Merge branch 'rock-branch' of github.com:lilongfeng0902/openyurt into…

… rock-branch
openyurtio · Nov 25, 2023 · ed9bebc · ed9bebc
2 parents 15177bc + 8b9bfb4
commit ed9bebc
Show file tree

Hide file tree

Showing 48 changed files with 341 additions and 396 deletions.
diff --git a/charts/yurt-manager/crds/raven.openyurt.io_gateways.yaml b/charts/yurt-manager/crds/raven.openyurt.io_gateways.yaml
@@ -47,15 +47,11 @@ spec:
                         additionalProperties:
                           type: string
                         type: object
-                      natType:
-                        type: string
                       nodeName:
                         description: NodeName is the Node hosting this endpoint.
                         type: string
                       publicIP:
                         type: string
-                      publicPort:
-                        type: integer
                       underNAT:
                         type: boolean
                     required:
@@ -108,15 +104,11 @@ spec:
                       additionalProperties:
                         type: string
                       type: object
-                    natType:
-                      type: string
                     nodeName:
                       description: NodeName is the Node hosting this endpoint.
                       type: string
                     publicIP:
                       type: string
-                    publicPort:
-                      type: integer
                     underNAT:
                       type: boolean
                   required:

diff --git a/cmd/yurt-manager/app/options/generic.go b/cmd/yurt-manager/app/options/generic.go
@@ -47,8 +47,8 @@ func NewGenericOptions() *GenericOptions {
 				ResourceName:      "yurt-manager",
 				ResourceNamespace: "kube-system",
 			},
-			RestConfigQPS:    30,
-			RestConfigBurst:  50,
+			RestConfigQPS:    50,
+			RestConfigBurst:  100,
 			WorkingNamespace: "kube-system",
 			DisabledWebhooks: []string{},
 		},

diff --git a/hack/lib/common.sh b/hack/lib/common.sh
@@ -69,6 +69,7 @@ project_info() {
     versionSeparator=","
     echo "-X ${PROJECT_INFO_PKG}.separator=${versionSeparator}"
     echo "-X ${PROJECT_INFO_PKG}.maintainingVersions=${maintainingVersions}"
+    echo "-X ${PROJECT_INFO_PKG}.nodePoolLabelKey=${NODEPOOL_LABEL_KEY}"
 }
 
 # get_binary_dir_with_arch generated the binary's directory with GOOS and GOARCH.

diff --git a/hack/lib/init.sh b/hack/lib/init.sh
@@ -28,5 +28,6 @@ LABEL_PREFIX=${LABEL_PREFIX:-openyurt.io}
 GIT_VERSION=${GIT_VERSION:-$(git describe --abbrev=0 --tags)}
 GIT_COMMIT=$(git rev-parse HEAD)
 BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
+NODEPOOL_LABEL_KEY=${NODEPOOL_LABEL_KEY:-apps.openyurt.io/nodepool}
 
 source "${YURT_ROOT}/hack/lib/common.sh"
diff --git a/pkg/apis/apps/well_known_labels_annotations.go b/pkg/apis/apps/well_known_labels_annotations.go
@@ -37,9 +37,7 @@ const (
 // NodePool related labels and annotations
 const (
 	AnnotationPrevAttrs      = "nodepool.openyurt.io/previous-attributes"
-	NodePoolLabel            = "apps.openyurt.io/nodepool"
 	DesiredNodePoolLabel     = "apps.openyurt.io/desired-nodepool"
-	NodePoolTypeLabel        = "nodepool.openyurt.io/type"
 	NodePoolHostNetworkLabel = "nodepool.openyurt.io/hostnetwork"
 	NodePoolChangedEvent     = "NodePoolChanged"
 )
diff --git a/pkg/apis/raven/v1alpha1/gateway_conversion.go b/pkg/apis/raven/v1alpha1/gateway_conversion.go
@@ -49,14 +49,12 @@ func (src *Gateway) ConvertTo(dstRaw conversion.Hub) error {
 	dst.Spec.ProxyConfig.Replicas = 1
 	for _, eps := range src.Spec.Endpoints {
 		dst.Spec.Endpoints = append(dst.Spec.Endpoints, v1beta1.Endpoint{
-			NodeName:   eps.NodeName,
-			PublicIP:   eps.PublicIP,
-			UnderNAT:   eps.UnderNAT,
-			PublicPort: eps.PublicPort,
-			NATType:    eps.NATType,
-			Config:     eps.Config,
-			Type:       v1beta1.Tunnel,
-			Port:       v1beta1.DefaultTunnelServerExposedPort,
+			NodeName: eps.NodeName,
+			PublicIP: eps.PublicIP,
+			UnderNAT: eps.UnderNAT,
+			Config:   eps.Config,
+			Type:     v1beta1.Tunnel,
+			Port:     v1beta1.DefaultTunnelServerExposedPort,
 		})
 	}
 	for _, node := range src.Status.Nodes {
@@ -69,14 +67,12 @@ func (src *Gateway) ConvertTo(dstRaw conversion.Hub) error {
 	if src.Status.ActiveEndpoint != nil {
 		dst.Status.ActiveEndpoints = []*v1beta1.Endpoint{
 			{
-				NodeName:   src.Status.ActiveEndpoint.NodeName,
-				PublicIP:   src.Status.ActiveEndpoint.PublicIP,
-				UnderNAT:   src.Status.ActiveEndpoint.UnderNAT,
-				PublicPort: src.Status.ActiveEndpoint.PublicPort,
-				NATType:    src.Status.ActiveEndpoint.NATType,
-				Config:     src.Status.ActiveEndpoint.Config,
-				Type:       v1beta1.Tunnel,
-				Port:       v1beta1.DefaultTunnelServerExposedPort,
+				NodeName: src.Status.ActiveEndpoint.NodeName,
+				PublicIP: src.Status.ActiveEndpoint.PublicIP,
+				UnderNAT: src.Status.ActiveEndpoint.UnderNAT,
+				Config:   src.Status.ActiveEndpoint.Config,
+				Type:     v1beta1.Tunnel,
+				Port:     v1beta1.DefaultTunnelServerExposedPort,
 			},
 		}
 	}
@@ -95,12 +91,10 @@ func (dst *Gateway) ConvertFrom(srcRaw conversion.Hub) error {
 	dst.Spec.ExposeType = ExposeType(src.Spec.ExposeType)
 	for _, eps := range src.Spec.Endpoints {
 		dst.Spec.Endpoints = append(dst.Spec.Endpoints, Endpoint{
-			NodeName:   eps.NodeName,
-			PublicIP:   eps.PublicIP,
-			UnderNAT:   eps.UnderNAT,
-			PublicPort: eps.PublicPort,
-			NATType:    eps.NATType,
-			Config:     eps.Config,
+			NodeName: eps.NodeName,
+			PublicIP: eps.PublicIP,
+			UnderNAT: eps.UnderNAT,
+			Config:   eps.Config,
 		})
 	}
 	for _, node := range src.Status.Nodes {
@@ -118,12 +112,10 @@ func (dst *Gateway) ConvertFrom(srcRaw conversion.Hub) error {
 		dst.Status.ActiveEndpoint = nil
 	} else {
 		dst.Status.ActiveEndpoint = &Endpoint{
-			NodeName:   src.Status.ActiveEndpoints[0].NodeName,
-			PublicIP:   src.Status.ActiveEndpoints[0].PublicIP,
-			UnderNAT:   src.Status.ActiveEndpoints[0].UnderNAT,
-			PublicPort: src.Status.ActiveEndpoints[0].PublicPort,
-			NATType:    src.Status.ActiveEndpoints[0].NATType,
-			Config:     src.Status.ActiveEndpoints[0].Config,
+			NodeName: src.Status.ActiveEndpoints[0].NodeName,
+			PublicIP: src.Status.ActiveEndpoints[0].PublicIP,
+			UnderNAT: src.Status.ActiveEndpoints[0].UnderNAT,
+			Config:   src.Status.ActiveEndpoints[0].Config,
 		}
 	}
 	klog.Infof("convert from v1beta1 to v1alpha1 for %s", dst.Name)

diff --git a/pkg/apis/raven/v1alpha1/gateway_types.go b/pkg/apis/raven/v1alpha1/gateway_types.go
@@ -59,12 +59,10 @@ type GatewaySpec struct {
 // TODO add priority field?
 type Endpoint struct {
 	// NodeName is the Node hosting this endpoint.
-	NodeName   string            `json:"nodeName"`
-	UnderNAT   bool              `json:"underNAT,omitempty"`
-	NATType    string            `json:"natType,omitempty"`
-	PublicIP   string            `json:"publicIP,omitempty"`
-	PublicPort int               `json:"publicPort,omitempty"`
-	Config     map[string]string `json:"config,omitempty"`
+	NodeName string            `json:"nodeName"`
+	UnderNAT bool              `json:"underNAT,omitempty"`
+	PublicIP string            `json:"publicIP,omitempty"`
+	Config   map[string]string `json:"config,omitempty"`
 }
 
 // NodeInfo stores information of node managed by Gateway.

diff --git a/pkg/projectinfo/projectinfo.go b/pkg/projectinfo/projectinfo.go
@@ -30,6 +30,7 @@ var (
 	buildDate           = "1970-01-01T00:00:00Z"
 	maintainingVersions = "unknown"
 	separator           = ","
+	nodePoolLabelKey    = "apps.openyurt.io/nodepool"
 )
 
 func ShortAgentVersion() string {
@@ -90,21 +91,11 @@ func GetTunnelName() string {
 	return projectPrefix + "tunnel"
 }
 
-// GetYurtControllerManagerName returns name of openyurt controller-manager: yurtcontroller-manager
-func GetYurtControllerManagerName() string {
-	return projectPrefix + "controller-manager"
-}
-
 // GetYurtManagerName returns name of openyurt-manager: yurt-manager
 func GetYurtManagerName() string {
 	return "yurt-manager"
 }
 
-// GetYurtAppManagerName returns name of tunnel: yurtapp-manager
-func GetYurtAppManagerName() string {
-	return projectPrefix + "app-manager"
-}
-
 // GetAutonomyAnnotation returns annotation key for node autonomy
 func GetAutonomyAnnotation() string {
 	return fmt.Sprintf("node.beta.%s/autonomy", labelPrefix)
@@ -119,26 +110,33 @@ func normalizeGitCommit(commit string) string {
 	return commit
 }
 
+// GetNodePoolLabel returns label for specifying nodepool
+func GetNodePoolLabel() string {
+	return nodePoolLabelKey
+}
+
 // Info contains version information.
 type Info struct {
-	GitVersion  string   `json:"gitVersion"`
-	GitCommit   string   `json:"gitCommit"`
-	BuildDate   string   `json:"buildDate"`
-	GoVersion   string   `json:"goVersion"`
-	Compiler    string   `json:"compiler"`
-	Platform    string   `json:"platform"`
-	AllVersions []string `json:"allVersions"`
+	GitVersion       string   `json:"gitVersion"`
+	GitCommit        string   `json:"gitCommit"`
+	BuildDate        string   `json:"buildDate"`
+	GoVersion        string   `json:"goVersion"`
+	Compiler         string   `json:"compiler"`
+	Platform         string   `json:"platform"`
+	AllVersions      []string `json:"allVersions"`
+	NodePoolLabelKey string   `json:"nodePoolLabelKey"`
 }
 
 // Get returns the overall codebase version.
 func Get() Info {
 	return Info{
-		GitVersion:  gitVersion,
-		GitCommit:   normalizeGitCommit(gitCommit),
-		BuildDate:   buildDate,
-		GoVersion:   runtime.Version(),
-		Compiler:    runtime.Compiler,
-		Platform:    fmt.Sprintf("%s/%s", runtime.GOOS, runtime.GOARCH),
-		AllVersions: strings.Split(maintainingVersions, separator),
+		GitVersion:       gitVersion,
+		GitCommit:        normalizeGitCommit(gitCommit),
+		BuildDate:        buildDate,
+		GoVersion:        runtime.Version(),
+		Compiler:         runtime.Compiler,
+		Platform:         fmt.Sprintf("%s/%s", runtime.GOOS, runtime.GOARCH),
+		AllVersions:      strings.Split(maintainingVersions, separator),
+		NodePoolLabelKey: nodePoolLabelKey,
 	}
 }
diff --git a/pkg/util/certmanager/pki.go b/pkg/util/certmanager/pki.go
@@ -185,3 +185,10 @@ func GenCertPoolUseCA(caFile string) (*x509.CertPool, error) {
 	certPool.AppendCertsFromPEM(caData)
 	return certPool, nil
 }
+
+// GenCertPoolUseCAData generates a x509 CertPool based on the given CA data
+func GenCertPoolUseCAData(caData []byte) (*x509.CertPool, error) {
+	certPool := x509.NewCertPool()
+	certPool.AppendCertsFromPEM(caData)
+	return certPool, nil
+}
diff --git a/pkg/yurtadm/cmd/join/join.go b/pkg/yurtadm/cmd/join/join.go
@@ -30,7 +30,7 @@ import (
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 	"k8s.io/klog/v2"
 
-	"github.com/openyurtio/openyurt/pkg/apis/apps"
+	"github.com/openyurtio/openyurt/pkg/projectinfo"
 	kubeconfigutil "github.com/openyurtio/openyurt/pkg/util/kubeconfig"
 	"github.com/openyurtio/openyurt/pkg/util/kubernetes/kubeadm/app/util/apiclient"
 	"github.com/openyurtio/openyurt/pkg/yurtadm/cmd/join/joindata"
@@ -355,7 +355,7 @@ func newJoinData(args []string, opt *joinOptions) (*joinData, error) {
 			return nil, errors.Errorf("when --nodepool-name is specified, the specified nodePool should be exist.")
 		}
 		// add nodePool label for node by kubelet
-		data.nodeLabels[apps.NodePoolLabel] = opt.nodePoolName
+		data.nodeLabels[projectinfo.GetNodePoolLabel()] = opt.nodePoolName
 	}
 
 	// check static pods has value and yurtstaticset is already exist

diff --git a/pkg/yurthub/certificate/interfaces.go b/pkg/yurthub/certificate/interfaces.go
@@ -45,6 +45,7 @@ type YurtClientCertificateManager interface {
 	Stop()
 	UpdateBootstrapConf(joinToken string) error
 	GetHubConfFile() string
+	GetCAData() []byte
 	GetCaFile() string
 	GetAPIServerClientCert() *tls.Certificate
 }

diff --git a/pkg/yurthub/certificate/kubeletcertificate/kubelet_certificate.go b/pkg/yurthub/certificate/kubeletcertificate/kubelet_certificate.go
@@ -21,6 +21,7 @@ import (
 	"crypto/x509"
 	"errors"
 	"fmt"
+	"os"
 	"time"
 
 	"k8s.io/klog/v2"
@@ -40,6 +41,7 @@ type kubeletCertManager struct {
 	kubeletCAFile  string
 	kubeletPemFile string
 	cert           *tls.Certificate
+	caData         []byte
 }
 
 func NewKubeletCertManager(kubeConfFile, kubeletCAFile, kubeletPemFile string) (certificate.YurtClientCertificateManager, error) {
@@ -50,6 +52,10 @@ func NewKubeletCertManager(kubeConfFile, kubeletCAFile, kubeletPemFile string) (
 	if exist, _ := util.FileExists(kubeletCAFile); !exist {
 		return nil, KubeletCANotExistErr
 	}
+	caData, err := os.ReadFile(kubeletCAFile)
+	if err != nil {
+		return nil, err
+	}
 
 	if exist, _ := util.FileExists(kubeletPemFile); !exist {
 		return nil, KubeletPemNotExistErr
@@ -65,6 +71,7 @@ func NewKubeletCertManager(kubeConfFile, kubeletCAFile, kubeletPemFile string) (
 		kubeletCAFile:  kubeletCAFile,
 		kubeletPemFile: kubeletPemFile,
 		cert:           cert,
+		caData:         caData,
 	}, nil
 }
 
@@ -84,6 +91,10 @@ func (kcm *kubeletCertManager) GetHubConfFile() string {
 	return kcm.kubeConfFile
 }
 
+func (kcm *kubeletCertManager) GetCAData() []byte {
+	return kcm.caData
+}
+
 func (kcm *kubeletCertManager) GetCaFile() string {
 	return kcm.kubeletCAFile
 }

diff --git a/pkg/yurthub/certificate/manager/manager.go b/pkg/yurthub/certificate/manager/manager.go
@@ -32,7 +32,6 @@ import (
 	"github.com/openyurtio/openyurt/pkg/yurthub/certificate/kubeletcertificate"
 	hubServerCert "github.com/openyurtio/openyurt/pkg/yurthub/certificate/server"
 	"github.com/openyurtio/openyurt/pkg/yurthub/certificate/token"
-	"github.com/openyurtio/openyurt/pkg/yurthub/util"
 )
 
 const (
@@ -123,12 +122,8 @@ func (hcm *yurtHubCertManager) Ready() bool {
 		errs = append(errs, apiServerClientCertNotReadyError)
 	}
 
-	if exist, err := util.FileExists(hcm.YurtClientCertificateManager.GetCaFile()); !exist {
-		if err == nil {
-			errs = append(errs, caCertIsNotReadyError)
-		} else {
-			errs = append(errs, err)
-		}
+	if len(hcm.YurtClientCertificateManager.GetCAData()) == 0 {
+		errs = append(errs, caCertIsNotReadyError)
 	}
 
 	if hcm.GetHubServerCert() == nil {