internal

package
v1.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 13, 2023 License: Apache-2.0 Imports: 50 Imported by: 0

Documentation

Overview

Package internal contains internal implementation details for the Kubeadm Control Plane.

Index

Constants

View Source 
const (
	// NodeBootstrapTokenAuthGroup specifies which group a Node Bootstrap Token should be authenticated in.
	NodeBootstrapTokenAuthGroup = "system:bootstrappers:ocne:default-node-token"

	// GetNodesClusterRoleName defines the name of the ClusterRole and ClusterRoleBinding to get nodes.
	GetNodesClusterRoleName = "ocne:get-nodes"

	// NodesGroup defines the well-known group for all nodes.
	NodesGroup = "system:nodes"

	// KubeletConfigMapRolePrefix defines base kubelet configuration ConfigMap role prefix.
	KubeletConfigMapRolePrefix = "ocne:"

	// KubeletConfigMapName defines base kubelet configuration ConfigMap name for kubeadm < 1.24.
	KubeletConfigMapName = "kubelet-config-%d.%d"

	// UnversionedKubeletConfigMapName defines base kubelet configuration ConfigMap for kubeadm >= 1.24.
	UnversionedKubeletConfigMapName = "kubelet-config"
)
View Source 
const (
	// OCNEControlPlaneControllerName defines the controller used when creating clients.
	OCNEControlPlaneControllerName = "ocne-controlplane-controller"
)

Variables

View Source 
var (

	// ErrControlPlaneMinNodes signals that a cluster doesn't meet the minimum required nodes
	// to remove an etcd member.
	ErrControlPlaneMinNodes = errors.New("cluster has fewer than 2 control plane nodes; removing an etcd member is not supported")
)

Functions

func ControlPlaneMachineLabelsForCluster 

func ControlPlaneMachineLabelsForCluster(ocnecp *controlplanev1.OCNEControlPlane, clusterName string) map[string]string

ControlPlaneMachineLabelsForCluster returns a set of labels to add to a control plane machine for this specific cluster.

func ImageRepositoryFromClusterConfig 

func ImageRepositoryFromClusterConfig(clusterConfig *bootstrapv1.ClusterConfiguration, kubernetesVersion semver.Version) string

ImageRepositoryFromClusterConfig returns the image repository to use. It returns:

  • clusterConfig.ImageRepository if set.
  • else either k8s.gcr.io or registry.k8s.io depending on the default registry of the ocne binary of the given kubernetes version. This is only done for Kubernetes versions >= v1.22.0 and < v1.26.0 because in this version range the default registry was changed.

Note: Please see the following issue for more context: https://github.com/kubernetes-sigs/cluster-api/issues/7833 tl;dr is that the imageRepository must be in sync with the default registry of ocne. Otherwise ocne preflight checks will fail because ocne is trying to pull the CoreDNS image from the wrong repository (<registry>/coredns instead of <registry>/coredns/coredns).

func MatchesMachineSpec 

func MatchesMachineSpec(infraConfigs map[string]*unstructured.Unstructured, machineConfigs map[string]*bootstrapv1.OCNEConfig, ocnecp *controlplanev1.OCNEControlPlane) func(machine *clusterv1.Machine) bool

MatchesMachineSpec returns a filter to find all machines that matches with KCP config and do not require any rollout. Kubernetes version, infrastructure template, and OCNEConfig field need to be equivalent.

func MatchesOCNEBootstrapConfig 

func MatchesOCNEBootstrapConfig(machineConfigs map[string]*bootstrapv1.OCNEConfig, ocnecp *controlplanev1.OCNEControlPlane) collections.Func

MatchesOCNEBootstrapConfig checks if machine's ControlPlaneConfig is equivalent with KCP's ControlPlaneConfig.

func MatchesTemplateClonedFrom 

func MatchesTemplateClonedFrom(infraConfigs map[string]*unstructured.Unstructured, ocnecp *controlplanev1.OCNEControlPlane) collections.Func

MatchesTemplateClonedFrom returns a filter to find all machines that match a given KCP infra template.

Types

type ClusterStatus 

type ClusterStatus struct {
	// Nodes are a total count of nodes
	Nodes int32
	// ReadyNodes are the count of nodes that are reporting ready
	ReadyNodes int32
	// HasOCNEConfig will be true if the ocne config map has been uploaded, false otherwise.
	HasOCNEConfig bool
}

ClusterStatus holds stats information about the cluster.

type ControlPlane 

type ControlPlane struct {
	KCP      *controlplanev1.OCNEControlPlane
	Cluster  *clusterv1.Cluster
	Machines collections.Machines
	// contains filtered or unexported fields
}

ControlPlane holds business logic around control planes. It should never need to connect to a service, that responsibility lies outside of this struct. Going forward we should be trying to add more logic to here and reduce the amount of logic in the reconciler.

func NewControlPlane 

func NewControlPlane(ctx context.Context, client client.Client, cluster *clusterv1.Cluster, ocnecp *controlplanev1.OCNEControlPlane, ownedMachines collections.Machines) (*ControlPlane, error)

NewControlPlane returns an instantiated ControlPlane.

func (*ControlPlane) AsOwnerReference 

func (c *ControlPlane) AsOwnerReference() *metav1.OwnerReference

AsOwnerReference returns an owner reference to the OCNEControlPlane.

func (*ControlPlane) EtcdImageData 

func (c *ControlPlane) EtcdImageData() (string, string)

EtcdImageData returns the etcd image data embedded in the ClusterConfiguration or empty strings if none are defined.

func (*ControlPlane) FailureDomainWithMostMachines 

func (c *ControlPlane) FailureDomainWithMostMachines(machines collections.Machines) *string

FailureDomainWithMostMachines returns a fd which exists both in machines and control-plane machines and has the most control-plane machines on it.

func (*ControlPlane) FailureDomains 

func (c *ControlPlane) FailureDomains() clusterv1.FailureDomains

FailureDomains returns a slice of failure domain objects synced from the infrastructure provider into Cluster.Status.

func (*ControlPlane) GenerateOCNEConfig 

func (c *ControlPlane) GenerateOCNEConfig(spec *bootstrapv1.OCNEConfigSpec) *bootstrapv1.OCNEConfig

GenerateOCNEConfig generates a new ocne config for creating new control plane nodes.

func (*ControlPlane) GetOCNEConfig 

func (c *ControlPlane) GetOCNEConfig(machineName string) (*bootstrapv1.OCNEConfig, bool)

GetOCNEConfig returns the OCNEConfig of a given machine.

func (*ControlPlane) HasDeletingMachine 

func (c *ControlPlane) HasDeletingMachine() bool

HasDeletingMachine returns true if any machine in the control plane is in the process of being deleted.

func (*ControlPlane) HasUnhealthyMachine 

func (c *ControlPlane) HasUnhealthyMachine() bool

HasUnhealthyMachine returns true if any machine in the control plane is marked as unhealthy by MHC.

func (*ControlPlane) HealthyMachines 

func (c *ControlPlane) HealthyMachines() collections.Machines

HealthyMachines returns the list of control plane machines not marked as unhealthy by MHC.

func (*ControlPlane) InitialControlPlaneConfig 

func (c *ControlPlane) InitialControlPlaneConfig() *bootstrapv1.OCNEConfigSpec

InitialControlPlaneConfig returns a new ControlPlaneConfig that is to be used for an initializing control plane.

func (*ControlPlane) IsEtcdManaged 

func (c *ControlPlane) IsEtcdManaged() bool

IsEtcdManaged returns true if the control plane relies on a managed etcd.

func (*ControlPlane) JoinControlPlaneConfig 

func (c *ControlPlane) JoinControlPlaneConfig() *bootstrapv1.OCNEConfigSpec

JoinControlPlaneConfig returns a new ControlPlaneConfig that is to be used for joining control planes.

func (*ControlPlane) MachineInFailureDomainWithMostMachines 

func (c *ControlPlane) MachineInFailureDomainWithMostMachines(machines collections.Machines) (*clusterv1.Machine, error)

MachineInFailureDomainWithMostMachines returns the first matching failure domain with machines that has the most control-plane machines on it.

func (*ControlPlane) MachineInfrastructureTemplateRef 

func (c *ControlPlane) MachineInfrastructureTemplateRef() *corev1.ObjectReference

MachineInfrastructureTemplateRef returns the OCNEControlPlane's infrastructure template for Machines.

func (*ControlPlane) MachineWithDeleteAnnotation 

func (c *ControlPlane) MachineWithDeleteAnnotation(machines collections.Machines) collections.Machines

MachineWithDeleteAnnotation returns a machine that has been annotated with DeleteMachineAnnotation key.

func (*ControlPlane) MachinesNeedingRollout 

func (c *ControlPlane) MachinesNeedingRollout() collections.Machines

MachinesNeedingRollout return a list of machines that need to be rolled out.

func (*ControlPlane) NeedsReplacementNode 

func (c *ControlPlane) NeedsReplacementNode() bool

NeedsReplacementNode determines if the control plane needs to create a replacement node during upgrade.

func (*ControlPlane) NewMachine 

func (c *ControlPlane) NewMachine(infraRef, bootstrapRef *corev1.ObjectReference, failureDomain *string) *clusterv1.Machine

NewMachine returns a machine configured to be a part of the control plane.

func (*ControlPlane) NextFailureDomainForScaleUp 

func (c *ControlPlane) NextFailureDomainForScaleUp() *string

NextFailureDomainForScaleUp returns the failure domain with the fewest number of up-to-date machines.

func (*ControlPlane) PatchMachines 

func (c *ControlPlane) PatchMachines(ctx context.Context) error

PatchMachines patches all the machines conditions.

func (*ControlPlane) UnhealthyMachines 

func (c *ControlPlane) UnhealthyMachines() collections.Machines

UnhealthyMachines returns the list of control plane machines marked as unhealthy by MHC.

func (*ControlPlane) UpToDateMachines 

func (c *ControlPlane) UpToDateMachines() collections.Machines

UpToDateMachines returns the machines that are up to date with the control plane's configuration and therefore do not require rollout.

func (*ControlPlane) Version 

func (c *ControlPlane) Version() *string

Version returns the OCNEControlPlane's version.

type CoreDNSMigrator 

type CoreDNSMigrator struct{}

CoreDNSMigrator is a shim that can be used to migrate CoreDNS files from one version to another.

func (*CoreDNSMigrator) Migrate 

func (c *CoreDNSMigrator) Migrate(fromCoreDNSVersion, toCoreDNSVersion, corefile string, deprecations bool) (string, error)

Migrate calls the CoreDNS migration library to migrate a corefile.

type EtcdClientGenerator 

type EtcdClientGenerator struct {
	// contains filtered or unexported fields
}

EtcdClientGenerator generates etcd clients that connect to specific etcd members on particular control plane nodes.

func NewEtcdClientGenerator 

func NewEtcdClientGenerator(restConfig *rest.Config, tlsConfig *tls.Config, etcdDialTimeout time.Duration) *EtcdClientGenerator

NewEtcdClientGenerator returns a new etcdClientGenerator instance.

type EtcdMemberStatus 

type EtcdMemberStatus struct {
	Name       string
	Responsive bool
}

EtcdMemberStatus contains status information for a single etcd member.

type Management 

type Management struct {
	Client          client.Reader
	Tracker         *remote.ClusterCacheTracker
	EtcdDialTimeout time.Duration
}

Management holds operations on the management cluster.

func (*Management) Get 

func (m *Management) Get(ctx context.Context, key client.ObjectKey, obj client.Object, opts ...client.GetOption) error

Get implements client.Reader.

func (*Management) GetMachinePoolsForCluster 

func (m *Management) GetMachinePoolsForCluster(ctx context.Context, cluster *clusterv1.Cluster) (*expv1.MachinePoolList, error)

GetMachinePoolsForCluster returns a list of machine pools owned by the cluster.

func (*Management) GetMachinesForCluster 

func (m *Management) GetMachinesForCluster(ctx context.Context, cluster *clusterv1.Cluster, filters ...collections.Func) (collections.Machines, error)

GetMachinesForCluster returns a list of machines that can be filtered or not. If no filter is supplied then all machines associated with the target cluster are returned.

func (*Management) GetWorkloadCluster 

func (m *Management) GetWorkloadCluster(ctx context.Context, clusterKey client.ObjectKey) (WorkloadCluster, error)

GetWorkloadCluster builds a cluster object. The cluster comes with an etcd client generator to connect to any etcd pod living on a managed machine.

func (*Management) List 

func (m *Management) List(ctx context.Context, list client.ObjectList, opts ...client.ListOption) error

List implements client.Reader.

type ManagementCluster 

type ManagementCluster interface {
	client.Reader

	GetMachinesForCluster(ctx context.Context, cluster *clusterv1.Cluster, filters ...collections.Func) (collections.Machines, error)
	GetMachinePoolsForCluster(ctx context.Context, cluster *clusterv1.Cluster) (*expv1.MachinePoolList, error)
	GetWorkloadCluster(ctx context.Context, clusterKey client.ObjectKey) (WorkloadCluster, error)
}

ManagementCluster defines all behaviors necessary for something to function as a management cluster.

type RemoteClusterConnectionError 

type RemoteClusterConnectionError struct {
	Name string
	Err  error
}

RemoteClusterConnectionError represents a failure to connect to a remote cluster.

func (*RemoteClusterConnectionError) Error 

func (e *RemoteClusterConnectionError) Error() string

Error satisfies the error interface.

func (*RemoteClusterConnectionError) Unwrap 

func (e *RemoteClusterConnectionError) Unwrap() error

Unwrap satisfies the unwrap error inteface.

type Workload 

type Workload struct {
	Client          ctrlclient.Client
	CoreDNSMigrator coreDNSMigrator
	// contains filtered or unexported fields
}

Workload defines operations on workload clusters.

func (*Workload) AllowBootstrapTokensToGetNodes 

func (w *Workload) AllowBootstrapTokensToGetNodes(ctx context.Context) error

AllowBootstrapTokensToGetNodes creates RBAC rules to allow Node Bootstrap Tokens to list nodes.

func (*Workload) ClusterStatus 

func (w *Workload) ClusterStatus(ctx context.Context) (ClusterStatus, error)

ClusterStatus returns the status of the cluster.

func (*Workload) EnsureResource 

func (w *Workload) EnsureResource(ctx context.Context, obj client.Object) error

EnsureResource creates a resoutce if the target resource doesn't exist. If the resource exists already, this function will ignore the resource instead.

func (*Workload) EtcdMembers 

func (w *Workload) EtcdMembers(ctx context.Context) ([]string, error)

EtcdMembers returns the current set of members in an etcd cluster.

NOTE: This methods uses control plane machines/nodes only to get in contact with etcd, but then it relies on etcd as ultimate source of truth for the list of members. This is intended to allow informed decisions on actions impacting etcd quorum.

func (*Workload) ForwardEtcdLeadership 

func (w *Workload) ForwardEtcdLeadership(ctx context.Context, machine *clusterv1.Machine, leaderCandidate *clusterv1.Machine) error

ForwardEtcdLeadership forwards etcd leadership to the first follower.

func (*Workload) GetAPIServerCertificateExpiry 

func (w *Workload) GetAPIServerCertificateExpiry(ctx context.Context, ocneConfig *bootstrapv1.OCNEConfig, nodeName string) (*time.Time, error)

GetAPIServerCertificateExpiry returns the certificate expiry of the apiserver on the given node.

func (*Workload) ReconcileEtcdMembers 

func (w *Workload) ReconcileEtcdMembers(ctx context.Context, nodeNames []string, version semver.Version) ([]string, error)

ReconcileEtcdMembers iterates over all etcd members and finds members that do not have corresponding nodes. If there are any such members, it deletes them from etcd and removes their nodes from the kubeadm configmap so that kubeadm does not run etcd health checks on them.

func (*Workload) ReconcileKubeletRBACBinding 

func (w *Workload) ReconcileKubeletRBACBinding(ctx context.Context, version semver.Version) error

ReconcileKubeletRBACBinding will create a RoleBinding for the new kubelet version during upgrades. If the role binding already exists this function is a no-op.

func (*Workload) ReconcileKubeletRBACRole 

func (w *Workload) ReconcileKubeletRBACRole(ctx context.Context, version semver.Version) error

ReconcileKubeletRBACRole will create a Role for the new kubelet version during upgrades. If the role already exists this function is a no-op.

func (*Workload) RemoveEtcdMemberForMachine 

func (w *Workload) RemoveEtcdMemberForMachine(ctx context.Context, machine *clusterv1.Machine) error

RemoveEtcdMemberForMachine removes the etcd member from the target cluster's etcd cluster. Removing the last remaining member of the cluster is not supported.

func (*Workload) RemoveMachineFromOCNEConfigMap 

func (w *Workload) RemoveMachineFromOCNEConfigMap(ctx context.Context, machine *clusterv1.Machine, version semver.Version) error

RemoveMachineFromOCNEConfigMap removes the entry for the machine from the ocne configmap.

func (*Workload) RemoveNodeFromOCNEConfigMap 

func (w *Workload) RemoveNodeFromOCNEConfigMap(ctx context.Context, name string, v semver.Version) error

RemoveNodeFromOCNEConfigMap removes the entry for the node from the ocne configmap.

func (*Workload) UpdateAPIServerInOCNEConfigMap 

func (w *Workload) UpdateAPIServerInOCNEConfigMap(ctx context.Context, apiServer bootstrapv1.APIServer, version semver.Version) error

UpdateAPIServerInOCNEConfigMap updates api server configuration in ocne config map.

func (*Workload) UpdateControllerManagerInOCNEConfigMap 

func (w *Workload) UpdateControllerManagerInOCNEConfigMap(ctx context.Context, controllerManager bootstrapv1.ControlPlaneComponent, version semver.Version) error

UpdateControllerManagerInOCNEConfigMap updates controller manager configuration in ocne config map.

func (*Workload) UpdateCoreDNS 

func (w *Workload) UpdateCoreDNS(ctx context.Context, ocnecp *controlplanev1.OCNEControlPlane, version semver.Version) error

UpdateCoreDNS updates the kubeadm configmap, coredns corefile and coredns deployment.

func (*Workload) UpdateEtcdConditions 

func (w *Workload) UpdateEtcdConditions(ctx context.Context, controlPlane *ControlPlane)

UpdateEtcdConditions is responsible for updating machine conditions reflecting the status of all the etcd members. This operation is best effort, in the sense that in case of problems in retrieving member status, it sets the condition to Unknown state without returning any error.

func (*Workload) UpdateEtcdExtraArgsInOCNEConfigMap 

func (w *Workload) UpdateEtcdExtraArgsInOCNEConfigMap(ctx context.Context, extraArgs map[string]string, version semver.Version) error

UpdateEtcdExtraArgsInKubeadmConfigMap sets extraArgs in the kubeadm config map.

func (*Workload) UpdateEtcdVersionInOCNEConfigMap 

func (w *Workload) UpdateEtcdVersionInOCNEConfigMap(ctx context.Context, imageRepository, imageTag string, version semver.Version) error

UpdateEtcdVersionInKubeadmConfigMap sets the imageRepository or the imageTag or both in the kubeadm config map.

func (*Workload) UpdateImageRepositoryInOCNEConfigMap 

func (w *Workload) UpdateImageRepositoryInOCNEConfigMap(ctx context.Context, imageRepository string, version semver.Version) error

UpdateImageRepositoryInOCNEConfigMap updates the image repository in the ocne config map.

func (*Workload) UpdateKubeProxyImageInfo 

func (w *Workload) UpdateKubeProxyImageInfo(ctx context.Context, ocnecp *controlplanev1.OCNEControlPlane, version semver.Version) error

UpdateKubeProxyImageInfo updates kube-proxy image in the kube-proxy DaemonSet.

func (*Workload) UpdateKubeletConfigMap 

func (w *Workload) UpdateKubeletConfigMap(ctx context.Context, version semver.Version) error

UpdateKubeletConfigMap will create a new kubelet-config-1.x config map for a new version of the kubelet. This is a necessary process for upgrades.

func (*Workload) UpdateKubernetesVersionInOCNEConfigMap 

func (w *Workload) UpdateKubernetesVersionInOCNEConfigMap(ctx context.Context, version semver.Version) error

UpdateKubernetesVersionInOCNEConfigMap updates the kubernetes version in the ocne config map.

func (*Workload) UpdateSchedulerInOCNEConfigMap 

func (w *Workload) UpdateSchedulerInOCNEConfigMap(ctx context.Context, scheduler bootstrapv1.ControlPlaneComponent, version semver.Version) error

UpdateSchedulerInOCNEConfigMap updates scheduler configuration in ocne config map.

func (*Workload) UpdateStaticPodConditions 

func (w *Workload) UpdateStaticPodConditions(ctx context.Context, controlPlane *ControlPlane)

UpdateStaticPodConditions is responsible for updating machine conditions reflecting the status of all the control plane components running in a static pod generated by kubeadm. This operation is best effort, in the sense that in case of problems in retrieving the pod status, it sets the condition to Unknown state without returning any error.

type WorkloadCluster 

type WorkloadCluster interface {
	// Basic health and status checks.
	ClusterStatus(ctx context.Context) (ClusterStatus, error)
	UpdateStaticPodConditions(ctx context.Context, controlPlane *ControlPlane)
	UpdateEtcdConditions(ctx context.Context, controlPlane *ControlPlane)
	EtcdMembers(ctx context.Context) ([]string, error)
	GetAPIServerCertificateExpiry(ctx context.Context, ocneConfig *bootstrapv1.OCNEConfig, nodeName string) (*time.Time, error)

	// Upgrade related tasks.
	ReconcileKubeletRBACBinding(ctx context.Context, version semver.Version) error
	ReconcileKubeletRBACRole(ctx context.Context, version semver.Version) error
	UpdateKubernetesVersionInOCNEConfigMap(ctx context.Context, version semver.Version) error
	UpdateImageRepositoryInOCNEConfigMap(ctx context.Context, imageRepository string, version semver.Version) error
	UpdateEtcdVersionInOCNEConfigMap(ctx context.Context, imageRepository, imageTag string, version semver.Version) error
	UpdateEtcdExtraArgsInOCNEConfigMap(ctx context.Context, extraArgs map[string]string, version semver.Version) error
	UpdateAPIServerInOCNEConfigMap(ctx context.Context, apiServer bootstrapv1.APIServer, version semver.Version) error
	UpdateControllerManagerInOCNEConfigMap(ctx context.Context, controllerManager bootstrapv1.ControlPlaneComponent, version semver.Version) error
	UpdateSchedulerInOCNEConfigMap(ctx context.Context, scheduler bootstrapv1.ControlPlaneComponent, version semver.Version) error
	UpdateKubeletConfigMap(ctx context.Context, version semver.Version) error
	UpdateKubeProxyImageInfo(ctx context.Context, ocnecp *controlplanev1.OCNEControlPlane, version semver.Version) error
	UpdateCoreDNS(ctx context.Context, ocnecp *controlplanev1.OCNEControlPlane, version semver.Version) error
	RemoveEtcdMemberForMachine(ctx context.Context, machine *clusterv1.Machine) error
	RemoveMachineFromOCNEConfigMap(ctx context.Context, machine *clusterv1.Machine, version semver.Version) error
	RemoveNodeFromOCNEConfigMap(ctx context.Context, nodeName string, version semver.Version) error
	ForwardEtcdLeadership(ctx context.Context, machine *clusterv1.Machine, leaderCandidate *clusterv1.Machine) error
	AllowBootstrapTokensToGetNodes(ctx context.Context) error

	// State recovery tasks.
	ReconcileEtcdMembers(ctx context.Context, nodeNames []string, version semver.Version) ([]string, error)
}

WorkloadCluster defines all behaviors necessary to upgrade kubernetes on a workload cluster

TODO: Add a detailed description to each of these method definitions.

Source Files

View all Source files

Directories

Path Synopsis
Package controllers implements the Kubeadm controllers.
 Package controllers implements the Kubeadm controllers.
Package etcd provides a connection to an etcd member.
 Package etcd provides a connection to an etcd member.
fake
Package fake implements testing fakes.
 Package fake implements testing fakes.
util
Package util implements etcd utility functions.
 Package util implements etcd utility functions.
Package proxy implements kubeadm proxy functionality.
 Package proxy implements kubeadm proxy functionality.
Package webhooks provides the validating webhook for KubeadmControlPlane scale subresource.
 Package webhooks provides the validating webhook for KubeadmControlPlane scale subresource.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.