-
Notifications
You must be signed in to change notification settings - Fork 392
/
render.go
814 lines (734 loc) · 27.5 KB
/
render.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
package template
import (
"bytes"
"fmt"
"net/url"
"os"
"path/filepath"
"regexp"
"sort"
"strings"
"text/template"
"k8s.io/klog/v2"
configv1 "github.com/openshift/api/config/v1"
"github.com/openshift/library-go/pkg/cloudprovider"
"github.com/openshift/library-go/pkg/operator/configobserver/featuregates"
mcfgv1 "github.com/openshift/api/machineconfiguration/v1"
"github.com/openshift/machine-config-operator/pkg/constants"
ctrlcommon "github.com/openshift/machine-config-operator/pkg/controller/common"
"github.com/openshift/machine-config-operator/pkg/version"
)
type LoadBalancerIPState string
const (
availableLBIPState LoadBalancerIPState = "Available"
absentLBIPState LoadBalancerIPState = "Absent"
defaultLBIPState LoadBalancerIPState = "Default"
)
// RenderConfig is wrapper around ControllerConfigSpec.
type RenderConfig struct {
*mcfgv1.ControllerConfigSpec
PullSecret string
InternalRegistryPullSecret string
FeatureGateAccess featuregates.FeatureGateAccess
// no need to set this, will be automatically configured
Constants map[string]string
}
const (
filesDir = "files"
unitsDir = "units"
platformBase = "_base"
platformOnPrem = "on-prem"
sno = "sno"
)
// generateTemplateMachineConfigs returns MachineConfig objects from the templateDir and a config object
// expected directory structure for correctly templating machine configs: <templatedir>/<role>/<name>/<platform>/<type>/<tmpl_file>
//
// All files from platform _base are always included, and may be overridden or
// supplemented by platform-specific templates.
//
// ex:
// templates/worker/00-worker/_base/units/kubelet.conf.tmpl
// /files/hostname.tmpl
// /aws/units/kubelet-dropin.conf.tmpl
// /01-worker-kubelet/_base/files/random.conf.tmpl
// /master/00-master/_base/units/kubelet.tmpl
// /files/hostname.tmpl
func generateTemplateMachineConfigs(config *RenderConfig, templateDir string) ([]*mcfgv1.MachineConfig, error) {
infos, err := ctrlcommon.ReadDir(templateDir)
if err != nil {
return nil, err
}
cfgs := []*mcfgv1.MachineConfig{}
for _, info := range infos {
if !info.IsDir() {
klog.Infof("ignoring non-directory path %q", info.Name())
continue
}
role := info.Name()
if role == "common" {
continue
}
roleConfigs, err := GenerateMachineConfigsForRole(config, role, templateDir)
if err != nil {
return nil, fmt.Errorf("failed to create MachineConfig for role %s: %w", role, err)
}
cfgs = append(cfgs, roleConfigs...)
}
// tag all machineconfigs with the controller version
for _, cfg := range cfgs {
if cfg.Annotations == nil {
cfg.Annotations = map[string]string{}
}
cfg.Annotations[ctrlcommon.GeneratedByControllerVersionAnnotationKey] = version.Hash
}
return cfgs, nil
}
// GenerateMachineConfigsForRole creates MachineConfigs for the role provided
func GenerateMachineConfigsForRole(config *RenderConfig, role, templateDir string) ([]*mcfgv1.MachineConfig, error) {
rolePath := role
//nolint:goconst
if role != "worker" && role != "master" {
// custom pools are only allowed to be worker's children
// and can reuse the worker templates
rolePath = "worker"
}
path := filepath.Join(templateDir, rolePath)
infos, err := ctrlcommon.ReadDir(path)
if err != nil {
return nil, err
}
cfgs := []*mcfgv1.MachineConfig{}
// This func doesn't process "common"
// common templates are only added to 00-<role>
// templates/<role>/{00-<role>,01-<role>-container-runtime,01-<role>-kubelet}
var commonAdded bool
for _, info := range infos {
if !info.IsDir() {
klog.Infof("ignoring non-directory path %q", info.Name())
continue
}
name := info.Name()
namePath := filepath.Join(path, name)
nameConfig, err := generateMachineConfigForName(config, role, name, templateDir, namePath, &commonAdded)
if err != nil {
return nil, err
}
cfgs = append(cfgs, nameConfig)
}
return cfgs, nil
}
func platformStringFromControllerConfigSpec(ic *mcfgv1.ControllerConfigSpec) (string, error) {
if ic.Infra == nil {
ic.Infra = &configv1.Infrastructure{
Status: configv1.InfrastructureStatus{},
}
}
if ic.Infra.Status.PlatformStatus == nil {
ic.Infra.Status.PlatformStatus = &configv1.PlatformStatus{
Type: "",
}
}
switch ic.Infra.Status.PlatformStatus.Type {
case "":
// if Platform is nil, return nil platform and an error message
return "", fmt.Errorf("cannot generate MachineConfigs when no platformStatus.type is set")
case platformBase:
return "", fmt.Errorf("platform _base unsupported")
case configv1.AWSPlatformType, configv1.AlibabaCloudPlatformType, configv1.AzurePlatformType, configv1.BareMetalPlatformType, configv1.GCPPlatformType, configv1.OpenStackPlatformType, configv1.LibvirtPlatformType, configv1.OvirtPlatformType, configv1.VSpherePlatformType, configv1.KubevirtPlatformType, configv1.PowerVSPlatformType, configv1.NonePlatformType, configv1.ExternalPlatformType, configv1.NutanixPlatformType:
return strings.ToLower(string(ic.Infra.Status.PlatformStatus.Type)), nil
default:
// platformNone is used for a non-empty, but currently unsupported platform.
// This allows us to incrementally roll out new platforms across the project
// by provisioning platforms before all support is added.
klog.Warningf("Warning: the controller config referenced an unsupported platform: %v", ic.Infra.Status.PlatformStatus.Type)
return strings.ToLower(string(configv1.NonePlatformType)), nil
}
}
func filterTemplates(toFilter map[string]string, path string, config *RenderConfig) error {
walkFn := func(path string, info os.FileInfo, err error) error {
if err != nil {
return err
}
if info.IsDir() {
return nil
}
// empty templates signify don't create
if info.Size() == 0 {
delete(toFilter, info.Name())
return nil
}
filedata, err := os.ReadFile(path)
if err != nil {
return fmt.Errorf("failed to read file %q: %w", path, err)
}
// Render the template file
renderedData, err := renderTemplate(*config, path, filedata)
if err != nil {
return err
}
// A template may result in no data when rendered, for example if the
// whole template is conditioned to specific values in render config.
// The intention is there shouldn't be any resulting file or unit form
// this template and thus we filter it here.
// Also trim the data in case the data only consists of an extra line or space
if len(bytes.TrimSpace(renderedData)) > 0 {
toFilter[info.Name()] = string(renderedData)
}
return nil
}
return filepath.Walk(path, walkFn)
}
func getPaths(config *RenderConfig, platformString string) []string {
platformBasedPaths := []string{platformBase}
if onPremPlatform(config.Infra.Status.PlatformStatus.Type) {
platformBasedPaths = append(platformBasedPaths, platformOnPrem)
}
// specific platform should be the last one in order
// to override on-prem files in case needed
platformBasedPaths = append(platformBasedPaths, platformString)
// sno is specific case and it should override even specific platform files
if config.Infra.Status.ControlPlaneTopology == configv1.SingleReplicaTopologyMode {
platformBasedPaths = append(platformBasedPaths, sno)
}
return platformBasedPaths
}
func generateMachineConfigForName(config *RenderConfig, role, name, templateDir, path string, commonAdded *bool) (*mcfgv1.MachineConfig, error) {
platformString, err := platformStringFromControllerConfigSpec(config.ControllerConfigSpec)
if err != nil {
return nil, err
}
platformDirs := []string{}
platformBasedPaths := getPaths(config, platformString)
if !*commonAdded {
// Loop over templates/common which applies everywhere
for _, dir := range platformBasedPaths {
basePath := filepath.Join(templateDir, "common", dir)
exists, err := existsDir(basePath)
if err != nil {
return nil, err
}
if !exists {
continue
}
platformDirs = append(platformDirs, basePath)
}
*commonAdded = true
}
// And now over the target e.g. templates/master/00-master,01-master-container-runtime,01-master-kubelet
for _, dir := range platformBasedPaths {
platformPath := filepath.Join(path, dir)
exists, err := existsDir(platformPath)
if err != nil {
return nil, err
}
if !exists {
continue
}
platformDirs = append(platformDirs, platformPath)
}
files := map[string]string{}
units := map[string]string{}
// walk all role dirs, with later ones taking precedence
for _, platformDir := range platformDirs {
p := filepath.Join(platformDir, filesDir)
exists, err := existsDir(p)
if err != nil {
return nil, err
}
if exists {
if err := filterTemplates(files, p, config); err != nil {
return nil, err
}
}
p = filepath.Join(platformDir, unitsDir)
exists, err = existsDir(p)
if err != nil {
return nil, err
}
if exists {
if err := filterTemplates(units, p, config); err != nil {
return nil, err
}
}
}
// keySortVals returns a list of values, sorted by key
// we need the lists of files and units to have a stable ordering for the checksum
keySortVals := func(m map[string]string) []string {
ks := []string{}
for k := range m {
ks = append(ks, k)
}
sort.Strings(ks)
vs := []string{}
for _, k := range ks {
vs = append(vs, m[k])
}
return vs
}
ignCfg, err := ctrlcommon.TranspileCoreOSConfigToIgn(keySortVals(files), keySortVals(units))
if err != nil {
return nil, fmt.Errorf("error transpiling CoreOS config to Ignition config: %w", err)
}
mcfg, err := ctrlcommon.MachineConfigFromIgnConfig(role, name, ignCfg)
if err != nil {
return nil, fmt.Errorf("error creating MachineConfig from Ignition config: %w", err)
}
// TODO(jkyros): you might think you can remove this since we override later when we merge
// config, but resourcemerge doesn't blank this field out once it's populated
// so if you end up on a cluster where it was ever populated in this machineconfig, it
// will keep that last value forever once you upgrade...which is a problen now that we allow OSImageURL overrides
// because it will look like an override when it shouldn't be. So don't take this out until you've solved that.
// And inject the osimageurl here
mcfg.Spec.OSImageURL = ctrlcommon.GetDefaultBaseImageContainer(config.ControllerConfigSpec)
return mcfg, nil
}
// renderTemplate renders a template file with values from a RenderConfig
// returns the rendered file data
func renderTemplate(config RenderConfig, path string, b []byte) ([]byte, error) {
funcs := ctrlcommon.GetTemplateFuncMap()
funcs["skip"] = skipMissing
funcs["cloudProvider"] = cloudProvider
funcs["cloudConfigFlag"] = cloudConfigFlag
funcs["credentialProviderConfigFlag"] = credentialProviderConfigFlag
funcs["onPremPlatformAPIServerInternalIP"] = onPremPlatformAPIServerInternalIP
funcs["onPremPlatformAPIServerInternalIPs"] = onPremPlatformAPIServerInternalIPs
funcs["onPremPlatformIngressIP"] = onPremPlatformIngressIP
funcs["onPremPlatformIngressIPs"] = onPremPlatformIngressIPs
funcs["onPremPlatformShortName"] = onPremPlatformShortName
funcs["urlHost"] = urlHost
funcs["urlPort"] = urlPort
funcs["isOpenShiftManagedDefaultLB"] = isOpenShiftManagedDefaultLB
funcs["cloudPlatformAPIIntLoadBalancerIPs"] = cloudPlatformAPIIntLoadBalancerIPs
funcs["cloudPlatformAPILoadBalancerIPs"] = cloudPlatformAPILoadBalancerIPs
funcs["cloudPlatformIngressLoadBalancerIPs"] = cloudPlatformIngressLoadBalancerIPs
tmpl, err := template.New(path).Funcs(funcs).Parse(string(b))
if err != nil {
return nil, fmt.Errorf("failed to parse template %s: %w", path, err)
}
if config.Constants == nil {
config.Constants = constants.ConstantsByName
}
buf := new(bytes.Buffer)
if err := tmpl.Execute(buf, config); err != nil {
return nil, fmt.Errorf("failed to execute template: %w", err)
}
return buf.Bytes(), nil
}
var skipKeyValidate = regexp.MustCompile(`^[_a-z]\w*$`)
// Keys labelled with skip ie. {{skip "key"}}, don't need to be templated in now because at Ignition request they will be templated in with query params
func skipMissing(key string) (interface{}, error) {
if !skipKeyValidate.MatchString(key) {
return nil, fmt.Errorf("invalid key for skipKey")
}
return fmt.Sprintf("{{.%s}}", key), nil
}
func cloudProvider(cfg RenderConfig) (interface{}, error) {
if cfg.Infra.Status.PlatformStatus != nil {
if cfg.FeatureGateAccess == nil {
panic("FeatureGateAccess is nil")
}
external, err := cloudprovider.IsCloudProviderExternal(cfg.Infra.Status.PlatformStatus, cfg.FeatureGateAccess)
if err != nil {
klog.Error(err)
} else if external {
return "external", nil
}
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.AWSPlatformType, configv1.AzurePlatformType, configv1.OpenStackPlatformType, configv1.VSpherePlatformType:
return strings.ToLower(string(cfg.Infra.Status.PlatformStatus.Type)), nil
case configv1.GCPPlatformType:
return "gce", nil
default:
return "", nil
}
} else {
return "", nil
}
}
// Process the {{cloudConfigFlag .}}
// If the CloudProviderConfig field is set and not empty, this
// returns the cloud conf flag for kubelet [1] pointing the kubelet to use
// /etc/kubernetes/cloud.conf for configuring the cloud provider for select platforms.
// By default, even if CloudProviderConfig fields is set, the kubelet will be configured to be
// used for select platforms only.
//
// [1]: https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/#options
func cloudConfigFlag(cfg RenderConfig) interface{} {
if cfg.CloudProviderConfig == "" {
return ""
}
if cfg.Infra == nil {
cfg.Infra = &configv1.Infrastructure{
Status: configv1.InfrastructureStatus{},
}
}
if cfg.Infra.Status.PlatformStatus == nil {
cfg.Infra.Status.PlatformStatus = &configv1.PlatformStatus{
Type: "",
}
}
if cfg.FeatureGateAccess == nil {
panic("FeatureGateAccess is nil")
}
external, err := cloudprovider.IsCloudProviderExternal(cfg.Infra.Status.PlatformStatus, cfg.FeatureGateAccess)
if err != nil {
klog.Error(err)
} else if external {
return ""
}
flag := "--cloud-config=/etc/kubernetes/cloud.conf"
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.AWSPlatformType, configv1.AzurePlatformType, configv1.GCPPlatformType, configv1.OpenStackPlatformType, configv1.VSpherePlatformType:
return flag
default:
return ""
}
}
// Process the {{credentialProviderConfigFlag .}}
// On supported platforms, this returns the `--image-credential-provider` flags for Kubelet.
// This will point to the bin dir containing the binaries and the appropriate config for
// the platform.
func credentialProviderConfigFlag(cfg RenderConfig) interface{} {
if cfg.Infra == nil {
cfg.Infra = &configv1.Infrastructure{
Status: configv1.InfrastructureStatus{},
}
}
if cfg.Infra.Status.PlatformStatus == nil {
cfg.Infra.Status.PlatformStatus = &configv1.PlatformStatus{
Type: "",
}
}
credentialProviderBinDirFlag := "--image-credential-provider-bin-dir=/usr/libexec/kubelet-image-credential-provider-plugins"
credentialProviderConfigFlag := "--image-credential-provider-config=/etc/kubernetes/credential-providers/"
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.AWSPlatformType:
return fmt.Sprintf("%s %s%s", credentialProviderBinDirFlag, credentialProviderConfigFlag, "ecr-credential-provider.yaml")
default:
return ""
}
}
func onPremPlatformShortName(cfg RenderConfig) interface{} {
if cfg.Infra.Status.PlatformStatus != nil {
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.BareMetalPlatformType:
return "kni"
case configv1.OvirtPlatformType:
return "ovirt"
case configv1.OpenStackPlatformType:
return "openstack"
case configv1.VSpherePlatformType:
return "vsphere"
case configv1.NutanixPlatformType:
return "nutanix"
default:
return ""
}
} else {
return ""
}
}
// This function should be removed in 4.13 when we no longer have to worry
// about upgrades from releases that still use it.
//
//nolint:dupl
func onPremPlatformIngressIP(cfg RenderConfig) (interface{}, error) {
if cfg.Infra.Status.PlatformStatus != nil {
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.BareMetalPlatformType:
return cfg.Infra.Status.PlatformStatus.BareMetal.IngressIPs[0], nil
case configv1.OvirtPlatformType:
return cfg.Infra.Status.PlatformStatus.Ovirt.IngressIPs[0], nil
case configv1.OpenStackPlatformType:
return cfg.Infra.Status.PlatformStatus.OpenStack.IngressIPs[0], nil
case configv1.VSpherePlatformType:
if cfg.Infra.Status.PlatformStatus.VSphere != nil {
if len(cfg.Infra.Status.PlatformStatus.VSphere.IngressIPs) > 0 {
return cfg.Infra.Status.PlatformStatus.VSphere.IngressIPs[0], nil
}
return nil, nil
}
// VSphere UPI doesn't populate VSphere field. So it's not an error,
// and there is also no data
return nil, nil
case configv1.NutanixPlatformType:
return cfg.Infra.Status.PlatformStatus.Nutanix.IngressIPs[0], nil
default:
return nil, fmt.Errorf("invalid platform for Ingress IP")
}
} else {
return nil, fmt.Errorf("")
}
}
//nolint:dupl
func onPremPlatformIngressIPs(cfg RenderConfig) (interface{}, error) {
if cfg.Infra.Status.PlatformStatus != nil {
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.BareMetalPlatformType:
return cfg.Infra.Status.PlatformStatus.BareMetal.IngressIPs, nil
case configv1.OvirtPlatformType:
return cfg.Infra.Status.PlatformStatus.Ovirt.IngressIPs, nil
case configv1.OpenStackPlatformType:
return cfg.Infra.Status.PlatformStatus.OpenStack.IngressIPs, nil
case configv1.VSpherePlatformType:
if cfg.Infra.Status.PlatformStatus.VSphere != nil {
return cfg.Infra.Status.PlatformStatus.VSphere.IngressIPs, nil
}
// VSphere UPI doesn't populate VSphere field. So it's not an error,
// and there is also no data
return []string{}, nil
case configv1.NutanixPlatformType:
return cfg.Infra.Status.PlatformStatus.Nutanix.IngressIPs, nil
default:
return nil, fmt.Errorf("invalid platform for Ingress IP")
}
} else {
return nil, fmt.Errorf("")
}
}
// This function should be removed in 4.13 when we no longer have to worry
// about upgrades from releases that still use it.
//
//nolint:dupl
func onPremPlatformAPIServerInternalIP(cfg RenderConfig) (interface{}, error) {
if cfg.Infra.Status.PlatformStatus != nil {
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.BareMetalPlatformType:
return cfg.Infra.Status.PlatformStatus.BareMetal.APIServerInternalIPs[0], nil
case configv1.OvirtPlatformType:
return cfg.Infra.Status.PlatformStatus.Ovirt.APIServerInternalIPs[0], nil
case configv1.OpenStackPlatformType:
return cfg.Infra.Status.PlatformStatus.OpenStack.APIServerInternalIPs[0], nil
case configv1.VSpherePlatformType:
if cfg.Infra.Status.PlatformStatus.VSphere != nil {
if len(cfg.Infra.Status.PlatformStatus.VSphere.APIServerInternalIPs) > 0 {
return cfg.Infra.Status.PlatformStatus.VSphere.APIServerInternalIPs[0], nil
}
return nil, nil
}
// VSphere UPI doesn't populate VSphere field. So it's not an error,
// and there is also no data
return nil, nil
case configv1.NutanixPlatformType:
return cfg.Infra.Status.PlatformStatus.Nutanix.APIServerInternalIPs[0], nil
default:
return nil, fmt.Errorf("invalid platform for API Server Internal IP")
}
} else {
return nil, fmt.Errorf("")
}
}
//nolint:dupl
func onPremPlatformAPIServerInternalIPs(cfg RenderConfig) (interface{}, error) {
if cfg.Infra.Status.PlatformStatus != nil {
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.BareMetalPlatformType:
return cfg.Infra.Status.PlatformStatus.BareMetal.APIServerInternalIPs, nil
case configv1.OvirtPlatformType:
return cfg.Infra.Status.PlatformStatus.Ovirt.APIServerInternalIPs, nil
case configv1.OpenStackPlatformType:
return cfg.Infra.Status.PlatformStatus.OpenStack.APIServerInternalIPs, nil
case configv1.VSpherePlatformType:
if cfg.Infra.Status.PlatformStatus.VSphere != nil {
return cfg.Infra.Status.PlatformStatus.VSphere.APIServerInternalIPs, nil
}
// VSphere UPI doesn't populate VSphere field. So it's not an error,
// and there is also no data
return []string{}, nil
case configv1.NutanixPlatformType:
return cfg.Infra.Status.PlatformStatus.Nutanix.APIServerInternalIPs, nil
default:
return nil, fmt.Errorf("invalid platform for API Server Internal IP")
}
} else {
return nil, fmt.Errorf("")
}
}
// existsDir returns true if path exists and is a directory, false if the path
// does not exist, and error if there is a runtime error or the path is not a directory
func existsDir(path string) (bool, error) {
info, err := os.Stat(path)
if err != nil {
if os.IsNotExist(err) {
return false, nil
}
return false, fmt.Errorf("failed to open dir %q: %w", path, err)
}
if !info.IsDir() {
return false, fmt.Errorf("expected template directory, %q is not a directory", path)
}
return true, nil
}
func onPremPlatform(platformString configv1.PlatformType) bool {
switch platformString {
case configv1.BareMetalPlatformType, configv1.OvirtPlatformType, configv1.OpenStackPlatformType, configv1.VSpherePlatformType, configv1.NutanixPlatformType:
return true
default:
return false
}
}
// urlHost is a template function that returns the hostname of a url (without the port)
func urlHost(u string) (interface{}, error) {
parsed, err := url.Parse(u)
if err != nil {
return nil, fmt.Errorf("invalid url: %w", err)
}
return parsed.Hostname(), nil
}
// urlPort is a template function that returns the port of a url, with defaults
// provided if necessary.
func urlPort(u string) (interface{}, error) {
parsed, err := url.Parse(u)
if err != nil {
return nil, fmt.Errorf("invalid url: %w", err)
}
port := parsed.Port()
if port != "" {
return port, nil
}
// default port
switch parsed.Scheme {
case "https":
return "443", nil
case "http":
return "80", nil
default:
return "", fmt.Errorf("unknown scheme in %s", u)
}
}
func isOpenShiftManagedDefaultLB(cfg RenderConfig) bool {
if cfg.Infra.Status.PlatformStatus != nil {
lbType := configv1.LoadBalancerTypeOpenShiftManagedDefault
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.BareMetalPlatformType:
if cfg.Infra.Status.PlatformStatus.BareMetal != nil {
if cfg.Infra.Status.PlatformStatus.BareMetal.LoadBalancer != nil {
lbType = cfg.Infra.Status.PlatformStatus.BareMetal.LoadBalancer.Type
}
return lbType == configv1.LoadBalancerTypeOpenShiftManagedDefault
}
case configv1.OvirtPlatformType:
if cfg.Infra.Status.PlatformStatus.Ovirt != nil {
if cfg.Infra.Status.PlatformStatus.Ovirt.LoadBalancer != nil {
lbType = cfg.Infra.Status.PlatformStatus.Ovirt.LoadBalancer.Type
}
return lbType == configv1.LoadBalancerTypeOpenShiftManagedDefault
}
case configv1.OpenStackPlatformType:
if cfg.Infra.Status.PlatformStatus.OpenStack != nil {
if cfg.Infra.Status.PlatformStatus.OpenStack.LoadBalancer != nil {
lbType = cfg.Infra.Status.PlatformStatus.OpenStack.LoadBalancer.Type
}
return lbType == configv1.LoadBalancerTypeOpenShiftManagedDefault
}
case configv1.VSpherePlatformType:
if cfg.Infra.Status.PlatformStatus.VSphere != nil {
// vSphere allows to use a user managed load balancer by not setting the VIPs in PlatformStatus.
// We will maintain backward compatibility by checking if the VIPs are not set, we will
// not deploy HAproxy, Keepalived and CoreDNS.
if len(cfg.Infra.Status.PlatformStatus.VSphere.APIServerInternalIPs) == 0 {
return false
}
if cfg.Infra.Status.PlatformStatus.VSphere.LoadBalancer != nil {
lbType = cfg.Infra.Status.PlatformStatus.VSphere.LoadBalancer.Type
}
return lbType == configv1.LoadBalancerTypeOpenShiftManagedDefault
}
klog.Info("VSphere UPI doesn't populate VSphere PlatformStatus field. In that case we should return false")
return false
case configv1.NutanixPlatformType:
if cfg.Infra.Status.PlatformStatus.Nutanix != nil {
if cfg.Infra.Status.PlatformStatus.Nutanix.LoadBalancer != nil {
lbType = cfg.Infra.Status.PlatformStatus.Nutanix.LoadBalancer.Type
}
return lbType == configv1.LoadBalancerTypeOpenShiftManagedDefault
}
default:
// If a new on-prem platform is newly supported, the default value of LoadBalancerType is internal.
return true
}
}
return false
}
// cloudPlatformAPIIntLoadBalancerIPs provides the API-Int Server IPs for
// supported cloud platforms when the DNSType is set to `ClusterHosted`.
func cloudPlatformAPIIntLoadBalancerIPs(cfg RenderConfig) (interface{}, error) {
if cfg.Infra.Status.PlatformStatus != nil {
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.GCPPlatformType:
switch cloudPlatformLoadBalancerIPState(cfg) {
case availableLBIPState:
return cfg.Infra.Status.PlatformStatus.GCP.CloudLoadBalancerConfig.ClusterHosted.APIIntLoadBalancerIPs, nil
case absentLBIPState:
return nil, fmt.Errorf("GCP API Server IPs unavailable when the DNSType is ClusterHosted")
default:
return nil, fmt.Errorf("")
}
default:
return nil, fmt.Errorf("invalid cloud platform for API Server Internal IPs")
}
} else {
return nil, fmt.Errorf("")
}
}
// cloudPlatformAPILoadBalancerIPs provides the API Server IPs for supported
// cloud platforms when the DNSType is set to `ClusterHosted`.
func cloudPlatformAPILoadBalancerIPs(cfg RenderConfig) (interface{}, error) {
if cfg.Infra.Status.PlatformStatus != nil {
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.GCPPlatformType:
switch cloudPlatformLoadBalancerIPState(cfg) {
case availableLBIPState:
return cfg.Infra.Status.PlatformStatus.GCP.CloudLoadBalancerConfig.ClusterHosted.APILoadBalancerIPs, nil
case absentLBIPState:
return nil, fmt.Errorf("GCP API Server IPs unavailable when the DNSType is ClusterHosted")
default:
return nil, fmt.Errorf("")
}
default:
return nil, fmt.Errorf("invalid cloud platform for API Server IPs")
}
} else {
return nil, fmt.Errorf("")
}
}
// cloudPlatformIngressLoadBalancerIPs provides the Ingress IPs for supported
// cloud platforms when the DNSType is set to `ClusterHosted`.
func cloudPlatformIngressLoadBalancerIPs(cfg RenderConfig) (interface{}, error) {
if cfg.Infra.Status.PlatformStatus != nil {
switch cfg.Infra.Status.PlatformStatus.Type {
case configv1.GCPPlatformType:
switch cloudPlatformLoadBalancerIPState(cfg) {
case availableLBIPState:
return cfg.Infra.Status.PlatformStatus.GCP.CloudLoadBalancerConfig.ClusterHosted.IngressLoadBalancerIPs, nil
case absentLBIPState:
return nil, fmt.Errorf("GCP Ingress IPs unavailable when the DNSType is ClusterHosted")
default:
return nil, fmt.Errorf("")
}
default:
return nil, fmt.Errorf("invalid cloud platform for Ingress LoadBalancer IPs")
}
} else {
return nil, fmt.Errorf("")
}
}
// cloudPlatformLoadBalancerIPState is a helper function that determines if
// LoadBalancer config has been set.
func cloudPlatformLoadBalancerIPState(cfg RenderConfig) LoadBalancerIPState {
lbIPState := defaultLBIPState
if cfg.Infra.Status.PlatformStatus != nil {
if cfg.Infra.Status.PlatformStatus.Type == configv1.GCPPlatformType {
// If DNSType is set to `ClusterHosted`, we expect the Load Balancer IP addresses to be set.
// If absent, that is exoected to be temporary.
if cfg.Infra.Status.PlatformStatus.GCP != nil && cfg.Infra.Status.PlatformStatus.GCP.CloudLoadBalancerConfig != nil && cfg.Infra.Status.PlatformStatus.GCP.CloudLoadBalancerConfig.DNSType == configv1.ClusterHostedDNSType {
if cfg.Infra.Status.PlatformStatus.GCP.CloudLoadBalancerConfig.ClusterHosted != nil {
lbIPState = availableLBIPState
} else {
lbIPState = absentLBIPState
}
}
}
}
return lbIPState
}