feat: Add Cilium CNI addon support (#333)

Co-authored-by: Dimitri Koshkin <[email protected]>

Author: jimmidyson

README.md

@@ -72,27 +72,27 @@ EOF
 To create a cluster, update `clusterConfig` variable and run:
 
 ```shell
-kubectl apply --server-side -f examples/capi-quick-start/docker-cluster-calico-helm-addon.yaml
+kubectl apply --server-side -f examples/capi-quick-start/docker-cluster-cilium-helm-addon.yaml
 ```
 
 Wait until control plane is ready:
 
 ```shell
-kubectl wait clusters/docker-quick-start-helm-addon-calico --for=condition=ControlPlaneInitialized --timeout=5m
+kubectl wait clusters/docker-quick-start-helm-addon-cilium --for=condition=ControlPlaneInitialized --timeout=5m
 ```
 
 To get the kubeconfig for the new cluster, run:
 
 ```shell
-clusterctl get kubeconfig docker-quick-start-helm-addon-calico > docker-kubeconfig
+clusterctl get kubeconfig docker-quick-start-helm-addon-cilium > docker-kubeconfig
 ```
 
 If you are not on Linux, you will also need to fix the generated kubeconfig's `server`, run:
 
 ```shell
-kubectl config set-cluster docker-quick-start-helm-addon-calico \
+kubectl config set-cluster docker-quick-start-helm-addon-cilium \
   --kubeconfig docker-kubeconfig \
-  --server=https://$(docker port docker-quick-start-helm-addon-calico-lb 6443/tcp)
+  --server=https://$(docker port docker-quick-start-helm-addon-cilium-lb 6443/tcp)
 ```
 
 Wait until all nodes are ready (this indicates that CNI has been deployed successfully):
@@ -101,10 +101,10 @@ Wait until all nodes are ready (this indicates that CNI has been deployed succes
 kubectl --kubeconfig docker-kubeconfig wait nodes --all --for=condition=Ready --timeout=5m
 ```
 
-Show that Calico is running successfully on the workload cluster:
+Show that Cilium is running successfully on the workload cluster:
 
 ```shell
-kubectl --kubeconfig docker-kubeconfig get daemonsets -n calico-system
+kubectl --kubeconfig docker-kubeconfig get daemonsets -n kube-system cilium
 ```
 
 Deploy kube-vip to provide service load-balancer:
@@ -157,7 +157,7 @@ watch -n 0.5 kubectl --kubeconfig docker-kubeconfig get service/traefik
 To delete the workload cluster, run:
 
 ```shell
-kubectl delete cluster docker-quick-start-helm-addon-calico
+kubectl delete cluster docker-quick-start-helm-addon-cilium
 ```
 
 Notice that the traefik service is deleted before the cluster is actually finally deleted.

api/v1alpha1/addon_types.go

@@ -54,7 +54,7 @@ type CNI struct {
 }
 
 func (CNI) VariableSchema() clusterv1.VariableSchema {
-	supportedCNIProviders := []string{CNIProviderCalico}
+	supportedCNIProviders := []string{CNIProviderCalico, CNIProviderCilium}
 
 	return clusterv1.VariableSchema{
 		OpenAPIV3Schema: clusterv1.JSONSchemaProps{

api/v1alpha1/clusterconfig_types.go

@@ -16,8 +16,11 @@ import (
 
 const (
 	CNIProviderCalico = "calico"
+	CNIProviderCilium = "cilium"
+
 	CSIProviderAWSEBS = "aws-ebs"
-	CPIProivderAWS    = "aws"
+
+	CPIProivderAWS = "aws"
 )
 
 //+kubebuilder:object:root=true

charts/capi-runtime-extensions/README.md

@@ -31,18 +31,21 @@ A Helm chart for capi-runtime-extensions
 | deployDefaultClusterClasses | bool | `true` |  |
 | deployment.replicas | int | `1` |  |
 | env | object | `{}` |  |
-| hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.content | string | `""` |  |
-| hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.name | string | `"calico-cni-crs-installation-awscluster"` |  |
-| hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.AWSCluster.create | bool | `true` |  |
-| hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.content | string | `""` |  |
-| hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.name | string | `"calico-cni-crs-installation-dockercluster"` |  |
-| hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.DockerCluster.create | bool | `true` |  |
-| hooks.CalicoCNI.crsStrategy.defaultTigeraOperatorConfigMap.name | string | `"tigera-operator"` |  |
-| hooks.CalicoCNI.defaultPodSubnet | string | `"192.168.0.0/16"` |  |
-| hooks.CalicoCNI.helmAddonStrategy.defaultValueTemplatesConfigMaps.AWSCluster.create | bool | `true` |  |
-| hooks.CalicoCNI.helmAddonStrategy.defaultValueTemplatesConfigMaps.AWSCluster.name | string | `"calico-cni-helm-values-template-awscluster"` |  |
-| hooks.CalicoCNI.helmAddonStrategy.defaultValueTemplatesConfigMaps.DockerCluster.create | bool | `true` |  |
-| hooks.CalicoCNI.helmAddonStrategy.defaultValueTemplatesConfigMaps.DockerCluster.name | string | `"calico-cni-helm-values-template-dockercluster"` |  |
+| hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.content | string | `""` |  |
+| hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.name | string | `"calico-cni-crs-installation-awscluster"` |  |
+| hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.AWSCluster.create | bool | `true` |  |
+| hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.content | string | `""` |  |
+| hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.name | string | `"calico-cni-crs-installation-dockercluster"` |  |
+| hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.DockerCluster.create | bool | `true` |  |
+| hooks.cni.calico.crsStrategy.defaultTigeraOperatorConfigMap.name | string | `"tigera-operator"` |  |
+| hooks.cni.calico.defaultPodSubnet | string | `"192.168.0.0/16"` |  |
+| hooks.cni.calico.helmAddonStrategy.defaultValueTemplatesConfigMaps.AWSCluster.create | bool | `true` |  |
+| hooks.cni.calico.helmAddonStrategy.defaultValueTemplatesConfigMaps.AWSCluster.name | string | `"calico-cni-helm-values-template-awscluster"` |  |
+| hooks.cni.calico.helmAddonStrategy.defaultValueTemplatesConfigMaps.DockerCluster.create | bool | `true` |  |
+| hooks.cni.calico.helmAddonStrategy.defaultValueTemplatesConfigMaps.DockerCluster.name | string | `"calico-cni-helm-values-template-dockercluster"` |  |
+| hooks.cni.cilium.crsStrategy.defaultCiliumConfigMap.name | string | `"cilium"` |  |
+| hooks.cni.cilium.helmAddonStrategy.defaultValueTemplateConfigMap.create | bool | `true` |  |
+| hooks.cni.cilium.helmAddonStrategy.defaultValueTemplateConfigMap.name | string | `"default-cilium-cni-helm-values-template"` |  |
 | image.pullPolicy | string | `"IfNotPresent"` |  |
 | image.repository | string | `"ghcr.io/d2iq-labs/capi-runtime-extensions"` |  |
 | image.tag | string | `""` |  |

charts/capi-runtime-extensions/templates/cni/calico/manifests/aws/crs-installation.yaml

@@ -1,15 +1,15 @@
 # Copyright 2023 D2iQ, Inc. All rights reserved.
 # SPDX-License-Identifier: Apache-2.0
 
-{{- if .Values.hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.AWSCluster.create }}
+{{- if .Values.hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.AWSCluster.create }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: '{{ .Values.hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.name }}'
+  name: '{{ .Values.hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.name }}'
 data:
   calico-installation: |
-{{- if .Values.hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.content -}}
-    {{ .Values.hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.content | nindent 4 }}
+{{- if .Values.hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.content -}}
+    {{ .Values.hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.AWSCluster.configMap.content | nindent 4 }}
 {{- else -}}
     # This section includes base Calico installation configuration.
     # For more information, see: https://docs.projectcalico.org/reference/installation/api
@@ -25,7 +25,7 @@ data:
         # Note: The ipPools section cannot be modified post-install.
         ipPools:
         - blockSize: 26
-          cidr: {{ .Values.hooks.CalicoCNI.defaultPodSubnet }}
+          cidr: {{ .Values.hooks.cni.calico.defaultPodSubnet }}
           encapsulation: IPIP
           natOutgoing: Enabled
           nodeSelector: all()

charts/capi-runtime-extensions/templates/cni/calico/manifests/aws/helm-addon-installation.yaml

@@ -1,11 +1,11 @@
 # Copyright 2023 D2iQ, Inc. All rights reserved.
 # SPDX-License-Identifier: Apache-2.0
 
-{{- if .Values.hooks.CalicoCNI.helmAddonStrategy.defaultValueTemplatesConfigMaps.AWSCluster.create }}
+{{- if .Values.hooks.cni.calico.helmAddonStrategy.defaultValueTemplatesConfigMaps.AWSCluster.create }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: '{{ .Values.hooks.CalicoCNI.helmAddonStrategy.defaultValueTemplatesConfigMaps.AWSCluster.name }}'
+  name: '{{ .Values.hooks.cni.calico.helmAddonStrategy.defaultValueTemplatesConfigMaps.AWSCluster.name }}'
 data:
   values.yaml: |-
     installation:

charts/capi-runtime-extensions/templates/cni/calico/manifests/docker/crs-installation.yaml

@@ -1,15 +1,15 @@
 # Copyright 2023 D2iQ, Inc. All rights reserved.
 # SPDX-License-Identifier: Apache-2.0
 
-{{- if .Values.hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.DockerCluster.create }}
+{{- if .Values.hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.DockerCluster.create }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: '{{ .Values.hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.name }}'
+  name: '{{ .Values.hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.name }}'
 data:
   calico-installation: |
-{{- if .Values.hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.content -}}
-    {{ .Values.hooks.CalicoCNI.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.content | nindent 4 }}
+{{- if .Values.hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.content -}}
+    {{ .Values.hooks.cni.calico.crsStrategy.defaultInstallationConfigMaps.DockerCluster.configMap.content | nindent 4 }}
 {{- else -}}
     # This section includes base Calico installation configuration.
     # For more information, see: https://docs.projectcalico.org/reference/installation/api
@@ -25,7 +25,7 @@ data:
         # Note: The ipPools section cannot be modified post-install.
         ipPools:
         - blockSize: 26
-          cidr: {{ .Values.hooks.CalicoCNI.defaultPodSubnet }}
+          cidr: {{ .Values.hooks.cni.calico.defaultPodSubnet }}
           encapsulation: VXLANCrossSubnet
           natOutgoing: Enabled
           nodeSelector: all()

charts/capi-runtime-extensions/templates/cni/calico/manifests/docker/helm-addon-installation.yaml

@@ -1,11 +1,11 @@
 # Copyright 2023 D2iQ, Inc. All rights reserved.
 # SPDX-License-Identifier: Apache-2.0
 
-{{- if .Values.hooks.CalicoCNI.helmAddonStrategy.defaultValueTemplatesConfigMaps.DockerCluster.create }}
+{{- if .Values.hooks.cni.calico.helmAddonStrategy.defaultValueTemplatesConfigMaps.DockerCluster.create }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: '{{ .Values.hooks.CalicoCNI.helmAddonStrategy.defaultValueTemplatesConfigMaps.DockerCluster.name }}'
+  name: '{{ .Values.hooks.cni.calico.helmAddonStrategy.defaultValueTemplatesConfigMaps.DockerCluster.name }}'
 data:
   values.yaml: |-
     installation:

charts/capi-runtime-extensions/templates/cni/calico/manifests/tigera-operator-configmap.yaml

@@ -12,5 +12,5 @@ data:
 kind: ConfigMap
 metadata:
   creationTimestamp: null
-  name: '{{ .Values.hooks.CalicoCNI.crsStrategy.defaultTigeraOperatorConfigMap.name
+  name: '{{ .Values.hooks.cni.calico.crsStrategy.defaultTigeraOperatorConfigMap.name
     }}'