From ba28364ed6ba1093d05b6dbf40d5772a34e6574a Mon Sep 17 00:00:00 2001 From: JameKeal <413621396@qq.com> Date: Tue, 12 Apr 2022 16:54:02 +0800 Subject: [PATCH 1/3] add yurt-app-manager yurtappdaemon/yurtingress deploy and revert --- pkg/yurtctl/cmd/revert/revert.go | 18 + .../constants/yurt-app-manager-tmpl.go | 542 +++++++++++++++++- pkg/yurtctl/util/kubernetes/apply_addons.go | 10 + 3 files changed, 564 insertions(+), 6 deletions(-) diff --git a/pkg/yurtctl/cmd/revert/revert.go b/pkg/yurtctl/cmd/revert/revert.go index 7075408c833..8efa1d987c3 100644 --- a/pkg/yurtctl/cmd/revert/revert.go +++ b/pkg/yurtctl/cmd/revert/revert.go @@ -452,6 +452,24 @@ func removeYurtAppManager(client *kubernetes.Clientset, yurtAppManagerClientSet } klog.Info("UnitedDeploymentcrd for yurt app manager is removed") klog.V(4).Infof("UnitedDeploymentCRD/%s is deleted", "UnitedDeployment") + + // 12. remove YurtAppDaemon + if err := kubeutil.DeleteCRDResource(client, yurtAppManagerClientSet, + "YurtAppDaemon", "yurtappdaemons.apps.openyurt.io", []byte(constants.YurtAppManagerYurtAppDaemon)); err != nil { + return fmt.Errorf("fail to delete the YurtAppDaemonCRD/%s: %s", + "YurtAppDaemon", err) + } + klog.Info("YurtAppDaemonCRD for yurt app manager is removed") + klog.V(4).Infof("YurtAppDaemonCRD/%s is deleted", "YurtAppDaemon") + + // 13. remove YurtIngress + if err := kubeutil.DeleteCRDResource(client, yurtAppManagerClientSet, + "YurtIngress", "yurtingresses.apps.openyurt.io", []byte(constants.YurtAppManagerYurtIngress)); err != nil { + return fmt.Errorf("fail to delete the YurtIngressCRD/%s: %s", + "YurtIngress", err) + } + klog.Info("YurtIngressCRD for yurt app manager is removed") + klog.V(4).Infof("YurtIngressCRD/%s is deleted", "YurtIngress") return nil } diff --git a/pkg/yurtctl/constants/yurt-app-manager-tmpl.go b/pkg/yurtctl/constants/yurt-app-manager-tmpl.go index 7d525e160d6..fb855c1e81c 100644 --- a/pkg/yurtctl/constants/yurt-app-manager-tmpl.go +++ b/pkg/yurtctl/constants/yurt-app-manager-tmpl.go @@ -364,6 +364,350 @@ status: plural: "" conditions: [] storedVersions: [] +` + YurtAppManagerYurtAppDaemon = ` +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.9 + creationTimestamp: null + name: yurtappdaemons.apps.openyurt.io +spec: + additionalPrinterColumns: + - JSONPath: .status.templateType + description: The WorkloadTemplate Type. + name: WorkloadTemplate + type: string + - JSONPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: AGE + type: date + group: apps.openyurt.io + names: + kind: YurtAppDaemon + listKind: YurtAppDaemonList + plural: yurtappdaemons + shortNames: + - yad + singular: yurtappdaemon + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: YurtAppDaemon is the Schema for the YurtAppDaemon API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: YurtAppDaemonSpec defines the desired state of YurtAppDaemon. + properties: + nodepoolSelector: + description: NodePoolSelector is a label query over nodepool that should match the replica count. It must match the nodepool's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + revisionHistoryLimit: + description: Indicates the number of histories to be conserved. If unspecified, defaults to 10. + format: int32 + type: integer + selector: + description: Selector is a label query over pods that should match the replica count. It must match the pod template's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + workloadTemplate: + description: WorkloadTemplate describes the pool that will be created. + properties: + deploymentTemplate: + description: Deployment template + properties: + metadata: + type: object + spec: + description: DeploymentSpec is the specification of the desired behavior of the Deployment. + type: object + required: + - spec + type: object + statefulSetTemplate: + description: StatefulSet template + properties: + metadata: + type: object + spec: + description: A StatefulSetSpec is the specification of a StatefulSet. + type: object + required: + - spec + type: object + type: object + required: + - nodepoolSelector + - selector + type: object + status: + description: YurtAppDaemonStatus defines the observed state of YurtAppDaemon. + properties: + collisionCount: + description: Count of hash collisions for the YurtAppDaemon. The YurtAppDaemon controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision. + format: int32 + type: integer + conditions: + description: Represents the latest available observations of a YurtAppDaemon's current state. + items: + description: YurtAppDaemonCondition describes current state of a YurtAppDaemon. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of in place set condition. + type: string + type: object + type: array + currentRevision: + description: CurrentRevision, if not empty, indicates the current version of the YurtAppDaemon. + type: string + nodepools: + description: NodePools indicates the list of node pools selected by YurtAppDaemon + items: + type: string + type: array + observedGeneration: + description: ObservedGeneration is the most recent generation observed for this YurtAppDaemon. It corresponds to the YurtAppDaemon's generation, which is updated on mutation by the API Server. + format: int64 + type: integer + templateType: + description: TemplateType indicates the type of PoolTemplate + type: string + required: + - currentRevision + - templateType + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +` + YurtAppManagerYurtIngress = ` +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.9 + creationTimestamp: null + name: yurtingresses.apps.openyurt.io +spec: + additionalPrinterColumns: + - JSONPath: .status.nginx_ingress_controller_version + description: The nginx ingress controller version + name: Nginx-Ingress-Version + type: string + - JSONPath: .status.ingress_controller_replicas_per_pool + description: The nginx ingress controller replicas per pool + name: Replicas-Per-Pool + type: integer + - JSONPath: .status.readyNum + description: The number of pools on which ingress is enabled + name: ReadyNum + type: integer + - JSONPath: .status.unreadyNum + description: The number of pools on which ingress is enabling or enable failed + name: NotReadyNum + type: integer + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: apps.openyurt.io + names: + categories: + - all + kind: YurtIngress + listKind: YurtIngressList + plural: yurtingresses + shortNames: + - ying + singular: yurtingress + scope: Cluster + subresources: + status: {} + validation: + openAPIV3Schema: + description: YurtIngress is the Schema for the yurtingresses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: YurtIngressSpec defines the desired state of YurtIngress + properties: + ingress_controller_replicas_per_pool: + description: Indicates the number of the ingress controllers to be deployed under all the specified nodepools. + format: int32 + type: integer + pools: + description: Indicates all the nodepools on which to enable ingress. + items: + description: IngressPool defines the details of a Pool for ingress + properties: + name: + description: Indicates the pool name. + type: string + required: + - name + type: object + type: array + type: object + status: + description: YurtIngressStatus defines the observed state of YurtIngress + properties: + conditions: + description: Indicates all the nodepools on which to enable ingress. + properties: + ingressreadypools: + description: Indicates the pools that ingress controller is deployed successfully. + items: + type: string + type: array + ingressunreadypools: + description: Indicates the pools that ingress controller is being deployed or deployed failed. + items: + description: IngressNotReadyPool defines the condition details of an ingress not ready Pool + properties: + name: + description: Indicates the pool name. + type: string + poolinfo: + description: Info of ingress not ready condition. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + type: + description: Type of ingress not ready condition. + type: string + type: object + required: + - name + type: object + type: array + type: object + ingress_controller_replicas_per_pool: + description: Indicates the number of the ingress controllers deployed under all the specified nodepools. + format: int32 + type: integer + nginx_ingress_controller_version: + description: Indicates the nginx ingress controller version deployed under all the specified nodepools. + type: string + readyNum: + description: Total number of ready pools on which ingress is enabled. + format: int32 + type: integer + unreadyNum: + description: Total number of unready pools on which ingress is enabling or enable failed. + format: int32 + type: integer + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] ` YurtAppManagerRole = ` apiVersion: rbac.authorization.k8s.io/v1 @@ -522,6 +866,58 @@ rules: - get - patch - update +- apiGroups: + - apps.openyurt.io + resources: + - yurtappdaemons + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps.openyurt.io + resources: + - yurtappdaemons/status + verbs: + - get + - patch + - update +- apiGroups: + - apps.openyurt.io + resources: + - yurtingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps.openyurt.io + resources: + - yurtingresses/status + verbs: + - get + - patch + - update +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - coordination.k8s.io resources: @@ -534,6 +930,18 @@ rules: - patch - update - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - "" resources: @@ -546,6 +954,18 @@ rules: - patch - update - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - "" resources: @@ -592,6 +1012,54 @@ rules: - patch - update - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - '*' ` YurtAppManagerRolebinding = ` apiVersion: rbac.authorization.k8s.io/v1 @@ -667,7 +1135,7 @@ spec: - --v=4 command: - /usr/local/bin/yurt-app-manager - image: {{.image}} + image: openyurt/yurt-app-manager:v0.5.0 imagePullPolicy: Always name: manager ports: @@ -679,14 +1147,17 @@ spec: name: cert readOnly: true nodeSelector: - openyurt.io/is-edge-worker: "false" - beta.kubernetes.io/arch: {{.arch}} + beta.kubernetes.io/arch: amd64 beta.kubernetes.io/os: linux + openyurt.io/is-edge-worker: "false" priorityClassName: system-node-critical terminationGracePeriodSeconds: 10 tolerations: - effect: NoSchedule - key: node-role.openyurt.io/addon + key: node-role.alibabacloud.com/addon + operator: Exists + - effect: NoSchedule + key: node-role.kubernetes.io/master operator: Exists volumes: - name: cert @@ -696,9 +1167,11 @@ spec: ` //todo YurtAppManagerMutatingWebhookConfiguration = ` -apiVersion: admissionregistration.k8s.io/v1 +apiVersion: admissionregistration.k8s.io/v1beta1 kind: MutatingWebhookConfiguration metadata: + annotations: + template: "" name: yurt-app-mutating-webhook-configuration webhooks: - clientConfig: @@ -737,12 +1210,32 @@ webhooks: - UPDATE resources: - uniteddeployments +- clientConfig: + caBundle: Cg== + service: + name: yurt-app-webhook-service + namespace: kube-system + path: /mutate-apps-openyurt-io-v1alpha1-yurtappdaemon + failurePolicy: Fail + name: myurtappdaemon.kb.io + rules: + - apiGroups: + - apps.openyurt.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - yurtappdaemons ` //todo YurtAppManagerValidatingWebhookConfiguration = ` -apiVersion: admissionregistration.k8s.io/v1 +apiVersion: admissionregistration.k8s.io/v1beta1 kind: ValidatingWebhookConfiguration metadata: + annotations: + template: "" name: yurt-app-validating-webhook-configuration webhooks: - clientConfig: @@ -782,5 +1275,42 @@ webhooks: - UPDATE resources: - uniteddeployments +- clientConfig: + caBundle: Cg== + service: + name: yurt-app-webhook-service + namespace: kube-system + path: /validate-apps-openyurt-io-v1alpha1-yurtappdaemon + failurePolicy: Fail + name: vyurtappdaemon.kb.io + rules: + - apiGroups: + - apps.openyurt.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - yurtappdaemons +- clientConfig: + caBundle: Cg== + service: + name: yurt-app-webhook-service + namespace: kube-system + path: /validate-apps-openyurt-io-v1alpha1-yurtingress + failurePolicy: Fail + name: vyurtingress.kb.io + rules: + - apiGroups: + - apps.openyurt.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - yurtingresses ` ) diff --git a/pkg/yurtctl/util/kubernetes/apply_addons.go b/pkg/yurtctl/util/kubernetes/apply_addons.go index c643fa7b7d4..84dd1fad75e 100644 --- a/pkg/yurtctl/util/kubernetes/apply_addons.go +++ b/pkg/yurtctl/util/kubernetes/apply_addons.go @@ -74,6 +74,16 @@ func DeployYurtAppManager( return err } + // 1.3 yurtappdaemon + if err := CreateCRDFromYaml(client, yurtAppManagerClient, "", []byte(constants.YurtAppManagerYurtAppDaemon)); err != nil { + return err + } + + // 1.4 yurtingress + if err := CreateCRDFromYaml(client, yurtAppManagerClient, "", []byte(constants.YurtAppManagerYurtIngress)); err != nil { + return err + } + // 2. create the YurtAppManagerRole if err := CreateRoleFromYaml(client, SystemNamespace, constants.YurtAppManagerRole); err != nil { From 3ce2582cb37c1d0cd7bdeb16e590d46d87f446c6 Mon Sep 17 00:00:00 2001 From: JameKeal <413621396@qq.com> Date: Fri, 15 Apr 2022 14:57:08 +0800 Subject: [PATCH 2/3] Revert "add yurt-app-manager yurtappdaemon/yurtingress deploy and revert" This reverts commit ba28364ed6ba1093d05b6dbf40d5772a34e6574a. --- pkg/yurtctl/cmd/revert/revert.go | 18 - .../constants/yurt-app-manager-tmpl.go | 542 +----------------- pkg/yurtctl/util/kubernetes/apply_addons.go | 10 - 3 files changed, 6 insertions(+), 564 deletions(-) diff --git a/pkg/yurtctl/cmd/revert/revert.go b/pkg/yurtctl/cmd/revert/revert.go index 8efa1d987c3..7075408c833 100644 --- a/pkg/yurtctl/cmd/revert/revert.go +++ b/pkg/yurtctl/cmd/revert/revert.go @@ -452,24 +452,6 @@ func removeYurtAppManager(client *kubernetes.Clientset, yurtAppManagerClientSet } klog.Info("UnitedDeploymentcrd for yurt app manager is removed") klog.V(4).Infof("UnitedDeploymentCRD/%s is deleted", "UnitedDeployment") - - // 12. remove YurtAppDaemon - if err := kubeutil.DeleteCRDResource(client, yurtAppManagerClientSet, - "YurtAppDaemon", "yurtappdaemons.apps.openyurt.io", []byte(constants.YurtAppManagerYurtAppDaemon)); err != nil { - return fmt.Errorf("fail to delete the YurtAppDaemonCRD/%s: %s", - "YurtAppDaemon", err) - } - klog.Info("YurtAppDaemonCRD for yurt app manager is removed") - klog.V(4).Infof("YurtAppDaemonCRD/%s is deleted", "YurtAppDaemon") - - // 13. remove YurtIngress - if err := kubeutil.DeleteCRDResource(client, yurtAppManagerClientSet, - "YurtIngress", "yurtingresses.apps.openyurt.io", []byte(constants.YurtAppManagerYurtIngress)); err != nil { - return fmt.Errorf("fail to delete the YurtIngressCRD/%s: %s", - "YurtIngress", err) - } - klog.Info("YurtIngressCRD for yurt app manager is removed") - klog.V(4).Infof("YurtIngressCRD/%s is deleted", "YurtIngress") return nil } diff --git a/pkg/yurtctl/constants/yurt-app-manager-tmpl.go b/pkg/yurtctl/constants/yurt-app-manager-tmpl.go index fb855c1e81c..7d525e160d6 100644 --- a/pkg/yurtctl/constants/yurt-app-manager-tmpl.go +++ b/pkg/yurtctl/constants/yurt-app-manager-tmpl.go @@ -364,350 +364,6 @@ status: plural: "" conditions: [] storedVersions: [] -` - YurtAppManagerYurtAppDaemon = ` -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.2.9 - creationTimestamp: null - name: yurtappdaemons.apps.openyurt.io -spec: - additionalPrinterColumns: - - JSONPath: .status.templateType - description: The WorkloadTemplate Type. - name: WorkloadTemplate - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: AGE - type: date - group: apps.openyurt.io - names: - kind: YurtAppDaemon - listKind: YurtAppDaemonList - plural: yurtappdaemons - shortNames: - - yad - singular: yurtappdaemon - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: YurtAppDaemon is the Schema for the YurtAppDaemon API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: YurtAppDaemonSpec defines the desired state of YurtAppDaemon. - properties: - nodepoolSelector: - description: NodePoolSelector is a label query over nodepool that should match the replica count. It must match the nodepool's labels. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - revisionHistoryLimit: - description: Indicates the number of histories to be conserved. If unspecified, defaults to 10. - format: int32 - type: integer - selector: - description: Selector is a label query over pods that should match the replica count. It must match the pod template's labels. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - workloadTemplate: - description: WorkloadTemplate describes the pool that will be created. - properties: - deploymentTemplate: - description: Deployment template - properties: - metadata: - type: object - spec: - description: DeploymentSpec is the specification of the desired behavior of the Deployment. - type: object - required: - - spec - type: object - statefulSetTemplate: - description: StatefulSet template - properties: - metadata: - type: object - spec: - description: A StatefulSetSpec is the specification of a StatefulSet. - type: object - required: - - spec - type: object - type: object - required: - - nodepoolSelector - - selector - type: object - status: - description: YurtAppDaemonStatus defines the observed state of YurtAppDaemon. - properties: - collisionCount: - description: Count of hash collisions for the YurtAppDaemon. The YurtAppDaemon controller uses this field as a collision avoidance mechanism when it needs to create the name for the newest ControllerRevision. - format: int32 - type: integer - conditions: - description: Represents the latest available observations of a YurtAppDaemon's current state. - items: - description: YurtAppDaemonCondition describes current state of a YurtAppDaemon. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of in place set condition. - type: string - type: object - type: array - currentRevision: - description: CurrentRevision, if not empty, indicates the current version of the YurtAppDaemon. - type: string - nodepools: - description: NodePools indicates the list of node pools selected by YurtAppDaemon - items: - type: string - type: array - observedGeneration: - description: ObservedGeneration is the most recent generation observed for this YurtAppDaemon. It corresponds to the YurtAppDaemon's generation, which is updated on mutation by the API Server. - format: int64 - type: integer - templateType: - description: TemplateType indicates the type of PoolTemplate - type: string - required: - - currentRevision - - templateType - type: object - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] -` - YurtAppManagerYurtIngress = ` -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.2.9 - creationTimestamp: null - name: yurtingresses.apps.openyurt.io -spec: - additionalPrinterColumns: - - JSONPath: .status.nginx_ingress_controller_version - description: The nginx ingress controller version - name: Nginx-Ingress-Version - type: string - - JSONPath: .status.ingress_controller_replicas_per_pool - description: The nginx ingress controller replicas per pool - name: Replicas-Per-Pool - type: integer - - JSONPath: .status.readyNum - description: The number of pools on which ingress is enabled - name: ReadyNum - type: integer - - JSONPath: .status.unreadyNum - description: The number of pools on which ingress is enabling or enable failed - name: NotReadyNum - type: integer - - JSONPath: .metadata.creationTimestamp - name: Age - type: date - group: apps.openyurt.io - names: - categories: - - all - kind: YurtIngress - listKind: YurtIngressList - plural: yurtingresses - shortNames: - - ying - singular: yurtingress - scope: Cluster - subresources: - status: {} - validation: - openAPIV3Schema: - description: YurtIngress is the Schema for the yurtingresses API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: YurtIngressSpec defines the desired state of YurtIngress - properties: - ingress_controller_replicas_per_pool: - description: Indicates the number of the ingress controllers to be deployed under all the specified nodepools. - format: int32 - type: integer - pools: - description: Indicates all the nodepools on which to enable ingress. - items: - description: IngressPool defines the details of a Pool for ingress - properties: - name: - description: Indicates the pool name. - type: string - required: - - name - type: object - type: array - type: object - status: - description: YurtIngressStatus defines the observed state of YurtIngress - properties: - conditions: - description: Indicates all the nodepools on which to enable ingress. - properties: - ingressreadypools: - description: Indicates the pools that ingress controller is deployed successfully. - items: - type: string - type: array - ingressunreadypools: - description: Indicates the pools that ingress controller is being deployed or deployed failed. - items: - description: IngressNotReadyPool defines the condition details of an ingress not ready Pool - properties: - name: - description: Indicates the pool name. - type: string - poolinfo: - description: Info of ingress not ready condition. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status to another. - format: date-time - type: string - message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - type: - description: Type of ingress not ready condition. - type: string - type: object - required: - - name - type: object - type: array - type: object - ingress_controller_replicas_per_pool: - description: Indicates the number of the ingress controllers deployed under all the specified nodepools. - format: int32 - type: integer - nginx_ingress_controller_version: - description: Indicates the nginx ingress controller version deployed under all the specified nodepools. - type: string - readyNum: - description: Total number of ready pools on which ingress is enabled. - format: int32 - type: integer - unreadyNum: - description: Total number of unready pools on which ingress is enabling or enable failed. - format: int32 - type: integer - type: object - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ` YurtAppManagerRole = ` apiVersion: rbac.authorization.k8s.io/v1 @@ -866,58 +522,6 @@ rules: - get - patch - update -- apiGroups: - - apps.openyurt.io - resources: - - yurtappdaemons - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apps.openyurt.io - resources: - - yurtappdaemons/status - verbs: - - get - - patch - - update -- apiGroups: - - apps.openyurt.io - resources: - - yurtingresses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apps.openyurt.io - resources: - - yurtingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - batch - resources: - - jobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - coordination.k8s.io resources: @@ -930,18 +534,6 @@ rules: - patch - update - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - "" resources: @@ -954,18 +546,6 @@ rules: - patch - update - watch -- apiGroups: - - "" - resources: - - namespaces - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - "" resources: @@ -1012,54 +592,6 @@ rules: - patch - update - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - services - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterrolebindings - verbs: - - '*' -- apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterroles - verbs: - - '*' -- apiGroups: - - rbac.authorization.k8s.io - resources: - - rolebindings - verbs: - - '*' -- apiGroups: - - rbac.authorization.k8s.io - resources: - - roles - verbs: - - '*' ` YurtAppManagerRolebinding = ` apiVersion: rbac.authorization.k8s.io/v1 @@ -1135,7 +667,7 @@ spec: - --v=4 command: - /usr/local/bin/yurt-app-manager - image: openyurt/yurt-app-manager:v0.5.0 + image: {{.image}} imagePullPolicy: Always name: manager ports: @@ -1147,17 +679,14 @@ spec: name: cert readOnly: true nodeSelector: - beta.kubernetes.io/arch: amd64 - beta.kubernetes.io/os: linux openyurt.io/is-edge-worker: "false" + beta.kubernetes.io/arch: {{.arch}} + beta.kubernetes.io/os: linux priorityClassName: system-node-critical terminationGracePeriodSeconds: 10 tolerations: - effect: NoSchedule - key: node-role.alibabacloud.com/addon - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/master + key: node-role.openyurt.io/addon operator: Exists volumes: - name: cert @@ -1167,11 +696,9 @@ spec: ` //todo YurtAppManagerMutatingWebhookConfiguration = ` -apiVersion: admissionregistration.k8s.io/v1beta1 +apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: - annotations: - template: "" name: yurt-app-mutating-webhook-configuration webhooks: - clientConfig: @@ -1210,32 +737,12 @@ webhooks: - UPDATE resources: - uniteddeployments -- clientConfig: - caBundle: Cg== - service: - name: yurt-app-webhook-service - namespace: kube-system - path: /mutate-apps-openyurt-io-v1alpha1-yurtappdaemon - failurePolicy: Fail - name: myurtappdaemon.kb.io - rules: - - apiGroups: - - apps.openyurt.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - yurtappdaemons ` //todo YurtAppManagerValidatingWebhookConfiguration = ` -apiVersion: admissionregistration.k8s.io/v1beta1 +apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: - annotations: - template: "" name: yurt-app-validating-webhook-configuration webhooks: - clientConfig: @@ -1275,42 +782,5 @@ webhooks: - UPDATE resources: - uniteddeployments -- clientConfig: - caBundle: Cg== - service: - name: yurt-app-webhook-service - namespace: kube-system - path: /validate-apps-openyurt-io-v1alpha1-yurtappdaemon - failurePolicy: Fail - name: vyurtappdaemon.kb.io - rules: - - apiGroups: - - apps.openyurt.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - yurtappdaemons -- clientConfig: - caBundle: Cg== - service: - name: yurt-app-webhook-service - namespace: kube-system - path: /validate-apps-openyurt-io-v1alpha1-yurtingress - failurePolicy: Fail - name: vyurtingress.kb.io - rules: - - apiGroups: - - apps.openyurt.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - yurtingresses ` ) diff --git a/pkg/yurtctl/util/kubernetes/apply_addons.go b/pkg/yurtctl/util/kubernetes/apply_addons.go index 84dd1fad75e..c643fa7b7d4 100644 --- a/pkg/yurtctl/util/kubernetes/apply_addons.go +++ b/pkg/yurtctl/util/kubernetes/apply_addons.go @@ -74,16 +74,6 @@ func DeployYurtAppManager( return err } - // 1.3 yurtappdaemon - if err := CreateCRDFromYaml(client, yurtAppManagerClient, "", []byte(constants.YurtAppManagerYurtAppDaemon)); err != nil { - return err - } - - // 1.4 yurtingress - if err := CreateCRDFromYaml(client, yurtAppManagerClient, "", []byte(constants.YurtAppManagerYurtIngress)); err != nil { - return err - } - // 2. create the YurtAppManagerRole if err := CreateRoleFromYaml(client, SystemNamespace, constants.YurtAppManagerRole); err != nil { From 7bc01f109f89432e06cb41362a395d9725526f5a Mon Sep 17 00:00:00 2001 From: JameKeal <413621396@qq.com> Date: Mon, 18 Apr 2022 12:11:30 +0800 Subject: [PATCH 3/3] optimize kubernetes util func --- pkg/yurtctl/util/kubernetes/apply_addons.go | 4 ++++ pkg/yurtctl/util/kubernetes/util.go | 8 ++++---- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/pkg/yurtctl/util/kubernetes/apply_addons.go b/pkg/yurtctl/util/kubernetes/apply_addons.go index c643fa7b7d4..5c62bd787f9 100644 --- a/pkg/yurtctl/util/kubernetes/apply_addons.go +++ b/pkg/yurtctl/util/kubernetes/apply_addons.go @@ -106,6 +106,7 @@ func DeployYurtAppManager( // 7. create the Service if err := CreateServiceFromYaml(client, + SystemNamespace, constants.YurtAppManagerService); err != nil { return err } @@ -161,12 +162,14 @@ func DeployYurttunnelServer( // 4. create the Service if err := CreateServiceFromYaml(client, + SystemNamespace, constants.YurttunnelServerService); err != nil { return err } // 5. create the internal Service(type=ClusterIP) if err := CreateServiceFromYaml(client, + SystemNamespace, constants.YurttunnelServerInternalService); err != nil { return err } @@ -199,6 +202,7 @@ func DeployYurttunnelAgent( yurttunnelAgentImage string) error { // 1. Deploy the yurt-tunnel-agent DaemonSet if err := CreateDaemonSetFromYaml(client, + SystemNamespace, constants.YurttunnelAgentDaemonSet, map[string]string{ "image": yurttunnelAgentImage, diff --git a/pkg/yurtctl/util/kubernetes/util.go b/pkg/yurtctl/util/kubernetes/util.go index a4de554d807..2529898c20a 100644 --- a/pkg/yurtctl/util/kubernetes/util.go +++ b/pkg/yurtctl/util/kubernetes/util.go @@ -194,7 +194,7 @@ func CreateDeployFromYaml(cliSet *kubernetes.Clientset, ns, dplyTmpl string, ctx } // CreateDaemonSetFromYaml creates the DaemonSet from the yaml template. -func CreateDaemonSetFromYaml(cliSet *kubernetes.Clientset, dsTmpl string, ctx interface{}) error { +func CreateDaemonSetFromYaml(cliSet *kubernetes.Clientset, ns, dsTmpl string, ctx interface{}) error { var ytadstmp string var err error if ctx != nil { @@ -214,7 +214,7 @@ func CreateDaemonSetFromYaml(cliSet *kubernetes.Clientset, dsTmpl string, ctx in if !ok { return fmt.Errorf("fail to assert daemonset: %v", err) } - _, err = cliSet.AppsV1().DaemonSets(SystemNamespace).Create(context.Background(), ds, metav1.CreateOptions{}) + _, err = cliSet.AppsV1().DaemonSets(ns).Create(context.Background(), ds, metav1.CreateOptions{}) if err != nil { return fmt.Errorf("fail to create the daemonset/%s: %v", ds.Name, err) } @@ -223,7 +223,7 @@ func CreateDaemonSetFromYaml(cliSet *kubernetes.Clientset, dsTmpl string, ctx in } // CreateServiceFromYaml creates the Service from the yaml template. -func CreateServiceFromYaml(cliSet *kubernetes.Clientset, svcTmpl string) error { +func CreateServiceFromYaml(cliSet *kubernetes.Clientset, ns, svcTmpl string) error { obj, err := YamlToObject([]byte(svcTmpl)) if err != nil { return err @@ -232,7 +232,7 @@ func CreateServiceFromYaml(cliSet *kubernetes.Clientset, svcTmpl string) error { if !ok { return fmt.Errorf("fail to assert service: %v", err) } - _, err = cliSet.CoreV1().Services(SystemNamespace).Create(context.Background(), svc, metav1.CreateOptions{}) + _, err = cliSet.CoreV1().Services(ns).Create(context.Background(), svc, metav1.CreateOptions{}) return processCreateErr("service", svc.Name, err) }