From 52f8f9d08fb5286f682393195391149d6dce28a2 Mon Sep 17 00:00:00 2001 From: Mark Rossetti Date: Wed, 26 Jan 2022 14:44:22 -0800 Subject: [PATCH] Installing csi-proxy in some windows clusters Adding csi-proxy to windows-containerd dev template Moving csi-proxy addon to cluster-template-prow.yaml since that is what azure-disk/file tests use in CI Signed-off-by: Mark Rossetti --- Tiltfile | 3 ++ .../csi-proxy/csi-proxy-resource-set.yaml | 14 +++++ .../addons/windows/csi-proxy/csi-proxy.yaml | 26 +++++++++ ...mplate-machinepool-windows-containerd.yaml | 1 + .../cluster-template-windows-containerd.yaml | 1 + .../base-windows-containerd/cluster.yaml | 1 + ...ow-ci-version-windows-containerd-2022.yaml | 53 +++++++++++++++++++ .../ci/cluster-template-prow-ci-version.yaml | 53 +++++++++++++++++++ ...template-prow-machine-pool-ci-version.yaml | 1 + .../cluster-template-prow-machine-pool.yaml | 1 + templates/test/ci/cluster-template-prow.yaml | 53 +++++++++++++++++++ .../ci/patches/windows-csi-proxy-enabled.yaml | 7 +++ templates/test/ci/prow/kustomization.yaml | 5 ++ ...r-template-custom-builds-machine-pool.yaml | 1 + .../dev/cluster-template-custom-builds.yaml | 53 +++++++++++++++++++ 15 files changed, 273 insertions(+) create mode 100644 templates/addons/windows/csi-proxy/csi-proxy-resource-set.yaml create mode 100644 templates/addons/windows/csi-proxy/csi-proxy.yaml create mode 100644 templates/test/ci/patches/windows-csi-proxy-enabled.yaml diff --git a/Tiltfile b/Tiltfile index f6d8419f7b2..ff534b94f78 100644 --- a/Tiltfile +++ b/Tiltfile @@ -218,6 +218,8 @@ def create_crs(): local(kubectl_cmd + " delete configmaps calico-ipv6-addon --ignore-not-found=true") local(kubectl_cmd + " create configmap calico-ipv6-addon --from-file=templates/addons/calico-ipv6.yaml") local(kubectl_cmd + " delete configmaps flannel-windows-addon --ignore-not-found=true") + local(kubectl_cmd + " delete configmaps csi-proxy-addon --ignore-not-found=true") + local(kubectl_cmd + " create configmap csi-proxy-addon --from-file=templates/addons/windows/csi-proxy/csi-proxy.yaml") # need to set version for kube-proxy on windows. os.putenv("KUBERNETES_VERSION", settings.get("kubernetes_version", {})) @@ -227,6 +229,7 @@ def create_crs(): # set up crs local(kubectl_cmd + " apply -f templates/addons/calico-resource-set.yaml") local(kubectl_cmd + " apply -f templates/addons/flannel-resource-set.yaml") + local(kubectl_cmd + " apply -f templates/addons/windows/csi-proxy/csi-proxy-resource-set.yaml") # create flavor resources from cluster-template files in the templates directory def flavors(): diff --git a/templates/addons/windows/csi-proxy/csi-proxy-resource-set.yaml b/templates/addons/windows/csi-proxy/csi-proxy-resource-set.yaml new file mode 100644 index 00000000000..569bc60d0d7 --- /dev/null +++ b/templates/addons/windows/csi-proxy/csi-proxy-resource-set.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: csi-proxy + namespace: default +spec: + clusterSelector: + matchLabels: + csi-proxy: enabled + resources: + - kind: ConfigMap + name: csi-proxy-addon + strategy: ApplyOnce diff --git a/templates/addons/windows/csi-proxy/csi-proxy.yaml b/templates/addons/windows/csi-proxy/csi-proxy.yaml new file mode 100644 index 00000000000..9fd1b7977f2 --- /dev/null +++ b/templates/addons/windows/csi-proxy/csi-proxy.yaml @@ -0,0 +1,26 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + labels: + k8s-app: csi-proxy + name: csi-proxy + namespace: kube-system +spec: + selector: + matchLabels: + k8s-app: csi-proxy + template: + metadata: + labels: + k8s-app: csi-proxy + spec: + nodeSelector: + "kubernetes.io/os": windows + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: "NT AUTHORITY\\SYSTEM" + hostNetwork: true + containers: + - name: csi-proxy + image: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy:v1.0.2 diff --git a/templates/cluster-template-machinepool-windows-containerd.yaml b/templates/cluster-template-machinepool-windows-containerd.yaml index 9d429f87480..2fe28351f62 100644 --- a/templates/cluster-template-machinepool-windows-containerd.yaml +++ b/templates/cluster-template-machinepool-windows-containerd.yaml @@ -3,6 +3,7 @@ kind: Cluster metadata: labels: cni: calico + csi-proxy: enabled windows: enabled name: ${CLUSTER_NAME} namespace: default diff --git a/templates/cluster-template-windows-containerd.yaml b/templates/cluster-template-windows-containerd.yaml index 0cac91d6b25..fe3633ef666 100644 --- a/templates/cluster-template-windows-containerd.yaml +++ b/templates/cluster-template-windows-containerd.yaml @@ -3,6 +3,7 @@ kind: Cluster metadata: labels: cni: calico + csi-proxy: enabled windows: enabled name: ${CLUSTER_NAME} namespace: default diff --git a/templates/flavors/base-windows-containerd/cluster.yaml b/templates/flavors/base-windows-containerd/cluster.yaml index 30ae380bf90..2adf88fe0fb 100644 --- a/templates/flavors/base-windows-containerd/cluster.yaml +++ b/templates/flavors/base-windows-containerd/cluster.yaml @@ -4,4 +4,5 @@ kind: Cluster metadata: name: ${CLUSTER_NAME} labels: + csi-proxy: enabled windows: enabled diff --git a/templates/test/ci/cluster-template-prow-ci-version-windows-containerd-2022.yaml b/templates/test/ci/cluster-template-prow-ci-version-windows-containerd-2022.yaml index b13a1858e32..a0a0ffee7d1 100644 --- a/templates/test/ci/cluster-template-prow-ci-version-windows-containerd-2022.yaml +++ b/templates/test/ci/cluster-template-prow-ci-version-windows-containerd-2022.yaml @@ -4,6 +4,7 @@ metadata: labels: cni: ${CLUSTER_NAME}-calico containerd-logger: enabled + csi-proxy: enabled metrics-server: enabled name: ${CLUSTER_NAME} namespace: default @@ -545,6 +546,20 @@ spec: tenantID: ${AZURE_TENANT_ID} type: ServicePrincipal --- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: csi-proxy + namespace: default +spec: + clusterSelector: + matchLabels: + csi-proxy: enabled + resources: + - kind: ConfigMap + name: csi-proxy-addon + strategy: ApplyOnce +--- apiVersion: v1 data: kube-proxy-patch: |- @@ -3111,6 +3126,44 @@ metadata: name: cni-${CLUSTER_NAME}-calico namespace: default --- +apiVersion: v1 +data: + csi-proxy: | + apiVersion: apps/v1 + kind: DaemonSet + metadata: + labels: + k8s-app: csi-proxy + name: csi-proxy + namespace: kube-system + spec: + selector: + matchLabels: + k8s-app: csi-proxy + template: + metadata: + labels: + k8s-app: csi-proxy + spec: + nodeSelector: + "kubernetes.io/os": windows + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: "NT AUTHORITY\\SYSTEM" + hostNetwork: true + containers: + - name: csi-proxy + image: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy:v1.0.2 +kind: ConfigMap +metadata: + annotations: + note: generated + labels: + type: generated + name: csi-proxy-addon + namespace: default +--- apiVersion: addons.cluster.x-k8s.io/v1beta1 kind: ClusterResourceSet metadata: diff --git a/templates/test/ci/cluster-template-prow-ci-version.yaml b/templates/test/ci/cluster-template-prow-ci-version.yaml index ae48c049f6c..b21f0c1cff4 100644 --- a/templates/test/ci/cluster-template-prow-ci-version.yaml +++ b/templates/test/ci/cluster-template-prow-ci-version.yaml @@ -4,6 +4,7 @@ metadata: labels: cni: ${CLUSTER_NAME}-calico containerd-logger: enabled + csi-proxy: enabled metrics-server: enabled name: ${CLUSTER_NAME} namespace: default @@ -545,6 +546,20 @@ spec: tenantID: ${AZURE_TENANT_ID} type: ServicePrincipal --- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: csi-proxy + namespace: default +spec: + clusterSelector: + matchLabels: + csi-proxy: enabled + resources: + - kind: ConfigMap + name: csi-proxy-addon + strategy: ApplyOnce +--- apiVersion: v1 data: kube-proxy-patch: |- @@ -3111,6 +3126,44 @@ metadata: name: cni-${CLUSTER_NAME}-calico namespace: default --- +apiVersion: v1 +data: + csi-proxy: | + apiVersion: apps/v1 + kind: DaemonSet + metadata: + labels: + k8s-app: csi-proxy + name: csi-proxy + namespace: kube-system + spec: + selector: + matchLabels: + k8s-app: csi-proxy + template: + metadata: + labels: + k8s-app: csi-proxy + spec: + nodeSelector: + "kubernetes.io/os": windows + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: "NT AUTHORITY\\SYSTEM" + hostNetwork: true + containers: + - name: csi-proxy + image: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy:v1.0.2 +kind: ConfigMap +metadata: + annotations: + note: generated + labels: + type: generated + name: csi-proxy-addon + namespace: default +--- apiVersion: addons.cluster.x-k8s.io/v1beta1 kind: ClusterResourceSet metadata: diff --git a/templates/test/ci/cluster-template-prow-machine-pool-ci-version.yaml b/templates/test/ci/cluster-template-prow-machine-pool-ci-version.yaml index 873f5803184..5be6ded6fea 100644 --- a/templates/test/ci/cluster-template-prow-machine-pool-ci-version.yaml +++ b/templates/test/ci/cluster-template-prow-machine-pool-ci-version.yaml @@ -3,6 +3,7 @@ kind: Cluster metadata: labels: cni: ${CLUSTER_NAME}-calico + csi-proxy: enabled windows: enabled name: ${CLUSTER_NAME} namespace: default diff --git a/templates/test/ci/cluster-template-prow-machine-pool.yaml b/templates/test/ci/cluster-template-prow-machine-pool.yaml index 59dc9d5ee40..f1ac6079a2f 100644 --- a/templates/test/ci/cluster-template-prow-machine-pool.yaml +++ b/templates/test/ci/cluster-template-prow-machine-pool.yaml @@ -3,6 +3,7 @@ kind: Cluster metadata: labels: cni: ${CLUSTER_NAME}-calico + csi-proxy: enabled windows: enabled name: ${CLUSTER_NAME} namespace: default diff --git a/templates/test/ci/cluster-template-prow.yaml b/templates/test/ci/cluster-template-prow.yaml index 4dcce5b4938..a9ccbdaaebd 100644 --- a/templates/test/ci/cluster-template-prow.yaml +++ b/templates/test/ci/cluster-template-prow.yaml @@ -3,6 +3,7 @@ kind: Cluster metadata: labels: cni: ${CLUSTER_NAME}-calico + csi-proxy: enabled name: ${CLUSTER_NAME} namespace: default spec: @@ -353,6 +354,20 @@ spec: tenantID: ${AZURE_TENANT_ID} type: ServicePrincipal --- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: csi-proxy + namespace: default +spec: + clusterSelector: + matchLabels: + csi-proxy: enabled + resources: + - kind: ConfigMap + name: csi-proxy-addon + strategy: ApplyOnce +--- apiVersion: v1 data: proxy: "apiVersion: apps/v1\nkind: DaemonSet\nmetadata:\n labels:\n k8s-app: @@ -2910,3 +2925,41 @@ metadata: type: generated name: cni-${CLUSTER_NAME}-calico namespace: default +--- +apiVersion: v1 +data: + csi-proxy: | + apiVersion: apps/v1 + kind: DaemonSet + metadata: + labels: + k8s-app: csi-proxy + name: csi-proxy + namespace: kube-system + spec: + selector: + matchLabels: + k8s-app: csi-proxy + template: + metadata: + labels: + k8s-app: csi-proxy + spec: + nodeSelector: + "kubernetes.io/os": windows + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: "NT AUTHORITY\\SYSTEM" + hostNetwork: true + containers: + - name: csi-proxy + image: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy:v1.0.2 +kind: ConfigMap +metadata: + annotations: + note: generated + labels: + type: generated + name: csi-proxy-addon + namespace: default diff --git a/templates/test/ci/patches/windows-csi-proxy-enabled.yaml b/templates/test/ci/patches/windows-csi-proxy-enabled.yaml new file mode 100644 index 00000000000..81157de7b7a --- /dev/null +++ b/templates/test/ci/patches/windows-csi-proxy-enabled.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + name: ${CLUSTER_NAME} + labels: + csi-proxy: enabled diff --git a/templates/test/ci/prow/kustomization.yaml b/templates/test/ci/prow/kustomization.yaml index a74c8ea98dd..647fc1cfd0d 100644 --- a/templates/test/ci/prow/kustomization.yaml +++ b/templates/test/ci/prow/kustomization.yaml @@ -8,6 +8,7 @@ resources: - mhc.yaml - cni-resource-set.yaml - ../../../azure-cluster-identity + - ../../../addons/windows/csi-proxy/csi-proxy-resource-set.yaml patchesStrategicMerge: - ../patches/tags.yaml - ../patches/mhc.yaml @@ -17,6 +18,7 @@ patchesStrategicMerge: - ../../../azure-cluster-identity/azurecluster-identity-ref.yaml - ../../../flavors/base-windows-containerd/kubeadm-control-plane.yaml - ../patches/windows-containerd-patch.yaml + - ../patches/windows-csi-proxy-enabled.yaml patches: - target: group: bootstrap.cluster.x-k8s.io @@ -31,6 +33,9 @@ configMapGenerator: - resources=../../../addons/calico.yaml - windows-cni=../../../addons/windows/calico/calico.yaml - proxy=../../../addons/windows/calico/kube-proxy-windows.yaml + - name: csi-proxy-addon + files: + - csi-proxy=../../../addons/windows/csi-proxy/csi-proxy.yaml generatorOptions: disableNameSuffixHash: true labels: diff --git a/templates/test/dev/cluster-template-custom-builds-machine-pool.yaml b/templates/test/dev/cluster-template-custom-builds-machine-pool.yaml index 195f1043283..467a29f1794 100644 --- a/templates/test/dev/cluster-template-custom-builds-machine-pool.yaml +++ b/templates/test/dev/cluster-template-custom-builds-machine-pool.yaml @@ -3,6 +3,7 @@ kind: Cluster metadata: labels: cni: ${CLUSTER_NAME}-calico + csi-proxy: enabled windows: enabled name: ${CLUSTER_NAME} namespace: default diff --git a/templates/test/dev/cluster-template-custom-builds.yaml b/templates/test/dev/cluster-template-custom-builds.yaml index 7c35e1c8647..09829629600 100644 --- a/templates/test/dev/cluster-template-custom-builds.yaml +++ b/templates/test/dev/cluster-template-custom-builds.yaml @@ -3,6 +3,7 @@ kind: Cluster metadata: labels: cni: ${CLUSTER_NAME}-calico + csi-proxy: enabled name: ${CLUSTER_NAME} namespace: default spec: @@ -442,6 +443,20 @@ spec: tenantID: ${AZURE_TENANT_ID} type: ServicePrincipal --- +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: csi-proxy + namespace: default +spec: + clusterSelector: + matchLabels: + csi-proxy: enabled + resources: + - kind: ConfigMap + name: csi-proxy-addon + strategy: ApplyOnce +--- apiVersion: v1 data: proxy: "apiVersion: apps/v1\nkind: DaemonSet\nmetadata:\n labels:\n k8s-app: @@ -2999,3 +3014,41 @@ metadata: type: generated name: cni-${CLUSTER_NAME}-calico namespace: default +--- +apiVersion: v1 +data: + csi-proxy: | + apiVersion: apps/v1 + kind: DaemonSet + metadata: + labels: + k8s-app: csi-proxy + name: csi-proxy + namespace: kube-system + spec: + selector: + matchLabels: + k8s-app: csi-proxy + template: + metadata: + labels: + k8s-app: csi-proxy + spec: + nodeSelector: + "kubernetes.io/os": windows + securityContext: + windowsOptions: + hostProcess: true + runAsUserName: "NT AUTHORITY\\SYSTEM" + hostNetwork: true + containers: + - name: csi-proxy + image: ghcr.io/kubernetes-sigs/sig-windows/csi-proxy:v1.0.2 +kind: ConfigMap +metadata: + annotations: + note: generated + labels: + type: generated + name: csi-proxy-addon + namespace: default