Skip to content

Commit

Permalink
feat: support deploy in out-of-cluster mode (#116)
Browse files Browse the repository at this point in the history
* feat: support deploy in out-of-cluster mode

Signed-off-by: hansedong <[email protected]>

* chore: fix linting and remove unused function

* fix: prevent overwriting the test config

---------

Signed-off-by: hansedong <[email protected]>
Co-authored-by: Clément Nussbaumer <[email protected]>
  • Loading branch information
hansedong and clementnuss authored Feb 21, 2023
1 parent 04aed3a commit 3c55012
Show file tree
Hide file tree
Showing 4 changed files with 44 additions and 29 deletions.
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ require (
github.com/cespare/xxhash/v2 v2.1.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/go-logr/logr v1.2.3 // indirect
github.com/go-logr/logr v1.2.3
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.2 // indirect
Expand Down
46 changes: 19 additions & 27 deletions internal/cmd/cmd.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,16 @@ import (
"regexp"
"strings"

"go.uber.org/zap/zapcore"
"inet.af/netaddr"
clientset "k8s.io/client-go/kubernetes"

"github.com/go-logr/zapr"
"github.com/peterbourgon/ff/v3"
"github.com/postfinance/flash"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/healthz"

"github.com/go-logr/logr"
"github.com/postfinance/kubelet-csr-approver/internal/controller"
ctrlconfig "sigs.k8s.io/controller-runtime/pkg/client/config"
)

//nolint:gochecknoglobals //this vars are set on build by goreleaser
Expand All @@ -31,7 +30,8 @@ var (
// Run will start the controller with the default settings
func Run() int {
config := prepareCmdlineConfig()
_, mgr, errorCode := CreateControllerManager(config)
logger := controller.InitLogger(config)
_, mgr, errorCode := CreateControllerManager(config, logger)

if errorCode != 0 {
return errorCode
Expand All @@ -49,33 +49,25 @@ func Run() int {
}

// CreateControllerManager permits creation/customization of the controller-manager
func CreateControllerManager(config *controller.Config) (
func CreateControllerManager(config *controller.Config, logger logr.Logger) (
csrController *controller.CertificateSigningRequestReconciler,
mgr ctrl.Manager,
code int,
) {
// logger initialization
flashLogger := flash.New()
if config.LogLevel < -5 || config.LogLevel > 10 {
flashLogger.Fatal(fmt.Errorf("log level should be between -5 and 10 (included)"))
}
logger.V(0).Info("Kubelet-CSR-Approver controller starting.", "commit", commit, "ref", ref)

csrController = &controller.CertificateSigningRequestReconciler{
Config: *config,
if config.K8sConfig == nil { // when testing, this variable is already set
config.K8sConfig = ctrl.GetConfigOrDie()
}

config.LogLevel *= -1 // we inverse the level for the logging behavior between zap and logr.Logger to match
flashLogger.SetLevel(zapcore.Level(config.LogLevel))
z := zapr.NewLogger(flashLogger.Desugar())

z.V(0).Info("Kubelet-CSR-Approver controller starting.", "commit", commit, "ref", ref)

if config.RegexStr == "" {
z.V(-5).Info("the provider-spefic regex must be specified, exiting")

logger.V(-5).Info("the provider-spefic regex must be specified, exiting")
return nil, nil, 10
}

csrController = &controller.CertificateSigningRequestReconciler{
Config: *config,
}
csrController.ProviderRegexp = regexp.MustCompile(config.RegexStr).MatchString

// IP Prefixes parsing and IPSet construction
Expand All @@ -84,7 +76,7 @@ func CreateControllerManager(config *controller.Config) (
for _, ipPrefix := range strings.Split(config.IPPrefixesStr, ",") {
ipPref, err := netaddr.ParseIPPrefix(ipPrefix)
if err != nil {
z.V(-5).Info(fmt.Sprintf("Unable to parse IP prefix: %s, exiting", ipPrefix))
logger.V(-5).Info(fmt.Sprintf("Unable to parse IP prefix: %s, exiting", ipPrefix))

return nil, nil, 10
}
Expand All @@ -96,19 +88,19 @@ func CreateControllerManager(config *controller.Config) (
csrController.ProviderIPSet, err = setBuilder.IPSet()

if err != nil {
z.V(-5).Info("Unable to build the Set of valid IP addresses, exiting")
logger.V(-5).Info("Unable to build the Set of valid IP addresses, exiting")

return nil, nil, 10
}

ctrl.SetLogger(z)
ctrl.SetLogger(logger)
mgr, err = ctrl.NewManager(config.K8sConfig, ctrl.Options{
MetricsBindAddress: config.MetricsAddr,
HealthProbeBindAddress: config.ProbeAddr,
})

if err != nil {
z.Error(err, "unable to start manager")
logger.Error(err, "unable to start manager")

return nil, nil, 10
}
Expand All @@ -118,13 +110,13 @@ func CreateControllerManager(config *controller.Config) (
csrController.Scheme = mgr.GetScheme()

if err = csrController.SetupWithManager(mgr); err != nil {
z.Error(err, "unable to create controller", "controller", "CertificateSigningRequest")
logger.Error(err, "unable to create controller", "controller", "CertificateSigningRequest")

return nil, nil, 10
}

if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {
z.Error(err, "unable to set up health check")
logger.Error(err, "unable to set up health check")

return nil, nil, 10
}
Expand All @@ -134,6 +126,7 @@ func CreateControllerManager(config *controller.Config) (

func prepareCmdlineConfig() *controller.Config {
fs := flag.NewFlagSet("kubelet-csr-approver", flag.ExitOnError)
ctrlconfig.RegisterFlags(fs)

var (
logLevel = fs.Int("level", 0, "level ranges from -5 (Fatal) to 10 (Verbose)")
Expand Down Expand Up @@ -183,7 +176,6 @@ func prepareCmdlineConfig() *controller.Config {
}

config.DNSResolver = net.DefaultResolver
config.K8sConfig = ctrl.GetConfigOrDie()

return &config
}
2 changes: 1 addition & 1 deletion internal/controller/testenv_setup_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -212,7 +212,7 @@ func packageSetup() {
IPPrefixesStr: "192.168.0.0/16,fc00::/7",
}

csrCtrl, mgr, errorCode := cmd.CreateControllerManager(&testingConfig)
csrCtrl, mgr, errorCode := cmd.CreateControllerManager(&testingConfig, controller.InitLogger(&testingConfig))
csrController = csrCtrl
if errorCode != 0 {
log.Fatalf("unable to create controller-runtime manager. Error:\n%v", errorCode)
Expand Down
23 changes: 23 additions & 0 deletions internal/controller/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,14 @@ import (
"encoding/pem"
"errors"

"fmt"

"github.com/go-logr/logr"
"github.com/go-logr/zapr"
"github.com/postfinance/flash"
"go.uber.org/zap/zapcore"
capiv1 "k8s.io/api/certificates/v1"
ctrl "sigs.k8s.io/controller-runtime"
)

// Source(10/2021): https://github.com/kubernetes/kubernetes/blob/master/pkg/controller/certificates/certificate_controller_utils.go
Expand Down Expand Up @@ -58,3 +65,19 @@ func ParseCSR(pemBytes []byte) (*x509.CertificateRequest, error) {

return csr, nil
}

// InitLogger logger initialization
func InitLogger(config *Config) logr.Logger {
// logger initialization
flashLogger := flash.New()
if config.LogLevel < -5 || config.LogLevel > 10 {
flashLogger.Fatal(fmt.Errorf("log level should be between -5 and 10 (included)"))
}

config.LogLevel *= -1 // we inverse the level for the logging behavior between zap and logr.Logger to match
flashLogger.SetLevel(zapcore.Level(config.LogLevel))
logger := zapr.NewLogger(flashLogger.Desugar())
ctrl.SetLogger(logger)

return logger
}

0 comments on commit 3c55012

Please sign in to comment.