/
microvmcluster_types.go
135 lines (119 loc) · 5.31 KB
/
microvmcluster_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
// Copyright 2021 Weaveworks or its affiliates. All Rights Reserved.
// SPDX-License-Identifier: MPL-2.0
package v1alpha1
import (
flclient "github.com/weaveworks-liquidmetal/controller-pkg/client"
"github.com/weaveworks-liquidmetal/controller-pkg/types/microvm"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
)
// MicrovmClusterSpec defines the desired state of MicrovmCluster.
type MicrovmClusterSpec struct {
// ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.
//
// See https://cluster-api.sigs.k8s.io/developer/architecture/controllers/cluster.html
// for more details.
//
// +optional
ControlPlaneEndpoint clusterv1.APIEndpoint `json:"controlPlaneEndpoint"`
// SSHPublicKeys is a list of SSHPublicKeys and their associated users.
// If specified these keys will be applied to all machine created unless you
// specify different keys at the machine level.
// +optional
SSHPublicKeys []microvm.SSHPublicKey `json:"sshPublicKeys,omitempty"`
// Placement specifies how machines for the cluster should be placed onto hosts (i.e. where the microvms are created).
// +kubebuilder:validation:Required
Placement Placement `json:"placement"`
// MicrovmProxy is the proxy server details to use when calling the microvm service. This is an
// alteranative to using the http proxy environment variables and applied purely to the grpc service.
MicrovmProxy *flclient.Proxy `json:"microvmProxy,omitempty"`
// mTLS Configuration:
//
// It is recommended that each flintlock host is configured with its own cert
// signed by a common CA, and set to use mTLS.
// The CAPMVM client should be provided with the CA, and a client cert and key
// signed by that CA.
// TLSSecretRef is a reference to the name of a secret which contains TLS cert information
// for connecting to Flintlock hosts.
// The secret should be created in the same namespace as the MicroVMCluster.
// The secret should be of type Opaque
// with the addition of a ca.crt key.
//
// apiVersion: v1
// kind: Secret
// metadata:
// name: secret-tls
// namespace: default <- same as Cluster
// type: Opaque
// data:
// tls.crt: |
// -----BEGIN CERTIFICATE-----
// MIIC2DCCAcCgAwIBAgIBATANBgkqh ...
// -----END CERTIFICATE-----
// tls.key: |
// -----BEGIN EC PRIVATE KEY-----
// MIIEpgIBAAKCAQEA7yn3bRHQ5FHMQ ...
// -----END EC PRIVATE KEY-----
// ca.crt: |
// -----BEGIN CERTIFICATE-----
// MIIEpgIBAAKCAQEA7yn3bRHQ5FHMQ ...
// -----END CERTIFICATE-----
// +optional
TLSSecretRef string `json:"tlsSecretRef,omitempty"`
}
type SSHPublicKey struct {
// User is the name of the user to add keys for (eg root, ubuntu).
// +kubebuilder:validation:Required
User string `json:"user,omitempty"`
// AuthorizedKeys is a list of public keys to add to the user
// +kubebuilder:validation:Required
AuthorizedKeys []string `json:"authorizedKeys,omitempty"`
}
// MicrovmClusterStatus defines the observed state of MicrovmCluster.
type MicrovmClusterStatus struct {
// Ready indicates that the cluster is ready.
// +optional
// +kubebuilder:default=false
Ready bool `json:"ready"`
// Conditions defines current service state of the MicrovmCluster.
// +optional
Conditions clusterv1.Conditions `json:"conditions,omitempty"`
// FailureDomains is a list of the failure domains that CAPI should spread the machines across. For
// the CAPMVM provider this equates to host machines that can run microvms using Flintlock.
FailureDomains clusterv1.FailureDomains `json:"failureDomains,omitempty"`
}
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:storageversion
// +kubebuilder:resource:path=microvmclusters,scope=Namespaced,categories=cluster-api,shortName=mvmc
// +kubebuilder:printcolumn:name="Cluster",type="string",JSONPath=".metadata.labels.cluster\\.x-k8s\\.io/cluster-name",description="Cluster to which this MicrovmCluster belongs"
// +kubebuilder:printcolumn:name="Ready",type="string",JSONPath=".status.ready",description="Cluster infrastructure is ready"
// +kubebuilder:printcolumn:name="ControlPlaneEndpoint",type="string",JSONPath=".spec.controlPlaneEndpoint[0]",description="API Endpoint",priority=1
// +k8s:defaulter-gen=true
// MicrovmCluster is the Schema for the microvmclusters API.
type MicrovmCluster struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec MicrovmClusterSpec `json:"spec,omitempty"`
Status MicrovmClusterStatus `json:"status,omitempty"`
}
// GetConditions returns the observations of the operational state of the MicrovmCluster resource.
func (r *MicrovmCluster) GetConditions() clusterv1.Conditions {
return r.Status.Conditions
}
// SetConditions sets the underlying service state of the MicrovmCluster to the predescribed clusterv1.Conditions.
func (r *MicrovmCluster) SetConditions(conditions clusterv1.Conditions) {
r.Status.Conditions = conditions
}
//+kubebuilder:object:root=true
// MicrovmClusterList contains a list of MicrovmCluster.
// +k8s:defaulter-gen=true
type MicrovmClusterList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []MicrovmCluster `json:"items"`
}
//nolint:gochecknoinits // Maybe we can remove it, now just ignore.
func init() {
SchemeBuilder.Register(&MicrovmCluster{}, &MicrovmClusterList{})
}