From 5827ac672274ac704ae5af0ab5487f2c08b2cf7c Mon Sep 17 00:00:00 2001 From: Matt Anson Date: Wed, 21 May 2025 17:24:29 +0100 Subject: [PATCH 1/4] Install OpenStack Resource Controller resources --- .github/workflows/update-dependencies.yml | 5 +++++ roles/clusterapi/defaults/main.yml | 5 +++++ roles/clusterapi/tasks/main.yml | 5 +++++ 3 files changed, 15 insertions(+) diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml index 25cfbb2bd..3a58d0bfd 100644 --- a/.github/workflows/update-dependencies.yml +++ b/.github/workflows/update-dependencies.yml @@ -159,6 +159,11 @@ jobs: repository: kubernetes-sigs/kustomize version_jsonpath: kustomize_version + - key: openstack-resource-controller + path: ./roles/clusterapi/defaults/main.yml + repository: k-orc/openstack-resource-controller + version_jsonpath: clusterapi_orc_version + - key: velero-cli path: ./roles/velero/defaults/main.yml repository: vmware-tanzu/velero diff --git a/roles/clusterapi/defaults/main.yml b/roles/clusterapi/defaults/main.yml index f2339c99f..afaf63faa 100644 --- a/roles/clusterapi/defaults/main.yml +++ b/roles/clusterapi/defaults/main.yml @@ -10,6 +10,11 @@ clusterapi_openstack_repo: https://github.com/kubernetes-sigs/cluster-api-provid clusterapi_openstack_version: v0.10.5 clusterapi_openstack_components: "{{ clusterapi_openstack_repo }}/releases/download/{{ clusterapi_openstack_version }}/infrastructure-components.yaml" +# The repo, version and manifest URL for the OpenStack Resource controller +clusterapi_orc_repo: https://github.com/k-orc/openstack-resource-controller +clusterapi_orc_version: v2.1.0 +clusterapi_orc_components: "{{ clusterapi_orc_repo }}/releases/download/{{ clusterapi_orc_version }}/install.yaml" + # The diagnostics address for Cluster API components clusterapi_diagnostics_address: 0.0.0.0:8443 clusterapi_insecure_diagnostics: false diff --git a/roles/clusterapi/tasks/main.yml b/roles/clusterapi/tasks/main.yml index 865af99d4..978d63009 100644 --- a/roles/clusterapi/tasks/main.yml +++ b/roles/clusterapi/tasks/main.yml @@ -1,5 +1,10 @@ --- +- name: Install OpenStack Resource Controller resources + ansible.builtin.command: kubectl apply --server-side -f {{ clusterapi_orc_components }} + register: kubectl_install_orc + changed_when: kubectl_install_orc.stdout_lines | select('match', '(?!.*unchanged$)') | length > 0 + - name: Make kustomization directory file: path: "{{ clusterapi_kustomization_directory }}" From e4ea41848ead2b67e3f85fdc5eef16bb365c8959 Mon Sep 17 00:00:00 2001 From: Matt Anson Date: Wed, 28 May 2025 17:28:56 +0100 Subject: [PATCH 2/4] Remove unnecessary patch of CAPO resources --- roles/clusterapi/defaults/main.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/roles/clusterapi/defaults/main.yml b/roles/clusterapi/defaults/main.yml index afaf63faa..c5dab6a53 100644 --- a/roles/clusterapi/defaults/main.yml +++ b/roles/clusterapi/defaults/main.yml @@ -47,17 +47,6 @@ clusterapi_manifests: # List of patches to apply to the resources in the manifests clusterapi_patches: - # Remove the caBundle from the CAPO custom resource definitions - # It is injected by cert-manager and causes validation issues if set outside of that - # The CAPI CRDs do not have the field set in the manifests that are shipped - # The caBundle exists on every CRD _except_ openstackfloatingippools - - patch: |- - - op: remove - path: /spec/conversion/webhook/clientConfig/caBundle - target: - kind: CustomResourceDefinition - labelSelector: cluster.x-k8s.io/provider=infrastructure-openstack - name: openstack(cluster|machine).* # The manifests contain environment variable substitutions for feature gates that we do not need - patch: |- - op: replace From 6010ca1d18cd5368011ef1f1c2b90c2b1eade7b7 Mon Sep 17 00:00:00 2001 From: Matt Anson Date: Wed, 28 May 2025 17:29:31 +0100 Subject: [PATCH 3/4] Bump CAPO version to v0.12.3 --- roles/clusterapi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/clusterapi/defaults/main.yml b/roles/clusterapi/defaults/main.yml index c5dab6a53..306c6e4b6 100644 --- a/roles/clusterapi/defaults/main.yml +++ b/roles/clusterapi/defaults/main.yml @@ -7,7 +7,7 @@ clusterapi_core_components: "{{ clusterapi_core_repo }}/releases/download/{{ clu # The repo, version and manifest URL for the Cluster API OpenStack provider components clusterapi_openstack_repo: https://github.com/kubernetes-sigs/cluster-api-provider-openstack -clusterapi_openstack_version: v0.10.5 +clusterapi_openstack_version: v0.12.3 clusterapi_openstack_components: "{{ clusterapi_openstack_repo }}/releases/download/{{ clusterapi_openstack_version }}/infrastructure-components.yaml" # The repo, version and manifest URL for the OpenStack Resource controller From 904893685b4cb8dd249d9408987e47af715493da Mon Sep 17 00:00:00 2001 From: Matt Anson Date: Wed, 28 May 2025 18:59:18 +0100 Subject: [PATCH 4/4] Reorder ORC install --- roles/clusterapi/tasks/main.yml | 23 ++++++++++++++++++----- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/roles/clusterapi/tasks/main.yml b/roles/clusterapi/tasks/main.yml index 978d63009..7d67610be 100644 --- a/roles/clusterapi/tasks/main.yml +++ b/roles/clusterapi/tasks/main.yml @@ -1,10 +1,5 @@ --- -- name: Install OpenStack Resource Controller resources - ansible.builtin.command: kubectl apply --server-side -f {{ clusterapi_orc_components }} - register: kubectl_install_orc - changed_when: kubectl_install_orc.stdout_lines | select('match', '(?!.*unchanged$)') | length > 0 - - name: Make kustomization directory file: path: "{{ clusterapi_kustomization_directory }}" @@ -42,6 +37,24 @@ loop_var: watch label: "{{ watch.namespace }}/{{ watch.kind }}/{{ watch.name }}" +- name: Install OpenStack Resource Controller + block: + - name: Install OpenStack Resource Controller resources + ansible.builtin.command: >- + kubectl apply + --server-side + -f {{ clusterapi_orc_components }} + changed_when: true + + rescue: + - name: Install OpenStack Resource Controller resources [forcing conflicts] + ansible.builtin.command: >- + kubectl apply + --server-side + --force-conflicts + -f {{ clusterapi_orc_components }} + changed_when: true + - name: Install Cluster API addon provider kubernetes.core.helm: chart_ref: "{{ clusterapi_addon_provider_chart_name }}"