diff --git a/Makefile b/Makefile index 70e4fea55..cc5b49d91 100644 --- a/Makefile +++ b/Makefile @@ -46,8 +46,8 @@ update-scripts: .PHONY: update-scripts update: update-scripts update-codegen-crds -update-with-container: update-scripts update-codegen-crds - -generate-with-container: Dockerfile.build +build-runtime-image: Dockerfile.build $(RUNTIME) build -t $(RUNTIME_IMAGE_NAME) -f Dockerfile.build . - $(RUNTIME) run -ti --rm -v $(PWD):/go/src/open-cluster-management.io/api:z -w /go/src/open-cluster-management.io/api $(RUNTIME_IMAGE_NAME) make update-with-container + +update-with-container: build-runtime-image + $(RUNTIME) run -ti --rm -v $(PWD):/go/src/open-cluster-management.io/api:z -w /go/src/open-cluster-management.io/api $(RUNTIME_IMAGE_NAME) make update-scripts update-codegen-crds diff --git a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml index d2ceccb10..628296ea3 100644 --- a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml +++ b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml @@ -15,7 +15,7 @@ spec: - name: v1 schema: openAPIV3Schema: - description: Klusterlet represents controllers on the managed cluster. When configured, the Klusterlet requires a secret named of bootstrap-hub-kubeconfig in the same namespace to allow API requests to the hub for the registration protocol. + description: Klusterlet represents controllers to install the resources for a managed cluster. When configured, the Klusterlet requires a secret named bootstrap-hub-kubeconfig in the agent namespace to allow API requests to the hub for the registration protocol. In Detached mode, the Klusterlet requires an additional secret named external-managed-kubeconfig in the agent namespace to allow API requests to the managed cluster for resources installation. type: object properties: apiVersion: @@ -33,6 +33,21 @@ spec: clusterName: description: ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift. type: string + deployOption: + description: DeployOption contains the options of deploying a klusterlet + type: object + default: + mode: Default + required: + - mode + properties: + mode: + description: "Mode can be Default or Detached. For cluster-manager: - In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. - In Detached mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of \"external-hub-kubeconfig\"(a kubeconfig of hub-cluster with cluster-admin permission). For klusterlet: - In Default mode, all klusterlet related resources are deployed on the managed cluster. - In Detached mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of \"external-managed-kubeconfig\"(a kubeconfig of managed-cluster with cluster-admin permission). The purpose of Detached mode is to give it more flexibility, for example we can install a hub on a cluster with no worker nodes, meanwhile running all deployments on another more powerful cluster. And we can also register a managed cluster to the hub that has some firewall rules preventing access from the managed cluster. \n Note: Do not modify the Mode field once it's applied." + type: string + default: Default + enum: + - Default + - Detached externalServerURLs: description: ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit. type: array @@ -48,7 +63,7 @@ spec: description: URL is the url of apiserver endpoint of the managed cluster. type: string namespace: - description: Namespace is the namespace to deploy the agent. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent. + description: 'Namespace is the namespace to deploy the agent. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent. Note: in Detach mode, this field will be **ignored**, the agent will be deployed to the namespace named -open-cluster-management-agent' type: string nodePlacement: description: NodePlacement enables explicit control over the scheduling of the deployed pods. @@ -85,9 +100,11 @@ spec: registrationImagePullSpec: description: RegistrationImagePullSpec represents the desired image configuration of registration agent. type: string + default: quay.io/open-cluster-management/registration workImagePullSpec: description: WorkImagePullSpec represents the desired image configuration of work agent. type: string + default: quay.io/open-cluster-management/work status: description: Status represents the current status of Klusterlet agent. type: object diff --git a/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml b/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml index 3969ddd8e..f82136488 100644 --- a/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml +++ b/operator/v1/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml @@ -33,11 +33,13 @@ spec: deployOption: description: DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set. type: object + default: + mode: Default required: - mode properties: mode: - description: Mode can be Default or Detached. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Detached mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). The purpose of Detached mode is to give it more flexibility, for example we can install a hub on a cluster with no worker nodes, meanwhile running all deployments on another more powerful cluster. Do not modify the Mode field once it's applied. + description: "Mode can be Default or Detached. For cluster-manager: - In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. - In Detached mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of \"external-hub-kubeconfig\"(a kubeconfig of hub-cluster with cluster-admin permission). For klusterlet: - In Default mode, all klusterlet related resources are deployed on the managed cluster. - In Detached mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of \"external-managed-kubeconfig\"(a kubeconfig of managed-cluster with cluster-admin permission). The purpose of Detached mode is to give it more flexibility, for example we can install a hub on a cluster with no worker nodes, meanwhile running all deployments on another more powerful cluster. And we can also register a managed cluster to the hub that has some firewall rules preventing access from the managed cluster. \n Note: Do not modify the Mode field once it's applied." type: string default: Default enum: diff --git a/operator/v1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/operator/v1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml index e6f0173f0..9e575ad1b 100644 --- a/operator/v1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml +++ b/operator/v1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml @@ -15,7 +15,7 @@ spec: status: {} validation: openAPIV3Schema: - description: Klusterlet represents controllers on the managed cluster. When configured, the Klusterlet requires a secret named of bootstrap-hub-kubeconfig in the same namespace to allow API requests to the hub for the registration protocol. + description: Klusterlet represents controllers to install the resources for a managed cluster. When configured, the Klusterlet requires a secret named bootstrap-hub-kubeconfig in the agent namespace to allow API requests to the hub for the registration protocol. In Detached mode, the Klusterlet requires an additional secret named external-managed-kubeconfig in the agent namespace to allow API requests to the managed cluster for resources installation. type: object properties: apiVersion: @@ -33,6 +33,21 @@ spec: clusterName: description: ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift. type: string + deployOption: + description: DeployOption contains the options of deploying a klusterlet + type: object + default: + mode: Default + required: + - mode + properties: + mode: + description: "Mode can be Default or Detached. For cluster-manager: - In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. - In Detached mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of \"external-hub-kubeconfig\"(a kubeconfig of hub-cluster with cluster-admin permission). For klusterlet: - In Default mode, all klusterlet related resources are deployed on the managed cluster. - In Detached mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of \"external-managed-kubeconfig\"(a kubeconfig of managed-cluster with cluster-admin permission). The purpose of Detached mode is to give it more flexibility, for example we can install a hub on a cluster with no worker nodes, meanwhile running all deployments on another more powerful cluster. And we can also register a managed cluster to the hub that has some firewall rules preventing access from the managed cluster. \n Note: Do not modify the Mode field once it's applied." + type: string + default: Default + enum: + - Default + - Detached externalServerURLs: description: ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit. type: array @@ -48,7 +63,7 @@ spec: description: URL is the url of apiserver endpoint of the managed cluster. type: string namespace: - description: Namespace is the namespace to deploy the agent. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent. + description: 'Namespace is the namespace to deploy the agent. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent. Note: in Detach mode, this field will be **ignored**, the agent will be deployed to the namespace named -open-cluster-management-agent' type: string nodePlacement: description: NodePlacement enables explicit control over the scheduling of the deployed pods. @@ -85,9 +100,11 @@ spec: registrationImagePullSpec: description: RegistrationImagePullSpec represents the desired image configuration of registration agent. type: string + default: quay.io/open-cluster-management/registration workImagePullSpec: description: WorkImagePullSpec represents the desired image configuration of work agent. type: string + default: quay.io/open-cluster-management/work status: description: Status represents the current status of Klusterlet agent. type: object diff --git a/operator/v1/types.go b/operator/v1/types.go index f1d92f74e..9d419d8f8 100644 --- a/operator/v1/types.go +++ b/operator/v1/types.go @@ -50,29 +50,45 @@ type ClusterManagerSpec struct { // DeployOption contains the options of deploying a cluster-manager // Default mode is used if DeployOption is not set. // +optional + // +kubebuilder:default={mode: Default} DeployOption DeployOption `json:"deployOption,omitempty"` } -type InstallMode string - -const ( - InstallModeDefault InstallMode = "Default" - InstallModeDetached InstallMode = "Detached" -) - +// DeployOption describes the deploy options for cluster-manager or klusterlet type DeployOption struct { // Mode can be Default or Detached. - // In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. - // In Detached mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). + // For cluster-manager: + // - In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. + // - In Detached mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). + // For klusterlet: + // - In Default mode, all klusterlet related resources are deployed on the managed cluster. + // - In Detached mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of "external-managed-kubeconfig"(a kubeconfig of managed-cluster with cluster-admin permission). // The purpose of Detached mode is to give it more flexibility, for example we can install a hub on a cluster with no worker nodes, meanwhile running all deployments on another more powerful cluster. - // Do not modify the Mode field once it's applied. - // +kubebuilder:validation:Required + // And we can also register a managed cluster to the hub that has some firewall rules preventing access from the managed cluster. + // + // Note: Do not modify the Mode field once it's applied. + // // +required + // +default=Default + // +kubebuilder:validation:Required // +kubebuilder:default=Default // +kubebuilder:validation:Enum=Default;Detached Mode InstallMode `json:"mode"` } +// InstallMode represents the mode of deploy cluster-manager or klusterlet +type InstallMode string + +const ( + // InstallModeDefault is the default deploy mode. + // The cluster-manager will be deployed in the hub-cluster, the klusterlet will be deployed in the managed-cluster. + InstallModeDefault InstallMode = "Default" + + // InstallModeDetached means deploying components outside. + // The cluster-manager will be deployed outside of the hub-cluster, the klusterlet will be deployed outside of the managed-cluster. + InstallModeDetached InstallMode = "Detached" +) + // ClusterManagerStatus represents the current status of the registration and work distribution controllers running on the hub. type ClusterManagerStatus struct { // ObservedGeneration is the last generation change you've dealt with @@ -168,9 +184,11 @@ type ClusterManagerList struct { // +kubebuilder:subresource:status // +kubebuilder:resource:scope=Cluster -// Klusterlet represents controllers on the managed cluster. When configured, -// the Klusterlet requires a secret named of bootstrap-hub-kubeconfig in the -// same namespace to allow API requests to the hub for the registration protocol. +// Klusterlet represents controllers to install the resources for a managed cluster. +// When configured, the Klusterlet requires a secret named bootstrap-hub-kubeconfig in the +// agent namespace to allow API requests to the hub for the registration protocol. +// In Detached mode, the Klusterlet requires an additional secret named external-managed-kubeconfig +// in the agent namespace to allow API requests to the managed cluster for resources installation. type Klusterlet struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` @@ -187,15 +205,19 @@ type KlusterletSpec struct { // Namespace is the namespace to deploy the agent. // The namespace must have a prefix of "open-cluster-management-", and if it is not set, // the namespace of "open-cluster-management-agent" is used to deploy agent. + // Note: in Detach mode, this field will be **ignored**, the agent will be deployed to the + // namespace named -open-cluster-management-agent // +optional Namespace string `json:"namespace,omitempty"` // RegistrationImagePullSpec represents the desired image configuration of registration agent. // +required + // +kubebuilder:default=quay.io/open-cluster-management/registration RegistrationImagePullSpec string `json:"registrationImagePullSpec"` // WorkImagePullSpec represents the desired image configuration of work agent. // +required + // +kubebuilder:default=quay.io/open-cluster-management/work WorkImagePullSpec string `json:"workImagePullSpec,omitempty"` // ClusterName is the name of the managed cluster to be created on hub. @@ -211,6 +233,11 @@ type KlusterletSpec struct { // NodePlacement enables explicit control over the scheduling of the deployed pods. // +optional NodePlacement NodePlacement `json:"nodePlacement,omitempty"` + + // DeployOption contains the options of deploying a klusterlet + // +optional + // +kubebuilder:default={mode: Default} + DeployOption DeployOption `json:"deployOption,omitempty"` } // ServerURL represents the apiserver url and ca bundle that is accessible externally diff --git a/operator/v1/zz_generated.deepcopy.go b/operator/v1/zz_generated.deepcopy.go index 2ad16cbcb..ad9060cfd 100644 --- a/operator/v1/zz_generated.deepcopy.go +++ b/operator/v1/zz_generated.deepcopy.go @@ -227,6 +227,7 @@ func (in *KlusterletSpec) DeepCopyInto(out *KlusterletSpec) { } } in.NodePlacement.DeepCopyInto(&out.NodePlacement) + out.DeployOption = in.DeployOption return } diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go index 1e415048b..fad49b663 100644 --- a/operator/v1/zz_generated.swagger_doc_generated.go +++ b/operator/v1/zz_generated.swagger_doc_generated.go @@ -57,7 +57,8 @@ func (ClusterManagerStatus) SwaggerDoc() map[string]string { } var map_DeployOption = map[string]string{ - "mode": "Mode can be Default or Detached. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Detached mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of \"external-hub-kubeconfig\"(a kubeconfig of hub-cluster with cluster-admin permission). The purpose of Detached mode is to give it more flexibility, for example we can install a hub on a cluster with no worker nodes, meanwhile running all deployments on another more powerful cluster. Do not modify the Mode field once it's applied.", + "": "DeployOption describes the deploy options for cluster-manager or klusterlet", + "mode": "Mode can be Default or Detached. For cluster-manager:\n - In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster.\n - In Detached mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of \"external-hub-kubeconfig\"(a kubeconfig of hub-cluster with cluster-admin permission).\nFor klusterlet:\n - In Default mode, all klusterlet related resources are deployed on the managed cluster.\n - In Detached mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of \"external-managed-kubeconfig\"(a kubeconfig of managed-cluster with cluster-admin permission).\nThe purpose of Detached mode is to give it more flexibility, for example we can install a hub on a cluster with no worker nodes, meanwhile running all deployments on another more powerful cluster. And we can also register a managed cluster to the hub that has some firewall rules preventing access from the managed cluster.\n\nNote: Do not modify the Mode field once it's applied.", } func (DeployOption) SwaggerDoc() map[string]string { @@ -79,7 +80,7 @@ func (GenerationStatus) SwaggerDoc() map[string]string { } var map_Klusterlet = map[string]string{ - "": "Klusterlet represents controllers on the managed cluster. When configured, the Klusterlet requires a secret named of bootstrap-hub-kubeconfig in the same namespace to allow API requests to the hub for the registration protocol.", + "": "Klusterlet represents controllers to install the resources for a managed cluster. When configured, the Klusterlet requires a secret named bootstrap-hub-kubeconfig in the agent namespace to allow API requests to the hub for the registration protocol. In Detached mode, the Klusterlet requires an additional secret named external-managed-kubeconfig in the agent namespace to allow API requests to the managed cluster for resources installation.", "spec": "Spec represents the desired deployment configuration of Klusterlet agent.", "status": "Status represents the current status of Klusterlet agent.", } @@ -100,12 +101,13 @@ func (KlusterletList) SwaggerDoc() map[string]string { var map_KlusterletSpec = map[string]string{ "": "KlusterletSpec represents the desired deployment configuration of Klusterlet agent.", - "namespace": "Namespace is the namespace to deploy the agent. The namespace must have a prefix of \"open-cluster-management-\", and if it is not set, the namespace of \"open-cluster-management-agent\" is used to deploy agent.", + "namespace": "Namespace is the namespace to deploy the agent. The namespace must have a prefix of \"open-cluster-management-\", and if it is not set, the namespace of \"open-cluster-management-agent\" is used to deploy agent. Note: in Detach mode, this field will be **ignored**, the agent will be deployed to the namespace named -open-cluster-management-agent", "registrationImagePullSpec": "RegistrationImagePullSpec represents the desired image configuration of registration agent.", "workImagePullSpec": "WorkImagePullSpec represents the desired image configuration of work agent.", "clusterName": "ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift.", "externalServerURLs": "ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit.", "nodePlacement": "NodePlacement enables explicit control over the scheduling of the deployed pods.", + "deployOption": "DeployOption contains the options of deploying a klusterlet", } func (KlusterletSpec) SwaggerDoc() map[string]string {