Add cluster-capi-operator integration #266
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
|
Skipping CI for Draft Pull Request. |
mdbooth
force-pushed
the
cluster-capi-operator-wip
branch
4 times, most recently
from
f1ead72
to
b99cbac
Compare
mdbooth
force-pushed
the
cluster-capi-operator-wip
branch
3 times, most recently
from
d95ebe8
to
51c2e63
Compare
EmilienM
force-pushed
the
cluster-capi-operator-wip
branch
from
0e83084
to
d7cfdf6
Compare
| - /infracluster-controller | ||
| args: | ||
| - "--leader-elect" | ||
| - "--metrics-bind-address=127.0.0.1:8080" |
There was a problem hiding this comment.
FYI this will very likely change once kubernetes-sigs#1731 has merged and will be backported in 4.15.
| imagePullPolicy: Always | ||
| name: manager | ||
| ports: | ||
| - containerPort: 8081 |
There was a problem hiding this comment.
if it's the CAPO controller, it's 9440
| ports: | ||
| - containerPort: 8081 | ||
| name: healthz | ||
| protocol: TCP |
There was a problem hiding this comment.
We'll also need :
- containerPort: 8443
name: metrics
protocol: TCP
After kubernetes-sigs#1731 has merged and been downstreamed.
| newName: quay.io/mbooth/cluster-api-provider-openstack | ||
| newTag: v0.8.0-openshift.3 | ||
|
|
||
| replacements: |
There was a problem hiding this comment.
I have no idea if it has an impact but I'll mention it here in case, we might need to apply the new RBAC rules for the authorized diagnostics endpoint: https://github.com/kubernetes-sigs/cluster-api-provider-openstack/pull/1731/files#diff-2873f79a86c0d8b3335cd7731b0ecf7dd4301eb19a82ef7a1cba7589b5252261R148-R150
Once we get new CAPI, see https://github.com/kubernetes-sigs/cluster-api-provider-openstack/pull/1731/files#diff-2873f79a86c0d8b3335cd7731b0ecf7dd4301eb19a82ef7a1cba7589b5252261R148-R150
|
I've dropped a few comments with are low value for now, just FYIs I guess. I'm sure all this stuff is generated anyway? |
mdbooth
force-pushed
the
cluster-capi-operator-wip
branch
4 times, most recently
from
ede16ea
to
bd77a87
Compare
mdbooth
force-pushed
the
cluster-capi-operator-wip
branch
from
bd77a87
to
b86d6ff
Compare
mdbooth
changed the title
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
/hold |
openshift-ci
bot
added
the
do-not-merge/hold
|
/test images |
|
@mdbooth: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
| k8s.io/api v0.28.2 | ||
| k8s.io/apimachinery v0.28.2 | ||
| k8s.io/client-go v0.28.1 |
There was a problem hiding this comment.
FYI:
For all the other CAPI providers we are forking we are one version lower than the expected k8s version for that OCP next release.
So for example since in 4.15 we are on 1.28, the k8s and controller runtime deps for the CAPI forks are all 0.28-0.01 = k8s 0.27 deps.
This is because not all of them have readily available releases with k8s deps matching the expected k8s version for the OCP release.
The deps are also kept in sync with the cluster-capi-operator for API imports compatibility.
There was a problem hiding this comment.
This also aligns with the k8s and controller-runtime deps that go in tandem with the 1.5.2 CAPI release we (cluster-capi-operator) and CAPO (atm) are pinning to: https://github.com/kubernetes-sigs/cluster-api/blob/3290c5a28ed28c1909713e59e5d481a3e8f68a90/go.mod#L36-L48
So I'd advise to switch this to 0.27 for now.
We are planning to revisit this versioning/pinning mechanism in the future.
There was a problem hiding this comment.
This is the infra cluster controller, though. It'll be bumped soon in CAPI and the upgrade is a bit of a PITA, so I decided to use the new version for the new controller.
There was a problem hiding this comment.
For CAPO itself, are you suggesting we intentionally stay on an old version with old deps?
There was a problem hiding this comment.
For the other CAP* providers we are rebasing/merging on top of explicit upstream releases.
Unfortunately the providers are not always quick at releasing with the most recent k8s dependencies. For example even cluster-api has not yet put out a stable releases which uses 0.28 dependencies (1.5.3 is on k8s 0.27 and c-r 0.15.x).
As such given we are referencing explicit releases for providers, which as of now are using CAPI 1.5.3, which uses 0.27, our approach with them is to keep our deps to 0.27, 1.5.x and 0.15.x.
Hence I'd suggest to keep CAPO to 0.27 et. al. until we figure out a better strategy for this.
| } | ||
|
|
||
| // ensureCAPICluster creates a new CAPI cluster if none exists. It will not modify an existing cluster. | ||
| func (r *OpenShiftClusterReconciler) ensureCAPICluster(ctx context.Context, log logr.Logger, infrastructure *openshiftconfig.Infrastructure, openStackCluster *infrav1.OpenStackCluster, co *openshiftconfig.ClusterOperator) error { |
There was a problem hiding this comment.
Setting this up is ok for now.
Although we might want to move this into the cluster-capi-operator in the future if we decide to detect the InfraCluster and set the CAPI Cluster up from there, centrally.
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mandre The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
/hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
|
[ART PR BUILD NOTIFIER] This PR has been included in build openstack-cluster-api-controllers-container-v4.15.0-202311281110.p0.ga1d41d1.assembly.stream for distgit openstack-cluster-api-controllers. |
SecurityGroupParam
No description provided.