diff --git a/cmd/kubenest/operator/app/options/options.go b/cmd/kubenest/operator/app/options/options.go index 0a587b3e7..14fba1837 100644 --- a/cmd/kubenest/operator/app/options/options.go +++ b/cmd/kubenest/operator/app/options/options.go @@ -24,9 +24,10 @@ type KubernetesOptions struct { } type KubeNestOptions struct { - ForceDestroy bool - AnpMode string - AdmissionPlugins bool + ForceDestroy bool + AnpMode string + AdmissionPlugins bool + ApiServerReplicas int } func NewOptions() *Options { @@ -57,4 +58,5 @@ func (o *Options) AddFlags(flags *pflag.FlagSet) { flags.BoolVar(&o.KubeNestOptions.ForceDestroy, "kube-nest-force-destroy", false, "Force destroy the node.If it set true.If set to true, Kubernetes will not evict the existing nodes on the node when joining nodes to the tenant's control plane, but will instead force destroy.") flags.StringVar(&o.KubeNestOptions.AnpMode, "kube-nest-anp-mode", "tcp", "kube-apiserver network proxy mode, must be set to tcp or uds. uds mode the replicas for apiserver should be one, and tcp for multi apiserver replicas.") flags.BoolVar(&o.KubeNestOptions.AdmissionPlugins, "kube-nest-admission-plugins", false, "kube-apiserver network disable-admission-plugins, false for - --disable-admission-plugins=License, true for remove the --disable-admission-plugins=License flag .") + flags.IntVar(&o.KubeNestOptions.ApiServerReplicas, "kube-nest-apiserver-replicas", 2, "virtual-cluster kube-apiserver replicas. default is 2.") } diff --git a/pkg/kubenest/constants/constant.go b/pkg/kubenest/constants/constant.go index 49267f16e..ab9eab563 100644 --- a/pkg/kubenest/constants/constant.go +++ b/pkg/kubenest/constants/constant.go @@ -42,7 +42,6 @@ const ( //controlplane apiserver ApiServer = "apiserver" ApiServerAnp = "apiserver-anp" - ApiServerReplicas = 1 ApiServerServiceSubnet = "10.237.6.0/18" ApiServerEtcdListenClientPort = 2379 ApiServerServiceType = "NodePort" diff --git a/pkg/kubenest/controlplane/apiserver.go b/pkg/kubenest/controlplane/apiserver.go index 396d5f20d..56165bfea 100644 --- a/pkg/kubenest/controlplane/apiserver.go +++ b/pkg/kubenest/controlplane/apiserver.go @@ -39,7 +39,7 @@ func installAPIServer(client clientset.Interface, name, namespace string, portMa apiserverDeploymentBytes, err := util.ParseTemplate(apiserver.ApiserverDeployment, struct { DeploymentName, Namespace, ImageRepository, EtcdClientService, Version string ServiceSubnet, VirtualClusterCertsSecret, EtcdCertsSecret string - Replicas int32 + Replicas int EtcdListenClientPort int32 ClusterPort int32 AdmissionPlugins bool @@ -52,7 +52,7 @@ func installAPIServer(client clientset.Interface, name, namespace string, portMa ServiceSubnet: constants.ApiServerServiceSubnet, VirtualClusterCertsSecret: fmt.Sprintf("%s-%s", name, "cert"), EtcdCertsSecret: fmt.Sprintf("%s-%s", name, "etcd-cert"), - Replicas: constants.ApiServerReplicas, + Replicas: opt.ApiServerReplicas, EtcdListenClientPort: constants.ApiServerEtcdListenClientPort, ClusterPort: portMap[constants.ApiServerPortKey], AdmissionPlugins: opt.AdmissionPlugins, diff --git a/pkg/kubenest/tasks/anp.go b/pkg/kubenest/tasks/anp.go index 4914ac168..dc49bad2f 100644 --- a/pkg/kubenest/tasks/anp.go +++ b/pkg/kubenest/tasks/anp.go @@ -70,19 +70,17 @@ func runAnpServer(r workflow.RunData) error { portMap := data.HostPortMap() // install egress_selector_configuration config map egressSelectorConfig, err := util.ParseTemplate(apiserver.EgressSelectorConfiguration, struct { - Namespace string - Name string - AnpMode string - ProxyServerPort int32 - SvcName string - AdmissionPlugins bool + Namespace string + Name string + AnpMode string + ProxyServerPort int32 + SvcName string }{ - Namespace: namespace, - Name: name, - ProxyServerPort: portMap[constants.ApiServerNetworkProxyServerPortKey], - SvcName: fmt.Sprintf("%s-konnectivity-server.%s.svc.cluster.local", name, namespace), - AnpMode: kubeNestOpt.AnpMode, - AdmissionPlugins: kubeNestOpt.AdmissionPlugins, + Namespace: namespace, + Name: name, + ProxyServerPort: portMap[constants.ApiServerNetworkProxyServerPortKey], + SvcName: fmt.Sprintf("%s-konnectivity-server.%s.svc.cluster.local", name, namespace), + AnpMode: kubeNestOpt.AnpMode, }) if err != nil { return fmt.Errorf("failed to parse egress_selector_configuration config map template, err: %w", err) @@ -159,7 +157,7 @@ func installAnpServer(client clientset.Interface, name, namespace string, portMa apiserverDeploymentBytes, err := util.ParseTemplate(apiserver.ApiserverAnpDeployment, struct { DeploymentName, Namespace, ImageRepository, EtcdClientService, Version string ServiceSubnet, VirtualClusterCertsSecret, EtcdCertsSecret string - Replicas int32 + Replicas int EtcdListenClientPort int32 ClusterPort int32 AgentPort int32 @@ -169,6 +167,7 @@ func installAnpServer(client clientset.Interface, name, namespace string, portMa KubeconfigSecret string Name string AnpMode string + AdmissionPlugins bool }{ DeploymentName: fmt.Sprintf("%s-%s", name, "apiserver"), Namespace: namespace, @@ -178,7 +177,7 @@ func installAnpServer(client clientset.Interface, name, namespace string, portMa ServiceSubnet: constants.ApiServerServiceSubnet, VirtualClusterCertsSecret: fmt.Sprintf("%s-%s", name, "cert"), EtcdCertsSecret: fmt.Sprintf("%s-%s", name, "etcd-cert"), - Replicas: constants.ApiServerReplicas, + Replicas: kubeNestOpt.ApiServerReplicas, EtcdListenClientPort: constants.ApiServerEtcdListenClientPort, ClusterPort: portMap[constants.ApiServerPortKey], AgentPort: portMap[constants.ApiServerNetworkProxyAgentPortKey], @@ -188,6 +187,7 @@ func installAnpServer(client clientset.Interface, name, namespace string, portMa KubeconfigSecret: fmt.Sprintf("%s-%s", name, "admin-config-clusterip"), Name: name, AnpMode: kubeNestOpt.AnpMode, + AdmissionPlugins: kubeNestOpt.AdmissionPlugins, }) if err != nil { return fmt.Errorf("error when parsing virtual cluster apiserver deployment template: %w", err)