Skip to content

Commit 9c4a08c

Browse files
jimmidysonjimmidyson
committed
feat: Add experimental sysext based clusterclasses
1 parent 73edfd8 commit 9c4a08c

File tree

59 files changed

+1410
-118
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

59 files changed

+1410
-118
lines changed

.pre-commit-config.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -153,7 +153,7 @@ repos:
153153
name: License headers - YAML and Makefiles
154154
stages: [pre-commit]
155155
files: (^Makefile|\.(ya?ml|mk))$
156-
exclude: ^(internal/test|pkg/handlers/.+/embedded|examples|charts/cluster-api-runtime-extensions-nutanix/(defaultclusterclasses|addons))/.+\.ya?ml|docs/static/helm/index\.yaml|charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml|hack/examples/files/kube-vip.yaml$
156+
exclude: ^(internal/test|pkg/handlers/.+/embedded|examples|charts/cluster-api-runtime-extensions-nutanix/(clusterclasses|addons))/.+\.ya?ml|docs/static/helm/index\.yaml|charts/cluster-api-runtime-extensions-nutanix/templates/helm-config.yaml|hack/examples/files/kube-vip.yaml$
157157
args:
158158
- --license-filepath
159159
- hack/license-header.txt

charts/cluster-api-runtime-extensions-nutanix/README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ A Helm chart for cluster-api-runtime-extensions-nutanix
2929
| certificates.issuer.name | string | `""` | |
3030
| certificates.issuer.selfSigned | bool | `true` | |
3131
| deployDefaultClusterClasses | bool | `true` | |
32+
| deployExperimentalClusterClasses | bool | `false` | |
3233
| deployment.replicas | int | `1` | |
3334
| enforceClusterAutoscalerLimits.enabled | bool | `true` | |
3435
| env | object | `{}` | |

charts/cluster-api-runtime-extensions-nutanix/defaultclusterclasses/aws-cluster-class.yaml renamed to charts/cluster-api-runtime-extensions-nutanix/clusterclasses/default/aws-cluster-class.yaml

File renamed without changes.

charts/cluster-api-runtime-extensions-nutanix/defaultclusterclasses/docker-cluster-class.yaml renamed to charts/cluster-api-runtime-extensions-nutanix/clusterclasses/default/docker-cluster-class.yaml

File renamed without changes.

charts/cluster-api-runtime-extensions-nutanix/defaultclusterclasses/nutanix-cluster-class.yaml renamed to charts/cluster-api-runtime-extensions-nutanix/clusterclasses/default/nutanix-cluster-class.yaml

File renamed without changes.

charts/cluster-api-runtime-extensions-nutanix/clusterclasses/experimental/aws-sysext-cluster-class.yaml

Lines changed: 252 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,252 @@
1+
apiVersion: cluster.x-k8s.io/v1beta1
2+
kind: ClusterClass
3+
metadata:
4+
labels:
5+
cluster.x-k8s.io/provider: aws
6+
name: aws-sysext-quick-start
7+
spec:
8+
controlPlane:
9+
machineInfrastructure:
10+
ref:
11+
apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
12+
kind: AWSMachineTemplate
13+
name: aws-sysext-quick-start-control-plane
14+
ref:
15+
apiVersion: controlplane.cluster.x-k8s.io/v1beta1
16+
kind: KubeadmControlPlaneTemplate
17+
name: aws-sysext-quick-start-control-plane
18+
infrastructure:
19+
ref:
20+
apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
21+
kind: AWSClusterTemplate
22+
name: aws-sysext-quick-start
23+
patches:
24+
- definitions:
25+
- jsonPatches:
26+
- op: add
27+
path: /spec/template/spec/preKubeadmCommands/-
28+
value: mkdir -p /var/lib/extensions/
29+
- op: add
30+
path: /spec/template/spec/preKubeadmCommands/-
31+
value: curl -L https://extensions.flatcar.org/extensions/containerd/containerd-2.1.3-x86-64.raw
32+
-o /var/lib/extensions/containerd.raw
33+
- op: add
34+
path: /spec/template/spec/preKubeadmCommands/-
35+
valueFrom:
36+
template: curl -L https://extensions.flatcar.org/extensions/kubernetes/kubernetes-{{
37+
.builtin.cluster.topology.version }}-x86-64.raw -o /var/lib/extensions/kubernetes.raw
38+
- op: add
39+
path: /spec/template/spec/preKubeadmCommands/-
40+
value: systemd-sysext merge
41+
selector:
42+
apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
43+
kind: KubeadmConfigTemplate
44+
matchResources:
45+
machineDeploymentClass:
46+
names:
47+
- '*'
48+
- jsonPatches:
49+
- op: add
50+
path: /spec/template/spec/kubeadmConfigSpec/preKubeadmCommands/-
51+
value: mkdir -p /var/lib/extensions/
52+
- op: add
53+
path: /spec/template/spec/kubeadmConfigSpec/preKubeadmCommands/-
54+
value: curl -L https://extensions.flatcar.org/extensions/containerd/containerd-2.1.3-x86-64.raw
55+
-o /var/lib/extensions/containerd.raw
56+
- op: add
57+
path: /spec/template/spec/kubeadmConfigSpec/preKubeadmCommands/-
58+
valueFrom:
59+
template: curl -L https://extensions.flatcar.org/extensions/kubernetes/kubernetes-{{
60+
.builtin.cluster.topology.version }}-x86-64.raw -o /var/lib/extensions/kubernetes.raw
61+
- op: add
62+
path: /spec/template/spec/kubeadmConfigSpec/preKubeadmCommands/-
63+
value: systemd-sysext merge
64+
selector:
65+
apiVersion: controlplane.cluster.x-k8s.io/v1beta1
66+
kind: KubeadmControlPlaneTemplate
67+
matchResources:
68+
controlPlane: true
69+
name: sysexts
70+
- external:
71+
discoverVariablesExtension: awsclusterconfigvars-dv.cluster-api-runtime-extensions-nutanix
72+
generateExtension: awsclusterv4configpatch-gp.cluster-api-runtime-extensions-nutanix
73+
name: cluster-config
74+
- external:
75+
discoverVariablesExtension: awsworkerconfigvars-dv.cluster-api-runtime-extensions-nutanix
76+
generateExtension: awsworkerv4configpatch-gp.cluster-api-runtime-extensions-nutanix
77+
name: worker-config
78+
- definitions:
79+
- jsonPatches:
80+
- op: add
81+
path: /spec/template/spec/identityRef
82+
value:
83+
kind: AWSClusterControllerIdentity
84+
name: default
85+
selector:
86+
apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
87+
kind: AWSClusterTemplate
88+
matchResources:
89+
infrastructureCluster: true
90+
description: AWSClusterStaticIdentity identityRef to use when creating the cluster
91+
name: identityRef
92+
workers:
93+
machineDeployments:
94+
- class: default-worker
95+
template:
96+
bootstrap:
97+
ref:
98+
apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
99+
kind: KubeadmConfigTemplate
100+
name: aws-sysext-quick-start-worker-bootstraptemplate
101+
infrastructure:
102+
ref:
103+
apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
104+
kind: AWSMachineTemplate
105+
name: aws-sysext-quick-start-worker-machinetemplate
106+
---
107+
apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
108+
kind: AWSClusterTemplate
109+
metadata:
110+
labels:
111+
cluster.x-k8s.io/provider: aws
112+
name: aws-sysext-quick-start
113+
spec:
114+
template:
115+
spec:
116+
controlPlaneLoadBalancer:
117+
healthCheckProtocol: HTTPS
118+
loadBalancerType: nlb
119+
---
120+
apiVersion: controlplane.cluster.x-k8s.io/v1beta1
121+
kind: KubeadmControlPlaneTemplate
122+
metadata:
123+
labels:
124+
cluster.x-k8s.io/provider: aws
125+
name: aws-sysext-quick-start-control-plane
126+
spec:
127+
template:
128+
spec:
129+
kubeadmConfigSpec:
130+
clusterConfiguration:
131+
apiServer:
132+
extraArgs:
133+
admission-control-config-file: /etc/kubernetes/admission.yaml
134+
enable-admission-plugins: DenyServiceExternalIPs,EventRateLimit,NodeRestriction
135+
profiling: "false"
136+
service-account-lookup: "true"
137+
extraVolumes:
138+
- hostPath: /etc/kubernetes/admission.yaml
139+
mountPath: /etc/kubernetes/admission.yaml
140+
name: admission-config
141+
pathType: File
142+
readOnly: true
143+
- hostPath: /etc/kubernetes/eventratelimit-config.yaml
144+
mountPath: /etc/kubernetes/eventratelimit-config.yaml
145+
name: eventratelimit-config
146+
pathType: File
147+
readOnly: true
148+
controllerManager:
149+
extraArgs:
150+
cloud-provider: external
151+
profiling: "false"
152+
terminated-pod-gc-threshold: "10000"
153+
scheduler:
154+
extraArgs:
155+
profiling: "false"
156+
files:
157+
- content: |
158+
apiVersion: apiserver.config.k8s.io/v1
159+
kind: AdmissionConfiguration
160+
plugins:
161+
- name: EventRateLimit
162+
path: /etc/kubernetes/eventratelimit-config.yaml
163+
path: /etc/kubernetes/admission.yaml
164+
permissions: "0600"
165+
- content: |
166+
apiVersion: eventratelimit.admission.k8s.io/v1alpha1
167+
kind: Configuration
168+
limits:
169+
- type: Server
170+
qps: 10000
171+
burst: 40000
172+
path: /etc/kubernetes/eventratelimit-config.yaml
173+
permissions: "0600"
174+
- content: |
175+
net.ipv4.ip_forward=1
176+
path: /etc/sysctl.d/99-nkp.conf
177+
permissions: "0644"
178+
initConfiguration:
179+
nodeRegistration:
180+
kubeletExtraArgs:
181+
cloud-provider: external
182+
event-qps: "5"
183+
make-iptables-util-chains: "true"
184+
pod-max-pids: "4096"
185+
read-only-port: "0"
186+
streaming-connection-idle-timeout: 5m
187+
tls-cipher-suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
188+
name: '{{ ds.meta_data.local_hostname }}'
189+
joinConfiguration:
190+
nodeRegistration:
191+
kubeletExtraArgs:
192+
cloud-provider: external
193+
event-qps: "5"
194+
make-iptables-util-chains: "true"
195+
pod-max-pids: "4096"
196+
read-only-port: "0"
197+
streaming-connection-idle-timeout: 5m
198+
tls-cipher-suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
199+
name: '{{ ds.meta_data.local_hostname }}'
200+
preKubeadmCommands:
201+
- systemctl restart systemd-sysctl
202+
---
203+
apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
204+
kind: AWSMachineTemplate
205+
metadata:
206+
labels:
207+
cluster.x-k8s.io/provider: aws
208+
name: aws-sysext-quick-start-control-plane
209+
spec:
210+
template:
211+
spec:
212+
instanceType: PLACEHOLDER
213+
sshKeyName: ""
214+
---
215+
apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
216+
kind: AWSMachineTemplate
217+
metadata:
218+
labels:
219+
cluster.x-k8s.io/provider: aws
220+
name: aws-sysext-quick-start-worker-machinetemplate
221+
spec:
222+
template:
223+
spec:
224+
instanceType: PLACEHOLDER
225+
sshKeyName: ""
226+
---
227+
apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
228+
kind: KubeadmConfigTemplate
229+
metadata:
230+
labels:
231+
cluster.x-k8s.io/provider: aws
232+
name: aws-sysext-quick-start-worker-bootstraptemplate
233+
spec:
234+
template:
235+
spec:
236+
files:
237+
- content: |
238+
net.ipv4.ip_forward=1
239+
path: /etc/sysctl.d/99-nkp.conf
240+
permissions: "0644"
241+
joinConfiguration:
242+
nodeRegistration:
243+
kubeletExtraArgs:
244+
cloud-provider: external
245+
event-qps: "5"
246+
pod-max-pids: "4096"
247+
read-only-port: "0"
248+
streaming-connection-idle-timeout: 5m
249+
tls-cipher-suites: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
250+
name: '{{ ds.meta_data.local_hostname }}'
251+
preKubeadmCommands:
252+
- systemctl restart systemd-sysctl

0 commit comments

Comments
 (0)