Removed certmanager dependency in favor of knative pkg. (#447)

* Removed certmanager dependency in favor of knative pkg. * Updated documentation * Removing dependency on controller-runtime in APIs * Fixed an issue where tests hang without a webhook * Fixed up tests * Increased a test timeout * Updated logging * Cleanups * More cleanups * Fixed a bug in aws label validation * PR Comments * PR comments * Adding golanglint timeout * Added boilerplate * Regenerated Release * PR comments
aws · Jun 15, 2021 · 26ef687 · 26ef687
1 parent 8c62dec
commit 26ef687
Show file tree

Hide file tree

Showing 60 changed files with 970 additions and 1,250 deletions.
diff --git a/Makefile b/Makefile
@@ -36,7 +36,7 @@ verify: ## Verify code. Includes dependencies, linting, formatting, etc
 	go mod download
 	go vet ./...
 	go fmt ./...
-	golangci-lint run
+	golangci-lint run --timeout 5m # TODO Remove this timeout
 
 licenses: ## Verifies dependency licenses and requires GITHUB_TOKEN to be set
 	go build $(GOFLAGS) -o karpenter cmd/controller/main.go
@@ -47,20 +47,26 @@ apply: ## Deploy the controller into your ~/.kube/config cluster
 		$(HELM_OPTS) \
 		--create-namespace --namespace karpenter \
 		--set controller.image=ko://github.com/awslabs/karpenter/cmd/controller \
+		--set webhook.image=ko://github.com/awslabs/karpenter/cmd/webhook \
 		| $(WITH_GOFLAGS) ko apply -B -f -
 
 delete: ## Delete the controller from your ~/.kube/config cluster
-	helm template karpenter charts/karpenter \
-		$(HELM_OPTS) \
-		--create-namespace --namespace karpenter \
-		| $(WITH_GOFLAGS) ko delete -f -
+	helm template karpenter charts/karpenter --namespace karpenter | kubectl delete -f -
 
 codegen: ## Generate code. Must be run if changes are made to ./pkg/apis/...
-	./hack/codegen.sh
+	controller-gen \
+		object:headerFile="hack/boilerplate.go.txt" \
+		crd:trivialVersions=false \
+		paths="./pkg/..." \
+		output:crd:artifacts:config=charts/karpenter/templates
+	# CRDs don't currently jive with VolatileTime, which has an Any type.
+	perl -pi -e 's/Any/string/g' charts/karpenter/templates/provisioning.karpenter.sh_provisioners.yaml
+	hack/boilerplate.sh
 
 publish: ## Generate release manifests and publish a versioned container image.
 	@aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin $(RELEASE_REPO)
 	yq e -i ".controller.image = \"$$($(WITH_RELEASE_REPO) $(WITH_GOFLAGS) ko publish -B -t $(RELEASE_VERSION) --platform all ./cmd/controller)\"" ./charts/karpenter/values.yaml
+	yq e -i ".webhook.image = \"$$($(WITH_RELEASE_REPO) $(WITH_GOFLAGS) ko publish -B -t $(RELEASE_VERSION) --platform all ./cmd/webhook)\"" ./charts/karpenter/values.yaml
 	yq e -i '.version = "$(RELEASE_VERSION)"' ./charts/karpenter/Chart.yaml
 
 helm:  ## Generate Helm Chart

diff --git a/charts/index.yaml b/charts/index.yaml
@@ -2,7 +2,16 @@ apiVersion: v1
 entries:
   karpenter:
   - apiVersion: v2
-    created: "2021-05-21T15:56:21.085919-07:00"
+    created: "2021-06-15T10:24:11.816117-07:00"
+    description: A Helm chart for https://github.com/awslabs/karpenter/.
+    digest: dc09c07c65fcced21ab62b4e5d35364b5fdd86961f84f03e37f40c7bfe0ab0dd
+    name: karpenter
+    type: application
+    urls:
+    - karpenter-v0.2.6.tgz
+    version: v0.2.6
+  - apiVersion: v2
+    created: "2021-06-15T10:24:11.814718-07:00"
     description: A Helm chart for https://github.com/awslabs/karpenter/.
     digest: 208d0c14d2cdbc8c387dc92a473b625f905e829486edd5fd007eb56c9f896682
     name: karpenter
@@ -11,7 +20,16 @@ entries:
     - karpenter-v0.2.5.tgz
     version: v0.2.5
   - apiVersion: v2
-    created: "2021-05-21T15:56:21.085515-07:00"
+    created: "2021-06-15T10:24:11.813779-07:00"
+    description: A Helm chart for https://github.com/awslabs/karpenter/.
+    digest: eec283216b0fa09f51b1f64c25dc2fb1a30991bebda572a0fdcde9fc8b64440c
+    name: karpenter
+    type: application
+    urls:
+    - karpenter-v0.2.5-27-ga322855.tgz
+    version: v0.2.5-27-ga322855
+  - apiVersion: v2
+    created: "2021-06-15T10:24:11.812934-07:00"
     description: A Helm chart for https://github.com/awslabs/karpenter/.
     digest: ed7d1d08bde38f41a6bc8a4bf93b4dd85a3b6e5f526e44324483eadc9faeea6d
     name: karpenter
@@ -20,7 +38,7 @@ entries:
     - karpenter-v0.2.4.tgz
     version: v0.2.4
   - apiVersion: v2
-    created: "2021-05-21T15:56:21.084037-07:00"
+    created: "2021-06-15T10:24:11.811976-07:00"
     description: A Helm chart for https://github.com/awslabs/karpenter/.
     digest: 902bd53be060893d4bfe3c0f57ae831448aa8790930d153666429ea5472d824b
     name: karpenter
@@ -29,7 +47,7 @@ entries:
     - karpenter-v0.2.3.tgz
     version: v0.2.3
   - apiVersion: v2
-    created: "2021-05-21T15:56:21.08346-07:00"
+    created: "2021-06-15T10:24:11.81118-07:00"
     description: A Helm chart for https://github.com/awslabs/karpenter/.
     digest: 90d075cbc08871ffb56b2e530fdf304b6af32c76670fcdd299af87d3810d4651
     name: karpenter
@@ -38,7 +56,7 @@ entries:
     - karpenter-v0.2.2.tgz
     version: v0.2.2
   - apiVersion: v2
-    created: "2021-05-21T15:56:21.082888-07:00"
+    created: "2021-06-15T10:24:11.810434-07:00"
     description: A Helm chart for https://github.com/awslabs/karpenter/.
     digest: 87e161d40c65dc58a3963f17d70cc165a5bf46155f723e487486f57d209e50d1
     name: karpenter
@@ -47,7 +65,7 @@ entries:
     - karpenter-v0.2.1.tgz
     version: v0.2.1
   - apiVersion: v2
-    created: "2021-05-21T15:56:21.081508-07:00"
+    created: "2021-06-15T10:24:11.809224-07:00"
     description: A Helm chart for https://github.com/awslabs/karpenter/.
     digest: 552bdc17f5625e4696bb7419284026f4291428877092ec5d984f486a2b812d6f
     name: karpenter
@@ -56,7 +74,7 @@ entries:
     - karpenter-v0.2.0.tgz
     version: v0.2.0
   - apiVersion: v2
-    created: "2021-05-21T15:56:21.080549-07:00"
+    created: "2021-06-15T10:24:11.807977-07:00"
     description: A Helm chart for https://github.com/awslabs/karpenter/.
     digest: 1a597c415201e61576b83ee6ec3e24b99281805b3be8141b0a344c6f014d4e15
     name: karpenter
@@ -65,7 +83,7 @@ entries:
     - karpenter-v0.1.3.tgz
     version: v0.1.3
   - apiVersion: v2
-    created: "2021-05-21T15:56:21.079109-07:00"
+    created: "2021-06-15T10:24:11.806381-07:00"
     description: A Helm chart for https://github.com/awslabs/karpenter/.
     digest: 6a6753731aef19db2aae72b6bfc1535917053d87f706579e158cae98c23887b4
     name: karpenter
@@ -74,12 +92,12 @@ entries:
     - karpenter-v0.1.2.tgz
     version: v0.1.2
   - apiVersion: v2
-    created: "2021-05-21T15:56:21.078051-07:00"
+    created: "2021-06-15T10:24:11.805296-07:00"
     description: A Helm chart for https://github.com/awslabs/karpenter/.
     digest: 39685c8cbe9a757ca48721aed08b49111fef18bc2a9f67d3223f19d0706f09f7
     name: karpenter
     type: application
     urls:
     - karpenter-v0.1.1.tgz
     version: v0.1.1
-generated: "2021-05-21T15:56:21.07708-07:00"
+generated: "2021-06-15T10:24:11.804225-07:00"
diff --git a/charts/karpenter-v0.2.6.tgz b/charts/karpenter-v0.2.6.tgz
diff --git a/charts/karpenter/Chart.lock b/charts/karpenter/Chart.lock
@@ -1,9 +1,3 @@
-dependencies:
-- name: cert-manager
-  repository: https://charts.jetstack.io
-  version: v1.1.0
-- name: kube-prometheus-stack
-  repository: https://prometheus-community.github.io/helm-charts
-  version: 12.3.0
+dependencies: []
 digest: sha256:5595919ac269b4105dd65d20eb27cb271b8976c1d10903e0b504d349df30f017
 generated: "2020-12-02T11:48:25.741819-08:00"
diff --git a/charts/karpenter/Chart.yaml b/charts/karpenter/Chart.yaml
@@ -2,4 +2,4 @@ apiVersion: v2
 name: karpenter
 description: A Helm chart for https://github.com/awslabs/karpenter/.
 type: application
-version: v0.2.5
+version: v0.2.5-27-ga322855
diff --git a/charts/karpenter/templates/cert-manager.yaml b/charts/karpenter/templates/cert-manager.yaml
diff --git a/charts/karpenter/templates/controller.yaml → ...nter/templates/controller/deployment.yaml b/charts/karpenter/templates/controller.yaml → ...nter/templates/controller/deployment.yaml
@@ -1,60 +1,33 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: karpenter-webhook-service
+  name: karpenter-metrics
   namespace: {{ .Release.Namespace }}
-  labels:
-    control-plane: karpenter
 spec:
   ports:
-    - port: 443
-      targetPort: webhook
-  selector:
-    control-plane: karpenter
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: karpenter-metrics-service
-  namespace: {{ .Release.Namespace }}
-  labels:
-    control-plane: karpenter
-spec:
-  ports:
-    - name: http
-      port: 8080
+    - port: 8080
       targetPort: metrics
   selector:
-    control-plane: karpenter
----
-apiVersion: scheduling.k8s.io/v1
-kind: PriorityClass
-metadata:
-  name: karpenter-high-priority
-value: 1000000
-globalDefault: false
-
+    karpenter: controller
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: karpenter
+  name: karpenter-controller
   namespace: {{ .Release.Namespace }}
-  labels:
-    control-plane: karpenter
 spec:
   replicas: 1
   strategy:
     type: Recreate
   selector:
     matchLabels:
-      control-plane: karpenter
+      karpenter: controller
   template:
     metadata:
       labels:
-        control-plane: karpenter
+        karpenter: controller
     spec:
-      priorityClassName: karpenter-high-priority
+      priorityClassName: system-cluster-critical
       serviceAccountName: {{ .Values.serviceAccount.name }}
       containers:
         - name: manager
@@ -67,8 +40,6 @@ spec:
               cpu: 1
               memory: 1Gi
           ports:
-            - name: webhook
-              containerPort: 9443
             - name: metrics
               containerPort: 8080
             - name: health-probe
@@ -77,10 +48,6 @@ spec:
             httpGet:
               path: /healthz
               port: 8081
-          volumeMounts:
-            - mountPath: /tmp/k8s-webhook-server/serving-certs
-              name: cert
-              readOnly: true
           env:
           {{- with .Values.controller.env }}
           {{- toYaml . | nindent 10 }}
@@ -100,8 +67,3 @@ spec:
       tolerations:
         {{- toYaml . | nindent 8 }}
       {{- end }}
-      volumes:
-        - name: cert
-          secret:
-            defaultMode: 420
-            secretName: karpenter-webhook-server-cert
diff --git a/charts/karpenter/templates/rbac.yaml → .../karpenter/templates/controller/rbac.yaml b/charts/karpenter/templates/rbac.yaml → .../karpenter/templates/controller/rbac.yaml
@@ -1,23 +1,11 @@
-{{- if .Values.serviceAccount.create }}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ .Values.serviceAccount.name }}
-  namespace: {{ .Release.Namespace }}
-  {{- with .Values.serviceAccount.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-{{- end }}
----
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: karpenter
+  name: karpenter-controller
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: karpenter
+  name: karpenter-controller
 subjects:
 - kind: ServiceAccount
   name: {{ .Values.serviceAccount.name }}
@@ -26,12 +14,12 @@ subjects:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: karpenter-leader-election
+  name: karpenter-controller
   namespace: {{ .Release.Namespace }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: karpenter-leader-election
+  name: karpenter-controller
 subjects:
 - kind: ServiceAccount
   name: {{ .Values.serviceAccount.name }}
@@ -40,7 +28,7 @@ subjects:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: karpenter-leader-election
+  name: karpenter-controller
   namespace: {{ .Release.Namespace }}
 rules:
 - apiGroups:
@@ -73,7 +61,7 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: karpenter
+  name: karpenter-controller
 rules:
 - apiGroups:
   - provisioning.karpenter.sh

diff --git a/charts/karpenter/templates/logging.yaml b/charts/karpenter/templates/logging.yaml
@@ -0,0 +1,31 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: config-logging
+  namespace: {{ .Release.Namespace }}
+data:
+  # https://github.com/uber-go/zap/blob/aa3e73ec0896f8b066ddf668597a02f89628ee50/config.go
+  zap-logger-config: |
+    {
+      "level": "info",
+      "sampling": {
+        "initial": 100,
+        "thereafter": 100
+      },
+      "outputPaths": ["stdout"],
+      "errorOutputPaths": ["stderr"],
+      "encoding": "console",
+      "encoderConfig": {
+        "timeKey": "time",
+        "levelKey": "level",
+        "nameKey": "name",
+        "callerKey": "caller",
+        "messageKey": "message",
+        "stacktraceKey": "stacktrace",
+        "levelEncoder": "capital",
+        "timeEncoder": "iso8601",
+      }
+    }
+  # Log level overrides
+  loglevel.controller: "debug"
+  loglevel.webhook: "debug"