From dc1154c11f9114c3b16d8045e60880551d054c36 Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Mon, 27 Jun 2022 09:47:50 +0300 Subject: [PATCH 01/10] Add cluster indentifier(kube-system UID), and send to backend on register cluster --- cbcontainers/communication/gateway/api_gateway.go | 3 ++- cbcontainers/processors/agent_processor.go | 9 ++++++--- cbcontainers/processors/agent_processor_test.go | 2 +- controllers/cbcontainersagent_controller.go | 5 ++--- main.go | 14 +++++++++++++- 5 files changed, 24 insertions(+), 9 deletions(-) diff --git a/cbcontainers/communication/gateway/api_gateway.go b/cbcontainers/communication/gateway/api_gateway.go index 8e4e84d6..9b7b4b97 100644 --- a/cbcontainers/communication/gateway/api_gateway.go +++ b/cbcontainers/communication/gateway/api_gateway.go @@ -93,7 +93,7 @@ func (gateway *ApiGateway) getResourcePathWithAccountPath(resourceName string) s return gateway.baseUrl(fmt.Sprintf("account/%s/%s", gateway.account, resourceName)) } -func (gateway *ApiGateway) RegisterCluster() error { +func (gateway *ApiGateway) RegisterCluster(clusterIdentifier string) error { url := gateway.getResourcePathWithAccountPath("clusters") resp, err := gateway.baseRequest(). SetBody(map[string]interface{}{ @@ -101,6 +101,7 @@ func (gateway *ApiGateway) RegisterCluster() error { "components": gateway.agentComponents, "labels": gateway.clusterLabels, "inbounddefault": "allow", + "identifier": clusterIdentifier, }). Post(url) diff --git a/cbcontainers/processors/agent_processor.go b/cbcontainers/processors/agent_processor.go index c786a78e..5e8deaba 100644 --- a/cbcontainers/processors/agent_processor.go +++ b/cbcontainers/processors/agent_processor.go @@ -11,7 +11,7 @@ import ( ) type APIGateway interface { - RegisterCluster() error + RegisterCluster(clusterIdentifier string) error GetRegistrySecret() (*models.RegistrySecretValues, error) GetCompatibilityMatrixEntryFor(operatorVersion string) (*models.OperatorCompatibility, error) } @@ -34,14 +34,17 @@ type AgentProcessor struct { lastProcessedObject *cbcontainersv1.CBContainersAgent log logr.Logger + + clusterIdentifier string } -func NewAgentProcessor(log logr.Logger, clusterRegistrarCreator APIGatewayCreator, operatorVersionProvider OperatorVersionProvider) *AgentProcessor { +func NewAgentProcessor(log logr.Logger, clusterRegistrarCreator APIGatewayCreator, operatorVersionProvider OperatorVersionProvider, clusterIdentifier string) *AgentProcessor { return &AgentProcessor{ gatewayCreator: clusterRegistrarCreator, lastProcessedObject: nil, operatorVersionProvider: operatorVersionProvider, log: log, + clusterIdentifier: clusterIdentifier, } } @@ -88,7 +91,7 @@ func (processor *AgentProcessor) initializeIfNeeded(cbContainersCluster *cbconta } processor.log.Info("Calling register cluster") - if err := gateway.RegisterCluster(); err != nil { + if err := gateway.RegisterCluster(processor.clusterIdentifier); err != nil { return err } diff --git a/cbcontainers/processors/agent_processor_test.go b/cbcontainers/processors/agent_processor_test.go index 99565bfd..a48335f0 100644 --- a/cbcontainers/processors/agent_processor_test.go +++ b/cbcontainers/processors/agent_processor_test.go @@ -37,7 +37,7 @@ func testClusterProcessor(t *testing.T, setupAndAssert SetupAndAssertClusterProc operatorVersionProviderMock: mocks.NewMockOperatorVersionProvider(ctrl), } - processor := processors.NewAgentProcessor(logrTesting.NewTestLogger(t), mocksObjects.gatewayCreatorMock, mocksObjects.operatorVersionProviderMock) + processor := processors.NewAgentProcessor(logrTesting.NewTestLogger(t), mocksObjects.gatewayCreatorMock, mocksObjects.operatorVersionProviderMock, "mockIdentifier") setupAndAssert(mocksObjects, processor) } diff --git a/controllers/cbcontainersagent_controller.go b/controllers/cbcontainersagent_controller.go index c2469609..3121f7cd 100644 --- a/controllers/cbcontainersagent_controller.go +++ b/controllers/cbcontainersagent_controller.go @@ -47,9 +47,8 @@ type AgentProcessor interface { type CBContainersAgentController struct { client.Client - Log logr.Logger - Scheme *runtime.Scheme - + Log logr.Logger + Scheme *runtime.Scheme ClusterProcessor AgentProcessor StateApplier StateApplier K8sVersion string diff --git a/main.go b/main.go index c1e86235..48b20e2b 100644 --- a/main.go +++ b/main.go @@ -39,6 +39,7 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" @@ -91,6 +92,17 @@ func main() { os.Exit(1) } + setupLog.Info("Getting Cluster Identifyer: kube-system uid") + mgrClient := mgr.GetClient() + namespace := &coreV1.Namespace{} + err = mgrClient.Get(context.Background(), + client.ObjectKey{Namespace: "kube-system"}, namespace) + if err != nil { + setupLog.Error(err, "unable to get the kube-system namespace") + os.Exit(1) + } + clusterIdentifier := string(namespace.UID) + setupLog.Info("Getting Nodes list") nodesList := &coreV1.NodeList{} if err := mgr.GetAPIReader().List(context.Background(), nodesList); err != nil || nodesList.Items == nil || len(nodesList.Items) < 1 { @@ -106,7 +118,7 @@ func main() { Log: cbContainersAgentLogger, Scheme: mgr.GetScheme(), K8sVersion: k8sVersion, - ClusterProcessor: processors.NewAgentProcessor(cbContainersAgentLogger, processors.NewDefaultGatewayCreator(), operator.NewEnvVersionProvider()), + ClusterProcessor: processors.NewAgentProcessor(cbContainersAgentLogger, processors.NewDefaultGatewayCreator(), operator.NewEnvVersionProvider(), clusterIdentifier), StateApplier: state.NewStateApplier(agent_applyment.NewAgentComponent(applyment.NewComponentApplier(mgr.GetClient())), k8sVersion, certificatesUtils.NewCertificateCreator(), cbContainersAgentLogger), }).SetupWithManager(mgr); err != nil { setupLog.Error(err, "unable to create controller", "controller", "CBContainersAgent") From f9b60193be64368f3459f452ab6676bd668c4f86 Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Tue, 28 Jun 2022 15:37:51 +0300 Subject: [PATCH 02/10] fix agent processor tests --- cbcontainers/processors/agent_processor_test.go | 12 +++++++----- cbcontainers/processors/mocks/mock_api_gateway.go | 8 ++++---- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/cbcontainers/processors/agent_processor_test.go b/cbcontainers/processors/agent_processor_test.go index a48335f0..cec857a1 100644 --- a/cbcontainers/processors/agent_processor_test.go +++ b/cbcontainers/processors/agent_processor_test.go @@ -27,6 +27,8 @@ var ( AccessToken = test_utils.RandomString() ) +const mockIdentifier string = "00000000-0000-0000-0000-000000000000" + func testClusterProcessor(t *testing.T, setupAndAssert SetupAndAssertClusterProcessorTest) { ctrl := gomock.NewController(t) defer ctrl.Finish() @@ -37,7 +39,7 @@ func testClusterProcessor(t *testing.T, setupAndAssert SetupAndAssertClusterProc operatorVersionProviderMock: mocks.NewMockOperatorVersionProvider(ctrl), } - processor := processors.NewAgentProcessor(logrTesting.NewTestLogger(t), mocksObjects.gatewayCreatorMock, mocksObjects.operatorVersionProviderMock, "mockIdentifier") + processor := processors.NewAgentProcessor(logrTesting.NewTestLogger(t), mocksObjects.gatewayCreatorMock, mocksObjects.operatorVersionProviderMock, mockIdentifier) setupAndAssert(mocksObjects, processor) } @@ -46,7 +48,7 @@ func setupValidMocksCalls(testMocks *ClusterProcessorTestMocks, times int) { testMocks.gatewayMock.EXPECT().GetRegistrySecret().DoAndReturn(func() (*models.RegistrySecretValues, error) { return &models.RegistrySecretValues{Data: map[string][]byte{test_utils.RandomString(): {}}}, nil }).Times(times) - testMocks.gatewayMock.EXPECT().RegisterCluster().Return(nil).Times(times) + testMocks.gatewayMock.EXPECT().RegisterCluster(mockIdentifier).Return(nil).Times(times) // this will skip the compatibility check // for all tests that do not explicitly test that testMocks.operatorVersionProviderMock.EXPECT().GetOperatorVersion().Return("", operator.ErrNotSemVer).AnyTimes() @@ -99,7 +101,7 @@ func TestProcessorReturnsErrorWhenCanNotRegisterCluster(t *testing.T) { clusterCR := &cbcontainersv1.CBContainersAgent{Spec: cbcontainersv1.CBContainersAgentSpec{Account: test_utils.RandomString(), ClusterName: test_utils.RandomString()}} testMocks.gatewayCreatorMock.EXPECT().CreateGateway(gomock.Any(), gomock.Any()).Return(testMocks.gatewayMock, nil) testMocks.gatewayMock.EXPECT().GetRegistrySecret().Return(&models.RegistrySecretValues{}, nil) - testMocks.gatewayMock.EXPECT().RegisterCluster().Return(fmt.Errorf("")) + testMocks.gatewayMock.EXPECT().RegisterCluster(mockIdentifier).Return(fmt.Errorf("")) _, err := processor.Process(clusterCR, AccessToken) require.Error(t, err) }) @@ -110,7 +112,7 @@ func TestProcessorReturnsErrorWhenOperatorVersionProviderReturnsUnknownError(t * clusterCR := &cbcontainersv1.CBContainersAgent{Spec: cbcontainersv1.CBContainersAgentSpec{Account: test_utils.RandomString(), ClusterName: test_utils.RandomString()}} testMocks.gatewayCreatorMock.EXPECT().CreateGateway(gomock.Any(), gomock.Any()).Return(testMocks.gatewayMock, nil) testMocks.gatewayMock.EXPECT().GetRegistrySecret().Return(&models.RegistrySecretValues{}, nil) - testMocks.gatewayMock.EXPECT().RegisterCluster().Return(nil) + testMocks.gatewayMock.EXPECT().RegisterCluster(mockIdentifier).Return(nil) testMocks.operatorVersionProviderMock.EXPECT().GetOperatorVersion().Return("", fmt.Errorf("intentional unknown error")) _, err := processor.Process(clusterCR, AccessToken) require.Error(t, err) @@ -171,7 +173,7 @@ func TestCheckCompatibilityCompatibleVersions(t *testing.T) { clusterCR := &cbcontainersv1.CBContainersAgent{Spec: cbcontainersv1.CBContainersAgentSpec{Version: "1.0.0", Account: test_utils.RandomString(), ClusterName: test_utils.RandomString()}} testMocks.gatewayCreatorMock.EXPECT().CreateGateway(gomock.Any(), gomock.Any()).Return(testMocks.gatewayMock, nil) testMocks.gatewayMock.EXPECT().GetRegistrySecret().Return(&models.RegistrySecretValues{}, nil) - testMocks.gatewayMock.EXPECT().RegisterCluster().Return(nil) + testMocks.gatewayMock.EXPECT().RegisterCluster(mockIdentifier).Return(nil) testCase.setup(testMocks) values, err := processor.Process(clusterCR, AccessToken) diff --git a/cbcontainers/processors/mocks/mock_api_gateway.go b/cbcontainers/processors/mocks/mock_api_gateway.go index 78d68f0e..d4cf2a7d 100644 --- a/cbcontainers/processors/mocks/mock_api_gateway.go +++ b/cbcontainers/processors/mocks/mock_api_gateway.go @@ -65,15 +65,15 @@ func (mr *MockAPIGatewayMockRecorder) GetRegistrySecret() *gomock.Call { } // RegisterCluster mocks base method. -func (m *MockAPIGateway) RegisterCluster() error { +func (m *MockAPIGateway) RegisterCluster(arg0 string) error { m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "RegisterCluster") + ret := m.ctrl.Call(m, "RegisterCluster", arg0) ret0, _ := ret[0].(error) return ret0 } // RegisterCluster indicates an expected call of RegisterCluster. -func (mr *MockAPIGatewayMockRecorder) RegisterCluster() *gomock.Call { +func (mr *MockAPIGatewayMockRecorder) RegisterCluster(arg0 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RegisterCluster", reflect.TypeOf((*MockAPIGateway)(nil).RegisterCluster)) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RegisterCluster", reflect.TypeOf((*MockAPIGateway)(nil).RegisterCluster), arg0) } From 619ef608bd582393b8b25d9ed5c84424cf549776 Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Thu, 30 Jun 2022 09:49:46 +0300 Subject: [PATCH 03/10] update kustomize version in order to suppport m1 macs --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 26b1f7f0..be964fb9 100644 --- a/Makefile +++ b/Makefile @@ -206,7 +206,7 @@ CONTROLLER_GEN_OLD ?= $(LOCALBINOLD)/controller-gen ENVTEST ?= $(LOCALBIN)/setup-envtest ## Tool Versions -KUSTOMIZE_VERSION ?= v3.8.7 +KUSTOMIZE_VERSION ?= v4.5.5 CONTROLLER_TOOLS_VERSION ?= v0.9.0 CONTROLLER_TOOLS_OLD_VERSION ?= v0.6.2 From 7bb2311bac410b18c8c2f50986947b8ae7e3ee21 Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Thu, 30 Jun 2022 10:41:28 +0300 Subject: [PATCH 04/10] fix getting the namespace: use a different k8s client, and add permission for getting namespaces --- config/rbac/role.yaml | 6 ++++ controllers/cbcontainersagent_controller.go | 1 + main.go | 36 ++++++++++++++------- 3 files changed, 32 insertions(+), 11 deletions(-) diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index eb8a2b62..6e6f84c5 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -41,6 +41,12 @@ rules: - patch - update - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get - apiGroups: - "" resources: diff --git a/controllers/cbcontainersagent_controller.go b/controllers/cbcontainersagent_controller.go index 3121f7cd..ef5467d0 100644 --- a/controllers/cbcontainersagent_controller.go +++ b/controllers/cbcontainersagent_controller.go @@ -79,6 +79,7 @@ func (r *CBContainersAgentController) getContainersAgentObject(ctx context.Conte // +kubebuilder:rbac:groups={apps,core},resources={deployments,services,daemonsets},verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=admissionregistration.k8s.io,resources={validatingwebhookconfigurations,mutatingwebhookconfigurations},verbs=* // +kubebuilder:rbac:groups={core},resources={nodes},verbs=list +// +kubebuilder:rbac:groups={core},resources={namespaces},verbs=get // +kubebuilder:rbac:groups={policy},resources={podsecuritypolicies},verbs=use,resourceNames={cbcontainers-manager-psp} func (r *CBContainersAgentController) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { diff --git a/main.go b/main.go index 48b20e2b..bdd1acac 100644 --- a/main.go +++ b/main.go @@ -20,12 +20,14 @@ import ( "context" "flag" "fmt" - "os" - "github.com/vmware/cbcontainers-operator/cbcontainers/state" "github.com/vmware/cbcontainers-operator/cbcontainers/state/agent_applyment" "github.com/vmware/cbcontainers-operator/cbcontainers/state/applyment" "github.com/vmware/cbcontainers-operator/cbcontainers/state/operator" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/rest" + "os" coreV1 "k8s.io/api/core/v1" @@ -39,14 +41,13 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" operatorcontainerscarbonblackiov1 "github.com/vmware/cbcontainers-operator/api/v1" certificatesUtils "github.com/vmware/cbcontainers-operator/cbcontainers/utils/certificates" "github.com/vmware/cbcontainers-operator/controllers" - // +kubebuilder:scaffold:imports ) var ( @@ -54,6 +55,8 @@ var ( setupLog = ctrl.Log.WithName("setup") ) +const NamespaceIdentifier = "kube-system" + func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) @@ -92,16 +95,27 @@ func main() { os.Exit(1) } - setupLog.Info("Getting Cluster Identifyer: kube-system uid") - mgrClient := mgr.GetClient() - namespace := &coreV1.Namespace{} - err = mgrClient.Get(context.Background(), - client.ObjectKey{Namespace: "kube-system"}, namespace) + setupLog.Info(fmt.Sprintf("Getting Cluster Identifier: %v uid", NamespaceIdentifier)) + config, err := rest.InClusterConfig() if err != nil { - setupLog.Error(err, "unable to get the kube-system namespace") + setupLog.Error(err, "unable to get the in cluster rest config") os.Exit(1) } - clusterIdentifier := string(namespace.UID) + // creates the clientset + client, err := kubernetes.NewForConfig(config) + if err != nil { + setupLog.Error(err, "unable to create the client") + os.Exit(1) + } + + kubeSystem, err := client.CoreV1().Namespaces().Get(context.TODO(), NamespaceIdentifier, metav1.GetOptions{}) + if err != nil { + setupLog.Error(err, fmt.Sprintf("unable to get the %v namespace", NamespaceIdentifier)) + os.Exit(1) + } + clusterIdentifier := string(kubeSystem.UID) + + setupLog.Info(fmt.Sprintf("Cluster Identifier: %v", clusterIdentifier)) setupLog.Info("Getting Nodes list") nodesList := &coreV1.NodeList{} From dfe69869878deb6b6e1dc0f76f2d7f98a2b4d461 Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Sun, 3 Jul 2022 14:27:27 +0300 Subject: [PATCH 05/10] update api to managment --- .../communication/gateway/api_gateway.go | 22 ++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/cbcontainers/communication/gateway/api_gateway.go b/cbcontainers/communication/gateway/api_gateway.go index 9b7b4b97..2eff48c1 100644 --- a/cbcontainers/communication/gateway/api_gateway.go +++ b/cbcontainers/communication/gateway/api_gateway.go @@ -6,6 +6,7 @@ import ( "errors" "fmt" "net/http" + "strings" "github.com/go-resty/resty/v2" "github.com/vmware/cbcontainers-operator/cbcontainers/models" @@ -90,14 +91,29 @@ func (gateway *ApiGateway) baseRequestWithRetries() *resty.Request { } func (gateway *ApiGateway) getResourcePathWithAccountPath(resourceName string) string { - return gateway.baseUrl(fmt.Sprintf("account/%s/%s", gateway.account, resourceName)) + return gateway.baseUrl(fmt.Sprintf("management/%v", resourceName)) } +func (gateway *ApiGateway) SplitToGroupAndMember() (string, string, error) { + parts := strings.Split(gateway.cluster, ":") + if len(parts) != 2 { + return "", "", fmt.Errorf("cluster name '%v' is not in group:member format with two parts", gateway.cluster) + } + + return parts[0], parts[1], nil +} func (gateway *ApiGateway) RegisterCluster(clusterIdentifier string) error { url := gateway.getResourcePathWithAccountPath("clusters") + + group, member, err := gateway.SplitToGroupAndMember() + if err != nil { + return err + } + resp, err := gateway.baseRequest(). SetBody(map[string]interface{}{ - "name": gateway.cluster, + "group": group, + "member": member, "components": gateway.agentComponents, "labels": gateway.clusterLabels, "inbounddefault": "allow", @@ -115,7 +131,7 @@ func (gateway *ApiGateway) RegisterCluster(clusterIdentifier string) error { } func (gateway *ApiGateway) GetRegistrySecret() (*models.RegistrySecretValues, error) { - url := gateway.getResourcePathWithAccountPath("registrySecret") + url := gateway.getResourcePathWithAccountPath("registry_secret") resp, err := gateway.baseRequest(). SetResult(&models.RegistrySecretValues{}). From e803c316da6261e210d95a9a73a9f2aa405c2a34 Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Tue, 5 Jul 2022 13:51:51 +0300 Subject: [PATCH 06/10] remove kustomize before install --- Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile b/Makefile index be964fb9..67970768 100644 --- a/Makefile +++ b/Makefile @@ -211,9 +211,11 @@ CONTROLLER_TOOLS_VERSION ?= v0.9.0 CONTROLLER_TOOLS_OLD_VERSION ?= v0.6.2 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" + .PHONY: kustomize kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. $(KUSTOMIZE): $(LOCALBIN) + rm -f $(KUSTOMIZE) curl -s $(KUSTOMIZE_INSTALL_SCRIPT) | bash -s -- $(subst v,,$(KUSTOMIZE_VERSION)) $(LOCALBIN) .PHONY: controller-gen From e342c06bbb27b581160e79bba56536ab0f827ee6 Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Tue, 5 Jul 2022 16:22:48 +0300 Subject: [PATCH 07/10] bring back mistakenly removed setting --- main.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/main.go b/main.go index bdd1acac..7895c832 100644 --- a/main.go +++ b/main.go @@ -48,6 +48,7 @@ import ( operatorcontainerscarbonblackiov1 "github.com/vmware/cbcontainers-operator/api/v1" certificatesUtils "github.com/vmware/cbcontainers-operator/cbcontainers/utils/certificates" "github.com/vmware/cbcontainers-operator/controllers" + // +kubebuilder:scaffold:imports ) var ( @@ -95,7 +96,7 @@ func main() { os.Exit(1) } - setupLog.Info(fmt.Sprintf("Getting Cluster Identifier: %v uid", NamespaceIdentifier)) + setupLog.Info(fmt.Sprintf("Getting Cluster Identifier: %v uid", x)) config, err := rest.InClusterConfig() if err != nil { setupLog.Error(err, "unable to get the in cluster rest config") From a07ad9251a21ad7190390f2e0dd2e89cd4789f1d Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Tue, 5 Jul 2022 17:07:49 +0300 Subject: [PATCH 08/10] downgrade kustomize --- Makefile | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 67970768..26b1f7f0 100644 --- a/Makefile +++ b/Makefile @@ -206,16 +206,14 @@ CONTROLLER_GEN_OLD ?= $(LOCALBINOLD)/controller-gen ENVTEST ?= $(LOCALBIN)/setup-envtest ## Tool Versions -KUSTOMIZE_VERSION ?= v4.5.5 +KUSTOMIZE_VERSION ?= v3.8.7 CONTROLLER_TOOLS_VERSION ?= v0.9.0 CONTROLLER_TOOLS_OLD_VERSION ?= v0.6.2 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" - .PHONY: kustomize kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. $(KUSTOMIZE): $(LOCALBIN) - rm -f $(KUSTOMIZE) curl -s $(KUSTOMIZE_INSTALL_SCRIPT) | bash -s -- $(subst v,,$(KUSTOMIZE_VERSION)) $(LOCALBIN) .PHONY: controller-gen From 0bfa2d7112d1ddf960a54c16b74bd2d29231f180 Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Tue, 5 Jul 2022 22:11:50 +0300 Subject: [PATCH 09/10] fix complition typo --- main.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/main.go b/main.go index 7895c832..1c87d7e7 100644 --- a/main.go +++ b/main.go @@ -28,6 +28,7 @@ import ( "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" "os" + "sigs.k8s.io/controller-runtime/pkg/log/zap" coreV1 "k8s.io/api/core/v1" @@ -42,12 +43,10 @@ import ( clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/healthz" - "sigs.k8s.io/controller-runtime/pkg/log/zap" - operatorcontainerscarbonblackiov1 "github.com/vmware/cbcontainers-operator/api/v1" certificatesUtils "github.com/vmware/cbcontainers-operator/cbcontainers/utils/certificates" "github.com/vmware/cbcontainers-operator/controllers" + "sigs.k8s.io/controller-runtime/pkg/healthz" // +kubebuilder:scaffold:imports ) @@ -96,7 +95,7 @@ func main() { os.Exit(1) } - setupLog.Info(fmt.Sprintf("Getting Cluster Identifier: %v uid", x)) + setupLog.Info(fmt.Sprintf("Getting Cluster Identifier: %v uid", NamespaceIdentifier)) config, err := rest.InClusterConfig() if err != nil { setupLog.Error(err, "unable to get the in cluster rest config") From d01276ea39f29d2b6a8c16899fb9c3b591e884e9 Mon Sep 17 00:00:00 2001 From: Tomer Shefler Date: Thu, 7 Jul 2022 17:06:47 +0300 Subject: [PATCH 10/10] use controller k8s client, and set namespace identifier to default --- main.go | 34 ++++++++++------------------------ 1 file changed, 10 insertions(+), 24 deletions(-) diff --git a/main.go b/main.go index 1c87d7e7..7d644018 100644 --- a/main.go +++ b/main.go @@ -24,10 +24,8 @@ import ( "github.com/vmware/cbcontainers-operator/cbcontainers/state/agent_applyment" "github.com/vmware/cbcontainers-operator/cbcontainers/state/applyment" "github.com/vmware/cbcontainers-operator/cbcontainers/state/operator" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/client-go/kubernetes" - "k8s.io/client-go/rest" "os" + "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/log/zap" coreV1 "k8s.io/api/core/v1" @@ -38,14 +36,13 @@ import ( // to ensure that exec-entrypoint and run can make use of them. _ "k8s.io/client-go/plugin/pkg/client/auth" + operatorcontainerscarbonblackiov1 "github.com/vmware/cbcontainers-operator/api/v1" + certificatesUtils "github.com/vmware/cbcontainers-operator/cbcontainers/utils/certificates" + "github.com/vmware/cbcontainers-operator/controllers" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrl "sigs.k8s.io/controller-runtime" - - operatorcontainerscarbonblackiov1 "github.com/vmware/cbcontainers-operator/api/v1" - certificatesUtils "github.com/vmware/cbcontainers-operator/cbcontainers/utils/certificates" - "github.com/vmware/cbcontainers-operator/controllers" "sigs.k8s.io/controller-runtime/pkg/healthz" // +kubebuilder:scaffold:imports ) @@ -55,7 +52,7 @@ var ( setupLog = ctrl.Log.WithName("setup") ) -const NamespaceIdentifier = "kube-system" +const NamespaceIdentifier = "default" func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) @@ -96,30 +93,19 @@ func main() { } setupLog.Info(fmt.Sprintf("Getting Cluster Identifier: %v uid", NamespaceIdentifier)) - config, err := rest.InClusterConfig() - if err != nil { - setupLog.Error(err, "unable to get the in cluster rest config") - os.Exit(1) - } - // creates the clientset - client, err := kubernetes.NewForConfig(config) - if err != nil { - setupLog.Error(err, "unable to create the client") - os.Exit(1) - } - - kubeSystem, err := client.CoreV1().Namespaces().Get(context.TODO(), NamespaceIdentifier, metav1.GetOptions{}) - if err != nil { + namespace := &coreV1.Namespace{} + apiReader := mgr.GetAPIReader() + if err = apiReader.Get(context.Background(), client.ObjectKey{Namespace: NamespaceIdentifier, Name: NamespaceIdentifier}, namespace); err != nil { setupLog.Error(err, fmt.Sprintf("unable to get the %v namespace", NamespaceIdentifier)) os.Exit(1) } - clusterIdentifier := string(kubeSystem.UID) + clusterIdentifier := string(namespace.UID) setupLog.Info(fmt.Sprintf("Cluster Identifier: %v", clusterIdentifier)) setupLog.Info("Getting Nodes list") nodesList := &coreV1.NodeList{} - if err := mgr.GetAPIReader().List(context.Background(), nodesList); err != nil || nodesList.Items == nil || len(nodesList.Items) < 1 { + if err := apiReader.List(context.Background(), nodesList); err != nil || nodesList.Items == nil || len(nodesList.Items) < 1 { setupLog.Error(err, "couldn't get nodes list") os.Exit(1) }