diff --git a/.gitignore b/.gitignore index b8cc550408..ee07ebce7f 100644 --- a/.gitignore +++ b/.gitignore @@ -13,6 +13,7 @@ tmp # Output of the go coverage tool, specifically when used with LiteIDE *.out +out # Kubernetes Generated files - skip generated files, except for vendored files diff --git a/Makefile b/Makefile index 73b5b67b4c..1fe808bcff 100644 --- a/Makefile +++ b/Makefile @@ -177,7 +177,7 @@ generate-go: $(CONTROLLER_GEN) $(MOCKGEN) ## Runs Go related generate targets generate-manifests: $(CONTROLLER_GEN) ## Generate manifests e.g. CRD, RBAC etc. $(CONTROLLER_GEN) \ paths=./api/... \ - crd:trivialVersions=true \ + crd \ output:crd:dir=$(CRD_ROOT) \ output:webhook:dir=$(WEBHOOK_ROOT) \ webhook @@ -226,6 +226,17 @@ docker-push-manifest: ## Push the fat manifest docker image. @for arch in $(ALL_ARCH); do docker manifest annotate --arch $${arch} ${CONTROLLER_IMG}:${TAG} ${CONTROLLER_IMG}-$${arch}:${TAG}; done docker manifest push --purge $(CONTROLLER_IMG):$(TAG) +.PHONY: set-manifest-image +set-manifest-image: + $(info Updating kustomize image patch file for manager resource) + sed -i'' -e 's@image: .*@image: '"${MANIFEST_IMG}:$(MANIFEST_TAG)"'@' ./config/default/manager_image_patch.yaml + + +.PHONY: set-manifest-pull-policy +set-manifest-pull-policy: + $(info Updating kustomize pull policy file for manager resource) + sed -i'' -e 's@imagePullPolicy: .*@imagePullPolicy: '"$(PULL_POLICY)"'@' ./config/default/manager_pull_policy.yaml + ## -------------------------------------- ## Release ## -------------------------------------- @@ -239,26 +250,28 @@ $(RELEASE_DIR): .PHONY: release release: clean-release ## Builds and push container images using the latest git tag for the commit. @if [ -z "${RELEASE_TAG}" ]; then echo "RELEASE_TAG is not set"; exit 1; fi - @if ! [ -z "$$(git status --porcelain)" ]; then echo "Your local git repository contains uncommitted changes, use git clean before proceeding."; exit 1; fi - git checkout "${RELEASE_TAG}" # Push the release image to the staging bucket first. REGISTRY=$(STAGING_REGISTRY) TAG=$(RELEASE_TAG) \ $(MAKE) docker-build-all docker-push-all # Set the manifest image to the production bucket. - MANIFEST_IMG=$(PROD_REGISTRY)/$(IMAGE_NAME) MANIFEST_TAG=$(RELEASE_TAG) $(MAKE) release-manifests .PHONY: release-manifests release-manifests: $(RELEASE_DIR) ## Builds the manifests to publish with a release + MANIFEST_IMG=$(PROD_REGISTRY)/$(IMAGE_NAME) MANIFEST_TAG=$(RELEASE_TAG) \ + $(MAKE) set-manifest-image + PULL_POLICY=IfNotPresent $(MAKE) set-manifest-pull-policy kustomize build config/default > $(RELEASE_DIR)/infrastructure-components.yaml .PHONY: release-staging release-staging: ## Builds and push container images to the staging bucket. - REGISTRY=$(STAGING_REGISTRY) $(MAKE) docker-build-all docker-push-all release-tag-latest + REGISTRY=$(STAGING_REGISTRY) $(MAKE) docker-build-all docker-push-all release-alias-tag + +RELEASE_ALIAS_TAG=$(shell if [ "$(PULL_BASE_REF)" = "master" ]; then echo "latest"; else echo "$(PULL_BASE_REF)"; fi) -.PHONY: release-tag-latest -release-tag-latest: ## Adds the latest tag to the last build tag. - gcloud container images add-tag $(CONTROLLER_IMG):$(TAG) $(CONTROLLER_IMG):latest +.PHONY: release-alias-tag +release-alias-tag: # Adds the tag to the last build tag. + gcloud container images add-tag $(CONTROLLER_IMG):$(TAG) $(CONTROLLER_IMG):$(RELEASE_ALIAS_TAG) ## -------------------------------------- ## Development diff --git a/RELEASE.md b/RELEASE.md index b5e5d24769..1780500efb 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -26,7 +26,9 @@ For version v0.x.y: 1. Note: `origin` should be the name of the remote pointing to `github.com/kubernetes-sigs/cluster-api-provider-openstack` 1. Run `make release` to build artifacts and push the images to the staging bucket 1. Follow the [Image Promotion process](https://github.com/kubernetes/k8s.io/tree/master/k8s.gcr.io#image-promoter) to promote the image from the staging repo to `us.gcr.io/k8s-artifacts-prod/capi-openstack` -1. Create a release (with the above mentioned release notes) in GitHub based on the tag created above +1. Create a release in GitHub based on the tag created above + 1. add the above mentioned release notes + 1. upload `out/infrastructure-components.yaml` 1. The release issue is closed 1. An announcement email is sent to `kubernetes-dev@googlegroups.com` with the subject `[ANNOUNCE] cluster-api-provider-openstack $VERSION is released` diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index b8ca8ba504..65f659d317 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -26,6 +26,7 @@ resources: patchesStrategicMerge: - manager_image_patch.yaml +- manager_pull_policy.yaml # Protect the /metrics endpoint by putting it behind auth. # Only one of manager_auth_proxy_patch.yaml and # manager_prometheus_metrics_patch.yaml should be enabled. diff --git a/config/default/manager_image_patch.yaml b/config/default/manager_image_patch.yaml index b32fc9e3ec..2a68b85fdb 100644 --- a/config/default/manager_image_patch.yaml +++ b/config/default/manager_image_patch.yaml @@ -8,5 +8,5 @@ spec: spec: containers: # Change the value of image field below to your controller image URL - - image: gcr.io/k8s-staging-capi-openstack/capi-openstack-controller:latest + - image: us.gcr.io/k8s-artifacts-prod/capi-openstack/capi-openstack-controller:v0.2.0 name: manager diff --git a/config/default/manager_pull_policy.yaml b/config/default/manager_pull_policy.yaml new file mode 100644 index 0000000000..cd7ae12c01 --- /dev/null +++ b/config/default/manager_pull_policy.yaml @@ -0,0 +1,11 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + imagePullPolicy: IfNotPresent diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index c06a9e9c3f..267f8064c2 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -29,3 +29,6 @@ spec: imagePullPolicy: Always name: manager terminationGracePeriodSeconds: 10 + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master diff --git a/docs/getting-started.md b/docs/getting-started.md index f48eb1d446..4231389781 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -9,6 +9,7 @@ - If you want to use VM, install [Minikube](https://kubernetes.io/docs/tasks/tools/install-minikube/), version 0.30.0 or greater. Also install a [driver](https://github.com/kubernetes/minikube/blob/master/docs/drivers.md). For Linux, we recommend `kvm2`. For MacOS, we recommend `VirtualBox`. - If you want to use a container, install [Kind](https://github.com/kubernetes-sigs/kind#installation-and-usage). - If you want to use an existing Kubernetes cluster, prepare a kubeconfig which for this cluster. +1. The CAPO provider requires an OS image (available in OpenStack), which is build like the ones in [image-builder](https://github.com/kubernetes-sigs/image-builder/tree/master/images/capi) ## Cluster Creation diff --git a/examples/cluster/multi-node/cluster.yaml b/examples/cluster/multi-node/cluster.yaml index 1aa32dd700..71c786693b 100644 --- a/examples/cluster/multi-node/cluster.yaml +++ b/examples/cluster/multi-node/cluster.yaml @@ -9,7 +9,7 @@ spec: services: cidrBlocks: ["10.96.0.0/12"] pods: - cidrBlocks: ["192.168.0.0/16"] + cidrBlocks: ["192.168.0.0/16"] # CIDR block used by Calico. serviceDomain: "cluster.local" infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1alpha2 @@ -40,7 +40,6 @@ spec: # * creating floating ips # * creating load balancer externalNetworkId: - managedSecurityGroups: false disablePortSecurity: true disableServerTags: true useOctavia: true diff --git a/examples/cluster/single-node/cluster.yaml b/examples/cluster/single-node/cluster.yaml index e992334e4b..8641a7cdf9 100644 --- a/examples/cluster/single-node/cluster.yaml +++ b/examples/cluster/single-node/cluster.yaml @@ -9,9 +9,8 @@ spec: services: cidrBlocks: ["10.96.0.0/12"] pods: - cidrBlocks: ["192.168.0.0/16"] + cidrBlocks: ["192.168.0.0/16"] # CIDR block used by Calico. serviceDomain: "cluster.local" - apiServerPort: 6443 infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1alpha2 kind: OpenStackCluster @@ -29,7 +28,6 @@ spec: name: cloud-config namespace: ${CLUSTER_NAME} nodeCidr: - managedAPIServerLoadBalancer: false dnsNameservers: [] # multi-node control-plane: # * externalNetworkId is required for: @@ -37,6 +35,5 @@ spec: # * creating floating ips # * creating load balancer externalNetworkId: - managedSecurityGroups: false disablePortSecurity: true disableServerTags: true diff --git a/examples/controlplane/multi-node/controlplane.yaml b/examples/controlplane/multi-node/controlplane.yaml index e28d1a90e4..8a6cf63e47 100644 --- a/examples/controlplane/multi-node/controlplane.yaml +++ b/examples/controlplane/multi-node/controlplane.yaml @@ -31,7 +31,6 @@ metadata: spec: flavor: m1.medium image: - sshKeyName: cluster-api-provider-openstack availabilityZone: nova cloudName: $CLOUD cloudsSecret: @@ -59,9 +58,12 @@ spec: ntp: servers: [] users: - - name: ubuntu + - name: capo + sudo: "ALL=(ALL) NOPASSWD:ALL" sshAuthorizedKeys: - "$MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT" + # For more information about these values, + # refer to the Kubeadm Bootstrap Provider documentation. initConfiguration: localAPIEndpoint: advertiseAddress: '{{ ds.ec2_metadata.local_ipv4 }}' @@ -73,7 +75,6 @@ spec: cloud-config: /etc/kubernetes/cloud.conf clusterConfiguration: controlPlaneEndpoint: ":6443" - kubernetesVersion: 1.15.0 imageRepository: k8s.gcr.io apiServer: extraArgs: @@ -130,7 +131,6 @@ metadata: spec: flavor: m1.medium image: - sshKeyName: cluster-api-provider-openstack availabilityZone: nova cloudName: $CLOUD cloudsSecret: @@ -158,7 +158,8 @@ spec: ntp: servers: [] users: - - name: ubuntu + - name: capo + sudo: "ALL=(ALL) NOPASSWD:ALL" sshAuthorizedKeys: - "$MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT" joinConfiguration: @@ -205,7 +206,6 @@ metadata: spec: flavor: m1.medium image: - sshKeyName: cluster-api-provider-openstack availabilityZone: nova cloudName: $CLOUD cloudsSecret: @@ -233,7 +233,8 @@ spec: ntp: servers: [] users: - - name: ubuntu + - name: capo + sudo: "ALL=(ALL) NOPASSWD:ALL" sshAuthorizedKeys: - "$MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT" joinConfiguration: diff --git a/examples/controlplane/single-node/controlplane.yaml b/examples/controlplane/single-node/controlplane.yaml index 33f6a4f578..6f3b36c8a0 100644 --- a/examples/controlplane/single-node/controlplane.yaml +++ b/examples/controlplane/single-node/controlplane.yaml @@ -31,7 +31,6 @@ metadata: spec: flavor: m1.medium image: - sshKeyName: cluster-api-provider-openstack availabilityZone: nova floatingIP: cloudName: $CLOUD @@ -60,9 +59,12 @@ spec: ntp: servers: [] users: - - name: ubuntu + - name: capo + sudo: "ALL=(ALL) NOPASSWD:ALL" sshAuthorizedKeys: - "$MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT" + # For more information about these values, + # refer to the Kubeadm Bootstrap Provider documentation. initConfiguration: localAPIEndpoint: advertiseAddress: '{{ ds.ec2_metadata.local_ipv4 }}' @@ -74,7 +76,6 @@ spec: cloud-config: /etc/kubernetes/cloud.conf clusterConfiguration: controlPlaneEndpoint: ":6443" - kubernetesVersion: 1.15.0 imageRepository: k8s.gcr.io apiServer: extraArgs: diff --git a/examples/machinedeployment/machinedeployment.yaml b/examples/machinedeployment/machinedeployment.yaml index ae590d9800..1c6d386e17 100644 --- a/examples/machinedeployment/machinedeployment.yaml +++ b/examples/machinedeployment/machinedeployment.yaml @@ -49,7 +49,6 @@ spec: namespace: ${CLUSTER_NAME} flavor: m1.medium image: - sshKeyName: cluster-api-provider-openstack --- apiVersion: bootstrap.cluster.x-k8s.io/v1alpha2 kind: KubeadmConfigTemplate @@ -73,13 +72,14 @@ spec: permissions: "0600" joinConfiguration: nodeRegistration: + name: '{{ local_hostname }}' kubeletExtraArgs: cloud-config: /etc/kubernetes/cloud.conf cloud-provider: openstack - name: '{{ local_hostname }}' ntp: servers: [] users: - - name: ubuntu + - name: capo + sudo: "ALL=(ALL) NOPASSWD:ALL" sshAuthorizedKeys: - "$MACHINE_CONTROLLER_SSH_PUBLIC_FILE_CONTENT" diff --git a/go.sum b/go.sum index 5cc12d950b..97baf0e25a 100644 --- a/go.sum +++ b/go.sum @@ -58,6 +58,8 @@ github.com/googleapis/gnostic v0.3.1/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1a github.com/gophercloud/gophercloud v0.0.0-20190212181753-892256c46858/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= github.com/gophercloud/gophercloud v0.3.0 h1:6sjpKIpVwRIIwmcEGp+WwNovNsem+c+2vm6oxshRpL8= github.com/gophercloud/gophercloud v0.3.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= +github.com/gophercloud/gophercloud v0.4.0 h1:4iXQnHF7LKOl7ncQsRibnUmfx/unxT3rLAniYRB8kQQ= +github.com/gophercloud/gophercloud v0.4.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= github.com/gophercloud/utils v0.0.0-20190527093828-25f1b77b8c03 h1:QQqgDN0yxFHrhPV1BWFGP6hEZ82s18CGzu/bLQKT8RY= github.com/gophercloud/utils v0.0.0-20190527093828-25f1b77b8c03/go.mod h1:SZ9FTKibIotDtCrxAU/evccoyu1yhKST6hgBvwTB5Eg= github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=