Merge pull request #5 from dippynark/update-to-capi-v0.3.14

Update to Cluster API v0.3.14
dippynark · Mar 7, 2021 · 13c03f4 · 13c03f4
2 parents 4792edf + 5445702
commit 13c03f4
Show file tree

Hide file tree

Showing 41 changed files with 5,371 additions and 825 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,24 +1,2 @@
-
-# Binaries for programs and plugins
-*.exe
-*.exe~
-*.dll
-*.so
-*.dylib
-bin
-
-# Test binary, build with `go test -c`
-*.test
-
-# Output of the go coverage tool, specifically when used with LiteIDE
-*.out
-
-# Kubernetes Generated files - skip generated files, except for vendored files
-
-!vendor/**/zz_generated.*
-
-# editor and IDE paraphernalia
-.idea
-*.swp
-*.swo
-*~
+/bin/
+/artifacts/
diff --git a/Makefile b/Makefile
@@ -1,16 +1,16 @@
 # Image URL to use all building/pushing image targets
-IMG ?= dippynark/cluster-api-kubernetes-controller:dev
+IMG ?= docker.io/dippynark/cluster-api-kubernetes-controller:dev
 # We set maxDescLen=0 to drop descriptions for fields in CRD OpenAPI schema, otherwise annotations
 # become too large when applying the kubernetesmachine and kubernetesmachinetemplate CRDs
 # https://github.com/coreos/prometheus-operator/issues/535
 # https://github.com/kubernetes-sigs/controller-tools/blob/0dd9d80ad4b98900d6066141dd4233354b25e3f3/pkg/crd/gen.go#L56-L61
 CRD_OPTIONS ?= "crd:crdVersions=v1,maxDescLen=0"
 
-CONTROLLER_TOOLS_VERSION = v0.2.8
+CONTROLLER_TOOLS_VERSION = v0.5.0
 
-# Make sure to update e2e/e2e.conf if either of these variables are changed
-CAPI_VERSION = v0.3.3
-CERT_MANAGER_VERSION = v0.11.1
+CAPI_VERSION = v0.3.14
+CERT_MANAGER_VERSION = v0.16.1
+KUBERNETES_VERSION = v1.17.0
 
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
@@ -64,23 +64,8 @@ vet:
 test: generate fmt vet manifests
 	go test $(shell go list ./... | grep -v /e2e) -coverprofile cover.out
 
-SKIP_RESOURCE_CLEANUP ?= false
-e2e: docker-build
-	cd config/manager && kustomize edit set image controller=${IMG}
-	go test ./e2e -v -ginkgo.v -ginkgo.trace -count=1 -timeout=20m -tags=e2e -skip-resource-cleanup=$(SKIP_RESOURCE_CLEANUP)
-
-e2e_pull:
-	docker pull gcr.io/k8s-staging-cluster-api/cluster-api-controller:$(CAPI_VERSION)
-	docker pull gcr.io/k8s-staging-cluster-api/kubeadm-bootstrap-controller:$(CAPI_VERSION)
-	docker pull gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller:$(CAPI_VERSION)
-	docker pull quay.io/jetstack/cert-manager-webhook:$(CERT_MANAGER_VERSION)
-	docker pull quay.io/jetstack/cert-manager-controller:$(CERT_MANAGER_VERSION)
-	docker pull quay.io/jetstack/cert-manager-cainjector:$(CERT_MANAGER_VERSION)
-	docker pull kindest/node:v1.17.0
-
 release: manifests
 	cd config/manager && kustomize edit set image controller=${IMG}
-	kustomize build config/kubeadm-control-plane-rbac > release/kubeadm-control-plane-rbac.yaml
 	kustomize build config > release/infrastructure-components.yaml
 
 # Generate code
@@ -111,3 +96,51 @@ CONTROLLER_GEN=$(GOBIN)/controller-gen
 else
 CONTROLLER_GEN=$(shell which controller-gen)
 endif
+
+# e2e testing
+
+BIN_DIR := bin
+GINKGO := $(BIN_DIR)/ginkgo
+$(GINKGO):
+	go build -tags=tools -o $(GINKGO) github.com/onsi/ginkgo/ginkgo
+
+ARTIFACTS ?= $(CURDIR)/artifacts
+E2E_CONF_FILE  ?= $(CURDIR)/e2e/config/capk.yaml
+SKIP_RESOURCE_CLEANUP ?= false
+USE_EXISTING_CLUSTER ?= false
+.PHONY: e2e
+e2e: $(GINKGO) docker-build e2e_template
+	cd config/manager && kustomize edit set image controller=${IMG}
+	$(GINKGO) -v -trace -tags=e2e ./e2e -- \
+		-e2e.artifacts-folder="$(ARTIFACTS)" \
+		-e2e.config="$(E2E_CONF_FILE)" \
+		-e2e.skip-resource-cleanup=$(SKIP_RESOURCE_CLEANUP) \
+		-e2e.use-existing-cluster=$(USE_EXISTING_CLUSTER)
+
+e2e_template:
+	sed -i 's#$(shell echo $(IMG) | awk -F : '{print $$1}'):.*#$(IMG)#' $(E2E_CONF_FILE)
+	sed -i 's#KUBERNETES_VERSION: .*#KUBERNETES_VERSION: "$(KUBERNETES_VERSION)"#' $(E2E_CONF_FILE)
+	sed -i 's#gcr.io/k8s-staging-cluster-api/cluster-api-controller:.*#gcr.io/k8s-staging-cluster-api/cluster-api-controller:$(CAPI_VERSION)#' $(E2E_CONF_FILE)
+	sed -i 's#gcr.io/k8s-staging-cluster-api/kubeadm-bootstrap-controlle:.*#gcr.io/k8s-staging-cluster-api/kubeadm-bootstrap-controlle:$(CAPI_VERSION)#' $(E2E_CONF_FILE)
+	sed -i 's#gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller:.*#gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller:$(CAPI_VERSION)#' $(E2E_CONF_FILE)
+	sed -i 's#quay.io/jetstack/cert-manager-webhook:.*#quay.io/jetstack/cert-manager-webhook:$(CERT_MANAGER_VERSION)#' $(E2E_CONF_FILE)
+	sed -i 's#quay.io/jetstack/cert-manager-controller:.*#quay.io/jetstack/cert-manager-controller:$(CERT_MANAGER_VERSION)#' $(E2E_CONF_FILE)
+	sed -i 's#quay.io/jetstack/cert-manager-cainjector:.*#quay.io/jetstack/cert-manager-cainjector:$(CERT_MANAGER_VERSION)#' $(E2E_CONF_FILE)
+	sed -i 's#kindest/node:.*#kindest/node:$(KUBERNETES_VERSION)#' $(E2E_CONF_FILE)
+
+e2e_pull:
+	docker pull gcr.io/k8s-staging-cluster-api/cluster-api-controller:$(CAPI_VERSION)
+	docker pull gcr.io/k8s-staging-cluster-api/kubeadm-bootstrap-controller:$(CAPI_VERSION)
+	docker pull gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller:$(CAPI_VERSION)
+	docker pull quay.io/jetstack/cert-manager-webhook:$(CERT_MANAGER_VERSION)
+	docker pull quay.io/jetstack/cert-manager-controller:$(CERT_MANAGER_VERSION)
+	docker pull quay.io/jetstack/cert-manager-cainjector:$(CERT_MANAGER_VERSION)
+	docker pull kindest/node:$(KUBERNETES_VERSION)
+
+DATA_DIR = e2e/data
+e2e_data:
+	# Download Calico for CNI implementation
+	curl https://docs.projectcalico.org/manifests/calico.yaml -o $(DATA_DIR)/cni/calico/calico.yaml
+	# Copy release template
+	cp release/cluster-template.yaml $(DATA_DIR)/infrastructure-kubernetes/cluster-template/cluster-template.yaml
+	kustomize build $(DATA_DIR)/infrastructure-kubernetes/cluster-template > $(DATA_DIR)/infrastructure-kubernetes/cluster-template.yaml
diff --git a/README.md b/README.md
@@ -31,10 +31,9 @@ On GKE this can be accomplished as follows:
 # The GKE Ubuntu image includes the ipip kernel module
 # Calico handles loading the module if necessary
 # https://github.com/projectcalico/felix/blob/9469e77e0fa530523be915dfaa69cc42d30b8317/dataplane/linux/ipip_mgr.go#L107-L110
-gcloud beta container clusters create management \
+gcloud container clusters create management \
   --image-type=UBUNTU \
-  --machine-type=n1-standard-4 \
-  --cluster-version=1.16
+  --machine-type=n1-standard-4
 
 # Allow IP-in-IP traffic between outer cluster Nodes from inner cluster Pods
 CLUSTER_CIDR=`gcloud container clusters describe management --format="value(clusterIpv4Cidr)"`
@@ -51,7 +50,7 @@ kubectl apply -f hack/forward-ipencap.yaml
 ```sh
 # Install clusterctl
 # https://cluster-api.sigs.k8s.io/user/quick-start.html#install-clusterctl
-CLUSTER_API_VERSION=v0.3.3
+CLUSTER_API_VERSION=v0.3.14
 curl -L https://github.com/kubernetes-sigs/cluster-api/releases/download/$CLUSTER_API_VERSION/clusterctl-`uname -s  | tr '[:upper:]' '[:lower:]'`-amd64 -o clusterctl
 chmod +x ./clusterctl
 sudo mv ./clusterctl /usr/local/bin/clusterctl
@@ -67,11 +66,6 @@ EOF
 
 # Initialise
 clusterctl init --infrastructure kubernetes
-# Apply kubadm control plane RBAC
-# TODO: use aggregation label when available
-# https://github.com/kubernetes-sigs/cluster-api/pull/2685
-CLUSTER_API_KUBERNETES_PROVIDER_VERSION=v0.3.1
-kubectl apply -f https://github.com/dippynark/cluster-api-provider-kubernetes/releases/download/$CLUSTER_API_KUBERNETES_PROVIDER_VERSION/kubeadm-control-plane-rbac.yaml
 ```
 
 ### Configuration

diff --git a/api/v1alpha2/kubernetesmachine_webhook.go b/api/v1alpha2/kubernetesmachine_webhook.go
@@ -31,7 +31,7 @@ func (r *KubernetesMachine) SetupWebhookWithManager(mgr ctrl.Manager) error {
 		Complete()
 }
 
-// +kubebuilder:webhook:path=/mutate-infrastructure-lukeaddison-co-uk-v1alpha2-kubernetesmachine,mutating=true,failurePolicy=fail,matchPolicy=Equivalent,groups=infrastructure.lukeaddison.co.uk,resources=kubernetesmachines,verbs=create;update,versions=v1alpha2,name=mkubernetesmachine.kb.io
+// +kubebuilder:webhook:path=/mutate-infrastructure-lukeaddison-co-uk-v1alpha2-kubernetesmachine,mutating=true,failurePolicy=fail,matchPolicy=Equivalent,groups=infrastructure.lukeaddison.co.uk,resources=kubernetesmachines,verbs=create;update,versions=v1alpha2,name=mkubernetesmachine.kb.io,sideEffects=None,admissionReviewVersions=v1beta1
 
 var _ webhook.Defaulter = &KubernetesMachine{}
 

diff --git a/api/v1alpha3/kubernetesmachine_webhook.go b/api/v1alpha3/kubernetesmachine_webhook.go
@@ -31,7 +31,7 @@ func (r *KubernetesMachine) SetupWebhookWithManager(mgr ctrl.Manager) error {
 		Complete()
 }
 
-// +kubebuilder:webhook:path=/mutate-infrastructure-lukeaddison-co-uk-v1alpha3-kubernetesmachine,mutating=true,failurePolicy=fail,matchPolicy=Equivalent,groups=infrastructure.lukeaddison.co.uk,resources=kubernetesmachines,verbs=create;update,versions=v1alpha3,name=mkubernetesmachine.kb.io
+// +kubebuilder:webhook:path=/mutate-infrastructure-lukeaddison-co-uk-v1alpha3-kubernetesmachine,mutating=true,failurePolicy=fail,matchPolicy=Equivalent,groups=infrastructure.lukeaddison.co.uk,resources=kubernetesmachines,verbs=create;update,versions=v1alpha3,name=mkubernetesmachine.kb.io,sideEffects=None,admissionReviewVersions=v1beta1
 
 var _ webhook.Defaulter = &KubernetesMachine{}
 

diff --git a/config/crd/bases/infrastructure.lukeaddison.co.uk_kubernetesclusters.yaml b/config/crd/bases/infrastructure.lukeaddison.co.uk_kubernetesclusters.yaml
@@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.2.8
+    controller-gen.kubebuilder.io/version: v0.5.0
   creationTimestamp: null
   name: kubernetesclusters.infrastructure.lukeaddison.co.uk
 spec:

diff --git a/config/crd/bases/infrastructure.lukeaddison.co.uk_kubernetesmachines.yaml b/config/crd/bases/infrastructure.lukeaddison.co.uk_kubernetesmachines.yaml
@@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.2.8
+    controller-gen.kubebuilder.io/version: v0.5.0
   creationTimestamp: null
   name: kubernetesmachines.infrastructure.lukeaddison.co.uk
 spec:
@@ -589,6 +589,7 @@ spec:
                           name:
                             type: string
                           protocol:
+                            default: TCP
                             type: string
                         required:
                         - containerPort
@@ -1149,6 +1150,7 @@ spec:
                           name:
                             type: string
                           protocol:
+                            default: TCP
                             type: string
                         required:
                         - containerPort
@@ -1709,6 +1711,7 @@ spec:
                           name:
                             type: string
                           protocol:
+                            default: TCP
                             type: string
                         required:
                         - containerPort
@@ -3423,6 +3426,7 @@ spec:
                           name:
                             type: string
                           protocol:
+                            default: TCP
                             type: string
                         required:
                         - containerPort
@@ -3983,6 +3987,7 @@ spec:
                           name:
                             type: string
                           protocol:
+                            default: TCP
                             type: string
                         required:
                         - containerPort
@@ -4543,6 +4548,7 @@ spec:
                           name:
                             type: string
                           protocol:
+                            default: TCP
                             type: string
                         required:
                         - containerPort

diff --git a/config/crd/bases/infrastructure.lukeaddison.co.uk_kubernetesmachinetemplates.yaml b/config/crd/bases/infrastructure.lukeaddison.co.uk_kubernetesmachinetemplates.yaml
@@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.2.8
+    controller-gen.kubebuilder.io/version: v0.5.0
   creationTimestamp: null
   name: kubernetesmachinetemplates.infrastructure.lukeaddison.co.uk
 spec:
@@ -581,6 +581,7 @@ spec:
                                   name:
                                     type: string
                                   protocol:
+                                    default: TCP
                                     type: string
                                 required:
                                 - containerPort
@@ -1141,6 +1142,7 @@ spec:
                                   name:
                                     type: string
                                   protocol:
+                                    default: TCP
                                     type: string
                                 required:
                                 - containerPort
@@ -1701,6 +1703,7 @@ spec:
                                   name:
                                     type: string
                                   protocol:
+                                    default: TCP
                                     type: string
                                 required:
                                 - containerPort
@@ -3400,6 +3403,7 @@ spec:
                                   name:
                                     type: string
                                   protocol:
+                                    default: TCP
                                     type: string
                                 required:
                                 - containerPort
@@ -3960,6 +3964,7 @@ spec:
                                   name:
                                     type: string
                                   protocol:
+                                    default: TCP
                                     type: string
                                 required:
                                 - containerPort
@@ -4520,6 +4525,7 @@ spec:
                                   name:
                                     type: string
                                   protocol:
+                                    default: TCP
                                     type: string
                                 required:
                                 - containerPort

diff --git a/config/kubeadm-control-plane-rbac/kustomization.yaml b/config/kubeadm-control-plane-rbac/kustomization.yaml
diff --git a/config/kubeadm-control-plane-rbac/rbac.yaml b/config/kubeadm-control-plane-rbac/rbac.yaml
diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml
@@ -2,12 +2,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - manager.yaml
-patchesStrategicMerge:
-- manager_pull_policy.yaml
   # Protect the /metrics endpoint by putting it behind auth. Only one of
   # manager_auth_proxy_patch.yaml and manager_prometheus_metrics_patch.yaml should be enabled.
+patchesStrategicMerge:
+- manager_pull_policy.yaml
 - manager_auth_proxy_patch.yaml
-  # If you want your controller-manager to expose the /metrics endpoint w/o any authn/z, uncomment
-  # the following line and comment manager_auth_proxy_patch.yaml. Only one of
-  # manager_auth_proxy_patch.yaml and manager_prometheus_metrics_patch.yaml should be enabled.
-# - manager_prometheus_metrics_patch.yaml
+images:
+- name: controller
+  newName: docker.io/dippynark/cluster-api-kubernetes-controller
+  newTag: dev
diff --git a/config/manager/manager_pull_policy.yaml b/config/manager/manager_pull_policy.yaml
@@ -8,4 +8,4 @@ spec:
     spec:
       containers:
       - name: manager
-        imagePullPolicy: Always
+        imagePullPolicy: IfNotPresent
diff --git a/config/rbac/capi_kubeadm_control_plane_role.yaml b/config/rbac/capi_kubeadm_control_plane_role.yaml
@@ -0,0 +1,20 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: capi-kubeadm-control-plane
+  labels:
+    kubeadm.controlplane.cluster.x-k8s.io/aggregate-to-manager: "true"
+rules:
+- apiGroups:
+  - infrastructure.lukeaddison.co.uk
+  resources:
+  - kubernetesmachines
+  - kubernetesmachinetemplates
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml
@@ -10,3 +10,4 @@ resources:
 - auth_proxy_role.yaml
 - auth_proxy_role_binding.yaml
 - capi_role.yaml
+- capi_kubeadm_control_plane_role.yaml