diff --git a/Gopkg.lock b/Gopkg.lock index 810dca7a7bf..857764925df 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -116,12 +116,9 @@ [[projects]] branch = "master" - digest = "1:3f74b3c0cc3e70631a87355e7265fcf84d0d65f4b75dc6eb9d55e942a5ca0a05" + digest = "1:e0598aa66452b995d5437173dc4a1f5d59a1420ba06b58fcc7c8a32520962bed" name = "github.com/coreos/tectonic-config" - packages = [ - "config/kube-addon", - "config/tectonic-network", - ] + packages = ["config/kube-addon"] pruneopts = "NUT" revision = "0d649ebfd3552dfa5c6cc2cf053e17ba924b7024" @@ -335,6 +332,13 @@ pruneopts = "NUT" revision = "437b1012ea0bf4c6a1189e42ff3755933689eeb4" +[[projects]] + digest = "1:f9c1fc8da2b44ba323ec3b338f0da9f375e26c787bc3a6ea241f9cb3f191cb62" + name = "github.com/openshift/cluster-network-operator" + packages = ["pkg/apis/networkoperator/v1"] + pruneopts = "NUT" + revision = "fb8b55a1072436a51b153de9acf5bf5525efcf83" + [[projects]] digest = "1:14f70ac5f181ccb012cddc7c72ac28709497155340b2fad822bd15d9a8722d93" name = "github.com/openshift/hive" @@ -771,12 +775,12 @@ "github.com/coreos/ignition/config/util", "github.com/coreos/ignition/config/v2_2/types", "github.com/coreos/tectonic-config/config/kube-addon", - "github.com/coreos/tectonic-config/config/tectonic-network", "github.com/ghodss/yaml", "github.com/gregjones/httpcache", "github.com/gregjones/httpcache/diskcache", "github.com/libvirt/libvirt-go", "github.com/openshift/cluster-api-provider-libvirt/pkg/apis/libvirtproviderconfig/v1alpha1", + "github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1", "github.com/openshift/hive/contrib/pkg/awstagdeprovision", "github.com/pborman/uuid", "github.com/pkg/errors", diff --git a/Gopkg.toml b/Gopkg.toml index 5b2001869eb..6fe012e03ba 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -75,3 +75,7 @@ ignored = ["github.com/openshift/installer/tests*"] [[constraint]] name = "k8s.io/utils" revision = "4c3feeb576b06ef8fea769809bd3db5e5e78dc23" + +[[constraint]] + name = "github.com/openshift/cluster-network-operator" + revision = "fb8b55a1072436a51b153de9acf5bf5525efcf83" diff --git a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-daemonset.yaml b/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-daemonset.yaml deleted file mode 100644 index 0802fc3b61c..00000000000 --- a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-daemonset.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# This is needed by kube-proxy. -# TODO: move to the networking operator renderer. -apiVersion: apps/v1 -kind: DaemonSet -metadata: - labels: - k8s-app: kube-proxy - tier: node - name: kube-proxy - namespace: kube-system -spec: - selector: - matchLabels: - k8s-app: kube-proxy - tier: node - template: - metadata: - labels: - k8s-app: kube-proxy - tier: node - spec: - containers: - - command: - - ./hyperkube - - proxy - - --cluster-cidr=10.3.0.0/16 - - --hostname-override=$(NODE_NAME) - - --kubeconfig=/etc/kubernetes/kubeconfig - - --proxy-mode=iptables - env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - image: quay.io/coreos/hyperkube:v1.9.3_coreos.0 - name: kube-proxy - securityContext: - privileged: true - volumeMounts: - - mountPath: /etc/ssl/certs - name: ssl-certs-host - readOnly: true - - mountPath: /etc/kubernetes - name: kubeconfig - readOnly: true - hostNetwork: true - serviceAccountName: kube-proxy - tolerations: - - operator: Exists - volumes: - - hostPath: - path: /etc/ssl/certs - name: ssl-certs-host - - name: kubeconfig - secret: - defaultMode: 420 - secretName: kube-proxy-kubeconfig - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate diff --git a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-kube-system-rbac-role-binding.yaml b/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-kube-system-rbac-role-binding.yaml deleted file mode 100644 index 517831fc261..00000000000 --- a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-kube-system-rbac-role-binding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# This is needed by kube-proxy. -# TODO: move to the networking operator renderer. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: system:default-sa -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: -- kind: ServiceAccount - name: default - namespace: kube-system diff --git a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-kubeconfig.yaml.template b/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-kubeconfig.yaml.template deleted file mode 100644 index 7e14f08c785..00000000000 --- a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-kubeconfig.yaml.template +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: kube-proxy-kubeconfig - namespace: kube-system -data: - kubeconfig: {{ .AdminKubeConfigBase64 }} diff --git a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-role-binding.yaml b/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-role-binding.yaml deleted file mode 100644 index 91518391bcd..00000000000 --- a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-role-binding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -# This is needed by kube-proxy. -# TODO: move to the networking operator renderer. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kube-proxy -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:node-proxier # Automatically created system role. -subjects: -- kind: ServiceAccount - name: kube-proxy - namespace: kube-system diff --git a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-service-account.yaml b/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-service-account.yaml deleted file mode 100644 index 2036d4f40db..00000000000 --- a/data/data/bootstrap/files/opt/tectonic/manifest-overrides/kube-proxy-service-account.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# This is needed by kube-proxy. -# TODO: move to the networking operator renderer. -apiVersion: v1 -kind: ServiceAccount -metadata: - namespace: kube-system - name: kube-proxy diff --git a/data/data/bootstrap/files/usr/local/bin/bootkube.sh.template b/data/data/bootstrap/files/usr/local/bin/bootkube.sh.template index b880740de3b..44fe6365fd2 100755 --- a/data/data/bootstrap/files/usr/local/bin/bootkube.sh.template +++ b/data/data/bootstrap/files/usr/local/bin/bootkube.sh.template @@ -97,10 +97,6 @@ then cp kube-scheduler-bootstrap/manifests/* manifests/ fi -# TODO: Remove this when manifest-overrides is empty. -echo "Installing temporary bootstrap manifests..." -cp manifest-overrides/* manifests/ - if [ ! -d mco-bootstrap ] then echo "Rendering MCO manifests..." diff --git a/data/data/manifests/bootkube/app-version-tectonic-network.yaml b/data/data/manifests/bootkube/app-version-tectonic-network.yaml deleted file mode 100644 index 860ea3dbbc5..00000000000 --- a/data/data/manifests/bootkube/app-version-tectonic-network.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: tco.coreos.com/v1 -kind: AppVersion -metadata: - name: tectonic-network - namespace: kube-system - labels: - managed-by-channel-operator: "true" -spec: - desiredVersion: - paused: false -status: - currentVersion: - paused: false -upgradereq: 1 -upgradecomp: 0 diff --git a/data/data/manifests/bootkube/tectonic-network-operator.yaml.template b/data/data/manifests/bootkube/tectonic-network-operator.yaml.template deleted file mode 100644 index b481619f12a..00000000000 --- a/data/data/manifests/bootkube/tectonic-network-operator.yaml.template +++ /dev/null @@ -1,59 +0,0 @@ -apiVersion: apps/v1beta2 -kind: DaemonSet -metadata: - name: tectonic-network-operator - namespace: kube-system - labels: - k8s-app: tectonic-network-operator - managed-by-channel-operator: "true" -spec: - selector: - matchLabels: - k8s-app: tectonic-network-operator - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate - template: - metadata: - labels: - k8s-app: tectonic-network-operator - tectonic-app-version-name: tectonic-network - spec: - containers: - - name: tectonic-network-operator - image: {{.TectonicNetworkOperatorImage}} - resources: - limits: - cpu: 20m - memory: 50Mi - requests: - cpu: 20m - memory: 50Mi - volumeMounts: - - name: cluster-config - mountPath: /etc/cluster-config - hostNetwork: true - restartPolicy: Always - imagePullSecrets: - - name: coreos-pull-secret - securityContext: - runAsNonRoot: true - runAsUser: 65534 - volumes: - - name: cluster-config - configMap: - name: cluster-config-v1 - items: - - key: network-config - path: network-config - nodeSelector: - node-role.kubernetes.io/master: "" - tolerations: - - key: "node-role.kubernetes.io/master" - operator: "Exists" - effect: "NoSchedule" - updateStrategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate diff --git a/pkg/asset/installconfig/installconfig.go b/pkg/asset/installconfig/installconfig.go index dcfe907d832..b3bb9c1a69a 100644 --- a/pkg/asset/installconfig/installconfig.go +++ b/pkg/asset/installconfig/installconfig.go @@ -8,6 +8,7 @@ import ( "github.com/pkg/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + netopv1 "github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1" "github.com/openshift/installer/pkg/asset" "github.com/openshift/installer/pkg/ipnet" "github.com/openshift/installer/pkg/types" @@ -18,8 +19,9 @@ const ( ) var ( - defaultServiceCIDR = parseCIDR("10.3.0.0/16") - defaultPodCIDR = parseCIDR("10.2.0.0/16") + defaultServiceCIDR = parseCIDR("10.3.0.0/16") + defaultClusterCIDR = "10.2.0.0/16" + defaultHostSubnetLength = 9 // equivalent to a /23 per node ) // InstallConfig generates the install-config.yml file. @@ -78,15 +80,16 @@ func (a *InstallConfig) Generate(parents asset.Parents) error { }, BaseDomain: baseDomain.BaseDomain, Networking: types.Networking{ - // TODO(yifan): Flannel is the temporal default network type for now, - // Need to update it to the new types. - Type: "flannel", + Type: "OpenshiftSDN", ServiceCIDR: ipnet.IPNet{ IPNet: defaultServiceCIDR, }, - PodCIDR: ipnet.IPNet{ - IPNet: defaultPodCIDR, + ClusterNetworks: []netopv1.ClusterNetwork{ + { + CIDR: defaultClusterCIDR, + HostSubnetLength: uint32(defaultHostSubnetLength), + }, }, }, PullSecret: pullSecret.PullSecret, diff --git a/pkg/asset/machines/cluster_k8s_io.go b/pkg/asset/machines/cluster_k8s_io.go deleted file mode 100644 index ef474f1ea29..00000000000 --- a/pkg/asset/machines/cluster_k8s_io.go +++ /dev/null @@ -1,73 +0,0 @@ -package machines - -import ( - "bytes" - "text/template" - - "github.com/openshift/installer/pkg/asset" - "github.com/openshift/installer/pkg/asset/installconfig" - "github.com/openshift/installer/pkg/types" -) - -// ClusterK8sIO generates the `Cluster.cluster.k8s.io/v1alpha1` object. -type ClusterK8sIO struct { - Raw []byte -} - -var _ asset.Asset = (*ClusterK8sIO)(nil) - -// Name returns a human friendly name for the ClusterK8sIO Asset. -func (c *ClusterK8sIO) Name() string { - return "Cluster.cluster.k8s.io/v1alpha1" -} - -// Dependencies returns all of the dependencies directly needed by the -// ClusterK8sIO asset -func (c *ClusterK8sIO) Dependencies() []asset.Asset { - return []asset.Asset{ - &installconfig.InstallConfig{}, - } -} - -// Generate generates the Worker asset. -func (c *ClusterK8sIO) Generate(dependencies asset.Parents) error { - installconfig := &installconfig.InstallConfig{} - dependencies.Get(installconfig) - - c.Raw = clusterK8sIO(installconfig.Config) - return nil -} - -var clusterK8sIOTmpl = template.Must(template.New("cluster").Parse(` -apiVersion: "cluster.k8s.io/v1alpha1" -kind: Cluster -metadata: - name: {{.Name}} - namespace: openshift-cluster-api -spec: - clusterNetwork: - services: - cidrBlocks: - - {{.ServiceCIDR}} - pods: - cidrBlocks: - - {{.PodCIDR}} - serviceDomain: unused -`)) - -func clusterK8sIO(ic *types.InstallConfig) []byte { - templateData := struct { - Name string - ServiceCIDR string - PodCIDR string - }{ - Name: ic.ObjectMeta.Name, - ServiceCIDR: ic.Networking.ServiceCIDR.String(), - PodCIDR: ic.Networking.PodCIDR.String(), - } - buf := &bytes.Buffer{} - if err := clusterK8sIOTmpl.Execute(buf, templateData); err != nil { - panic(err) - } - return buf.Bytes() -} diff --git a/pkg/asset/manifests/cluster_k8s_io.go b/pkg/asset/manifests/cluster_k8s_io.go new file mode 100644 index 00000000000..009bcfb8e05 --- /dev/null +++ b/pkg/asset/manifests/cluster_k8s_io.go @@ -0,0 +1,65 @@ +package manifests + +import ( + "github.com/ghodss/yaml" + "github.com/pkg/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/openshift/installer/pkg/asset" + "github.com/openshift/installer/pkg/asset/installconfig" + clusterv1a1 "sigs.k8s.io/cluster-api/pkg/apis/cluster/v1alpha1" +) + +// This file was originally in pkg/assets/machines, but is now in +// /manifests due to an import loop. + +// ClusterK8sIO generates the `Cluster.cluster.k8s.io/v1alpha1` object. +type ClusterK8sIO struct { + Raw []byte +} + +var _ asset.Asset = (*ClusterK8sIO)(nil) + +// Name returns a human friendly name for the ClusterK8sIO Asset. +func (c *ClusterK8sIO) Name() string { + return "Cluster.cluster.k8s.io/v1alpha1" +} + +// Dependencies returns all of the dependencies directly needed by the +// ClusterK8sIO asset +func (c *ClusterK8sIO) Dependencies() []asset.Asset { + return []asset.Asset{ + &installconfig.InstallConfig{}, + &Networking{}, + } +} + +// Generate generates the Worker asset. +func (c *ClusterK8sIO) Generate(dependencies asset.Parents) error { + installconfig := &installconfig.InstallConfig{} + dependencies.Get(installconfig) + + net := &Networking{} + dependencies.Get(net) + clusterNet, err := net.ClusterNetwork() + if err != nil { + return errors.Wrapf(err, "Could not generate ClusterNetworkingConfig") + } + + cluster := clusterv1a1.Cluster{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "cluster.k8s.io/v1alpha1", + Kind: "Cluster", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: installconfig.Config.ObjectMeta.Name, + Namespace: "openshift-cluster-api", + }, + Spec: clusterv1a1.ClusterSpec{ + ClusterNetwork: *clusterNet, + }, + } + + c.Raw, err = yaml.Marshal(cluster) + return err +} diff --git a/pkg/asset/manifests/network-operator.go b/pkg/asset/manifests/network-operator.go deleted file mode 100644 index 0cb3002b085..00000000000 --- a/pkg/asset/manifests/network-operator.go +++ /dev/null @@ -1,84 +0,0 @@ -package manifests - -import ( - "github.com/ghodss/yaml" - "github.com/pkg/errors" - - "github.com/openshift/installer/pkg/asset" - "github.com/openshift/installer/pkg/asset/installconfig" - - tectonicnetwork "github.com/coreos/tectonic-config/config/tectonic-network" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -const ( - defaultMTU = "1450" - noCfgFilename = "network-operator-config.yml" - noManifestFilename = "network-operator-manifests.yml" -) - -// networkOperator generates the network-operator-*.yml files -type networkOperator struct { - config *tectonicnetwork.OperatorConfig - FileList []*asset.File -} - -var _ asset.WritableAsset = (*networkOperator)(nil) - -// Name returns a human friendly name for the operator -func (no *networkOperator) Name() string { - return "Network Operator" -} - -// Dependencies returns all of the dependencies directly needed by an -// networkOperator asset. -func (no *networkOperator) Dependencies() []asset.Asset { - return []asset.Asset{ - &installconfig.InstallConfig{}, - } -} - -// Generate generates the network-operator-config.yml and network-operator-manifest.yml files -func (no *networkOperator) Generate(dependencies asset.Parents) error { - installConfig := &installconfig.InstallConfig{} - dependencies.Get(installConfig) - - no.config = &tectonicnetwork.OperatorConfig{ - TypeMeta: metav1.TypeMeta{ - APIVersion: tectonicnetwork.APIVersion, - Kind: tectonicnetwork.Kind, - }, - PodCIDR: installConfig.Config.Networking.PodCIDR.String(), - CalicoConfig: tectonicnetwork.CalicoConfig{ - MTU: defaultMTU, - }, - NetworkProfile: tectonicnetwork.NetworkType(installConfig.Config.Networking.Type), - } - - configData, err := yaml.Marshal(no.config) - if err != nil { - return errors.Wrapf(err, "failed to create %s manifests from InstallConfig", no.Name()) - } - no.FileList = []*asset.File{ - { - Filename: noCfgFilename, - Data: configData, - }, - { - Filename: noManifestFilename, - Data: []byte{}, - }, - } - - return nil -} - -// Files returns the files generated by the asset. -func (no *networkOperator) Files() []*asset.File { - return no.FileList -} - -// Load is a no-op because network-operator manifest is not written to disk. -func (no *networkOperator) Load(asset.FileFetcher) (bool, error) { - return false, nil -} diff --git a/pkg/asset/manifests/network.go b/pkg/asset/manifests/network.go new file mode 100644 index 00000000000..cfd4f21ba20 --- /dev/null +++ b/pkg/asset/manifests/network.go @@ -0,0 +1,202 @@ +package manifests + +import ( + "os" + "path/filepath" + + "github.com/ghodss/yaml" + "github.com/pkg/errors" + + "github.com/openshift/installer/pkg/asset" + "github.com/openshift/installer/pkg/asset/installconfig" + + netopv1 "github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + clusterv1a1 "sigs.k8s.io/cluster-api/pkg/apis/cluster/v1alpha1" +) + +var ( + noCrdFilename = filepath.Join(manifestDir, "cluster-network-01-crd.yml") + noCfgFilename = filepath.Join(manifestDir, "cluster-network-02-config.yml") +) + +const ( + + // We need to manually create our CRD first, so we can create the + // configuration instance of it. + // Other operators have their CRD created by the CVO, but we manually + // create our operator's configuration in the installer. + netConfigCRD = ` +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: networkconfigs.networkoperator.openshift.io +spec: + group: networkoperator.openshift.io + names: + kind: NetworkConfig + listKind: NetworkConfigList + plural: networkconfigs + singular: networkconfig + scope: Cluster + versions: + - name: v1 + served: true + storage: true +` +) + +// Networking generates the cluster-network-*.yml files. +type Networking struct { + config *netopv1.NetworkConfig + FileList []*asset.File +} + +var _ asset.WritableAsset = (*Networking)(nil) + +// Name returns a human friendly name for the operator. +func (no *Networking) Name() string { + return "Network Config" +} + +// Dependencies returns all of the dependencies directly needed to generate +// network configuration. +func (no *Networking) Dependencies() []asset.Asset { + return []asset.Asset{ + &installconfig.InstallConfig{}, + } +} + +// Generate generates the network operator config and its CRD. +func (no *Networking) Generate(dependencies asset.Parents) error { + installConfig := &installconfig.InstallConfig{} + dependencies.Get(installConfig) + + netConfig := installConfig.Config.Networking + + // determine pod address space. + // This can go away when we get rid of PodCIDR + // entirely in favor of ClusterNetworks + var clusterNets []netopv1.ClusterNetwork + if len(netConfig.ClusterNetworks) > 0 { + clusterNets = netConfig.ClusterNetworks + } else if !netConfig.PodCIDR.IPNet.IP.IsUnspecified() { + clusterNets = []netopv1.ClusterNetwork{ + { + CIDR: netConfig.PodCIDR.String(), + HostSubnetLength: 9, + }, + } + } else { + return errors.Errorf("Either PodCIDR or ClusterNetworks must be specified") + } + + defaultNet := netopv1.DefaultNetworkDefinition{ + Type: netConfig.Type, + } + + // Add any network-specific configuration defaults here. + switch netConfig.Type { + case netopv1.NetworkTypeOpenshiftSDN: + defaultNet.OpenshiftSDNConfig = &netopv1.OpenshiftSDNConfig{ + // Default to network policy, operator provides all other defaults. + Mode: netopv1.SDNModePolicy, + } + } + + no.config = &netopv1.NetworkConfig{ + TypeMeta: metav1.TypeMeta{ + APIVersion: netopv1.SchemeGroupVersion.String(), + Kind: "NetworkConfig", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + // not namespaced + }, + + Spec: netopv1.NetworkConfigSpec{ + ServiceNetwork: netConfig.ServiceCIDR.String(), + ClusterNetworks: clusterNets, + DefaultNetwork: defaultNet, + }, + } + + configData, err := yaml.Marshal(no.config) + if err != nil { + return errors.Wrapf(err, "failed to create %s manifests from InstallConfig", no.Name()) + } + + no.FileList = []*asset.File{ + { + Filename: noCrdFilename, + Data: []byte(netConfigCRD), + }, + { + Filename: noCfgFilename, + Data: configData, + }, + } + + return nil +} + +// Files returns the files generated by the asset. +func (no *Networking) Files() []*asset.File { + return no.FileList +} + +// ClusterNetwork returns the ClusterNetworkingConfig for the ClusterConfig +// object. This is called by ClusterK8sIO, which captures generalized cluster +// state but shouldn't need to be fully networking aware. +func (no *Networking) ClusterNetwork() (*clusterv1a1.ClusterNetworkingConfig, error) { + if no.config == nil { + // should be unreachable. + return nil, errors.Errorf("ClusterNetwork called before initialization") + } + + pods := []string{} + for _, cn := range no.config.Spec.ClusterNetworks { + pods = append(pods, cn.CIDR) + } + + cn := &clusterv1a1.ClusterNetworkingConfig{ + Services: clusterv1a1.NetworkRanges{ + CIDRBlocks: []string{no.config.Spec.ServiceNetwork}, + }, + Pods: clusterv1a1.NetworkRanges{ + CIDRBlocks: pods, + }, + } + return cn, nil +} + +// Load loads the already-rendered files back from disk. +func (no *Networking) Load(f asset.FileFetcher) (bool, error) { + crdFile, err := f.FetchByName(noCrdFilename) + if err != nil { + if os.IsNotExist(err) { + return false, nil + } + return false, err + } + + cfgFile, err := f.FetchByName(noCfgFilename) + if err != nil { + if os.IsNotExist(err) { + return false, nil + } + + return false, err + } + + netConfig := &netopv1.NetworkConfig{} + if err := yaml.Unmarshal(cfgFile.Data, netConfig); err != nil { + return false, errors.Wrapf(err, "failed to unmarshal %s", noCfgFilename) + } + + fileList := []*asset.File{crdFile, cfgFile} + + no.FileList, no.config = fileList, netConfig + + return true, nil +} diff --git a/pkg/asset/manifests/operators.go b/pkg/asset/manifests/operators.go index 98419d1305d..3a7feda6968 100644 --- a/pkg/asset/manifests/operators.go +++ b/pkg/asset/manifests/operators.go @@ -51,7 +51,7 @@ func (m *Manifests) Name() string { func (m *Manifests) Dependencies() []asset.Asset { return []asset.Asset{ &installconfig.InstallConfig{}, - &networkOperator{}, + &Networking{}, &tls.RootCA{}, &tls.EtcdCA{}, &tls.IngressCertKey{}, @@ -65,7 +65,6 @@ func (m *Manifests) Dependencies() []asset.Asset { &bootkube.MachineConfigServerTLSSecret{}, &bootkube.OpenshiftServiceCertSignerSecret{}, &bootkube.Pull{}, - &bootkube.TectonicNetworkOperator{}, &bootkube.CVOOverrides{}, &bootkube.LegacyCVOOverrides{}, &bootkube.EtcdServiceEndpointsKubeSystem{}, @@ -79,20 +78,18 @@ func (m *Manifests) Dependencies() []asset.Asset { &bootkube.OpenshiftClusterAPINamespace{}, &bootkube.OpenshiftServiceCertSignerNamespace{}, &bootkube.AppVersionKind{}, - &bootkube.AppVersionTectonicNetwork{}, &bootkube.EtcdServiceKubeSystem{}, } } // Generate generates the respective operator config.yml files func (m *Manifests) Generate(dependencies asset.Parents) error { - no := &networkOperator{} + network := &Networking{} installConfig := &installconfig.InstallConfig{} - dependencies.Get(no, installConfig) + dependencies.Get(installConfig, network) - // no+mao go to kube-system config map + // mao go to kube-system config map m.KubeSysConfig = configMap("kube-system", "cluster-config-v1", genericData{ - "network-config": string(no.Files()[0].Data), "install-config": string(installConfig.Files()[0].Data), }) kubeSysConfigData, err := yaml.Marshal(m.KubeSysConfig) @@ -108,6 +105,8 @@ func (m *Manifests) Generate(dependencies asset.Parents) error { } m.FileList = append(m.FileList, m.generateBootKubeManifests(dependencies)...) + m.FileList = append(m.FileList, network.Files()...) + return nil } @@ -152,7 +151,6 @@ func (m *Manifests) generateBootKubeManifests(dependencies asset.Parents) []*ass RootCaCert: base64.StdEncoding.EncodeToString(rootCA.Cert()), ServiceServingCaCert: base64.StdEncoding.EncodeToString(serviceServingCA.Cert()), ServiceServingCaKey: base64.StdEncoding.EncodeToString(serviceServingCA.Key()), - TectonicNetworkOperatorImage: "quay.io/coreos/tectonic-network-operator-dev:375423a332f2c12b79438fc6a6da6e448e28ec0f", CVOClusterID: installConfig.Config.ClusterID, EtcdEndpointHostnames: etcdEndpointHostnames, EtcdEndpointDNSSuffix: installConfig.Config.BaseDomain, @@ -162,7 +160,6 @@ func (m *Manifests) generateBootKubeManifests(dependencies asset.Parents) []*ass machineConfigServerTLSSecret := &bootkube.MachineConfigServerTLSSecret{} openshiftServiceCertSignerSecret := &bootkube.OpenshiftServiceCertSignerSecret{} pull := &bootkube.Pull{} - tectonicNetworkOperator := &bootkube.TectonicNetworkOperator{} cVOOverrides := &bootkube.CVOOverrides{} legacyCVOOverrides := &bootkube.LegacyCVOOverrides{} etcdServiceEndpointsKubeSystem := &bootkube.EtcdServiceEndpointsKubeSystem{} @@ -176,14 +173,12 @@ func (m *Manifests) generateBootKubeManifests(dependencies asset.Parents) []*ass openshiftClusterAPINamespace := &bootkube.OpenshiftClusterAPINamespace{} openshiftServiceCertSignerNamespace := &bootkube.OpenshiftServiceCertSignerNamespace{} appVersionKind := &bootkube.AppVersionKind{} - appVersionTectonicNetwork := &bootkube.AppVersionTectonicNetwork{} etcdServiceKubeSystem := &bootkube.EtcdServiceKubeSystem{} dependencies.Get( kubeCloudConfig, machineConfigServerTLSSecret, openshiftServiceCertSignerSecret, pull, - tectonicNetworkOperator, cVOOverrides, legacyCVOOverrides, etcdServiceEndpointsKubeSystem, @@ -196,7 +191,6 @@ func (m *Manifests) generateBootKubeManifests(dependencies asset.Parents) []*ass openshiftClusterAPINamespace, openshiftServiceCertSignerNamespace, appVersionKind, - appVersionTectonicNetwork, etcdServiceKubeSystem, ) assetData := map[string][]byte{ @@ -204,7 +198,6 @@ func (m *Manifests) generateBootKubeManifests(dependencies asset.Parents) []*ass "machine-config-server-tls-secret.yaml": applyTemplateData(machineConfigServerTLSSecret.Files()[0].Data, templateData), "openshift-service-signer-secret.yaml": applyTemplateData(openshiftServiceCertSignerSecret.Files()[0].Data, templateData), "pull.json": applyTemplateData(pull.Files()[0].Data, templateData), - "tectonic-network-operator.yaml": applyTemplateData(tectonicNetworkOperator.Files()[0].Data, templateData), "cvo-overrides.yaml": applyTemplateData(cVOOverrides.Files()[0].Data, templateData), "legacy-cvo-overrides.yaml": applyTemplateData(legacyCVOOverrides.Files()[0].Data, templateData), "etcd-service-endpoints.yaml": applyTemplateData(etcdServiceEndpointsKubeSystem.Files()[0].Data, templateData), @@ -218,7 +211,6 @@ func (m *Manifests) generateBootKubeManifests(dependencies asset.Parents) []*ass "05-openshift-cluster-api-namespace.yaml": []byte(openshiftClusterAPINamespace.Files()[0].Data), "09-openshift-service-signer-namespace.yaml": []byte(openshiftServiceCertSignerNamespace.Files()[0].Data), "app-version-kind.yaml": []byte(appVersionKind.Files()[0].Data), - "app-version-tectonic-network.yaml": []byte(appVersionTectonicNetwork.Files()[0].Data), "etcd-service.yaml": []byte(etcdServiceKubeSystem.Files()[0].Data), } diff --git a/pkg/asset/manifests/tectonic.go b/pkg/asset/manifests/tectonic.go index 444b0ee13fc..7b41fe1f991 100644 --- a/pkg/asset/manifests/tectonic.go +++ b/pkg/asset/manifests/tectonic.go @@ -47,7 +47,7 @@ func (t *Tectonic) Dependencies() []asset.Asset { &installconfig.InstallConfig{}, &tls.IngressCertKey{}, &tls.KubeCA{}, - &machines.ClusterK8sIO{}, + &ClusterK8sIO{}, &machines.Worker{}, &machines.Master{}, &kubeAddonOperator{}, @@ -67,7 +67,7 @@ func (t *Tectonic) Dependencies() []asset.Asset { // Generate generates the respective operator config.yml files func (t *Tectonic) Generate(dependencies asset.Parents) error { installConfig := &installconfig.InstallConfig{} - clusterk8sio := &machines.ClusterK8sIO{} + clusterk8sio := &ClusterK8sIO{} worker := &machines.Worker{} master := &machines.Master{} addon := &kubeAddonOperator{} diff --git a/pkg/asset/manifests/template.go b/pkg/asset/manifests/template.go index fd47ccc08cf..fc63c63a370 100644 --- a/pkg/asset/manifests/template.go +++ b/pkg/asset/manifests/template.go @@ -29,7 +29,6 @@ type bootkubeTemplateData struct { RootCaCert string ServiceServingCaCert string ServiceServingCaKey string - TectonicNetworkOperatorImage string WorkerIgnConfig string CVOClusterID string EtcdEndpointHostnames []string diff --git a/pkg/asset/templates/content/bootkube/app-version-tectonic-network.go b/pkg/asset/templates/content/bootkube/app-version-tectonic-network.go deleted file mode 100644 index 44a22452ea5..00000000000 --- a/pkg/asset/templates/content/bootkube/app-version-tectonic-network.go +++ /dev/null @@ -1,65 +0,0 @@ -package bootkube - -import ( - "os" - "path/filepath" - - "github.com/openshift/installer/pkg/asset" - "github.com/openshift/installer/pkg/asset/templates/content" -) - -const ( - appVersionTectonicNetworkFileName = "app-version-tectonic-network.yaml" -) - -var _ asset.WritableAsset = (*AppVersionTectonicNetwork)(nil) - -// AppVersionTectonicNetwork is the constant to represent contents of App_VersionTectonicNetwork.yaml file -type AppVersionTectonicNetwork struct { - fileName string - FileList []*asset.File -} - -// Dependencies returns all of the dependencies directly needed by the asset -func (t *AppVersionTectonicNetwork) Dependencies() []asset.Asset { - return []asset.Asset{} -} - -// Name returns the human-friendly name of the asset. -func (t *AppVersionTectonicNetwork) Name() string { - return "AppVersionTectonicNetwork" -} - -// Generate generates the actual files by this asset -func (t *AppVersionTectonicNetwork) Generate(parents asset.Parents) error { - t.fileName = appVersionTectonicNetworkFileName - data, err := content.GetBootkubeTemplate(t.fileName) - if err != nil { - return err - } - t.FileList = []*asset.File{ - { - Filename: filepath.Join(content.TemplateDir, t.fileName), - Data: []byte(data), - }, - } - return nil -} - -// Files returns the files generated by the asset. -func (t *AppVersionTectonicNetwork) Files() []*asset.File { - return t.FileList -} - -// Load returns the asset from disk. -func (t *AppVersionTectonicNetwork) Load(f asset.FileFetcher) (bool, error) { - file, err := f.FetchByName(filepath.Join(content.TemplateDir, appVersionTectonicNetworkFileName)) - if err != nil { - if os.IsNotExist(err) { - return false, nil - } - return false, err - } - t.FileList = []*asset.File{file} - return true, nil -} diff --git a/pkg/asset/templates/content/bootkube/tectonic-network-operator.go b/pkg/asset/templates/content/bootkube/tectonic-network-operator.go deleted file mode 100644 index 5e98aece40a..00000000000 --- a/pkg/asset/templates/content/bootkube/tectonic-network-operator.go +++ /dev/null @@ -1,65 +0,0 @@ -package bootkube - -import ( - "os" - "path/filepath" - - "github.com/openshift/installer/pkg/asset" - "github.com/openshift/installer/pkg/asset/templates/content" -) - -const ( - tectonicNetworkOperatorFileName = "tectonic-network-operator.yaml.template" -) - -var _ asset.WritableAsset = (*TectonicNetworkOperator)(nil) - -// TectonicNetworkOperator represents the template variable for tectonic-network-operator.yaml.template file -type TectonicNetworkOperator struct { - fileName string - FileList []*asset.File -} - -// Dependencies returns all of the dependencies directly needed by the asset -func (t *TectonicNetworkOperator) Dependencies() []asset.Asset { - return []asset.Asset{} -} - -// Name returns the human-friendly name of the asset. -func (t *TectonicNetworkOperator) Name() string { - return "TectonicNetworkOperator" -} - -// Generate generates the actual files by this asset -func (t *TectonicNetworkOperator) Generate(parents asset.Parents) error { - t.fileName = tectonicNetworkOperatorFileName - data, err := content.GetBootkubeTemplate(t.fileName) - if err != nil { - return err - } - t.FileList = []*asset.File{ - { - Filename: filepath.Join(content.TemplateDir, t.fileName), - Data: []byte(data), - }, - } - return nil -} - -// Files returns the files generated by the asset. -func (t *TectonicNetworkOperator) Files() []*asset.File { - return t.FileList -} - -// Load returns the asset from disk. -func (t *TectonicNetworkOperator) Load(f asset.FileFetcher) (bool, error) { - file, err := f.FetchByName(filepath.Join(content.TemplateDir, tectonicNetworkOperatorFileName)) - if err != nil { - if os.IsNotExist(err) { - return false, nil - } - return false, err - } - t.FileList = []*asset.File{file} - return true, nil -} diff --git a/pkg/asset/templates/templates.go b/pkg/asset/templates/templates.go index 8441b4a2fb3..d83d257eb39 100644 --- a/pkg/asset/templates/templates.go +++ b/pkg/asset/templates/templates.go @@ -27,7 +27,6 @@ func (m *Templates) Dependencies() []asset.Asset { &bootkube.MachineConfigServerTLSSecret{}, &bootkube.OpenshiftServiceCertSignerSecret{}, &bootkube.Pull{}, - &bootkube.TectonicNetworkOperator{}, &bootkube.CVOOverrides{}, &bootkube.LegacyCVOOverrides{}, &bootkube.EtcdServiceEndpointsKubeSystem{}, @@ -40,7 +39,6 @@ func (m *Templates) Dependencies() []asset.Asset { &bootkube.OpenshiftClusterAPINamespace{}, &bootkube.OpenshiftServiceCertSignerNamespace{}, &bootkube.AppVersionKind{}, - &bootkube.AppVersionTectonicNetwork{}, &bootkube.EtcdServiceKubeSystem{}, &tectonic.BindingDiscovery{}, &tectonic.AppVersionKubeAddon{}, @@ -60,7 +58,6 @@ func (m *Templates) Generate(dependencies asset.Parents) error { machineConfigServerTLSSecret := &bootkube.MachineConfigServerTLSSecret{} openshiftServiceCertSignerSecret := &bootkube.OpenshiftServiceCertSignerSecret{} pull := &bootkube.Pull{} - tectonicNetworkOperator := &bootkube.TectonicNetworkOperator{} cVOOverrides := &bootkube.CVOOverrides{} legacyCVOOverrides := &bootkube.LegacyCVOOverrides{} etcdServiceEndpointsKubeSystem := &bootkube.EtcdServiceEndpointsKubeSystem{} @@ -73,7 +70,6 @@ func (m *Templates) Generate(dependencies asset.Parents) error { openshiftClusterAPINamespace := &bootkube.OpenshiftClusterAPINamespace{} openshiftServiceCertSignerNamespace := &bootkube.OpenshiftServiceCertSignerNamespace{} appVersionKind := &bootkube.AppVersionKind{} - appVersionTectonicNetwork := &bootkube.AppVersionTectonicNetwork{} etcdServiceKubeSystem := &bootkube.EtcdServiceKubeSystem{} bindingDiscovery := &tectonic.BindingDiscovery{} @@ -91,7 +87,6 @@ func (m *Templates) Generate(dependencies asset.Parents) error { machineConfigServerTLSSecret, openshiftServiceCertSignerSecret, pull, - tectonicNetworkOperator, cVOOverrides, legacyCVOOverrides, etcdServiceEndpointsKubeSystem, @@ -104,7 +99,6 @@ func (m *Templates) Generate(dependencies asset.Parents) error { openshiftClusterAPINamespace, openshiftServiceCertSignerNamespace, appVersionKind, - appVersionTectonicNetwork, etcdServiceKubeSystem, bindingDiscovery, appVersionKubeAddon, @@ -121,7 +115,6 @@ func (m *Templates) Generate(dependencies asset.Parents) error { m.FileList = append(m.FileList, machineConfigServerTLSSecret.Files()...) m.FileList = append(m.FileList, openshiftServiceCertSignerSecret.Files()...) m.FileList = append(m.FileList, pull.Files()...) - m.FileList = append(m.FileList, tectonicNetworkOperator.Files()...) m.FileList = append(m.FileList, cVOOverrides.Files()...) m.FileList = append(m.FileList, legacyCVOOverrides.Files()...) m.FileList = append(m.FileList, etcdServiceEndpointsKubeSystem.Files()...) @@ -134,7 +127,6 @@ func (m *Templates) Generate(dependencies asset.Parents) error { m.FileList = append(m.FileList, openshiftClusterAPINamespace.Files()...) m.FileList = append(m.FileList, openshiftServiceCertSignerNamespace.Files()...) m.FileList = append(m.FileList, appVersionKind.Files()...) - m.FileList = append(m.FileList, appVersionTectonicNetwork.Files()...) m.FileList = append(m.FileList, etcdServiceKubeSystem.Files()...) m.FileList = append(m.FileList, bindingDiscovery.Files()...) diff --git a/pkg/types/installconfig.go b/pkg/types/installconfig.go index 7ae9c86e2d9..60ff6ed5e8a 100644 --- a/pkg/types/installconfig.go +++ b/pkg/types/installconfig.go @@ -3,6 +3,7 @@ package types import ( "net" + netopv1 "github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1" "github.com/openshift/installer/pkg/ipnet" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -101,20 +102,21 @@ func (p *Platform) Name() string { // Networking defines the pod network provider in the cluster. type Networking struct { - Type NetworkType `json:"type"` + // Type is the network type to install + Type netopv1.NetworkType `json:"type"` + + // ServiceCIDR is the ip block from which to assign service IPs ServiceCIDR ipnet.IPNet `json:"serviceCIDR"` - PodCIDR ipnet.IPNet `json:"podCIDR"` -} -// NetworkType defines the pod network provider in the cluster. -type NetworkType string + // ClusterNetworks is the IP address space from which to assign pod IPs. + ClusterNetworks []netopv1.ClusterNetwork `json:"clusterNetworks,omitempty"` -const ( - // NetworkTypeOpenshiftSDN is used to install with SDN. - NetworkTypeOpenshiftSDN NetworkType = "openshift-sdn" - // NetworkTypeOpenshiftOVN is used to install with OVN. - NetworkTypeOpenshiftOVN NetworkType = "openshift-ovn" -) + // PodCIDR is deprecated (and badly named; it should have always + // been called ClusterCIDR. If no ClusterNetworks are specified, + // we will fall back to the PodCIDR + // TODO(cdc) remove this. + PodCIDR *ipnet.IPNet `json:"podCIDR,omitempty"` +} // AWSPlatform stores all the global configuration that // all machinesets use. diff --git a/vendor/github.com/coreos/tectonic-config/config/tectonic-network/config.go b/vendor/github.com/coreos/tectonic-config/config/tectonic-network/config.go deleted file mode 100644 index 073ee42e655..00000000000 --- a/vendor/github.com/coreos/tectonic-config/config/tectonic-network/config.go +++ /dev/null @@ -1,47 +0,0 @@ -package tectonicnetwork - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -const ( - // Kind is the TypeMeta.Kind for the OperatorConfig. - Kind = "TectonicNetworkOperatorConfig" - // APIVersion is the TypeMeta.APIVersion for the OperatorConfig. - APIVersion = "v1" -) - -// NetworkType indicates the network configuration of the cluster. -// -// NOTE: only one of none, flannel, canal or calico can be enabled at a time. -type NetworkType string - -const ( - // NetworkNone is the network profile for a cluster that does not use the TNO to configure - // networking. - NetworkNone NetworkType = "none" - // NetworkFlannel is the network profile for a cluster that implements flannel. - NetworkFlannel NetworkType = "flannel" - // NetworkCanal is the network profile for a cluster that implements canal. - NetworkCanal = "canal" - // NetworkCalicoIPIP is the network profile for a cluster that implements calico. - NetworkCalicoIPIP = "calico-ipip" -) - -// OperatorConfig defines the configuration needed by the Tectonic Network Operator. -type OperatorConfig struct { - metav1.TypeMeta `json:",inline"` - - // PodCIDR is an IP range from which pod IPs can be assigned. - PodCIDR string `json:"podCIDR"` - // NetworkProfile describes the network configuration for the cluster. - NetworkProfile NetworkType `json:"networkProfile"` - // CalicoConfig is used only when the networkType is `calico`. - CalicoConfig `json:"calicoConfig"` -} - -// CalicoConfig defines config values when the network profile supports `calico`. -type CalicoConfig struct { - // MTU sets the MTU size for workload interfaces and the IP-in-IP tunnel device. - MTU string `json:"mtu"` -} diff --git a/vendor/github.com/openshift/cluster-network-operator/LICENSE b/vendor/github.com/openshift/cluster-network-operator/LICENSE new file mode 100644 index 00000000000..c4ea8b6f9d8 --- /dev/null +++ b/vendor/github.com/openshift/cluster-network-operator/LICENSE @@ -0,0 +1,191 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + Copyright 2014 Red Hat, Inc. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/doc.go b/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/doc.go new file mode 100644 index 00000000000..6fb5f24a488 --- /dev/null +++ b/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/doc.go @@ -0,0 +1,4 @@ +// Package v1 contains API Schema definitions for the networkoperator v1 API group +// +k8s:deepcopy-gen=package,register +// +groupName=networkoperator.openshift.io +package v1 diff --git a/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/networkconfig_types.go b/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/networkconfig_types.go new file mode 100644 index 00000000000..d381c67535f --- /dev/null +++ b/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/networkconfig_types.go @@ -0,0 +1,199 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// Important: Run hack/update-codegen.sh to regenerate code after modifying this file + +// register our type with the k8s api scheme +func init() { + SchemeBuilder.Register(&NetworkConfig{}, &NetworkConfigList{}) +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// NetworkConfig describes the cluster's desired network configuration +// +k8s:openapi-gen=true +type NetworkConfig struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec NetworkConfigSpec `json:"spec,omitempty"` + Status NetworkConfigStatus `json:"status,omitempty"` +} + +// NetworkConfigStatus defines the observed state of NetworkConfig +type NetworkConfigStatus struct { + // TODO +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// NetworkConfigList contains a list of NetworkConfig +// We do not support more than one NetworkConfig, but the operator-sdk +// requires this +type NetworkConfigList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []NetworkConfig `json:"items"` +} + +// NetworkConfigSpec is the top-level network configuration object. +type NetworkConfigSpec struct { + // IP address pool to use for pod IPs. + // Some network providers, e.g. Openshift-sdn, support multiple ClusterNetworks. + // Others only support one. This is equivalent to the cluster-cidr. + ClusterNetworks []ClusterNetwork `json:"clusterNetworks"` + + // The CIDR to use for services + ServiceNetwork string `json:"serviceNetwork"` + + // The "default" network that all pods will receive + DefaultNetwork DefaultNetworkDefinition `json:"defaultNetwork"` + + // Additional networks to make available to pods. If they are specified, + // pods can request them via annotations. + // + // Specifying any additionalNetworks will enable Multus across the cluster. + AdditionalNetworks []AdditionalNetworkDefinition `json:"additionalNetworks"` + + // DeployKubeProxy specifies whether or not a standalone kube-proxy should + // be deployed by the operator. Some network providers include kube-proxy + // or similar functionality. If unset, the plugin will attempt to select + // the correct value, which is false when Openshift-sdn and ovn-kubernetes are + // used and true otherwise. + // +optional + DeployKubeProxy *bool `json:"deployKubeProxy,omitempty"` + + // KubeProxyConfig lets us configure desired proxy configuration. + // If not specified, sensible defaults will be chosen by OpenShift directly. + // Not consumed by all network providers - currently only openshift-sdn. + KubeProxyConfig *ProxyConfig `json:"kubeProxyConfig,omitempty"` +} + +// ClusterNetwork is a subnet from which to allocate PodIPs. A network of size +// 2^HostSubnetLength will be allocated when nodes join the cluster. +// Not all network providers support multiple ClusterNetworks +type ClusterNetwork struct { + CIDR string `json:"cidr"` + HostSubnetLength uint32 `json:"hostSubnetLength"` +} + +// NetworkDefinition represents a single network plugin's configuration. +// Kind must be specified, along with exactly one "Config" that matches +// the kind. Kinds that do not have a specific configuration parameter should +// use OtherConfig +type DefaultNetworkDefinition struct { + // The type of network + // All NetworkTypes are supported except for NetworkTypeRaw + Type NetworkType `json:"type"` + + // OpenshiftSDNConfig configures the openshift-sdn plugin + // +optional + OpenshiftSDNConfig *OpenshiftSDNConfig `json:"openshiftSDNConfig,omitempty"` + + // OVNKubernetesConfig configures the ovn-kubernetes plugin + // +optional + OVNKubernetesConfig *OVNKubernetesConfig `json:"ovnKubernetesConfig,omitempty"` + + // OtherConfig is for network plugins that are supported by the operator + // but do not need their own type. These values will be passed directly + // to the manifest templates. + // This is used by calico and kuryr + // See the plugin-specific documentation for which values are required. + // +optional + OtherConfig map[string]string `json:"otherConfig,omitEmpty"` +} + +// AdditionalNetworkDefinition is extra networks that are available but not +// created by default. Instead, pods must request them by name. +type AdditionalNetworkDefinition struct { + // The type of network + // The only supported value is NetworkTypeRaw + Type NetworkType `json:"type"` + + // The name of the network. This will be populated in the resulting CRD + Name string `json:"name"` + + // RawCNIConfig is the raw CNI configuration json to create in the + // NetworkAttachmentDefinition CRD + RawCNIConfig string `json:"rawCNIConfig"` +} + +// OpenshiftSDNConfig configures the three openshift-sdn plugins +type OpenshiftSDNConfig struct { + // Mode is one of "multitenant", "subnet", or "networkpolicy" + Mode SDNMode `json:"mode"` + + // VXLANPort is the port to use for all vxlan packets. The default + // is 4789 + // +optional + VXLANPort *uint32 `json:"vxlanPort,omitempty"` + + // MTU is the mtu to use for the tunnel interface. Defaults to 1450 if unset. + // +optional + MTU *uint32 `json:"mtu,omitempty"` + + // If true, then assume the nodes already have a running openvswitch. + // +optional + UseExternalOpenvswitch *bool `json:"useExternalOpenvswitch,omitempty"` +} + +// OVNKubernetesConfig is the configuration parameters for networks using the +// ovn-kubernetes netwok project +type OVNKubernetesConfig struct { + // The UDP port to use for geneve + // The default is 6081 + GenevePort *uint32 `json:"genevePort,omitempty"` + + // The MTU to use for the tunnel interface + // Default is 1400 + MTU *uint32 `json:"mtu,omitempty"` +} + +// NetworkType describes the network plugin type to configure +type NetworkType string + +// ProxyConfig defines the configuration knobs for kubeproxy +// All of these are optional and have sensible defaults +type ProxyConfig struct { + // The period that iptables rules are refreshed. + // Default: 30s + IptablesSyncPeriod string `json:"iptablesSyncPeriod,omitempty"` + + // The address to "bind" on + // Defaults to 0.0.0.0 + BindAddress string + + // Any additional arguments to pass to the kubeproxy process + ProxyArguments map[string][]string +} + +const ( + // NetworkTypeOpenshiftSDN means the openshift-sdn plugin will be configured + NetworkTypeOpenshiftSDN NetworkType = "OpenshiftSDN" + + // NetworkTypeOVNKubernetes means the ovn-kubernetes project will be configured + NetworkTypeOVNKubernetes NetworkType = "OVNKubernetes" + + // NetworkTypeCalico means Calico will be configured + NetworkTypeCalico NetworkType = "Calico" + + // NetworkType + NetworkTypeKuryr NetworkType = "Kuryr" + + // NetworkTypeRaw + NetworkTypeRaw NetworkType = "Raw" +) + +// SDNMode is the Mode the openshift-sdn plugin is in +type SDNMode string + +const ( + SDNModeMultitenant SDNMode = "Multitenant" + + SDNModeSubnet SDNMode = "Subnet" + + SDNModePolicy SDNMode = "Networkpolicy" +) diff --git a/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/register.go b/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/register.go new file mode 100644 index 00000000000..dece6ad591c --- /dev/null +++ b/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/register.go @@ -0,0 +1,19 @@ +// NOTE: Boilerplate only. Ignore this file. + +// Package v1 contains API Schema definitions for the networkoperator v1 API group +// +k8s:deepcopy-gen=package,register +// +groupName=networkoperator.openshift.io +package v1 + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/runtime/scheme" +) + +var ( + // SchemeGroupVersion is group version used to register these objects + SchemeGroupVersion = schema.GroupVersion{Group: "networkoperator.openshift.io", Version: "v1"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion} +) diff --git a/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/zz_generated.deepcopy.go new file mode 100644 index 00000000000..5eb6a69a48c --- /dev/null +++ b/vendor/github.com/openshift/cluster-network-operator/pkg/apis/networkoperator/v1/zz_generated.deepcopy.go @@ -0,0 +1,276 @@ +// +build !ignore_autogenerated + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AdditionalNetworkDefinition) DeepCopyInto(out *AdditionalNetworkDefinition) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalNetworkDefinition. +func (in *AdditionalNetworkDefinition) DeepCopy() *AdditionalNetworkDefinition { + if in == nil { + return nil + } + out := new(AdditionalNetworkDefinition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterNetwork) DeepCopyInto(out *ClusterNetwork) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterNetwork. +func (in *ClusterNetwork) DeepCopy() *ClusterNetwork { + if in == nil { + return nil + } + out := new(ClusterNetwork) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DefaultNetworkDefinition) DeepCopyInto(out *DefaultNetworkDefinition) { + *out = *in + if in.OpenshiftSDNConfig != nil { + in, out := &in.OpenshiftSDNConfig, &out.OpenshiftSDNConfig + *out = new(OpenshiftSDNConfig) + (*in).DeepCopyInto(*out) + } + if in.OVNKubernetesConfig != nil { + in, out := &in.OVNKubernetesConfig, &out.OVNKubernetesConfig + *out = new(OVNKubernetesConfig) + (*in).DeepCopyInto(*out) + } + if in.OtherConfig != nil { + in, out := &in.OtherConfig, &out.OtherConfig + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultNetworkDefinition. +func (in *DefaultNetworkDefinition) DeepCopy() *DefaultNetworkDefinition { + if in == nil { + return nil + } + out := new(DefaultNetworkDefinition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkConfig) DeepCopyInto(out *NetworkConfig) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkConfig. +func (in *NetworkConfig) DeepCopy() *NetworkConfig { + if in == nil { + return nil + } + out := new(NetworkConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkConfig) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkConfigList) DeepCopyInto(out *NetworkConfigList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]NetworkConfig, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkConfigList. +func (in *NetworkConfigList) DeepCopy() *NetworkConfigList { + if in == nil { + return nil + } + out := new(NetworkConfigList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkConfigList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkConfigSpec) DeepCopyInto(out *NetworkConfigSpec) { + *out = *in + if in.ClusterNetworks != nil { + in, out := &in.ClusterNetworks, &out.ClusterNetworks + *out = make([]ClusterNetwork, len(*in)) + copy(*out, *in) + } + in.DefaultNetwork.DeepCopyInto(&out.DefaultNetwork) + if in.AdditionalNetworks != nil { + in, out := &in.AdditionalNetworks, &out.AdditionalNetworks + *out = make([]AdditionalNetworkDefinition, len(*in)) + copy(*out, *in) + } + if in.DeployKubeProxy != nil { + in, out := &in.DeployKubeProxy, &out.DeployKubeProxy + *out = new(bool) + **out = **in + } + if in.KubeProxyConfig != nil { + in, out := &in.KubeProxyConfig, &out.KubeProxyConfig + *out = new(ProxyConfig) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkConfigSpec. +func (in *NetworkConfigSpec) DeepCopy() *NetworkConfigSpec { + if in == nil { + return nil + } + out := new(NetworkConfigSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkConfigStatus) DeepCopyInto(out *NetworkConfigStatus) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkConfigStatus. +func (in *NetworkConfigStatus) DeepCopy() *NetworkConfigStatus { + if in == nil { + return nil + } + out := new(NetworkConfigStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OVNKubernetesConfig) DeepCopyInto(out *OVNKubernetesConfig) { + *out = *in + if in.GenevePort != nil { + in, out := &in.GenevePort, &out.GenevePort + *out = new(uint32) + **out = **in + } + if in.MTU != nil { + in, out := &in.MTU, &out.MTU + *out = new(uint32) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OVNKubernetesConfig. +func (in *OVNKubernetesConfig) DeepCopy() *OVNKubernetesConfig { + if in == nil { + return nil + } + out := new(OVNKubernetesConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OpenshiftSDNConfig) DeepCopyInto(out *OpenshiftSDNConfig) { + *out = *in + if in.VXLANPort != nil { + in, out := &in.VXLANPort, &out.VXLANPort + *out = new(uint32) + **out = **in + } + if in.MTU != nil { + in, out := &in.MTU, &out.MTU + *out = new(uint32) + **out = **in + } + if in.UseExternalOpenvswitch != nil { + in, out := &in.UseExternalOpenvswitch, &out.UseExternalOpenvswitch + *out = new(bool) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenshiftSDNConfig. +func (in *OpenshiftSDNConfig) DeepCopy() *OpenshiftSDNConfig { + if in == nil { + return nil + } + out := new(OpenshiftSDNConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ProxyConfig) DeepCopyInto(out *ProxyConfig) { + *out = *in + if in.ProxyArguments != nil { + in, out := &in.ProxyArguments, &out.ProxyArguments + *out = make(map[string][]string, len(*in)) + for key, val := range *in { + var outVal []string + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = make([]string, len(*in)) + copy(*out, *in) + } + (*out)[key] = outVal + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProxyConfig. +func (in *ProxyConfig) DeepCopy() *ProxyConfig { + if in == nil { + return nil + } + out := new(ProxyConfig) + in.DeepCopyInto(out) + return out +}