From 151b80d09a1a5384ca05b47711406142c7936399 Mon Sep 17 00:00:00 2001 From: Tom Pantelis Date: Tue, 10 Sep 2024 09:35:54 -0400 Subject: [PATCH] Add clusterset IP CIDR configuration to the operator chart Signed-off-by: Tom Pantelis --- submariner-operator/README.md | 2 + submariner-operator/crds/crd.yaml | 1868 +++++++++-------- submariner-operator/templates/submariner.yaml | 2 + submariner-operator/values.yaml | 2 + 4 files changed, 1033 insertions(+), 841 deletions(-) diff --git a/submariner-operator/README.md b/submariner-operator/README.md index 64d1255b..acefd7de 100644 --- a/submariner-operator/README.md +++ b/submariner-operator/README.md @@ -58,6 +58,8 @@ Submariner enables direct networking between Pods and Services in different Kube | submariner.coreDNSCustomConfig | object | `{}` | | | submariner.debug | bool | `false` | | | submariner.globalCidr | string | `""` | | +| submariner.clustersetIpCidr | string | `""` | | +| submariner.clustersetIpEnabled | bool | `false` | | | submariner.healthcheckEnabled | bool | `true` | | | submariner.images.repository | string | `"quay.io/submariner"` | | | submariner.images.tag | string | `"0.14.0"` | | diff --git a/submariner-operator/crds/crd.yaml b/submariner-operator/crds/crd.yaml index 8701f46c..afd98b94 100644 --- a/submariner-operator/crds/crd.yaml +++ b/submariner-operator/crds/crd.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: submariners.submariner.io spec: group: submariner.io @@ -15,824 +14,966 @@ spec: singular: submariner scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Submariner is the Schema for the submariners API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Submariner is the Schema for the submariners API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: SubmarinerSpec defines the desired state of Submariner - properties: - broker: - type: string - brokerK8sApiServer: - type: string - brokerK8sApiServerToken: - type: string - brokerK8sCA: - type: string - brokerK8sInsecure: - type: boolean - brokerK8sRemoteNamespace: - type: string - cableDriver: - type: string - ceIPSecDebug: - type: boolean - ceIPSecForceUDPEncaps: - type: boolean - ceIPSecIKEPort: - type: integer - ceIPSecNATTPort: - type: integer - ceIPSecPSK: - type: string - ceIPSecPreferredServer: - type: boolean - clusterCIDR: - type: string - clusterID: - type: string - colorCodes: - type: string - connectionHealthCheck: - properties: - enabled: - type: boolean - intervalSeconds: - description: The interval at which health check pings are sent. - format: int64 - type: integer - maxPacketLossCount: - description: The maximum number of packets lost at which the health - checker will mark the connection as down. - format: int64 - type: integer - type: object - coreDNSCustomConfig: - properties: - configMapName: - type: string - namespace: - type: string - type: object - customDomains: - items: - type: string - type: array - x-kubernetes-list-type: set - debug: - type: boolean - globalCIDR: - type: string - imageOverrides: - additionalProperties: - type: string - type: object - loadBalancerEnabled: - type: boolean - namespace: - type: string - natEnabled: - type: boolean - repository: - type: string - serviceCIDR: - type: string - serviceDiscoveryEnabled: - type: boolean - version: - type: string - required: - - broker - - brokerK8sApiServer - - brokerK8sApiServerToken - - brokerK8sCA - - brokerK8sRemoteNamespace - - ceIPSecDebug - - ceIPSecPSK - - clusterCIDR - - clusterID - - debug - - namespace - - natEnabled - - serviceCIDR - type: object - status: - description: SubmarinerStatus defines the observed state of Submariner - properties: - clusterCIDR: - type: string - clusterID: - type: string - colorCodes: - type: string - deploymentInfo: - properties: - cloudProvider: - type: string - kubernetesType: - type: string - kubernetesTypeVersion: + type: string + metadata: + type: object + spec: + description: SubmarinerSpec defines the desired state of Submariner. + properties: + airGappedDeployment: + type: boolean + broker: + description: Type of broker (must be "k8s"). + type: string + brokerK8sApiServer: + description: The broker API URL. + type: string + brokerK8sApiServerToken: + description: The broker API Token. + type: string + brokerK8sCA: + description: The broker certificate authority. + type: string + brokerK8sInsecure: + type: boolean + brokerK8sRemoteNamespace: + description: The Broker namespace. + type: string + brokerK8sSecret: + type: string + cableDriver: + description: Cable driver implementation - any of [libreswan, wireguard, + vxlan]. + type: string + ceIPSecDebug: + description: Enable logging IPsec debugging information. + type: boolean + ceIPSecForceUDPEncaps: + description: Force UDP encapsulation for IPsec. + type: boolean + ceIPSecIKEPort: + description: The IPsec IKE port (500 usually). + type: integer + ceIPSecNATTPort: + description: The IPsec NAT traversal port (4500 usually). + type: integer + ceIPSecPSK: + description: The IPsec Pre-Shared Key which must be identical in all + route agents across the cluster. + type: string + ceIPSecPSKSecret: + type: string + ceIPSecPreferredServer: + description: Enable this cluster as a preferred server for data-plane + connections. + type: boolean + clusterCIDR: + description: The cluster CIDR. + type: string + clusterID: + description: The cluster ID used to identify the tunnels. + type: string + clustersetIPCIDR: + description: ClustersetIP CIDR for allocating ClustersetIPs to exported + services. + type: string + colorCodes: + type: string + connectionHealthCheck: + description: The gateway connection health check. + properties: + enabled: + description: Enable the connection health check. + type: boolean + intervalSeconds: + description: The interval at which health check pings are sent. + format: int64 + type: integer + maxPacketLossCount: + description: The maximum number of packets lost at which the health + checker will mark the connection as down. + format: int64 + type: integer + type: object + coreDNSCustomConfig: + description: Name of the custom CoreDNS configmap to configure forwarding + to Lighthouse. It should be in / format where + is optional and defaults to kube-system. + properties: + configMapName: + description: Name of the custom CoreDNS configmap. + type: string + namespace: + description: Namespace of the custom CoreDNS configmap. + type: string + type: object + customDomains: + description: List of domains to use for multi-cluster service discovery. + items: type: string - kubernetesVersion: + type: array + x-kubernetes-list-type: set + debug: + description: Enable operator debugging. + type: boolean + globalCIDR: + description: The Global CIDR super-net range for allocating GlobalCIDRs + to each cluster. + type: string + haltOnCertificateError: + description: Halt on certificate error (so the pod gets restarted). + type: boolean + imageOverrides: + additionalProperties: type: string - type: object - gatewayDaemonSetStatus: - properties: - lastResourceVersion: + description: Override component images. + type: object + loadBalancerEnabled: + description: Enable automatic Load Balancer in front of the gateways. + type: boolean + namespace: + description: The namespace in which to deploy the submariner operator. + type: string + natEnabled: + description: Enable NAT between clusters. + type: boolean + nodeSelector: + additionalProperties: type: string - mismatchedContainerImages: - type: boolean - nonReadyContainerStates: - items: - description: ContainerState holds a possible state of container. - Only one of its members may be specified. If none of them - is specified, the default one is ContainerStateWaiting. - properties: - running: - description: Details about a running container - properties: - startedAt: - description: Time at which the container was last (re-)started - format: date-time - type: string - type: object - terminated: - description: Details about a terminated container - properties: - containerID: - description: Container's ID in the format 'docker://' - type: string - exitCode: - description: Exit status from the last termination of - the container - format: int32 - type: integer - finishedAt: - description: Time at which the container last terminated - format: date-time - type: string - message: - description: Message regarding the last termination - of the container - type: string - reason: - description: (brief) reason from the last termination - of the container - type: string - signal: - description: Signal from the last termination of the - container - format: int32 - type: integer - startedAt: - description: Time at which previous execution of the - container started - format: date-time - type: string - required: - - exitCode - type: object - waiting: - description: Details about a waiting container - properties: - message: - description: Message regarding why the container is - not yet running. - type: string - reason: - description: (brief) reason the container is not yet - running. - type: string - type: object - type: object - type: array - status: - description: DaemonSetStatus represents the current status of - a daemon set. + type: object + repository: + description: The image repository. + type: string + serviceCIDR: + description: The service CIDR. + type: string + serviceDiscoveryEnabled: + description: Enable support for Service Discovery (Lighthouse). + type: boolean + clustersetIPEnabled: + description: Enable ClustersetIP default for services exported on this + cluster. + type: boolean + tolerations: + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . properties: - collisionCount: - description: Count of hash collisions for the DaemonSet. The - DaemonSet controller uses this field as a collision avoidance - mechanism when it needs to create the name for the newest - ControllerRevision. - format: int32 - type: integer - conditions: - description: Represents the latest available observations - of a DaemonSet's current state. - items: - description: DaemonSetCondition describes the state of a - DaemonSet at a certain point. - properties: - lastTransitionTime: - description: Last time the condition transitioned from - one status to another. - format: date-time - type: string - message: - description: A human readable message indicating details - about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, - Unknown. - type: string - type: - description: Type of DaemonSet condition. - type: string - required: - - status - - type - type: object - type: array - currentNumberScheduled: - description: 'The number of nodes that are running at least - 1 daemon pod and are supposed to run the daemon pod. More - info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' - format: int32 - type: integer - desiredNumberScheduled: - description: 'The total number of nodes that should be running - the daemon pod (including nodes correctly running the daemon - pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' - format: int32 - type: integer - numberAvailable: - description: The number of nodes that should be running the - daemon pod and have one or more of the daemon pod running - and available (ready for at least spec.minReadySeconds) - format: int32 - type: integer - numberMisscheduled: - description: 'The number of nodes that are running the daemon - pod, but are not supposed to run the daemon pod. More info: - https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' - format: int32 - type: integer - numberReady: - description: The number of nodes that should be running the - daemon pod and have one or more of the daemon pod running - and ready. - format: int32 - type: integer - numberUnavailable: - description: The number of nodes that should be running the - daemon pod and have none of the daemon pod running and available - (ready for at least spec.minReadySeconds) - format: int32 - type: integer - observedGeneration: - description: The most recent generation observed by the daemon - set controller. + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. format: int64 type: integer - updatedNumberScheduled: - description: The total number of nodes that are running updated - daemon pod - format: int32 - type: integer - required: - - currentNumberScheduled - - desiredNumberScheduled - - numberMisscheduled - - numberReady + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string type: object - required: - - mismatchedContainerImages - type: object - gateways: - items: + type: array + version: + description: The image tag. + type: string + required: + - broker + - brokerK8sApiServer + - brokerK8sRemoteNamespace + - ceIPSecDebug + - clusterCIDR + - clusterID + - debug + - namespace + - natEnabled + - serviceCIDR + type: object + status: + description: SubmarinerStatus defines the observed state of Submariner. + properties: + airGappedDeployment: + type: boolean + clusterCIDR: + description: The current cluster CIDR. + type: string + clusterID: + description: The current cluster ID. + type: string + clustersetIPCIDR: + description: The current clustersetIP CIDR. + type: string + colorCodes: + type: string + deploymentInfo: + description: Information about the deployment. + properties: + cloudProvider: + type: string + kubernetesType: + type: string + kubernetesTypeVersion: + type: string + kubernetesVersion: + type: string + type: object + gatewayDaemonSetStatus: + description: The status of the gateway DaemonSet. properties: - connections: + lastResourceVersion: + type: string + mismatchedContainerImages: + type: boolean + nonReadyContainerStates: items: + description: ContainerState holds a possible state of container. + Only one of its members may be specified. If none of them + is specified, the default one is ContainerStateWaiting. properties: - endpoint: + running: + description: Details about a running container properties: - backend: + startedAt: + description: Time at which the container was last (re-)started + format: date-time type: string - backend_config: - additionalProperties: - type: string - type: object - cable_name: - type: string - cluster_id: - maxLength: 63 - minLength: 1 + type: object + terminated: + description: Details about a terminated container + properties: + containerID: + description: Container's ID in the format '://' type: string - healthCheckIP: + exitCode: + description: Exit status from the last termination of + the container + format: int32 + type: integer + finishedAt: + description: Time at which the container last terminated + format: date-time type: string - hostname: + message: + description: Message regarding the last termination + of the container type: string - nat_enabled: - type: boolean - private_ip: + reason: + description: (brief) reason from the last termination + of the container type: string - public_ip: + signal: + description: Signal from the last termination of the + container + format: int32 + type: integer + startedAt: + description: Time at which previous execution of the + container started + format: date-time type: string - subnets: - items: - type: string - type: array required: - - backend - - cable_name - - cluster_id - - hostname - - nat_enabled - - private_ip - - public_ip - - subnets + - exitCode type: object - latencyRTT: - description: LatencySpec describes the round trip time - information for a packet between the gateway pods of - two clusters. + waiting: + description: Details about a waiting container properties: - average: - type: string - last: - type: string - max: - type: string - min: + message: + description: Message regarding why the container is + not yet running. type: string - stdDev: + reason: + description: (brief) reason the container is not yet + running. type: string type: object - status: - type: string - statusMessage: - type: string - usingIP: - type: string - usingNAT: - type: boolean - required: - - endpoint - - status - - statusMessage type: object type: array - haStatus: - type: string - localEndpoint: + status: + description: DaemonSetStatus represents the current status of + a daemon set. properties: - backend: - type: string - backend_config: - additionalProperties: - type: string - type: object - cable_name: - type: string - cluster_id: - maxLength: 63 - minLength: 1 - type: string - healthCheckIP: - type: string - hostname: - type: string - nat_enabled: - type: boolean - private_ip: - type: string - public_ip: - type: string - subnets: + collisionCount: + description: Count of hash collisions for the DaemonSet. The + DaemonSet controller uses this field as a collision avoidance + mechanism when it needs to create the name for the newest + ControllerRevision. + format: int32 + type: integer + conditions: + description: Represents the latest available observations + of a DaemonSet's current state. items: - type: string + description: DaemonSetCondition describes the state of a + DaemonSet at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from + one status to another. + format: date-time + type: string + message: + description: A human readable message indicating details + about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, + Unknown. + type: string + type: + description: Type of DaemonSet condition. + type: string + required: + - status + - type + type: object type: array + currentNumberScheduled: + description: 'The number of nodes that are running at least + 1 daemon pod and are supposed to run the daemon pod. More + info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' + format: int32 + type: integer + desiredNumberScheduled: + description: 'The total number of nodes that should be running + the daemon pod (including nodes correctly running the daemon + pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' + format: int32 + type: integer + numberAvailable: + description: The number of nodes that should be running the + daemon pod and have one or more of the daemon pod running + and available (ready for at least spec.minReadySeconds) + format: int32 + type: integer + numberMisscheduled: + description: 'The number of nodes that are running the daemon + pod, but are not supposed to run the daemon pod. More info: + https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' + format: int32 + type: integer + numberReady: + description: numberReady is the number of nodes that should + be running the daemon pod and have one or more of the daemon + pod running with a Ready Condition. + format: int32 + type: integer + numberUnavailable: + description: The number of nodes that should be running the + daemon pod and have none of the daemon pod running and available + (ready for at least spec.minReadySeconds) + format: int32 + type: integer + observedGeneration: + description: The most recent generation observed by the daemon + set controller. + format: int64 + type: integer + updatedNumberScheduled: + description: The total number of nodes that are running updated + daemon pod + format: int32 + type: integer required: - - backend - - cable_name - - cluster_id - - hostname - - nat_enabled - - private_ip - - public_ip - - subnets + - currentNumberScheduled + - desiredNumberScheduled + - numberMisscheduled + - numberReady type: object - statusFailure: - type: string - version: - type: string required: - - connections - - haStatus - - localEndpoint - - statusFailure - - version + - mismatchedContainerImages type: object - type: array - globalCIDR: - type: string - globalnetDaemonSetStatus: - properties: - lastResourceVersion: - type: string - mismatchedContainerImages: - type: boolean - nonReadyContainerStates: - items: - description: ContainerState holds a possible state of container. - Only one of its members may be specified. If none of them - is specified, the default one is ContainerStateWaiting. - properties: - running: - description: Details about a running container - properties: - startedAt: - description: Time at which the container was last (re-)started - format: date-time - type: string - type: object - terminated: - description: Details about a terminated container - properties: - containerID: - description: Container's ID in the format 'docker://' - type: string - exitCode: - description: Exit status from the last termination of - the container - format: int32 - type: integer - finishedAt: - description: Time at which the container last terminated - format: date-time - type: string - message: - description: Message regarding the last termination - of the container - type: string - reason: - description: (brief) reason from the last termination - of the container - type: string - signal: - description: Signal from the last termination of the - container - format: int32 - type: integer - startedAt: - description: Time at which previous execution of the - container started - format: date-time - type: string - required: - - exitCode - type: object - waiting: - description: Details about a waiting container - properties: - message: - description: Message regarding why the container is - not yet running. - type: string - reason: - description: (brief) reason the container is not yet - running. - type: string - type: object - type: object - type: array - status: - description: DaemonSetStatus represents the current status of - a daemon set. + gateways: + description: Status of the gateways in the cluster. + items: properties: - collisionCount: - description: Count of hash collisions for the DaemonSet. The - DaemonSet controller uses this field as a collision avoidance - mechanism when it needs to create the name for the newest - ControllerRevision. - format: int32 - type: integer - conditions: - description: Represents the latest available observations - of a DaemonSet's current state. + connections: items: - description: DaemonSetCondition describes the state of a - DaemonSet at a certain point. properties: - lastTransitionTime: - description: Last time the condition transitioned from - one status to another. - format: date-time - type: string - message: - description: A human readable message indicating details - about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string + endpoint: + properties: + backend: + type: string + backend_config: + additionalProperties: + type: string + type: object + cable_name: + type: string + cluster_id: + maxLength: 63 + minLength: 1 + type: string + healthCheckIP: + type: string + hostname: + type: string + nat_enabled: + type: boolean + private_ip: + type: string + public_ip: + type: string + subnets: + items: + type: string + type: array + required: + - backend + - cable_name + - cluster_id + - hostname + - nat_enabled + - private_ip + - public_ip + - subnets + type: object + latencyRTT: + description: LatencySpec describes the round trip time + information for a packet between the gateway pods of + two clusters. + properties: + average: + type: string + last: + type: string + max: + type: string + min: + type: string + stdDev: + type: string + type: object status: - description: Status of the condition, one of True, False, - Unknown. type: string - type: - description: Type of DaemonSet condition. + statusMessage: + type: string + usingIP: type: string + usingNAT: + type: boolean required: - - status - - type + - endpoint + - status + - statusMessage type: object type: array - currentNumberScheduled: - description: 'The number of nodes that are running at least + haStatus: + type: string + localEndpoint: + properties: + backend: + type: string + backend_config: + additionalProperties: + type: string + type: object + cable_name: + type: string + cluster_id: + maxLength: 63 + minLength: 1 + type: string + healthCheckIP: + type: string + hostname: + type: string + nat_enabled: + type: boolean + private_ip: + type: string + public_ip: + type: string + subnets: + items: + type: string + type: array + required: + - backend + - cable_name + - cluster_id + - hostname + - nat_enabled + - private_ip + - public_ip + - subnets + type: object + statusFailure: + type: string + version: + type: string + required: + - connections + - haStatus + - localEndpoint + - statusFailure + - version + type: object + type: array + globalCIDR: + description: The current global CIDR. + type: string + globalnetDaemonSetStatus: + description: The status of the Globalnet DaemonSet. + properties: + lastResourceVersion: + type: string + mismatchedContainerImages: + type: boolean + nonReadyContainerStates: + items: + description: ContainerState holds a possible state of container. + Only one of its members may be specified. If none of them + is specified, the default one is ContainerStateWaiting. + properties: + running: + description: Details about a running container + properties: + startedAt: + description: Time at which the container was last (re-)started + format: date-time + type: string + type: object + terminated: + description: Details about a terminated container + properties: + containerID: + description: Container's ID in the format '://' + type: string + exitCode: + description: Exit status from the last termination of + the container + format: int32 + type: integer + finishedAt: + description: Time at which the container last terminated + format: date-time + type: string + message: + description: Message regarding the last termination + of the container + type: string + reason: + description: (brief) reason from the last termination + of the container + type: string + signal: + description: Signal from the last termination of the + container + format: int32 + type: integer + startedAt: + description: Time at which previous execution of the + container started + format: date-time + type: string + required: + - exitCode + type: object + waiting: + description: Details about a waiting container + properties: + message: + description: Message regarding why the container is + not yet running. + type: string + reason: + description: (brief) reason the container is not yet + running. + type: string + type: object + type: object + type: array + status: + description: DaemonSetStatus represents the current status of + a daemon set. + properties: + collisionCount: + description: Count of hash collisions for the DaemonSet. The + DaemonSet controller uses this field as a collision avoidance + mechanism when it needs to create the name for the newest + ControllerRevision. + format: int32 + type: integer + conditions: + description: Represents the latest available observations + of a DaemonSet's current state. + items: + description: DaemonSetCondition describes the state of a + DaemonSet at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from + one status to another. + format: date-time + type: string + message: + description: A human readable message indicating details + about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, + Unknown. + type: string + type: + description: Type of DaemonSet condition. + type: string + required: + - status + - type + type: object + type: array + currentNumberScheduled: + description: 'The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' - format: int32 - type: integer - desiredNumberScheduled: - description: 'The total number of nodes that should be running + format: int32 + type: integer + desiredNumberScheduled: + description: 'The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' - format: int32 - type: integer - numberAvailable: - description: The number of nodes that should be running the - daemon pod and have one or more of the daemon pod running - and available (ready for at least spec.minReadySeconds) - format: int32 - type: integer - numberMisscheduled: - description: 'The number of nodes that are running the daemon + format: int32 + type: integer + numberAvailable: + description: The number of nodes that should be running the + daemon pod and have one or more of the daemon pod running + and available (ready for at least spec.minReadySeconds) + format: int32 + type: integer + numberMisscheduled: + description: 'The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' - format: int32 - type: integer - numberReady: - description: The number of nodes that should be running the - daemon pod and have one or more of the daemon pod running - and ready. - format: int32 - type: integer - numberUnavailable: - description: The number of nodes that should be running the - daemon pod and have none of the daemon pod running and available - (ready for at least spec.minReadySeconds) - format: int32 - type: integer - observedGeneration: - description: The most recent generation observed by the daemon - set controller. - format: int64 - type: integer - updatedNumberScheduled: - description: The total number of nodes that are running updated - daemon pod - format: int32 - type: integer - required: - - currentNumberScheduled - - desiredNumberScheduled - - numberMisscheduled - - numberReady - type: object - required: - - mismatchedContainerImages - type: object - loadBalancerStatus: - properties: - status: - description: LoadBalancerStatus represents the status of a load-balancer. - properties: - ingress: - description: Ingress is a list containing ingress points for - the load-balancer. Traffic intended for the service should - be sent to these ingress points. - items: - description: 'LoadBalancerIngress represents the status + format: int32 + type: integer + numberReady: + description: numberReady is the number of nodes that should + be running the daemon pod and have one or more of the daemon + pod running with a Ready Condition. + format: int32 + type: integer + numberUnavailable: + description: The number of nodes that should be running the + daemon pod and have none of the daemon pod running and available + (ready for at least spec.minReadySeconds) + format: int32 + type: integer + observedGeneration: + description: The most recent generation observed by the daemon + set controller. + format: int64 + type: integer + updatedNumberScheduled: + description: The total number of nodes that are running updated + daemon pod + format: int32 + type: integer + required: + - currentNumberScheduled + - desiredNumberScheduled + - numberMisscheduled + - numberReady + type: object + required: + - mismatchedContainerImages + type: object + loadBalancerStatus: + description: The status of the load balancer DaemonSet. + properties: + status: + description: LoadBalancerStatus represents the status of a load-balancer. + properties: + ingress: + description: Ingress is a list containing ingress points for + the load-balancer. Traffic intended for the service should + be sent to these ingress points. + items: + description: 'LoadBalancerIngress represents the status of a load-balancer ingress point: traffic intended for the service should be sent to an ingress point.' - properties: - hostname: - description: Hostname is set for load-balancer ingress - points that are DNS based (typically AWS load-balancers) - type: string - ip: - description: IP is set for load-balancer ingress points - that are IP based (typically GCE or OpenStack load-balancers) - type: string - type: object - type: array - type: object - type: object - natEnabled: - type: boolean - networkPlugin: - type: string - routeAgentDaemonSetStatus: - properties: - lastResourceVersion: - type: string - mismatchedContainerImages: - type: boolean - nonReadyContainerStates: - items: - description: ContainerState holds a possible state of container. - Only one of its members may be specified. If none of them - is specified, the default one is ContainerStateWaiting. - properties: - running: - description: Details about a running container - properties: - startedAt: - description: Time at which the container was last (re-)started - format: date-time - type: string - type: object - terminated: - description: Details about a terminated container - properties: - containerID: - description: Container's ID in the format 'docker://' - type: string - exitCode: - description: Exit status from the last termination of - the container - format: int32 - type: integer - finishedAt: - description: Time at which the container last terminated - format: date-time - type: string - message: - description: Message regarding the last termination - of the container - type: string - reason: - description: (brief) reason from the last termination - of the container - type: string - signal: - description: Signal from the last termination of the - container - format: int32 - type: integer - startedAt: - description: Time at which previous execution of the - container started - format: date-time - type: string - required: - - exitCode - type: object - waiting: - description: Details about a waiting container - properties: - message: - description: Message regarding why the container is - not yet running. - type: string - reason: - description: (brief) reason the container is not yet - running. - type: string - type: object + properties: + hostname: + description: Hostname is set for load-balancer ingress + points that are DNS based (typically AWS load-balancers) + type: string + ip: + description: IP is set for load-balancer ingress points + that are IP based (typically GCE or OpenStack load-balancers) + type: string + ports: + description: Ports is a list of records of service ports + If used, every port defined in the service should + have an entry in it + items: + properties: + error: + description: 'Error is to record the problem with + the service port The format of the error shall + comply with the following rules: - built-in + error values shall be specified in this file + and those shall use CamelCase names - cloud + provider specific error values must have names + that comply with the format foo.example.com/CamelCase. + --- The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)' + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + port: + description: Port is the port number of the service + port of which status is recorded here + format: int32 + type: integer + protocol: + default: TCP + description: 'Protocol is the protocol of the + service port of which status is recorded here + The supported values are: "TCP", "UDP", "SCTP"' + type: string + required: + - port + - protocol + type: object + type: array + x-kubernetes-list-type: atomic + type: object + type: array type: object - type: array - status: - description: DaemonSetStatus represents the current status of - a daemon set. - properties: - collisionCount: - description: Count of hash collisions for the DaemonSet. The - DaemonSet controller uses this field as a collision avoidance - mechanism when it needs to create the name for the newest - ControllerRevision. - format: int32 - type: integer - conditions: - description: Represents the latest available observations - of a DaemonSet's current state. - items: - description: DaemonSetCondition describes the state of a - DaemonSet at a certain point. - properties: - lastTransitionTime: - description: Last time the condition transitioned from - one status to another. - format: date-time - type: string - message: - description: A human readable message indicating details - about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, - Unknown. - type: string - type: - description: Type of DaemonSet condition. - type: string - required: - - status - - type - type: object - type: array - currentNumberScheduled: - description: 'The number of nodes that are running at least + type: object + natEnabled: + description: The current NAT status. + type: boolean + networkPlugin: + description: The current network plugin. + type: string + routeAgentDaemonSetStatus: + description: The status of the route agent DaemonSet. + properties: + lastResourceVersion: + type: string + mismatchedContainerImages: + type: boolean + nonReadyContainerStates: + items: + description: ContainerState holds a possible state of container. + Only one of its members may be specified. If none of them + is specified, the default one is ContainerStateWaiting. + properties: + running: + description: Details about a running container + properties: + startedAt: + description: Time at which the container was last (re-)started + format: date-time + type: string + type: object + terminated: + description: Details about a terminated container + properties: + containerID: + description: Container's ID in the format '://' + type: string + exitCode: + description: Exit status from the last termination of + the container + format: int32 + type: integer + finishedAt: + description: Time at which the container last terminated + format: date-time + type: string + message: + description: Message regarding the last termination + of the container + type: string + reason: + description: (brief) reason from the last termination + of the container + type: string + signal: + description: Signal from the last termination of the + container + format: int32 + type: integer + startedAt: + description: Time at which previous execution of the + container started + format: date-time + type: string + required: + - exitCode + type: object + waiting: + description: Details about a waiting container + properties: + message: + description: Message regarding why the container is + not yet running. + type: string + reason: + description: (brief) reason the container is not yet + running. + type: string + type: object + type: object + type: array + status: + description: DaemonSetStatus represents the current status of + a daemon set. + properties: + collisionCount: + description: Count of hash collisions for the DaemonSet. The + DaemonSet controller uses this field as a collision avoidance + mechanism when it needs to create the name for the newest + ControllerRevision. + format: int32 + type: integer + conditions: + description: Represents the latest available observations + of a DaemonSet's current state. + items: + description: DaemonSetCondition describes the state of a + DaemonSet at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from + one status to another. + format: date-time + type: string + message: + description: A human readable message indicating details + about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, + Unknown. + type: string + type: + description: Type of DaemonSet condition. + type: string + required: + - status + - type + type: object + type: array + currentNumberScheduled: + description: 'The number of nodes that are running at least 1 daemon pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' - format: int32 - type: integer - desiredNumberScheduled: - description: 'The total number of nodes that should be running + format: int32 + type: integer + desiredNumberScheduled: + description: 'The total number of nodes that should be running the daemon pod (including nodes correctly running the daemon pod). More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' - format: int32 - type: integer - numberAvailable: - description: The number of nodes that should be running the - daemon pod and have one or more of the daemon pod running - and available (ready for at least spec.minReadySeconds) - format: int32 - type: integer - numberMisscheduled: - description: 'The number of nodes that are running the daemon + format: int32 + type: integer + numberAvailable: + description: The number of nodes that should be running the + daemon pod and have one or more of the daemon pod running + and available (ready for at least spec.minReadySeconds) + format: int32 + type: integer + numberMisscheduled: + description: 'The number of nodes that are running the daemon pod, but are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/' - format: int32 - type: integer - numberReady: - description: The number of nodes that should be running the - daemon pod and have one or more of the daemon pod running - and ready. - format: int32 - type: integer - numberUnavailable: - description: The number of nodes that should be running the - daemon pod and have none of the daemon pod running and available - (ready for at least spec.minReadySeconds) - format: int32 - type: integer - observedGeneration: - description: The most recent generation observed by the daemon - set controller. - format: int64 - type: integer - updatedNumberScheduled: - description: The total number of nodes that are running updated - daemon pod - format: int32 - type: integer - required: - - currentNumberScheduled - - desiredNumberScheduled - - numberMisscheduled - - numberReady - type: object - required: - - mismatchedContainerImages - type: object - serviceCIDR: - type: string - required: - - clusterID - - natEnabled - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + format: int32 + type: integer + numberReady: + description: numberReady is the number of nodes that should + be running the daemon pod and have one or more of the daemon + pod running with a Ready Condition. + format: int32 + type: integer + numberUnavailable: + description: The number of nodes that should be running the + daemon pod and have none of the daemon pod running and available + (ready for at least spec.minReadySeconds) + format: int32 + type: integer + observedGeneration: + description: The most recent generation observed by the daemon + set controller. + format: int64 + type: integer + updatedNumberScheduled: + description: The total number of nodes that are running updated + daemon pod + format: int32 + type: integer + required: + - currentNumberScheduled + - desiredNumberScheduled + - numberMisscheduled + - numberReady + type: object + required: + - mismatchedContainerImages + type: object + serviceCIDR: + description: The current service CIDR. + type: string + version: + description: The image version in use by the various Submariner DaemonSets + and Deployments. + type: string + required: + - clusterID + - natEnabled + type: object + type: object + served: true + storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.12.1 name: servicediscoveries.submariner.io spec: group: submariner.io @@ -843,99 +984,144 @@ spec: singular: servicediscovery scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ServiceDiscovery is the Schema for the servicediscoveries API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ServiceDiscovery is the Schema for the servicediscoveries API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServiceDiscoverySpec defines the desired state of ServiceDiscovery - properties: - brokerK8sApiServer: - type: string - brokerK8sApiServerToken: - type: string - brokerK8sCA: - type: string - brokerK8sInsecure: - type: boolean - brokerK8sRemoteNamespace: - type: string - clusterID: - type: string - coreDNSCustomConfig: - properties: - configMapName: - type: string - namespace: - type: string - type: object - customDomains: - items: - type: string - type: array - x-kubernetes-list-type: set - debug: - type: boolean - globalnetEnabled: - type: boolean - imageOverrides: - additionalProperties: - type: string - type: object - namespace: - type: string - repository: - type: string - version: - type: string - required: - - brokerK8sApiServer - - brokerK8sApiServerToken - - brokerK8sCA - - brokerK8sRemoteNamespace - - clusterID - - debug - - namespace - type: object - status: - description: ServiceDiscoveryStatus defines the observed state of ServiceDiscovery - properties: - deploymentInfo: - properties: - cloudProvider: - type: string - kubernetesType: + type: string + metadata: + type: object + spec: + description: ServiceDiscoverySpec defines the desired state of ServiceDiscovery. + properties: + brokerK8sApiServer: + type: string + brokerK8sApiServerToken: + type: string + brokerK8sCA: + type: string + brokerK8sInsecure: + type: boolean + brokerK8sRemoteNamespace: + type: string + brokerK8sSecret: + type: string + clusterID: + type: string + clustersetIPCIDR: + type: string + coreDNSCustomConfig: + properties: + configMapName: + description: Name of the custom CoreDNS configmap. + type: string + namespace: + description: Namespace of the custom CoreDNS configmap. + type: string + type: object + customDomains: + items: type: string - kubernetesTypeVersion: + type: array + x-kubernetes-list-type: set + debug: + type: boolean + globalnetEnabled: + type: boolean + haltOnCertificateError: + type: boolean + clustersetIPEnabled: + type: boolean + imageOverrides: + additionalProperties: type: string - kubernetesVersion: + type: object + namespace: + type: string + nodeSelector: + additionalProperties: type: string - type: object - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + type: object + repository: + type: string + tolerations: + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + version: + type: string + required: + - brokerK8sApiServer + - brokerK8sRemoteNamespace + - clusterID + - debug + - namespace + type: object + status: + description: ServiceDiscoveryStatus defines the observed state of ServiceDiscovery. + properties: + deploymentInfo: + properties: + cloudProvider: + type: string + kubernetesType: + type: string + kubernetesTypeVersion: + type: string + kubernetesVersion: + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition diff --git a/submariner-operator/templates/submariner.yaml b/submariner-operator/templates/submariner.yaml index d324bf3a..13cee607 100644 --- a/submariner-operator/templates/submariner.yaml +++ b/submariner-operator/templates/submariner.yaml @@ -52,6 +52,8 @@ spec: {{- end }} serviceCIDR: "{{ .Values.submariner.serviceCidr }}" globalCIDR: "{{ .Values.submariner.globalCidr }}" + clustersetIPCIDR: "{{ .Values.submariner.clustersetIpCidr }}" + clustersetIPEnabled: {{ .Values.submariner.clustersetIpEnabled }} serviceDiscoveryEnabled: {{ .Values.submariner.serviceDiscovery }} cableDriver: {{ .Values.submariner.cableDriver }} connectionHealthCheck: diff --git a/submariner-operator/values.yaml b/submariner-operator/values.yaml index df9f988e..d4473920 100644 --- a/submariner-operator/values.yaml +++ b/submariner-operator/values.yaml @@ -5,6 +5,8 @@ submariner: clusterCidr: "" serviceCidr: "" globalCidr: "" + clustersetIpCidr: "" + clustersetIpEnabled: false loadBalancerEnabled: false natEnabled: false colorCodes: blue