Skip to content

Commit

Permalink
install network policies
Browse files Browse the repository at this point in the history
  • Loading branch information
aojea committed May 14, 2024
1 parent 8ecc276 commit fa99ef1
Show file tree
Hide file tree
Showing 2 changed files with 78 additions and 1 deletion.
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
/*
Copyright 2019 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

// Package installnetworkpolicies implements the install Network Policy action
package installnetworkpolicies

import (
"bytes"
"strings"

"sigs.k8s.io/kind/pkg/errors"

"sigs.k8s.io/kind/pkg/cluster/internal/create/actions"
"sigs.k8s.io/kind/pkg/cluster/nodeutils"
)

type action struct{}

// NewAction returns a new action for installing storage
func NewAction() actions.Action {
return &action{}
}

// Execute runs the action
func (a *action) Execute(ctx *actions.ActionContext) error {
ctx.Status.Start("Installing Network Policies 🔒")
defer ctx.Status.End(false)

allNodes, err := ctx.Nodes()
if err != nil {
return err
}

// get the target node for this task
controlPlanes, err := nodeutils.ControlPlaneNodes(allNodes)
if err != nil {
return err
}
node := controlPlanes[0] // kind expects at least one always

// read the manifest from the node
var raw bytes.Buffer
if err := node.Command("cat", "/kind/manifests/default-network-policy.yaml").SetStdout(&raw).Run(); err != nil {
return errors.Wrap(err, "failed to read Network Policies manifest")
}
manifest := raw.String()

// apply the manifest
in := strings.NewReader(manifest)
cmd := node.Command(
"kubectl",
"--kubeconfig=/etc/kubernetes/admin.conf", "apply", "-f", "-",
)
cmd.SetStdin(in)
if err := cmd.Run(); err != nil {
return err
}

// mark success
ctx.Status.End(true)
return nil
}
4 changes: 3 additions & 1 deletion pkg/cluster/internal/create/create.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ import (
"sigs.k8s.io/kind/pkg/cluster/internal/create/actions"
configaction "sigs.k8s.io/kind/pkg/cluster/internal/create/actions/config"
"sigs.k8s.io/kind/pkg/cluster/internal/create/actions/installcni"
"sigs.k8s.io/kind/pkg/cluster/internal/create/actions/installnetworkpolicies"
"sigs.k8s.io/kind/pkg/cluster/internal/create/actions/installstorage"
"sigs.k8s.io/kind/pkg/cluster/internal/create/actions/kubeadminit"
"sigs.k8s.io/kind/pkg/cluster/internal/create/actions/kubeadmjoin"
Expand Down Expand Up @@ -118,7 +119,8 @@ func Cluster(logger log.Logger, p providers.Provider, opts *ClusterOptions) erro
// this step might be skipped, but is next after init
if !opts.Config.Networking.DisableDefaultCNI {
actionsToRun = append(actionsToRun,
installcni.NewAction(), // install CNI
installcni.NewAction(), // install CNI
installnetworkpolicies.NewAction(), // install Network Policies
)
}
// add remaining steps
Expand Down

0 comments on commit fa99ef1

Please sign in to comment.