From e6f34c9448ebd09f408d97b426a2c043e8485560 Mon Sep 17 00:00:00 2001
From: jessicaochen <jesschen@google.com>
Date: Fri, 1 Jun 2018 15:13:57 -0700
Subject: [PATCH] Working vsphere clusterctl example (#263)

---
 .gitignore                        |   5 +
 README.md                         |  27 ++
 cluster.yaml.template             |  18 ++
 generate-yaml.sh                  |  63 +++++
 machines.yaml.template            |  57 +++++
 provider-components.yaml.template | 405 ++++++++++++++++++++++++++++++
 6 files changed, 575 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 README.md
 create mode 100644 cluster.yaml.template
 create mode 100755 generate-yaml.sh
 create mode 100644 machines.yaml.template
 create mode 100644 provider-components.yaml.template

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 000000000000..565d6f9dd6b1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+machines.yaml
+cluster.yaml
+provider-components.yaml
+vsphere_tmp
+vsphere_tmp.pub
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 000000000000..f0d3e71ccac2
--- /dev/null
+++ b/README.md
@@ -0,0 +1,27 @@
+# Vsphere Example Files
+## Contents
+* *.yaml files - concrete example files that can be used as is.
+* *.yaml.template files - template example files that need values filled in before use.
+
+## Generation
+For convenience, a generation script which populates templates where possible.
+
+1. Run the generation script. This wil produce ```provider-components.yaml```
+```
+./generate-yaml.sh
+```
+2. Copy machines.yaml.template to machines.yaml and
+Manually edit ```terraformVariables``` for machines in machines.yaml
+```
+cp machines.yaml.template machines.yaml
+```
+
+3. Copy cluster.yaml.template to cluster.yaml and
+Manually edit ```providerConfig``` for the cluster in cluster.yaml
+```
+cp cluster.yaml.template cluster.yaml
+```
+
+## Manual Modification
+You may always manually curate files based on the examples provided.
+
diff --git a/cluster.yaml.template b/cluster.yaml.template
new file mode 100644
index 000000000000..ec613c2baddb
--- /dev/null
+++ b/cluster.yaml.template
@@ -0,0 +1,18 @@
+apiVersion: "cluster.k8s.io/v1alpha1"
+kind: Cluster
+metadata:
+  name: test1
+spec:
+    clusterNetwork:
+        services:
+            cidrBlocks: ["10.96.0.0/12"]
+        pods:
+            cidrBlocks: ["192.168.0.0/16"]
+        serviceDomain: "cluster.local"
+    providerConfig:
+      value:
+        apiVersion: "vsphereproviderconfig/v1alpha1"
+        kind: "VsphereClusterProviderConfig"
+        vsphereUser: ""
+        vspherePassword: ""
+        vsphereServer: ""
\ No newline at end of file
diff --git a/generate-yaml.sh b/generate-yaml.sh
new file mode 100755
index 000000000000..fc8edc9ac629
--- /dev/null
+++ b/generate-yaml.sh
@@ -0,0 +1,63 @@
+#!/bin/sh
+set -e
+
+PROVIDERCOMPONENT_TEMPLATE_FILE=provider-components.yaml.template
+PROVIDERCOMPONENT_GENERATED_FILE=provider-components.yaml
+
+MACHINE_CONTROLLER_SSH_PUBLIC_FILE=vsphere_tmp.pub
+MACHINE_CONTROLLER_SSH_PUBLIC=
+MACHINE_CONTROLLER_SSH_PRIVATE_FILE=vsphere_tmp
+MACHINE_CONTROLLER_SSH_PRIVATE=
+MACHINE_CONTROLLER_SSH_HOME=~/.ssh/
+
+OVERWRITE=0
+
+SCRIPT=$(basename $0)
+while test $# -gt 0; do
+        case "$1" in
+          -h|--help)
+            echo "$SCRIPT - generates input yaml files for Cluster API on vSphere"
+            echo " "
+            echo "$SCRIPT [options]"
+            echo " "
+            echo "options:"
+            echo "-h, --help                show brief help"
+            echo "-f, --force-overwrite     if file to be generated already exists, force script to overwrite it"
+            exit 0
+            ;;
+          -f)
+            OVERWRITE=1
+            shift
+            ;;
+          --force-overwrite)
+            OVERWRITE=1
+            shift
+            ;;
+          *)
+            break
+            ;;
+        esac
+done
+
+if [ $OVERWRITE -ne 1 ] && [ -f $PROVIDERCOMPONENT_GENERATED_FILE ]; then
+  echo File $PROVIDERCOMPONENT_GENERATED_FILE already exists. Delete it manually before running this script.
+  exit 1
+fi
+
+if [ ! -f $MACHINE_CONTROLLER_SSH_PRIVATE_FILE ]; then
+  echo Generate SSH key files fo machine controller
+  ssh-keygen -t rsa -f $MACHINE_CONTROLLER_SSH_PRIVATE_FILE  -N ""
+fi
+
+# Copy file to home ssh directory till using vsphere GetIP logic that
+# does not assume the file at this location
+cp $MACHINE_CONTROLLER_SSH_PUBLIC_FILE $MACHINE_CONTROLLER_SSH_HOME
+cp $MACHINE_CONTROLLER_SSH_PRIVATE_FILE $MACHINE_CONTROLLER_SSH_HOME
+
+MACHINE_CONTROLLER_SSH_PUBLIC=$(cat $MACHINE_CONTROLLER_SSH_PUBLIC_FILE|base64 -w0)
+MACHINE_CONTROLLER_SSH_PRIVATE=$(cat $MACHINE_CONTROLLER_SSH_PRIVATE_FILE|base64 -w0)
+
+cat $PROVIDERCOMPONENT_TEMPLATE_FILE \
+  | sed -e "s/\$MACHINE_CONTROLLER_SSH_PUBLIC/$MACHINE_CONTROLLER_SSH_PUBLIC/" \
+  | sed -e "s/\$MACHINE_CONTROLLER_SSH_PRIVATE/$MACHINE_CONTROLLER_SSH_PRIVATE/" \
+  > $PROVIDERCOMPONENT_GENERATED_FILE
\ No newline at end of file
diff --git a/machines.yaml.template b/machines.yaml.template
new file mode 100644
index 000000000000..4e19396c693a
--- /dev/null
+++ b/machines.yaml.template
@@ -0,0 +1,57 @@
+items:
+- apiVersion: "cluster.k8s.io/v1alpha1"
+  kind: Machine
+  metadata:
+    generateName: tf-master-
+    labels:
+      set: master
+  spec:
+    providerConfig:
+      value:
+        apiVersion: "vsphereproviderconfig/v1alpha1"
+        kind: "VsphereMachineProviderConfig"
+        vsphereMachine: "standard-master"
+        terraformVariables: [
+          "datacenter = \"\"",
+          "datastore = \"\"",
+          "resource_pool = \"\"",
+          "network = \"\"",
+          "num_cpus = \"2\"",
+          "memory = \"2048\"",
+          "vm_template = \"\"",
+          "disk_label = \"\"",
+          "disk_size = \"\"",
+          "virtual_machine_domain = \"\"",
+		]
+    versions:
+      kubelet: 1.10.1
+      controlPlane: 1.10.1
+    roles:
+    - Master
+- apiVersion: "cluster.k8s.io/v1alpha1"
+  kind: Machine
+  metadata:
+    generateName: tf-node-
+  spec:
+    providerConfig:
+      value:
+        apiVersion: "vsphereproviderconfig/v1alpha1"
+        kind: "VsphereMachineProviderConfig"
+        vsphereMachine: "standard-node"
+        terraformVariables: [
+          "datacenter = \"\"",
+          "datastore = \"\"",
+          "resource_pool = \"\"",
+          "network = \"\"",
+          "num_cpus = \"2\"",
+          "memory = \"2048\"",
+          "vm_template = \"\"",
+          "disk_label = \"\"",
+          "disk_size = \"\"",
+          "virtual_machine_domain = \"\"",
+	    ]
+    versions:
+      kubelet: 1.10.1
+      controlPlane: 1.10.1
+    roles:
+    - Node
\ No newline at end of file
diff --git a/provider-components.yaml.template b/provider-components.yaml.template
new file mode 100644
index 000000000000..ce5d7ac4c5d1
--- /dev/null
+++ b/provider-components.yaml.template
@@ -0,0 +1,405 @@
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: clusterapi-controllers
+  namespace: default
+  labels:
+    api: clusterapi
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        api: clusterapi
+    spec:
+      nodeSelector:
+        node-role.kubernetes.io/master: ""
+      tolerations:
+      - effect: NoSchedule
+        key: node-role.kubernetes.io/master
+      - key: CriticalAddonsOnly
+        operator: Exists
+      - effect: NoExecute
+        key: node.alpha.kubernetes.io/notReady
+        operator: Exists
+      - effect: NoExecute
+        key: node.alpha.kubernetes.io/unreachable
+        operator: Exists
+      containers:
+      - name: controller-manager
+        image: gcr.io/k8s-cluster-api/controller-manager:0.0.5
+        volumeMounts:
+          - name: config
+            mountPath: /etc/kubernetes
+          - name: certs
+            mountPath: /etc/ssl/certs
+        command:
+        - "./controller-manager"
+        args:
+        - --kubeconfig=/etc/kubernetes/admin.conf
+        resources:
+          requests:
+            cpu: 100m
+            memory: 20Mi
+          limits:
+            cpu: 100m
+            memory: 30Mi
+      - name: vsphere-machine-controller
+        image: gcr.io/k8s-cluster-api/vsphere-machine-controller:0.0.3
+        volumeMounts:
+          - name: config
+            mountPath: /etc/kubernetes
+          - name: certs
+            mountPath: /etc/ssl/certs
+          - name: machines-stage
+            mountPath: /tmp/cluster-api/machines
+          - name: sshkeys
+            mountPath: /root/.ssh/vsphere_tmp
+            subPath: vsphere_tmp
+          - name: sshkeys
+            mountPath: /root/.ssh/vsphere_tmp.pub
+            subPath: vsphere_tmp.pub
+          - name: named-machines
+            mountPath: /etc/named-machines
+        command:
+        - "./vsphere-machine-controller"
+        args:
+        - --kubeconfig=/etc/kubernetes/admin.conf
+        # Hardedcoded token can be removed as part of https://github.com/kubernetes-sigs/cluster-api/issues/159
+        - --token=e6uqfr.5zkanzwfdclsbn7p
+        - --namedmachines=/etc/named-machines/vsphere_named_machines.yaml
+        resources:
+          requests:
+            cpu: 200m
+            memory: 200Mi
+          limits:
+            cpu: 400m
+            memory: 500Mi
+      volumes:
+      - name: config
+        hostPath:
+          path: /etc/kubernetes
+      - name: certs
+        hostPath:
+          path: /etc/ssl/certs
+      - name: machines-stage
+        emptyDir: {}
+      - name: sshkeys
+        secret:
+          secretName: sshkeys
+      - name: named-machines
+        configMap:
+          name: named-machines
+---
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: sshkeys
+  namespace: default
+data:
+  vsphere_tmp: $MACHINE_CONTROLLER_SSH_PRIVATE
+  vsphere_tmp.pub: $MACHINE_CONTROLLER_SSH_PUBLIC
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: named-machines
+data:
+  vsphere_named_machines.yaml: |-
+    items:
+    - machineName: standard-master
+      machineHcl: |
+        variable "vsphere_user" {}
+        variable "vsphere_password" {}
+        variable "vsphere_server" {}
+
+        variable "datacenter" {}
+        variable "datastore" {}
+        variable "resource_pool" {}
+        variable "num_cpus" {}
+        variable "memory" {}
+        variable "vm_template" {}
+        variable "network" { default = "VM Network"}
+        variable "disk_label" { default = "disk0" }
+        variable "disk_size" { default = 10}
+
+        variable "vm_name" {
+          type = "string"
+        }
+
+        provider "vsphere" {
+          version        = "~> 1.5.0"
+          user           = "${var.vsphere_user}"
+          password       = "${var.vsphere_password}"
+          vsphere_server = "${var.vsphere_server}"
+
+          # if you have a self-signed cert
+          allow_unverified_ssl = true
+        }
+
+        provider "template" {
+         version = "~> 1.0.0"
+        }
+
+        data "vsphere_datacenter" "dc" {
+          name = "${var.datacenter}"
+        }
+
+        data "vsphere_datastore" "datastore" {
+          name          = "${var.datastore}"
+          datacenter_id = "${data.vsphere_datacenter.dc.id}"
+        }
+
+        data "vsphere_resource_pool" "pool" {
+          name          = "${var.resource_pool}"
+          datacenter_id = "${data.vsphere_datacenter.dc.id}"
+        }
+
+        data "vsphere_network" "network" {
+          name          = "${var.network}"
+          datacenter_id = "${data.vsphere_datacenter.dc.id}"
+        }
+
+        data "vsphere_virtual_machine" "template" {
+          name          = "${var.vm_template}"
+          datacenter_id = "${data.vsphere_datacenter.dc.id}"
+        }
+
+        data "template_file" "cloud_provider_config" {
+          template = <<EOF
+        [Global]
+        datacenters = "$${datacenter}"
+        insecure-flag = "1" #set to 1 if the vCenter uses a self-signed cert
+
+        [VirtualCenter "$${vsphere_server}"]
+                user = "$${user}"
+                password = "$${password}"
+
+        [Workspace]
+                server = "$${vsphere_server}"
+                datacenter = "$${datacenter}"
+                folder = "$${resource_pool}"
+                default-datastore = "$${datastore}"
+                resourcepool-path = "$${resource_pool}"
+
+        [Disk]
+                scsicontrollertype = pvscsi
+
+        [Network]
+                public-network = "$${network}"
+        EOF
+          vars {
+            vsphere_server = "${var.vsphere_server}"
+            datacenter     = "${var.datacenter}"
+            user           = "${var.vsphere_user}"
+            password       = "${var.vsphere_password}"
+            datastore      = "${var.datastore}"
+            resource_pool  = "${var.resource_pool}"
+            network        = "${var.network}"
+          }
+        }
+
+        data "template_file" "user_data" {
+          template = <<EOF
+        #cloud-config
+        write_files:
+          - path: /tmp/master.sh
+            permissions: '0755'
+            encoding: base64
+            content: |
+              $${startup_script}
+          - path: /etc/kubernetes/cloud-config/cloud-config.yaml
+            permissions: '0600'
+            encoding: base64
+            content: |
+              $${cloud_provider_config}
+        runcmd:
+          - /tmp/master.sh
+        EOF
+          vars {
+            startup_script = "${base64encode(file("/tmp/machine-startup.sh"))}"
+            cloud_provider_config = "${base64encode(data.template_file.cloud_provider_config.rendered)}"
+          }
+        }
+
+        resource "vsphere_virtual_machine" "master" {
+          name             = "${var.vm_name}"
+          resource_pool_id = "${data.vsphere_resource_pool.pool.id}"
+          datastore_id     = "${data.vsphere_datastore.datastore.id}"
+
+          num_cpus         = "${var.num_cpus}"
+          memory           = "${var.memory}"
+          guest_id         = "${data.vsphere_virtual_machine.template.guest_id}"
+          enable_disk_uuid = "true"
+
+          scsi_type = "${data.vsphere_virtual_machine.template.scsi_type}"
+
+          network_interface {
+            network_id   = "${data.vsphere_network.network.id}"
+            adapter_type = "${data.vsphere_virtual_machine.template.network_interface_types[0]}"
+          }
+
+          disk {
+            label            = "${var.disk_label}"
+            size             = "${max(var.disk_size, data.vsphere_virtual_machine.template.disks.0.size)}"
+            eagerly_scrub    = "${data.vsphere_virtual_machine.template.disks.0.eagerly_scrub}"
+            thin_provisioned = "${data.vsphere_virtual_machine.template.disks.0.thin_provisioned}"
+          }
+
+          clone {
+            template_uuid = "${data.vsphere_virtual_machine.template.id}"
+          }
+
+          cdrom {
+            client_device = true
+          }
+
+         // Copy the private key over so the controller is able to ssh into the nodes.
+         provisioner "file" {
+           source      = "~/.ssh/vsphere_tmp"
+           destination = "~/.ssh/id_rsa"
+
+           connection {
+             type        = "ssh"
+             private_key = "${file("~/.ssh/vsphere_tmp")}"
+             user        = "ubuntu"
+             agent       = false
+           }
+         }
+
+          vapp {
+            properties {
+              hostname = "${var.vm_name}"
+              "user-data" = "${base64encode(data.template_file.user_data.rendered)}"
+              "public-keys" = "${file("~/.ssh/vsphere_tmp.pub")}"
+            }
+          }
+        }
+
+        output "ip_address" {
+          value = "${vsphere_virtual_machine.master.default_ip_address}"
+        }
+    - machineName: standard-node
+      machineHcl: |
+        variable "vsphere_user" {}
+        variable "vsphere_password" {}
+        variable "vsphere_server" {}
+
+        variable "datacenter" {}
+        variable "datastore" {}
+        variable "resource_pool" {}
+        variable "num_cpus" {}
+        variable "memory" {}
+        variable "vm_template" {}
+        variable "network" { default = "VM Network"}
+        variable "disk_label" { default = "disk0" }
+        variable "disk_size" { default = 10}
+
+        variable "vm_name" {
+          type = "string"
+        }
+
+        provider "vsphere" {
+          version        = "~> 1.5.0"
+          user           = "${var.vsphere_user}"
+          password       = "${var.vsphere_password}"
+          vsphere_server = "${var.vsphere_server}"
+
+          # if you have a self-signed cert
+          allow_unverified_ssl = true
+        }
+
+        provider "template" {
+         version = "~> 1.0.0"
+        }
+
+        data "vsphere_datacenter" "dc" {
+          name = "${var.datacenter}"
+        }
+
+        data "vsphere_datastore" "datastore" {
+          name          = "${var.datastore}"
+          datacenter_id = "${data.vsphere_datacenter.dc.id}"
+        }
+
+        data "vsphere_resource_pool" "pool" {
+          name          = "${var.resource_pool}"
+          datacenter_id = "${data.vsphere_datacenter.dc.id}"
+        }
+
+        data "vsphere_network" "network" {
+          name          = "${var.network}"
+          datacenter_id = "${data.vsphere_datacenter.dc.id}"
+        }
+
+        data "vsphere_virtual_machine" "template" {
+          name          = "${var.vm_template}"
+          datacenter_id = "${data.vsphere_datacenter.dc.id}"
+        }
+
+        // Generate cloud-config for VM startup
+        data "template_file" "user_data" {
+          template = <<EOF
+        #cloud-config
+        write_files:
+          - content: |
+              $${startup_script}
+            path: /tmp/node.sh
+            permissions: '0755'
+        runcmd:
+          - /tmp/node.sh
+        EOF
+          vars {
+            startup_script = "${indent(6, file("/tmp/machine-startup.sh"))}"
+          }
+        }
+
+        resource "vsphere_virtual_machine" "node" {
+          name             = "${var.vm_name}"
+          resource_pool_id = "${data.vsphere_resource_pool.pool.id}"
+          datastore_id     = "${data.vsphere_datastore.datastore.id}"
+
+          num_cpus         = "${var.num_cpus}"
+          memory           = "${var.memory}"
+          guest_id         = "${data.vsphere_virtual_machine.template.guest_id}"
+          enable_disk_uuid = "true"
+
+          scsi_type = "${data.vsphere_virtual_machine.template.scsi_type}"
+
+          network_interface {
+            network_id   = "${data.vsphere_network.network.id}"
+            adapter_type = "${data.vsphere_virtual_machine.template.network_interface_types[0]}"
+          }
+
+          disk {
+            label            = "${var.disk_label}"
+            size             = "${max(var.disk_size, data.vsphere_virtual_machine.template.disks.0.size)}"
+            eagerly_scrub    = "${data.vsphere_virtual_machine.template.disks.0.eagerly_scrub}"
+            thin_provisioned = "${data.vsphere_virtual_machine.template.disks.0.thin_provisioned}"
+          }
+
+          clone {
+            template_uuid = "${data.vsphere_virtual_machine.template.id}"
+          }
+
+          cdrom {
+            client_device = true
+          }
+
+          // These properties are defined in the Ubuntu cloud image OVA.
+          vapp {
+            properties {
+              hostname = "${var.vm_name}"
+              // This data has to be base64 encoded because OVF uses XML, and this
+              // has to be a valid XML attribute. Cloud-init on the other side will
+              // base64decode it.
+              "user-data" = "${base64encode(data.template_file.user_data.rendered)}"
+              "public-keys" = "${file("~/.ssh/vsphere_tmp.pub")}"
+            }
+          }
+        }
+
+        output "ip_address" {
+          value = "${vsphere_virtual_machine.node.default_ip_address}"
+        }