Merge pull request #218 from kaiiyvwu/main

support set password and key pair in ecs node class

Author: gitautomator[bot]

charts/karpenter/crds/karpenter.k8s.alibabacloud_ecsnodeclasses.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.4
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: ecsnodeclasses.karpenter.k8s.alibabacloud
 spec:
   group: karpenter.k8s.alibabacloud
@@ -113,6 +113,11 @@ spec:
                 - message: '''alias'' is mutually exclusive, cannot be set with a
                     combination of other imageSelectorTerms'
                   rule: '!(self.exists(x, has(x.alias)) && self.size() != 1)'
+              keyPairName:
+                description: KeyPairName is the key pair used when creating an ECS
+                  instance for root.
+                pattern: ^[A-Za-z][A-Za-z\d._:-]{1,127}$
+                type: string
               kubeletConfiguration:
                 description: |-
                   KubeletConfiguration defines args to be used when configuring kubelet on provisioned nodes.
@@ -236,6 +241,15 @@ spec:
                     evictionSoft
                   rule: has(self.evictionSoftGracePeriod) ? self.evictionSoftGracePeriod.all(e,
                     (e in self.evictionSoft)):true
+              password:
+                description: Password is the password for ecs for root.
+                pattern: ^[A-Za-z\d~!@#$%^&*()_+\-=\[\]{}|\\:;"'<>,.?/]{8,30}$
+                type: string
+              passwordInherit:
+                default: false
+                description: If PasswordInherit is true will use the password preset
+                  by os image.
+                type: boolean
               resourceGroupId:
                 description: ResourceGroupID is the resource group id in ECS
                 pattern: rg-[0-9a-z]+
@@ -402,6 +416,10 @@ spec:
             - securityGroupSelectorTerms
             - vSwitchSelectorTerms
             type: object
+            x-kubernetes-validations:
+            - message: password cannot be set when passwordInherit is true
+              rule: '!(has(self.passwordInherit) ? (self.passwordInherit ? has(self.password)
+                : false) : false)'
           status:
             description: ECSNodeClassStatus contains the resolved state of the ECSNodeClass
             properties:

pkg/apis/v1alpha1/ecsnodeclass.go

@@ -31,6 +31,7 @@ const (
 
 // ECSNodeClassSpec is the top level specification for the AlibabaCloud Karpenter Provider.
 // This will contain the configuration necessary to launch instances in AlibabaCloud.
+// +kubebuilder:validation:XValidation:rule="!(has(self.passwordInherit) ? (self.passwordInherit ? has(self.password) : false) : false)",message="password cannot be set when passwordInherit is true"
 type ECSNodeClassSpec struct {
 	// VSwitchSelectorTerms is a list of or vSwitch selector terms. The terms are ORed.
 	// +kubebuilder:validation:XValidation:message="vSwitchSelectorTerms cannot be empty",rule="self.size() != 0"
@@ -96,6 +97,18 @@ type ECSNodeClassSpec struct {
 	// UserData to be applied to the provisioned nodes and executed before/after the node is registered.
 	// +optional
 	UserData *string `json:"userData,omitempty"`
+	// Password is the password for ecs for root.
+	// +kubebuilder:validation:Pattern=`^[A-Za-z\d~!@#$%^&*()_+\-=\[\]{}|\\:;"'<>,.?/]{8,30}$`
+	//+optional
+	Password string `json:"password,omitempty"`
+	// KeyPairName is the key pair used when creating an ECS instance for root.
+	// +kubebuilder:validation:Pattern=`^[A-Za-z][A-Za-z\d._:-]{1,127}$`
+	// +optional
+	KeyPairName string `json:"keyPairName,omitempty"`
+	// If PasswordInherit is true will use the password preset by os image.
+	// +kubebuilder:default:=false
+	// +optional
+	PasswordInherit bool `json:"passwordInherit,omitempty"`
 }
 
 // VSwitchSelectorTerm defines selection logic for a vSwitch used by Karpenter to launch nodes.

pkg/providers/instance/instance.go

@@ -581,6 +581,9 @@ func (p *DefaultProvider) getProvisioningGroup(ctx context.Context, nodeClass *v
 			SecurityGroupIds: securityGroupIDs,
 			SystemDiskSize:   tea.Int32(systemDisk.GetGiBSize()),
 			Tag:              reqTags,
+			KeyPairName:      tea.String(nodeClass.Spec.KeyPairName),
+			Password:         tea.String(nodeClass.Spec.Password),
+			PasswordInherit:  tea.Bool(nodeClass.Spec.PasswordInherit),
 		},
 		// Add this tag to auto-provisioning-group, alibabacloud will monitor the requests and enhance the stability
 		Tag: []*ecsclient.CreateAutoProvisioningGroupRequestTag{