target manifest-templates

cmd/openshift-install/create.go

@@ -25,6 +25,7 @@ import (
 	"github.com/openshift/installer/pkg/asset/installconfig"
 	"github.com/openshift/installer/pkg/asset/kubeconfig"
 	"github.com/openshift/installer/pkg/asset/manifests"
+	"github.com/openshift/installer/pkg/asset/templates"
 	destroybootstrap "github.com/openshift/installer/pkg/destroy/bootstrap"
 )
 
@@ -59,6 +60,16 @@ var (
 		assets: []asset.WritableAsset{&manifests.Manifests{}, &manifests.Tectonic{}},
 	}
 
+	manifestTemplatesTarget = target{
+		name: "Manifest templates",
+		command: &cobra.Command{
+			Use:   "manifest-templates",
+			Short: "Generates the unrendered Kubernetes manifest templates",
+			Long:  "",
+		},
+		assets: []asset.WritableAsset{&templates.Templates{}},
+	}
+
 	ignitionConfigsTarget = target{
 		name: "Ignition Configs",
 		command: &cobra.Command{
@@ -84,7 +95,7 @@ var (
 		assets: []asset.WritableAsset{&cluster.TerraformVariables{}, &kubeconfig.Admin{}, &cluster.Cluster{}},
 	}
 
-	targets = []target{installConfigTarget, manifestsTarget, ignitionConfigsTarget, clusterTarget}
+	targets = []target{installConfigTarget, manifestTemplatesTarget, manifestsTarget, ignitionConfigsTarget, clusterTarget}
 )
 
 // Deprecated: Use 'create' subcommands instead.

pkg/asset/manifests/content/bootkube/01-tectonic-namespace.go → data/data/manifests/bootkube/01-tectonic-namespace.yaml

@@ -1,15 +1,7 @@
-package bootkube
-
-const (
-	// TectonicNamespace is the constant to represent contents of Tectonic_Namespace.yaml file
-	TectonicNamespace = `
----
 apiVersion: v1
 kind: Namespace
 metadata:
   name: tectonic-system  # Create the namespace first.
   labels:  # network policy can only select by labels
     name: tectonic-system
     openshift.io/run-level: "1"
-`
-)

pkg/asset/manifests/content/bootkube/03-openshift-web-console-namespace.go → data/data/manifests/bootkube/03-openshift-web-console-namespace.yaml

@@ -1,9 +1,3 @@
-package bootkube
-
-const (
-	// OpenshiftWebConsoleNamespace is the constant to represent contents of Openshift_WebConsoleNamespace.yaml file
-	OpenshiftWebConsoleNamespace = `
----
 apiVersion: v1
 kind: Namespace
 metadata:
@@ -12,5 +6,3 @@ metadata:
   name: openshift-web-console
   labels:
     name: openshift-web-console
-`
-)

data/data/manifests/bootkube/04-openshift-machine-config-operator.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: openshift-machine-config-operator
+  labels:
+    name: openshift-machine-config-operator
+    openshift.io/run-level: "1"

pkg/asset/manifests/content/bootkube/05-openshift-cluster-api-namespace.go → data/data/manifests/bootkube/05-openshift-cluster-api-namespace.yaml

@@ -1,9 +1,3 @@
-package bootkube
-
-const (
-	// OpenshiftClusterAPINamespace is the constant to represent contents of Openshift_ClusterApiNamespace.yaml file
-	OpenshiftClusterAPINamespace = `
----
 apiVersion: v1
 kind: Namespace
 metadata:
@@ -12,5 +6,3 @@ metadata:
   labels:
     name: openshift-cluster-api
     openshift.io/run-level: "1"
-`
-)

data/data/manifests/bootkube/09-openshift-service-cert-signer-namespace.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  # This is the namespace used to hold the service-serving-cert-signer.
+  name: openshift-service-cert-signer
+  labels:
+    openshift.io/run-level: "1"

pkg/asset/manifests/content/bootkube/app-version-kind.go → data/data/manifests/bootkube/app-version-kind.yaml

@@ -1,9 +1,3 @@
-package bootkube
-
-const (
-	// AppVersionKind is the constant to represent contents of App_VersionKind.yaml file
-	AppVersionKind = `
----
 apiVersion: "apiextensions.k8s.io/v1beta1"
 kind: "CustomResourceDefinition"
 metadata:
@@ -14,5 +8,3 @@ spec:
   names:
     plural: "appversions"
     kind: "AppVersion"
-`
-)

pkg/asset/manifests/content/bootkube/app-version-tectonic-network.go → data/data/manifests/bootkube/app-version-tectonic-network.yaml

@@ -1,9 +1,3 @@
-package bootkube
-
-const (
-	// AppVersionTectonicNetwork is the constant to represent contents of App_VersionTectonicNetwork.yaml file
-	AppVersionTectonicNetwork = `
----
 apiVersion: tco.coreos.com/v1
 kind: AppVersion
 metadata:
@@ -19,5 +13,3 @@ status:
   paused: false
 upgradereq: 1
 upgradecomp: 0
-`
-)

data/data/manifests/bootkube/cvo-overrides.yaml.template

@@ -0,0 +1,17 @@
+apiVersion: config.openshift.io/v1
+kind: ClusterVersion
+metadata:
+  namespace: openshift-cluster-version
+  name: version
+spec:
+  upstream: http://localhost:8080/graph
+  channel: fast
+  clusterID: {{.CVOClusterID}}
+  overrides:
+  - kind: Deployment                    # this conflicts with kube-core-operator
+    namespace: openshift-cluster-network-operator
+    name: cluster-network-operator
+    unmanaged: true
+  - kind: APIService                    # packages.apps.redhat.com fails to start properly
+    name: v1alpha1.packages.apps.redhat.com
+    unmanaged: true

data/data/manifests/bootkube/etcd-service-endpoints.yaml.template

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: etcd
+  namespace: kube-system
+  annotations:
+    alpha.installer.openshift.io/dns-suffix: {{.EtcdEndpointDNSSuffix}}
+subsets:
+- addresses:
+{{- range $idx, $member := .EtcdEndpointHostnames }}
+  - ip: 192.0.2.{{ add $idx 1 }}
+    hostname: {{ $member }}
+{{- end }}
+  ports:
+  - name: etcd
+    port: 2379
+    protocol: TCP

pkg/asset/manifests/content/bootkube/etcd-service.go → data/data/manifests/bootkube/etcd-service.yaml

@@ -1,9 +1,3 @@
-package bootkube
-
-const (
-	// EtcdServiceKubeSystem is the constant to represent contents of etcd-service.yaml file
-	EtcdServiceKubeSystem = `
----
 apiVersion: v1
 kind: Service
 metadata:
@@ -18,5 +12,3 @@ spec:
   - name: etcd
     port: 2379
     protocol: TCP
-`
-)

data/data/manifests/bootkube/kube-cloud-config.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kube-cloud-cfg
+  namespace: kube-system
+type: Opaque
+data:
+  config: ""

data/data/manifests/bootkube/kube-system-configmap-etcd-serving-ca.yaml.template

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: etcd-serving-ca
+  namespace: kube-system
+data:
+  ca-bundle.crt: |
+    {{.EtcdCaCert}}

data/data/manifests/bootkube/kube-system-configmap-root-ca.yaml.template

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: root-ca
+  namespace: kube-system
+data:
+  ca.crt: {{.RootCaCert}}

data/data/manifests/bootkube/kube-system-secret-etcd-client.yaml.template

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: etcd-client
+  namespace: kube-system
+type: SecretTypeTLS
+data:
+  tls.crt: {{ .EtcdClientCert }}
+  tls.key: {{ .EtcdClientKey }}

data/data/manifests/bootkube/legacy-cvo-overrides.yaml.template

@@ -0,0 +1,16 @@
+apiVersion: clusterversion.openshift.io/v1
+kind: CVOConfig
+metadata:
+  namespace: openshift-cluster-version
+  name: cluster-version-operator
+upstream: http://localhost:8080/graph
+channel: fast
+clusterID: {{.CVOClusterID}}
+overrides:
+- kind: Deployment                    # this conflicts with kube-core-operator
+  namespace: openshift-cluster-network-operator
+  name: cluster-network-operator
+  unmanaged: true
+- kind: APIService                    # packages.apps.redhat.com fails to start properly
+  name: v1alpha1.packages.apps.redhat.com
+  unmanaged: true

data/data/manifests/bootkube/machine-config-server-tls-secret.yaml.template

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: machine-config-server-tls
+  namespace: openshift-machine-config-operator
+type: Opaque
+data:
+  tls.crt: {{.McsTLSCert}}
+  tls.key: {{.McsTLSKey}}

data/data/manifests/bootkube/openshift-service-cert-signer-ca-secret.yaml.template

@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: service-serving-cert-signer-signing-key
+  namespace: openshift-service-cert-signer
+type: kubernetes.io/tls
+data:
+  tls.crt: {{.ServiceServingCaCert}}
+  tls.key: {{.ServiceServingCaKey}}

pkg/asset/manifests/content/bootkube/pull.go → data/data/manifests/bootkube/pull.yaml.template

@@ -1,12 +1,3 @@
-package bootkube
-
-import (
-	"text/template"
-)
-
-var (
-	// Pull is the constant to represent contents of pull.yaml file
-	Pull = template.Must(template.New("pull.json").Parse(`
 {
   "apiVersion": "v1",
   "kind": "Secret",
@@ -19,5 +10,3 @@ var (
     ".dockerconfigjson": "{{.PullSecret}}"
   }
 }
-`))
-)

pkg/asset/manifests/content/bootkube/tectonic-network-operator.go → data/data/manifests/bootkube/tectonic-network-operator.yaml.template

@@ -1,13 +1,3 @@
-package bootkube
-
-import (
-	"text/template"
-)
-
-var (
-	// TectonicNetworkOperator represents the template variable for tectonic-network-operator.yaml file
-	TectonicNetworkOperator = template.Must(template.New("tectonic-network-operator.yaml").Parse(`
----
 apiVersion: apps/v1beta2
 kind: DaemonSet
 metadata:
@@ -67,5 +57,3 @@ spec:
       rollingUpdate:
         maxUnavailable: 1
       type: RollingUpdate
-`))
-)

data/data/manifests/tectonic/binding-discovery.yaml

@@ -0,0 +1,13 @@
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: discovery
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:discovery
+subjects:
+- kind: Group
+  name: 'system:unauthenticated'
+- kind: Group
+  name: 'system:authenticated'

pkg/asset/manifests/content/tectonic/cloud-creds-secret.go → data/data/manifests/tectonic/cloud-creds-secret.yaml.template

@@ -1,13 +1,3 @@
-package tectonic
-
-import (
-	"text/template"
-)
-
-var (
-	// CloudCredsSecret is the constant to represent contents of corresponding yaml file
-	CloudCredsSecret = template.Must(template.New("cloud-creds-secret.yaml").Parse(`
----
 kind: Secret
 apiVersion: v1
 metadata:
@@ -24,5 +14,3 @@ data:
 {{- else if .CloudCreds.OpenStack}}
   clouds.yaml: {{.CloudCreds.OpenStack.Base64encodeCloudCreds}}
 {{- end}}
-`))
-)

pkg/asset/manifests/content/tectonic/kube-addon-00-appversion.go → data/data/manifests/tectonic/kube-addon-00-appversion.yaml

@@ -1,9 +1,3 @@
-package tectonic
-
-const (
-	// AppVersionKubeAddon  is the variable/constant representing the contents of the respective file
-	AppVersionKubeAddon = `
----
 apiVersion: tco.coreos.com/v1
 kind: AppVersion
 metadata:
@@ -19,5 +13,3 @@ status:
   paused: false
 upgradereq: 1
 upgradecomp: 0
-`
-)

pkg/asset/manifests/content/tectonic/kube-addon-01-operator.go → data/data/manifests/tectonic/kube-addon-01-operator.yaml.template

@@ -1,13 +1,3 @@
-package tectonic
-
-import (
-	"text/template"
-)
-
-var (
-	// KubeAddonOperator  is the variable/constant representing the contents of the respective file
-	KubeAddonOperator = template.Must(template.New("kube-addon-operator.yaml").Parse(`
----
 apiVersion: apps/v1beta2
 kind: Deployment
 metadata:
@@ -59,5 +49,3 @@ spec:
             items:
               - key: addon-config
                 path: addon-config
-`))
-)

data/data/manifests/tectonic/role-admin.yaml

@@ -0,0 +1,10 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: admin
+rules:
+- apiGroups: ["*"]
+  resources: ["*"]
+  verbs: ["*"]
+- nonResourceURLs: ["*"]
+  verbs: ["*"]

pkg/asset/manifests/content/tectonic/role-cloud-creds-secret-reader.go → data/data/manifests/tectonic/role-cloud-creds-secret-reader.yaml.template

@@ -1,13 +1,3 @@
-package tectonic
-
-import (
-	"text/template"
-)
-
-var (
-	// RoleCloudCredsSecretReader is the variable to represent contents of corresponding file
-	RoleCloudCredsSecretReader = template.Must(template.New("role-cloud-creds-secret-reader.yaml").Parse(`
----
 kind: Role
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
@@ -26,5 +16,3 @@ rules:
   resourceNames: ["openstack-creds"]
 {{- end}}
   verbs: ["get"]
-`))
-)