // Etcd defines optional custom configuration of ETCD. + //+optional + Etcd EtcdConfig `json:"etcd,omitempty"` + + // KubeAPIServer defines optional custom configuration of the Kube API Server. + //+optional + KubeAPIServer bootstrapv1.ComponentConfig `json:"kubeAPIServer,omitempty"` + + // KubeControllerManager defines optional custom configuration of the Kube Controller Manager. + //+optional + KubeControllerManager bootstrapv1.ComponentConfig `json:"kubeControllerManager,omitempty"` + + // KubeScheduler defines optional custom configuration of the Kube Scheduler. + //+optional + KubeScheduler bootstrapv1.ComponentConfig `json:"kubeScheduler,omitempty"` + + // CloudControllerManager defines optional custom configuration of the Cloud Controller Manager. + //+optional + CloudControllerManager bootstrapv1.ComponentConfig `json:"cloudControllerManager,omitempty"` } // RKE2ControlPlaneStatus defines the observed state of RKE2ControlPlane type RKE2ControlPlaneStatus struct { - // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster - // Important: Run "make" to regenerate code after modifying this file + // Ready indicates the BootstrapData field is ready to be consumed. + Ready bool `json:"ready,omitempty"` + + // DataSecretName is the name of the secret that stores the bootstrap data script. + // +optional + DataSecretName *string `json:"dataSecretName,omitempty"` + + // FailureReason will be set on non-retryable errors. + // +optional + FailureReason string `json:"failureReason,omitempty"` + + // FailureMessage will be set on non-retryable errors. + // +optional + FailureMessage string `json:"failureMessage,omitempty"` + + // ObservedGeneration is the latest generation observed by the controller. + // +optional + ObservedGeneration int64 `json:"observedGeneration,omitempty"` + + // Conditions defines current service state of the RKE2Config. + // +optional + Conditions clusterv1.Conditions `json:"conditions,omitempty"` } //+kubebuilder:object:root=true @@ -59,6 +166,128 @@ type RKE2ControlPlaneList struct { Items []RKE2ControlPlane `json:"items"` } +// EtcdConfig regroups the ETCD-specific configuration of the control plane +type EtcdConfig struct { + // ExposeEtcdMetrics defines the policy for ETCD Metrics exposure. + // if value is true, ETCD metrics will be exposed + // if value is false, ETCD metrics will NOT be exposed + // +optional + ExposeEtcdMetrics bool `json:"exposeEtcdMetrics,omitempty"` + + // BackupConfig defines how RKE2 will snapshot ETCD: target storage, schedule, etc. + //+optional + BackupConfig EtcdBackupConfig `json:"backupConfig,omitempty"` + + // CustomConfig defines the custom settings for ETCD. + CustomConfig bootstrapv1.ComponentConfig `json:"customConfig,omitempty"` +} + +// EtcdBackupConfig describes the backup configuration for ETCD. +type EtcdBackupConfig struct { + // EnableAutomaticSnapshots defines the policy for ETCD snapshots. true means automatic snapshots will be scheduled, false means automatic snapshots will not be scheduled. + //+optional + EnableAutomaticSnapshots bool `json:"enableAutomaticSnapshots,omitempty"` + + // SnapshotName Set the base name of etcd snapshots. Default: etcd-snapshot- (default: "etcd-snapshot"). + //+optional + SnapshotName string `json:"snapshotName,omitempty"` + + // ScheduleCron Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *"). + //+optional + ScheduleCron string `json:"scheduleCron,omitempty"` + + // Retention Number of snapshots to retain Default: 5 (default: 5). + //+optional + Retention string `json:"retention,omitempty"` + + // Directory Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots). + //+optional + Directory string `json:"directory,omitempty"` + + // S3 Enable backup to an S3-compatible Object Store. + //+optional + S3 EtcdS3 `json:"s3,omitempty"` +} + +type EtcdS3 struct { + // Endpoint S3 endpoint url (default: "s3.amazonaws.com"). + Endpoint string `json:"endpoint"` + + // EndpointCA references the Secret that contains a custom CA that should be trusted to connect to S3 endpoint. + //+optional + EndpointCA corev1.ObjectReference `json:"endpointCA,omitempty"` + + // EnforceSSLVerify may be set to false to skip verifying the registry's certificate, default is true. + //+optional + EnforceSSLVerify bool `json:"enforceSslVerify,omitempty"` + + // S3CredentialSecret is a reference to a Secret containing the Access Key and Secret Key necessary to access the target S3 Bucket. + S3CredentialSecret corev1.ObjectReference `json:"S3CredentialSecret"` + + // Bucket S3 bucket name. + //+optional + Bucket string `json:"bucket,omitempty"` + + // Region S3 region / bucket location (optional) (default: "us-east-1"). + //+optional + Region string `json:"region,omitempty"` + + // Folder S3 folder. + //+optional + Folder string `json:"folder,omitempty"` +} + +// CNI defines the Cni options for deploying RKE2. +type CNI string + +const ( + // Cilium references the RKE2 CNI Plugin "cilium" + Cilium CNI = "cilium" + // Calico references the RKE2 CNI Plugin "calico" + Calico CNI = "calico" + // Canal references the RKE2 CNI Plugin "canal" + Canal CNI = "canal" + // None means that no CNI Plugin will be installed with RKE2, letting the operator install his own CNI afterwards. + None CNI = "none" +) + +// DisableComponents describes components of RKE2 (Kubernetes components and plugin components) that should be disabled +type DisableComponents struct { + // KubernetesComponents is a list of Kubernetes components to disable. + // +kubebuilder:validation:Enum=scheduler;kubeProxy;cloudController + KubernetesComponents []DisabledKubernetesComponent `json:"kubernetesComponents,omitempty"` + + // PluginComponents is a list of PluginComponents to disable. + // +kubebuilder:validation:Enum=rke2-coredns;rke2-ingress-nginx;rke2-metrics-server + PluginComponents []DisabledPluginComponent `json:"pluginComponents,omitempty"` +} + +// DisabledKubernetesComponent is an enum field that can take one of the following values: scheduler, kubeProxy or cloudController. +type DisabledKubernetesComponent string + +const ( + // Scheduler references the Kube Scheduler Kubernetes components of the control plane/server nodes + Scheduler DisabledKubernetesComponent = "scheduler" + + // KubeProxy references the Kube Proxy Kubernetes components on the agents + KubeProxy DisabledKubernetesComponent = "kubeProxy" + + // CloudController references the Cloud Controller Manager Kubernetes Components on the control plane / server nodes + CloudController DisabledKubernetesComponent = "cloudController" +) + +// DisabledItem selects a plugin Components to be disabled. +type DisabledPluginComponent string + +const ( + // CoreDNS references the RKE2 Plugin "rke2-coredns" + CoreDNS DisabledPluginComponent = "rke2-coredns" + // IngressNginx references the RKE2 Plugin "rke2-ingress-nginx" + IngressNginx DisabledPluginComponent = "rke2-ingress-nginx" + // MetricsServer references the RKE2 Plugin "rke2-metrics-server" + MetricsServer DisabledPluginComponent = "rke2-metrics-server" +) + func init() { SchemeBuilder.Register(&RKE2ControlPlane{}, &RKE2ControlPlaneList{}) } diff --git a/controlplane/api/v1alpha1/rke2controlplane_webhook.go b/controlplane/api/v1alpha1/rke2controlplane_webhook.go index 9e16f6e..2fac13c 100644 --- a/controlplane/api/v1alpha1/rke2controlplane_webhook.go +++ b/controlplane/api/v1alpha1/rke2controlplane_webhook.go @@ -32,8 +32,6 @@ func (r *RKE2ControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error { Complete() } -// TODO(user): EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! - //+kubebuilder:webhook:path=/mutate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplane,mutating=true,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanes,verbs=create;update,versions=v1alpha1,name=mrke2controlplane.kb.io,admissionReviewVersions=v1 var _ webhook.Defaulter = &RKE2ControlPlane{} @@ -42,10 +40,8 @@ var _ webhook.Defaulter = &RKE2ControlPlane{} func (r *RKE2ControlPlane) Default() { rke2controlplanelog.Info("default", "name", r.Name) - // TODO(user): fill in your defaulting logic. } -// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. //+kubebuilder:webhook:path=/validate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplane,mutating=false,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanes,verbs=create;update,versions=v1alpha1,name=vrke2controlplane.kb.io,admissionReviewVersions=v1 var _ webhook.Validator = &RKE2ControlPlane{} @@ -53,8 +49,6 @@ var _ webhook.Validator = &RKE2ControlPlane{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type func (r *RKE2ControlPlane) ValidateCreate() error { rke2controlplanelog.Info("validate create", "name", r.Name) - - // TODO(user): fill in your validation logic upon object creation. return nil } @@ -62,7 +56,6 @@ func (r *RKE2ControlPlane) ValidateCreate() error { func (r *RKE2ControlPlane) ValidateUpdate(old runtime.Object) error { rke2controlplanelog.Info("validate update", "name", r.Name) - // TODO(user): fill in your validation logic upon object update. return nil } @@ -70,6 +63,5 @@ func (r *RKE2ControlPlane) ValidateUpdate(old runtime.Object) error { func (r *RKE2ControlPlane) ValidateDelete() error { rke2controlplanelog.Info("validate delete", "name", r.Name) - // TODO(user): fill in your validation logic upon object deletion. return nil } diff --git a/controlplane/api/v1alpha1/rke2controlplanetemplate_webhook.go b/controlplane/api/v1alpha1/rke2controlplanetemplate_webhook.go index 9f630a6..985dd98 100644 --- a/controlplane/api/v1alpha1/rke2controlplanetemplate_webhook.go +++ b/controlplane/api/v1alpha1/rke2controlplanetemplate_webhook.go @@ -32,8 +32,6 @@ func (r *RKE2ControlPlaneTemplate) SetupWebhookWithManager(mgr ctrl.Manager) err Complete() } -// TODO(user): EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! - //+kubebuilder:webhook:path=/mutate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplanetemplate,mutating=true,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanetemplates,verbs=create;update,versions=v1alpha1,name=mrke2controlplanetemplate.kb.io,admissionReviewVersions=v1 var _ webhook.Defaulter = &RKE2ControlPlaneTemplate{} @@ -42,10 +40,8 @@ var _ webhook.Defaulter = &RKE2ControlPlaneTemplate{} func (r *RKE2ControlPlaneTemplate) Default() { rke2controlplanetemplatelog.Info("default", "name", r.Name) - // TODO(user): fill in your defaulting logic. } -// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. //+kubebuilder:webhook:path=/validate-controlplane-cluster-x-k8s-io-v1alpha1-rke2controlplanetemplate,mutating=false,failurePolicy=fail,sideEffects=None,groups=controlplane.cluster.x-k8s.io,resources=rke2controlplanetemplates,verbs=create;update,versions=v1alpha1,name=vrke2controlplanetemplate.kb.io,admissionReviewVersions=v1 var _ webhook.Validator = &RKE2ControlPlaneTemplate{} @@ -54,7 +50,6 @@ var _ webhook.Validator = &RKE2ControlPlaneTemplate{} func (r *RKE2ControlPlaneTemplate) ValidateCreate() error { rke2controlplanetemplatelog.Info("validate create", "name", r.Name) - // TODO(user): fill in your validation logic upon object creation. return nil } @@ -62,7 +57,6 @@ func (r *RKE2ControlPlaneTemplate) ValidateCreate() error { func (r *RKE2ControlPlaneTemplate) ValidateUpdate(old runtime.Object) error { rke2controlplanetemplatelog.Info("validate update", "name", r.Name) - // TODO(user): fill in your validation logic upon object update. return nil } @@ -70,6 +64,5 @@ func (r *RKE2ControlPlaneTemplate) ValidateUpdate(old runtime.Object) error { func (r *RKE2ControlPlaneTemplate) ValidateDelete() error { rke2controlplanetemplatelog.Info("validate delete", "name", r.Name) - // TODO(user): fill in your validation logic upon object deletion. return nil } diff --git a/controlplane/api/v1alpha1/zz_generated.deepcopy.go b/controlplane/api/v1alpha1/zz_generated.deepcopy.go index 85f39e2..64cb320 100644 --- a/controlplane/api/v1alpha1/zz_generated.deepcopy.go +++ b/controlplane/api/v1alpha1/zz_generated.deepcopy.go @@ -23,15 +23,91 @@ package v1alpha1 import ( "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/cluster-api/api/v1beta1" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DisableComponents) DeepCopyInto(out *DisableComponents) { + *out = *in + if in.KubernetesComponents != nil { + in, out := &in.KubernetesComponents, &out.KubernetesComponents + *out = make([]DisabledKubernetesComponent, len(*in)) + copy(*out, *in) + } + if in.PluginComponents != nil { + in, out := &in.PluginComponents, &out.PluginComponents + *out = make([]DisabledPluginComponent, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DisableComponents. +func (in *DisableComponents) DeepCopy() *DisableComponents { + if in == nil { + return nil + } + out := new(DisableComponents) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EtcdBackupConfig) DeepCopyInto(out *EtcdBackupConfig) { + *out = *in + out.S3 = in.S3 +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdBackupConfig. +func (in *EtcdBackupConfig) DeepCopy() *EtcdBackupConfig { + if in == nil { + return nil + } + out := new(EtcdBackupConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EtcdConfig) DeepCopyInto(out *EtcdConfig) { + *out = *in + out.BackupConfig = in.BackupConfig + in.CustomConfig.DeepCopyInto(&out.CustomConfig) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdConfig. +func (in *EtcdConfig) DeepCopy() *EtcdConfig { + if in == nil { + return nil + } + out := new(EtcdConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EtcdS3) DeepCopyInto(out *EtcdS3) { + *out = *in + out.EndpointCA = in.EndpointCA + out.S3CredentialSecret = in.S3CredentialSecret +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EtcdS3. +func (in *EtcdS3) DeepCopy() *EtcdS3 { + if in == nil { + return nil + } + out := new(EtcdS3) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RKE2ControlPlane) DeepCopyInto(out *RKE2ControlPlane) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - out.Status = in.Status + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlane. @@ -87,6 +163,9 @@ func (in *RKE2ControlPlaneList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RKE2ControlPlaneSpec) DeepCopyInto(out *RKE2ControlPlaneSpec) { *out = *in + in.RKE2AgentConfig.DeepCopyInto(&out.RKE2AgentConfig) + in.ServerConfig.DeepCopyInto(&out.ServerConfig) + out.ManifestsConfigMapReference = in.ManifestsConfigMapReference } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneSpec. @@ -102,6 +181,18 @@ func (in *RKE2ControlPlaneSpec) DeepCopy() *RKE2ControlPlaneSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RKE2ControlPlaneStatus) DeepCopyInto(out *RKE2ControlPlaneStatus) { *out = *in + if in.DataSecretName != nil { + in, out := &in.DataSecretName, &out.DataSecretName + *out = new(string) + **out = **in + } + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make(v1beta1.Conditions, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ControlPlaneStatus. @@ -202,3 +293,31 @@ func (in *RKE2ControlPlaneTemplateStatus) DeepCopy() *RKE2ControlPlaneTemplateSt in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RKE2ServerConfig) DeepCopyInto(out *RKE2ServerConfig) { + *out = *in + if in.TLSSan != nil { + in, out := &in.TLSSan, &out.TLSSan + *out = make([]string, len(*in)) + copy(*out, *in) + } + in.DisableComponents.DeepCopyInto(&out.DisableComponents) + out.CloudProviderConfigMap = in.CloudProviderConfigMap + out.AuditPolicySecret = in.AuditPolicySecret + in.Etcd.DeepCopyInto(&out.Etcd) + in.KubeAPIServer.DeepCopyInto(&out.KubeAPIServer) + in.KubeControllerManager.DeepCopyInto(&out.KubeControllerManager) + in.KubeScheduler.DeepCopyInto(&out.KubeScheduler) + in.CloudControllerManager.DeepCopyInto(&out.CloudControllerManager) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RKE2ServerConfig. +func (in *RKE2ServerConfig) DeepCopy() *RKE2ServerConfig { + if in == nil { + return nil + } + out := new(RKE2ServerConfig) + in.DeepCopyInto(out) + return out +} diff --git a/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanes.yaml b/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanes.yaml index 630ca4b..1595426 100644 --- a/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanes.yaml +++ b/controlplane/config/crd/bases/controlplane.cluster.x-k8s.io_rke2controlplanes.yaml @@ -35,13 +35,758 @@ spec: spec: description: RKE2ControlPlaneSpec defines the desired state of RKE2ControlPlane properties: - foo: - description: Foo is an example field of RKE2ControlPlane. Edit rke2controlplane_types.go - to remove/update + cisProfile: + description: CISProfile activates CIS compliance of RKE2 for a certain + profile + enum: + - cis-1.23 + type: string + containerRuntimeEndpoint: + description: ContainerRuntimeEndpoint Disable embedded containerd + and use alternative CRI implementation. + type: string + dataDir: + description: DataDir Folder to hold state. + type: string + enableContainerdSElinux: + description: EnableContainerdSElinux defines the policy for enabling + SELinux for Containerd if value is true, Containerd will run with + selinux-enabled=true flag if value is false, Containerd will run + without the above flag + type: boolean + imageCredentialProviderConfigMap: + description: ImageCredentialProviderConfigMap is a reference to the + ConfigMap that contains credential provider plugin config The configMap + should contain a YAML file content + a Path to the Binaries for + Credential Provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + kubeProxy: + description: KubeProxyArgs Customized flag for kube-proxy process. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments to pass + to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to pass + on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubelet: + description: KubeletArgs Customized flag for kubelet process. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments to pass + to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to pass + on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubeletPath: + description: KubeletPath Override kubelet binary path. + type: string + manifestsConfigMapReference: + description: ManifestsConfigMapReference references a ConfigMap which + contains Kubernetes manifests to be deployed automatically on the + cluster Each data entry in the ConfigMap will be will be copied + to a folder on the control plane nodes that RKE2 scans and uses + to deploy manifests. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeLabels: + description: NodeLabels Registering and starting kubelet with set + of labels. + items: + type: string + type: array + nodeName: + description: NodeNamePrefix Prefix to the Node Name that CAPI will + generate. + type: string + nodeTaints: + description: NodeTaints Registering kubelet with set of taints. + items: + type: string + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + protectKernelDefaults: + description: ProtectKernelDefaults defines Kernel tuning behavior. + If true, error if kernel tunables are different than kubelet defaults. + if false, kernel tunable can be different from kubelet defaults + type: boolean + resolvConf: + description: ResolvConf is a reference to a ConfigMap containing resolv.conf + content for the node. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + serverConfig: + description: ServerConfig specifies configuration for the agent nodes. + properties: + advertiseAddress: + description: 'AdvertiseAddress IP address that apiserver uses + to advertise to members of the cluster (default: node-external-ip/node-ip).' + type: string + auditPolicySecret: + description: AuditPolicySecret Path to the file that defines the + audit policy configuration. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + bindAddress: + description: 'BindAddress describes the rke2 bind address (default: + 0.0.0.0).' + type: string + cloudControllerManager: + description: CloudControllerManager defines optional custom configuration + of the Cloud Controller Manager. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + cloudProviderConfigMap: + description: CloudProviderConfigMap is a reference to a ConfigMap + containing Cloud provider configuration. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + cloudProviderName: + description: CloudProviderName Cloud provider name. + type: string + clusterDNS: + description: 'ClusterDNS is the cluster IP for CoreDNS service. + Should be in your service-cidr range (default: 10.43.0.10).' + type: string + clusterDomain: + description: 'ClusterDomain is the cluster domain name (default: + "cluster.local").' + type: string + cni: + description: 'CNI describes the CNI Plugins to deploy, one of + none, calico, canal, cilium; optionally with multus as the first + value to enable the multus meta-plugin (default: canal).' + enum: + - none + - calico + - canal + - cilium + type: string + disableComponents: + description: DisableComponents lists Kubernetes components and + RKE2 plugin components that will be disabled. + properties: + kubernetesComponents: + description: KubernetesComponents is a list of Kubernetes + components to disable. + enum: + - scheduler + - kubeProxy + - cloudController + items: + description: 'DisabledKubernetesComponent is an enum field + that can take one of the following values: scheduler, + kubeProxy or cloudController.' + type: string + type: array + pluginComponents: + description: PluginComponents is a list of PluginComponents + to disable. + enum: + - rke2-coredns + - rke2-ingress-nginx + - rke2-metrics-server + items: + description: DisabledItem selects a plugin Components to + be disabled. + type: string + type: array + type: object + etcd: + description: Etcd defines optional custom configuration of ETCD. + properties: + backupConfig: + description: 'BackupConfig defines how RKE2 will snapshot + ETCD: target storage, schedule, etc.' + properties: + directory: + description: 'Directory Directory to save db snapshots. + (Default location: ${data-dir}/db/snapshots).' + type: string + enableAutomaticSnapshots: + description: EnableAutomaticSnapshots defines the policy + for ETCD snapshots. true means automatic snapshots will + be scheduled, false means automatic snapshots will not + be scheduled. + type: boolean + retention: + description: 'Retention Number of snapshots to retain + Default: 5 (default: 5).' + type: string + s3: + description: S3 Enable backup to an S3-compatible Object + Store. + properties: + S3CredentialSecret: + description: S3CredentialSecret is a reference to + a Secret containing the Access Key and Secret Key + necessary to access the target S3 Bucket. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + bucket: + description: Bucket S3 bucket name. + type: string + endpoint: + description: 'Endpoint S3 endpoint url (default: "s3.amazonaws.com").' + type: string + endpointCA: + description: EndpointCA references the Secret that + contains a custom CA that should be trusted to connect + to S3 endpoint. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + enforceSslVerify: + description: EnforceSSLVerify may be set to false + to skip verifying the registry's certificate, default + is true. + type: boolean + folder: + description: Folder S3 folder. + type: string + region: + description: 'Region S3 region / bucket location (optional) + (default: "us-east-1").' + type: string + required: + - S3CredentialSecret + - endpoint + type: object + scheduleCron: + description: 'ScheduleCron Snapshot interval time in cron + spec. eg. every 5 hours ''* */5 * * *'' (default: "0 + */12 * * *").' + type: string + snapshotName: + description: 'SnapshotName Set the base name of etcd snapshots. + Default: etcd-snapshot- (default: "etcd-snapshot").' + type: string + type: object + customConfig: + description: CustomConfig defines the custom settings for + ETCD. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables + to pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to + be added for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references + a container image to override the default one for the + Kubernetes Component + type: string + type: object + exposeEtcdMetrics: + description: ExposeEtcdMetrics defines the policy for ETCD + Metrics exposure. if value is true, ETCD metrics will be + exposed if value is false, ETCD metrics will NOT be exposed + type: boolean + type: object + kubeAPIServer: + description: KubeAPIServer defines optional custom configuration + of the Kube API Server. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubeControllerManager: + description: KubeControllerManager defines optional custom configuration + of the Kube Controller Manager. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + kubeScheduler: + description: KubeScheduler defines optional custom configuration + of the Kube Scheduler. + properties: + extraArgs: + additionalProperties: + type: string + description: ExtraArgs is a map of command line arguments + to pass to a Kubernetes Component command. + type: object + extraEnv: + additionalProperties: + type: string + description: ExtraEnv is a map of environment variables to + pass on to a Kubernetes Component command. + type: object + extraMounts: + additionalProperties: + type: string + description: ExtraMounts is a map of volume mounts to be added + for the Kubernetes component StaticPod + type: object + overrideImage: + description: OverrideImage is a string that references a container + image to override the default one for the Kubernetes Component + type: string + type: object + loadBalancerPort: + description: 'LoadBalancerPort Local port for supervisor client + load-balancer. If the supervisor and apiserver are not colocated + an additional port 1 less than this port will also be used for + the apiserver client load-balancer (default: 6444).' + type: integer + pauseImage: + description: PauseImage Override image to use for pause. + type: string + runtimeImage: + description: RuntimeImage Override image to use for runtime binaries + (containerd, kubectl, crictl, etc). + type: string + service-node-port-range: + description: 'ServiceNodePortRange is the port range to reserve + for services with NodePort visibility (default: "30000-32767").' + type: string + tlsSan: + description: TLSSan Add additional hostname or IP as a Subject + Alternative Name in the TLS cert. + items: + type: string + type: array + type: object + systemDefaultRegistry: + description: SystemDefaultRegistry Private registry to be used for + all system images. type: string type: object status: description: RKE2ControlPlaneStatus defines the observed state of RKE2ControlPlane + properties: + conditions: + description: Conditions defines current service state of the RKE2Config. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. + type: string + failureMessage: + description: FailureMessage will be set on non-retryable errors. + type: string + failureReason: + description: FailureReason will be set on non-retryable errors. + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + ready: + description: Ready indicates the BootstrapData field is ready to be + consumed. + type: boolean type: object type: object served: true