feat: use the code way to install core-dns

Signed-off-by: qiuwei <qiuwei_yewu@cmss.chinamobile.com>
kosmos-io · May 27, 2024 · 398f85d · 398f85d
1 parent db9253b
commit 398f85d
Show file tree

Hide file tree

Showing 15 changed files with 600 additions and 156 deletions.
diff --git a/deploy/virtual-cluster-operator.yml b/deploy/virtual-cluster-operator.yml
@@ -113,6 +113,8 @@ spec:
             value: ghcr.io/kosmos-io
           - name: IMAGE_VERSION
             value: v1.25.7
+          - name: COREDNS_IMAGE_TAG
+            value: v1.9.3
             # Enter the ip address of a master node
           - name: EXECTOR_HOST_MASTER_NODE_IP
             value: 192.168.0.1

diff --git a/pkg/kubenest/constants/constant.go b/pkg/kubenest/constants/constant.go
@@ -9,8 +9,9 @@ const (
 	KosmosJoinControllerName      = "kosmos-join-controller"
 	KosmosNs                      = "kosmos-system"
 	SystemNs                      = "kube-system"
-	DefauleImageRepositoryEnv     = "IMAGE_REPOSITIRY"
-	DefauleImageVersionEnv        = "IMAGE_VERSION"
+	DefaultImageRepositoryEnv     = "IMAGE_REPOSITIRY"
+	DefaultImageVersionEnv        = "IMAGE_VERSION"
+	DefaultCoreDnsImageTagEnv     = "COREDNS_IMAGE_TAG"
 	VirtualClusterFinalizerName   = "kosmos.io/virtual-cluster-finalizer"
 	ServiceType                   = "NodePort"
 	EtcdServiceType               = "ClusterIP"

diff --git a/pkg/kubenest/controller/kosmos/kosmos_join_controller.go b/pkg/kubenest/controller/kosmos/kosmos_join_controller.go
@@ -268,7 +268,7 @@ func (c *KosmosJoinController) DeployKosmos(ctx context.Context, request reconci
 	klog.Infof("Secret %s/%s-clustertree-cluster-manager has been created. ", request.Namespace, request.Name)
 
 	klog.Infof("Start creating kosmos-clustertree deployment %s/%s-clustertree-cluster-manager...", request.Namespace, request.Name)
-	imageRepository := os.Getenv(constants.DefauleImageRepositoryEnv)
+	imageRepository := os.Getenv(constants.DefaultImageRepositoryEnv)
 	if len(imageRepository) == 0 {
 		imageRepository = utils.DefaultImageRepository
 	}

diff --git a/pkg/kubenest/controlplane/coredns/coredns.go b/pkg/kubenest/controlplane/coredns/coredns.go
@@ -0,0 +1,154 @@
+package coredns
+
+import (
+	"fmt"
+
+	"github.com/pkg/errors"
+	appsv1 "k8s.io/api/apps/v1"
+	v1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/util/yaml"
+	"k8s.io/client-go/dynamic"
+	clientset "k8s.io/client-go/kubernetes"
+
+	"github.com/kosmos.io/kosmos/pkg/kubenest/manifest/controlplane/coredns/host"
+	"github.com/kosmos.io/kosmos/pkg/kubenest/manifest/controlplane/coredns/virtualcluster"
+	"github.com/kosmos.io/kosmos/pkg/kubenest/util"
+)
+
+func EnsureHostCoreDns(client clientset.Interface, name, namespace string) error {
+
+	err := installCoreDnsConfigMap(client, namespace)
+	if err != nil {
+		return err
+	}
+
+	err = EnsureCoreDnsRBAC(client, namespace, name)
+	if err != nil {
+		return err
+	}
+
+	err = installCoreDnsDeployment(client, name, namespace)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func EnsureVirtualClusterCoreDns(dynamicClient dynamic.Interface, templateMapping map[string]interface{}) error {
+	err := installCoreDnsEndpointsInVirtualCluster(dynamicClient, templateMapping)
+	if err != nil {
+		return err
+	}
+
+	err = installCoreDnsServiceInVirtualCluster(dynamicClient, templateMapping)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func installCoreDnsDeployment(client clientset.Interface, name, namespace string) error {
+	imageRepository, _ := util.GetImageMessage()
+	imageTag := util.GetCoreDnsImageTag()
+	coreDnsDeploymentBytes, err := util.ParseTemplate(host.CoreDnsDeployment, struct {
+		Namespace, Name, ImageRepository, CoreDNSImageTag string
+	}{
+		Namespace:       namespace,
+		Name:            name,
+		ImageRepository: imageRepository,
+		CoreDNSImageTag: imageTag,
+	})
+	if err != nil {
+		return fmt.Errorf("error when parsing core-dns deployment template: %w", err)
+	}
+	coreDnsDeployment := &appsv1.Deployment{}
+	if err := yaml.Unmarshal([]byte(coreDnsDeploymentBytes), coreDnsDeployment); err != nil {
+		return fmt.Errorf("error when decoding core-dns deployment: %w", err)
+	}
+
+	if err := util.CreateOrUpdateDeployment(client, coreDnsDeployment); err != nil {
+		return fmt.Errorf("error when creating deployment for %s, err: %w", coreDnsDeployment.Name, err)
+	}
+	return nil
+}
+
+func getCoreDnsConfigMapManifest(namespace string) (*v1.ConfigMap, error) {
+	coreDnsConfigMapBytes, err := util.ParseTemplate(host.CoreDnsCM, struct {
+		Namespace string
+	}{
+		Namespace: namespace,
+	})
+	if err != nil {
+		return nil, fmt.Errorf("error when parsing core-dns configMap template: %w", err)
+	}
+
+	config := &v1.ConfigMap{}
+	if err := yaml.Unmarshal([]byte(coreDnsConfigMapBytes), config); err != nil {
+		return nil, fmt.Errorf("err when decoding core-dns configMap: %w", err)
+	}
+
+	return config, nil
+}
+
+func installCoreDnsConfigMap(client clientset.Interface, namespace string) error {
+	config, err := getCoreDnsConfigMapManifest(namespace)
+	if err != nil {
+		return err
+	}
+
+	if err := util.CreateOrUpdateConfigMap(client, config); err != nil {
+		return fmt.Errorf("error when creating configMap for %s, err: %w", config.Name, err)
+	}
+	return nil
+}
+
+func installCoreDnsServiceInVirtualCluster(dynamicClient dynamic.Interface, templateMapping map[string]interface{}) error {
+	coreDnsServiceInVcBytes, err := util.ParseTemplate(virtualcluster.CoreDnsService, templateMapping)
+	if err != nil {
+		return fmt.Errorf("error when parsing core-dns service in virtual cluster template: %w", err)
+	}
+	var obj unstructured.Unstructured
+	if err := yaml.Unmarshal([]byte(coreDnsServiceInVcBytes), &obj); err != nil {
+		return fmt.Errorf("err when decoding core-dns service in virtual cluster: %w", err)
+	}
+
+	err = util.CreateObject(dynamicClient, obj.GetNamespace(), obj.GetName(), &obj)
+	if err != nil {
+		return fmt.Errorf("error when creating core-dns service in virtual cluster err: %w", err)
+	}
+	return nil
+}
+
+func installCoreDnsEndpointsInVirtualCluster(dynamicClient dynamic.Interface, templateMapping map[string]interface{}) error {
+	coreDnsEndpointsInVcBytes, err := util.ParseTemplate(virtualcluster.CoreDnsEndpoints, templateMapping)
+	if err != nil {
+		return fmt.Errorf("error when parsing core-dns service in virtual cluster template: %w", err)
+	}
+	var obj unstructured.Unstructured
+	if err := yaml.Unmarshal([]byte(coreDnsEndpointsInVcBytes), &obj); err != nil {
+		return fmt.Errorf("err when decoding core-dns service in virtual cluster: %w", err)
+	}
+
+	err = util.CreateObject(dynamicClient, obj.GetNamespace(), obj.GetName(), &obj)
+	if err != nil {
+		return fmt.Errorf("error when creating core-dns service in virtual cluster err: %w", err)
+	}
+	return nil
+}
+
+func DeleteCoreDnsDeployment(client clientset.Interface, name, namespace string) error {
+	// delete deployment
+	deployName := fmt.Sprintf("%s-%s", name, "coredns")
+	if err := util.DeleteDeployment(client, deployName, namespace); err != nil {
+		return errors.Wrapf(err, "Failed to delete deployment %s/%s", deployName, namespace)
+	}
+
+	// delete configmap
+	cmName := "coredns"
+	if err := util.DeleteConfigmap(client, cmName, namespace); err != nil {
+		return errors.Wrapf(err, "Failed to delete configmap %s/%s", cmName, namespace)
+	}
+
+	return nil
+}
diff --git a/pkg/kubenest/controlplane/coredns/rbac.go b/pkg/kubenest/controlplane/coredns/rbac.go
@@ -0,0 +1,77 @@
+package coredns
+
+import (
+	"fmt"
+
+	v1 "k8s.io/api/core/v1"
+	rbacv1 "k8s.io/api/rbac/v1"
+	"k8s.io/apimachinery/pkg/util/yaml"
+	clientset "k8s.io/client-go/kubernetes"
+
+	"github.com/kosmos.io/kosmos/pkg/kubenest/manifest/controlplane/coredns/host"
+	"github.com/kosmos.io/kosmos/pkg/kubenest/util"
+)
+
+func EnsureCoreDnsRBAC(client clientset.Interface, namespace string, name string) error {
+	if err := grantCoreDnsClusterSA(client, namespace); err != nil {
+		return err
+	}
+	if err := grantCoreDnsClusterRoleBinding(client, namespace, name); err != nil {
+		return err
+	}
+	if err := grantCoreDnsClusterRole(client, name); err != nil {
+		return err
+	}
+	return nil
+}
+
+func grantCoreDnsClusterSA(client clientset.Interface, namespace string) error {
+	coreDnsClusterSABytes, err := util.ParseTemplate(host.CoreDnsSA, struct {
+		Namespace string
+	}{
+		Namespace: namespace,
+	})
+	if err != nil {
+		return fmt.Errorf("error when parsing core-dns sa template: %w", err)
+	}
+	serviceAccount := &v1.ServiceAccount{}
+	if err := yaml.Unmarshal([]byte(coreDnsClusterSABytes), serviceAccount); err != nil {
+		return fmt.Errorf("err when decoding core-dns view Clusterrole: %w", err)
+	}
+	return util.CreateOrUpdateClusterSA(client, serviceAccount, namespace)
+}
+
+func grantCoreDnsClusterRoleBinding(client clientset.Interface, namespace string, name string) error {
+	coreDnsClusterRoleBindingBytes, err := util.ParseTemplate(host.CoreDnsClusterRoleBinding, struct {
+		Name      string
+		Namespace string
+	}{
+		Name:      name,
+		Namespace: namespace,
+	})
+	if err != nil {
+		return fmt.Errorf("error when parsing core-dns role binding template: %w", err)
+	}
+	viewClusterRoleBinding := &rbacv1.ClusterRoleBinding{}
+
+	if err := yaml.Unmarshal([]byte(coreDnsClusterRoleBindingBytes), viewClusterRoleBinding); err != nil {
+		return fmt.Errorf("err when decoding core-dns Clusterrole Binding: %w", err)
+	}
+	return util.CreateOrUpdateClusterRoleBinding(client, viewClusterRoleBinding)
+}
+
+func grantCoreDnsClusterRole(client clientset.Interface, name string) error {
+	viewClusterRole := &rbacv1.ClusterRole{}
+	coreDnsClusterRoleBytes, err := util.ParseTemplate(host.CoreDnsClusterRole, struct {
+		Name string
+	}{
+		Name: name,
+	})
+	if err != nil {
+		return fmt.Errorf("error when parsing core-dns cluster role template: %w", err)
+	}
+	if err := yaml.Unmarshal([]byte(coreDnsClusterRoleBytes), viewClusterRole); err != nil {
+		return fmt.Errorf("err when decoding core-dns Clusterrole: %w", err)
+	}
+	return util.CreateOrUpdateClusterRole(client, viewClusterRole)
+}
diff --git a/pkg/kubenest/controlplane/service.go b/pkg/kubenest/controlplane/service.go
@@ -14,6 +14,7 @@ import (
 
 	"github.com/kosmos.io/kosmos/pkg/kubenest/constants"
 	"github.com/kosmos.io/kosmos/pkg/kubenest/manifest/controlplane/apiserver"
+	"github.com/kosmos.io/kosmos/pkg/kubenest/manifest/controlplane/coredns/host"
 	"github.com/kosmos.io/kosmos/pkg/kubenest/manifest/controlplane/etcd"
 	"github.com/kosmos.io/kosmos/pkg/kubenest/util"
 )
@@ -30,6 +31,7 @@ func DeleteVirtualClusterService(client clientset.Interface, name, namespace str
 		fmt.Sprintf("%s-%s", name, "apiserver"),
 		fmt.Sprintf("%s-%s", name, "etcd"),
 		fmt.Sprintf("%s-%s", name, "etcd-client"),
+		"kube-dns",
 	}
 	for _, service := range services {
 		err := client.CoreV1().Services(namespace).Delete(context.TODO(), service, metav1.DeleteOptions{})
@@ -109,6 +111,7 @@ func createServerService(client clientset.Interface, name, namespace string, por
 		return fmt.Errorf("error when creating etcd client service, err: %w", err)
 	}
 
+	//etcd-client service
 	etcdClientServiceBytes, err := util.ParseTemplate(etcd.EtcdClientService, struct {
 		ServiceName, Namespace string
 		EtcdListenClientPort   int32
@@ -130,6 +133,25 @@ func createServerService(client clientset.Interface, name, namespace string, por
 		return fmt.Errorf("err when creating etcd client service, err: %w", err)
 	}
 
+	//core-dns service
+	coreDnsServiceBytes, err := util.ParseTemplate(host.CoreDnsService, struct {
+		Namespace string
+	}{
+		Namespace: namespace,
+	})
+	if err != nil {
+		return fmt.Errorf("error when parsing core-dns serive template: %w", err)
+	}
+
+	coreDnsService := &corev1.Service{}
+	if err := yaml.Unmarshal([]byte(coreDnsServiceBytes), coreDnsService); err != nil {
+		return fmt.Errorf("err when decoding core-dns service: %w", err)
+	}
+
+	if err := createOrUpdateService(client, coreDnsService); err != nil {
+		return fmt.Errorf("err when creating core-dns service, err: %w", err)
+	}
+
 	return nil
 }
 

diff --git a/pkg/kubenest/manifest/controlplane/coredns/host/manifest_configmap.go b/pkg/kubenest/manifest/controlplane/coredns/host/manifest_configmap.go
@@ -0,0 +1,34 @@
+package host
+
+const (
+	CoreDnsCM = `
+apiVersion: v1
+data:
+  Corefile: |
+    .:53 {
+        errors
+        health {
+           lameduck 5s
+        }
+        ready
+        kubernetes cluster.local in-addr.arpa ip6.arpa {
+           pods insecure
+           fallthrough in-addr.arpa ip6.arpa
+           ttl 30
+           kubeconfig /etc/apiserver/kubeconfig
+        }
+        prometheus :9153
+        forward . /etc/resolv.conf {
+           max_concurrent 1000
+        }
+        cache 30
+        loop
+        reload
+        loadbalance
+    }
+kind: ConfigMap
+metadata:
+  name: coredns
+  namespace: {{ .Namespace }}
+`
+)