From 7e93c2b32352024c58d10d3a45dacc3d8af11fc0 Mon Sep 17 00:00:00 2001 From: francostellari Date: Fri, 5 Apr 2024 11:04:32 -0400 Subject: [PATCH 1/4] remove ns Signed-off-by: francostellari --- chart/templates/controller.yaml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/chart/templates/controller.yaml b/chart/templates/controller.yaml index e1a49a1..71c487b 100644 --- a/chart/templates/controller.yaml +++ b/chart/templates/controller.yaml @@ -17,7 +17,6 @@ apiVersion: v1 kind: ServiceAccount metadata: name: transport-controller-sa - namespace: {{.Values.wds_cp_name}}-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -60,13 +59,12 @@ roleRef: subjects: - kind: ServiceAccount name: transport-controller-sa - namespace: '{{.Values.wds_cp_name}}-system' + namespace: {{.Release.Namespace}} --- apiVersion: v1 kind: ConfigMap metadata: name: transport-controller-config - namespace: {{.Values.wds_cp_name}}-system data: get-kubeconfig.sh: | #!/bin/bash @@ -97,7 +95,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: transport-controller - namespace: {{.Values.wds_cp_name}}-system spec: replicas: 1 selector: From ab4251bb9675c4fa8d29149683f93786c25980ca Mon Sep 17 00:00:00 2001 From: francostellari Date: Fri, 5 Apr 2024 11:43:51 -0400 Subject: [PATCH 2/4] Enable empty transport_cp_name Signed-off-by: francostellari Enable empty transport_cp_name Signed-off-by: francostellari --- chart/templates/controller.yaml | 67 +++++++++++++++++++-------------- chart/values.yaml | 2 +- 2 files changed, 39 insertions(+), 30 deletions(-) diff --git a/chart/templates/controller.yaml b/chart/templates/controller.yaml index 71c487b..9d4d75b 100644 --- a/chart/templates/controller.yaml +++ b/chart/templates/controller.yaml @@ -16,12 +16,12 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: transport-controller-sa + name: transport-controller --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{.Values.wds_cp_name}}-transport-controller-role + name: {{.Values.wds_cp_name}}-transport-controller rules: - apiGroups: - "" @@ -51,14 +51,14 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{.Values.wds_cp_name}}-transport-controller-rolebinding + name: {{.Values.wds_cp_name}}-transport-controller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{.Values.wds_cp_name}}-transport-controller-role + name: {{.Values.wds_cp_name}}-transport-controller subjects: - kind: ServiceAccount - name: transport-controller-sa + name: transport-controller namespace: {{.Release.Namespace}} --- apiVersion: v1 @@ -66,28 +66,37 @@ kind: ConfigMap metadata: name: transport-controller-config data: - get-kubeconfig.sh: | - #!/bin/bash - # this script receives a ControlPlane name and a parameter - # that determines whether to extract the ControlPlane's in-cluster kubeconfig - # or the external kubeconfig (if set to "true", the first will be retrieved). - # The function returns the requested kubeconfig's content in base64. - # it assumes the kubeconfig context is set to access the hosting cluster. - - cpname="$1" - get_incluster_key="$2" - - key="" - if [[ "$get_incluster_key" == "true" ]]; then - key=$(kubectl get controlplane $cpname -o=jsonpath='{.status.secretRef.inClusterKey}'); - else - key=$(kubectl get controlplane $cpname -o=jsonpath='{.status.secretRef.key}'); + get-its-config.sh: | + #!/bin/env bash + its_name="${1%"-system"}" # ITS name or ITS namespace + if [ "$its_name" = "" ] ; then + for cp in `kubectl get controlplane -o name`; do + cp=${cp##*/} + if kubectl get controlplane $cp -o=jsonpath='{.metadata.labels}' | grep "imbs" &> /dev/null ; then + if [ "$its_name" = "" ] ; then + its_name=$cp + else + >&2 echo "ERROR: found more than one Control Plane of type imbs!" + exit 1 + fi + fi + done + if [ "$its_name" = "" ] ; then + >&2 echo "ERROR: no Control Plane of type imbs found!" + exit 2 + fi fi - - # get secret details - secret_name=$(kubectl get controlplane $cpname -o=jsonpath='{.status.secretRef.name}') - secret_namespace=$(kubectl get controlplane $cpname -o=jsonpath='{.status.secretRef.namespace}') - + key=$(kubectl get controlplane $its_name -o=jsonpath='{.status.secretRef.inClusterKey}') + secret_name=$(kubectl get controlplane $its_name -o=jsonpath='{.status.secretRef.name}') + secret_namespace=$(kubectl get controlplane $its_name -o=jsonpath='{.status.secretRef.namespace}') + # get the kubeconfig in base64 + kubectl get secret $secret_name -n $secret_namespace -o=jsonpath="{.data.$key}" + get-wds-config.sh: | + #!/bin/env bash + wds_name="${1%"-system"}" # WDS name or WDS namespace + key=$(kubectl get controlplane $wds_name -o=jsonpath='{.status.secretRef.inClusterKey}') + secret_name=$(kubectl get controlplane $wds_name -o=jsonpath='{.status.secretRef.name}') + secret_namespace=$(kubectl get controlplane $wds_name -o=jsonpath='{.status.secretRef.namespace}') # get the kubeconfig in base64 kubectl get secret $secret_name -n $secret_namespace -o=jsonpath="{.data.$key}" --- @@ -105,12 +114,12 @@ spec: labels: name: transport-controller spec: - serviceAccountName: transport-controller-sa + serviceAccountName: transport-controller initContainers: - name: setup-wds-kubeconfig image: quay.io/kubestellar/kubectl:1.27.8 imagePullPolicy: Always - command: [ "bin/sh", "-c", "sh /mnt/config/get-kubeconfig.sh {{.Values.wds_cp_name}} true | base64 -d > /mnt/shared/wds-kubeconfig"] + command: [ "bin/sh", "-c", "sh /mnt/config/get-wds-config.sh {{.Values.wds_cp_name}} | base64 -d > /mnt/shared/wds-kubeconfig"] volumeMounts: - name: config-volume mountPath: /mnt/config @@ -119,7 +128,7 @@ spec: - name: setup-its-kubeconfig image: quay.io/kubestellar/kubectl:1.27.8 imagePullPolicy: Always - command: [ "bin/sh", "-c", "sh /mnt/config/get-kubeconfig.sh {{.Values.transport_cp_name}} true | base64 -d > /mnt/shared/transport-kubeconfig"] + command: [ "bin/sh", "-c", "sh /mnt/config/get-its-config.sh {{.Values.transport_cp_name}} | base64 -d > /mnt/shared/transport-kubeconfig"] volumeMounts: - name: config-volume mountPath: /mnt/config diff --git a/chart/values.yaml b/chart/values.yaml index ff7395d..273db24 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -13,7 +13,7 @@ # limitations under the License. # Set the name of the transport control plane -transport_cp_name: its1 +transport_cp_name: "" # Set the name of the WDS control plane wds_cp_name: wds1 From 1efdf5610e9649101d44061fede7b1cb08e785d1 Mon Sep 17 00:00:00 2001 From: francostellari Date: Mon, 8 Apr 2024 11:21:30 -0400 Subject: [PATCH 3/4] address comments Signed-off-by: francostellari --- chart/templates/controller.yaml | 39 +++++++++++++++++---------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/chart/templates/controller.yaml b/chart/templates/controller.yaml index 9d4d75b..4d01f8b 100644 --- a/chart/templates/controller.yaml +++ b/chart/templates/controller.yaml @@ -17,6 +17,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: transport-controller + namespace: {{.Release.Namespace}} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -65,38 +66,37 @@ apiVersion: v1 kind: ConfigMap metadata: name: transport-controller-config + namespace: {{.Release.Namespace}} data: - get-its-config.sh: | + get-config.sh: | #!/bin/env bash - its_name="${1%"-system"}" # ITS name or ITS namespace - if [ "$its_name" = "" ] ; then + cp_name="${1%"-system"}" # cp name or cp namespace + guess_its_name="$2" + if [ "$cp_name" == "" ] ; then + if [ "$guess_its_name" == "true" ] ; then for cp in `kubectl get controlplane -o name`; do cp=${cp##*/} if kubectl get controlplane $cp -o=jsonpath='{.metadata.labels}' | grep "imbs" &> /dev/null ; then - if [ "$its_name" = "" ] ; then - its_name=$cp + if [ "$cp_name" = "" ] ; then + cp_name=$cp else >&2 echo "ERROR: found more than one Control Plane of type imbs!" exit 1 fi fi done - if [ "$its_name" = "" ] ; then + if [ "$cp_name" = "" ] ; then >&2 echo "ERROR: no Control Plane of type imbs found!" exit 2 fi + else + >&2 echo "ERROR: no Control Plane name specified!" + exit 3 + fi fi - key=$(kubectl get controlplane $its_name -o=jsonpath='{.status.secretRef.inClusterKey}') - secret_name=$(kubectl get controlplane $its_name -o=jsonpath='{.status.secretRef.name}') - secret_namespace=$(kubectl get controlplane $its_name -o=jsonpath='{.status.secretRef.namespace}') - # get the kubeconfig in base64 - kubectl get secret $secret_name -n $secret_namespace -o=jsonpath="{.data.$key}" - get-wds-config.sh: | - #!/bin/env bash - wds_name="${1%"-system"}" # WDS name or WDS namespace - key=$(kubectl get controlplane $wds_name -o=jsonpath='{.status.secretRef.inClusterKey}') - secret_name=$(kubectl get controlplane $wds_name -o=jsonpath='{.status.secretRef.name}') - secret_namespace=$(kubectl get controlplane $wds_name -o=jsonpath='{.status.secretRef.namespace}') + key=$(kubectl get controlplane $cp_name -o=jsonpath='{.status.secretRef.inClusterKey}') + secret_name=$(kubectl get controlplane $cp_name -o=jsonpath='{.status.secretRef.name}') + secret_namespace=$(kubectl get controlplane $cp_name -o=jsonpath='{.status.secretRef.namespace}') # get the kubeconfig in base64 kubectl get secret $secret_name -n $secret_namespace -o=jsonpath="{.data.$key}" --- @@ -104,6 +104,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: transport-controller + namespace: {{.Release.Namespace}} spec: replicas: 1 selector: @@ -119,7 +120,7 @@ spec: - name: setup-wds-kubeconfig image: quay.io/kubestellar/kubectl:1.27.8 imagePullPolicy: Always - command: [ "bin/sh", "-c", "sh /mnt/config/get-wds-config.sh {{.Values.wds_cp_name}} | base64 -d > /mnt/shared/wds-kubeconfig"] + command: [ "bin/sh", "-c", "sh /mnt/config/get-config.sh {{.Values.wds_cp_name}} false | base64 -d > /mnt/shared/wds-kubeconfig"] volumeMounts: - name: config-volume mountPath: /mnt/config @@ -128,7 +129,7 @@ spec: - name: setup-its-kubeconfig image: quay.io/kubestellar/kubectl:1.27.8 imagePullPolicy: Always - command: [ "bin/sh", "-c", "sh /mnt/config/get-its-config.sh {{.Values.transport_cp_name}} | base64 -d > /mnt/shared/transport-kubeconfig"] + command: [ "bin/sh", "-c", "sh /mnt/config/get-config.sh {{.Values.transport_cp_name}} true | base64 -d > /mnt/shared/transport-kubeconfig"] volumeMounts: - name: config-volume mountPath: /mnt/config From 2320d8e1a92a2506e5c64f9f19403e9f7ee3e34b Mon Sep 17 00:00:00 2001 From: francostellari Date: Tue, 9 Apr 2024 16:43:42 -0400 Subject: [PATCH 4/4] Mike's comments Signed-off-by: francostellari Mike's comments Signed-off-by: francostellari Mike's comments Signed-off-by: francostellari Mike's comments Signed-off-by: francostellari Mike's comments Signed-off-by: francostellari --- chart/templates/controller.yaml | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/chart/templates/controller.yaml b/chart/templates/controller.yaml index 4d01f8b..8dbc50f 100644 --- a/chart/templates/controller.yaml +++ b/chart/templates/controller.yaml @@ -68,26 +68,28 @@ metadata: name: transport-controller-config namespace: {{.Release.Namespace}} data: - get-config.sh: | + get-kubeconfig.sh: | #!/bin/env bash + # Get the in-cluster kubeconfig for KubeFlex Control Planes + # get-kubeconfig.sh cp_name guess_its_name cp_name="${1%"-system"}" # cp name or cp namespace - guess_its_name="$2" + guess_its_name="$2" # true: try guessing the name of the ibms CP if [ "$cp_name" == "" ] ; then if [ "$guess_its_name" == "true" ] ; then for cp in `kubectl get controlplane -o name`; do - cp=${cp##*/} - if kubectl get controlplane $cp -o=jsonpath='{.metadata.labels}' | grep "imbs" &> /dev/null ; then - if [ "$cp_name" = "" ] ; then - cp_name=$cp - else - >&2 echo "ERROR: found more than one Control Plane of type imbs!" - exit 1 - fi + cp=${cp##*/} # separate just the CP name + if [ "$(kubectl get controlplane $cp -o jsonpath="{.metadata.labels['kflex\.kubestellar\.io/cptype']}")" == "imbs" ] ; then + if [ "$cp_name" == "" ] ; then + cp_name=$cp + else + >&2 echo "ERROR: found more than one Control Plane of type imbs!" + exit 1 fi + fi done - if [ "$cp_name" = "" ] ; then - >&2 echo "ERROR: no Control Plane of type imbs found!" - exit 2 + if [ "$cp_name" == "" ] ; then + >&2 echo "ERROR: no Control Plane of type imbs found!" + exit 2 fi else >&2 echo "ERROR: no Control Plane name specified!" @@ -120,7 +122,7 @@ spec: - name: setup-wds-kubeconfig image: quay.io/kubestellar/kubectl:1.27.8 imagePullPolicy: Always - command: [ "bin/sh", "-c", "sh /mnt/config/get-config.sh {{.Values.wds_cp_name}} false | base64 -d > /mnt/shared/wds-kubeconfig"] + command: [ "bin/sh", "-c", "sh /mnt/config/get-kubeconfig.sh {{.Values.wds_cp_name}} false | base64 -d > /mnt/shared/wds-kubeconfig"] volumeMounts: - name: config-volume mountPath: /mnt/config @@ -129,7 +131,7 @@ spec: - name: setup-its-kubeconfig image: quay.io/kubestellar/kubectl:1.27.8 imagePullPolicy: Always - command: [ "bin/sh", "-c", "sh /mnt/config/get-config.sh {{.Values.transport_cp_name}} true | base64 -d > /mnt/shared/transport-kubeconfig"] + command: [ "bin/sh", "-c", "sh /mnt/config/get-kubeconfig.sh {{.Values.transport_cp_name}} true | base64 -d > /mnt/shared/transport-kubeconfig"] volumeMounts: - name: config-volume mountPath: /mnt/config