From e083f29d96d14b565a97b2ca0eff2479830b8198 Mon Sep 17 00:00:00 2001 From: slonka Date: Mon, 14 Oct 2024 11:37:29 +0200 Subject: [PATCH] regenerate stuff --- api/v1alpha1/zz_generated.deepcopy.go | 5 - ...operator.konghq.com_meshcontrolplanes.yaml | 9 - .../controller_reconciler_utils.go | 2 +- docs/api-reference.md | 1 - pkg/utils/kubernetes/resources/deployments.go | 208 ++++++++++++++++++ 5 files changed, 209 insertions(+), 16 deletions(-) diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 496ab4eae..80eb4be0c 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -739,11 +739,6 @@ func (in *MeshControlPlane) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MeshControlPlaneDeploymentOptions) DeepCopyInto(out *MeshControlPlaneDeploymentOptions) { *out = *in - if in.Replicas != nil { - in, out := &in.Replicas, &out.Replicas - *out = new(int32) - **out = **in - } if in.PodTemplateSpec != nil { in, out := &in.PodTemplateSpec, &out.PodTemplateSpec *out = new(corev1.PodTemplateSpec) diff --git a/config/crd/bases/gateway-operator.konghq.com_meshcontrolplanes.yaml b/config/crd/bases/gateway-operator.konghq.com_meshcontrolplanes.yaml index 018ca47c1..9a1035ffb 100644 --- a/config/crd/bases/gateway-operator.konghq.com_meshcontrolplanes.yaml +++ b/config/crd/bases/gateway-operator.konghq.com_meshcontrolplanes.yaml @@ -8068,15 +8068,6 @@ spec: - containers type: object type: object - replicas: - default: 1 - description: |- - Replicas describes the number of desired pods. - This is a pointer to distinguish between explicit zero and not specified. - This only affects the DataPlane deployments for now, for more details on - ControlPlane scaling please see https://github.com/Kong/gateway-operator/issues/736. - format: int32 - type: integer type: object type: object status: diff --git a/controller/mesh_controlplane/controller_reconciler_utils.go b/controller/mesh_controlplane/controller_reconciler_utils.go index efc7657a3..d9b4871a2 100644 --- a/controller/mesh_controlplane/controller_reconciler_utils.go +++ b/controller/mesh_controlplane/controller_reconciler_utils.go @@ -180,7 +180,7 @@ func (r *Reconciler) ensureDeployment( if err != nil { return op.Noop, nil, err } - generatedDeployment, err := k8sresources.GenerateNewDeploymentForControlPlane(k8sresources.GenerateNewDeploymentForControlPlaneParams{ + generatedDeployment, err := k8sresources.GenerateNewDeploymentForControlPlaneMesh(k8sresources.GenerateNewDeploymentForControlPlaneParams{ ControlPlane: params.ControlPlane, ControlPlaneImage: controlplaneImage, ServiceAccountName: params.ServiceAccountName, diff --git a/docs/api-reference.md b/docs/api-reference.md index fbcacad06..b2b524cb6 100644 --- a/docs/api-reference.md +++ b/docs/api-reference.md @@ -2275,7 +2275,6 @@ version, as well as Env variable overrides. | Field | Description | | --- | --- | -| `replicas` _integer_ | Replicas describes the number of desired pods. This is a pointer to distinguish between explicit zero and not specified. This only affects the DataPlane deployments for now, for more details on ControlPlane scaling please see https://github.com/Kong/gateway-operator/issues/736. | | `podTemplateSpec` _[PodTemplateSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#podtemplatespec-v1-core)_ | PodTemplateSpec defines PodTemplateSpec for Deployment's pods. | diff --git a/pkg/utils/kubernetes/resources/deployments.go b/pkg/utils/kubernetes/resources/deployments.go index 6323a7bed..07b779be2 100644 --- a/pkg/utils/kubernetes/resources/deployments.go +++ b/pkg/utils/kubernetes/resources/deployments.go @@ -2,6 +2,7 @@ package resources import ( "fmt" + sdkkonnectgo "github.com/Kong/sdk-konnect-go" "sync" "github.com/samber/lo" @@ -129,6 +130,213 @@ func GenerateNewDeploymentForControlPlane(params GenerateNewDeploymentForControl return deployment, nil } +func GenerateNewDeploymentForControlPlaneMesh(params GenerateNewDeploymentForControlPlaneParams) (*appsv1.Deployment, error) { + deployment := &appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + "app": "kuma-control-plane", + "app.kubernetes.io/instance": "kuma", + "app.kubernetes.io/name": "kuma", + }, + Name: "kuma-control-plane", + Namespace: "kuma-system", + }, + Spec: appsv1.DeploymentSpec{ + Replicas: sdkkonnectgo.Pointer(int32(1)), + Selector: &metav1.LabelSelector{MatchLabels: map[string]string{ + "app": "kuma-control-plane", + "app.kubernetes.io/instance": "kuma", + "app.kubernetes.io/name": "kuma", + }}, + Strategy: appsv1.DeploymentStrategy{RollingUpdate: &appsv1.RollingUpdateDeployment{MaxSurge: &intstr.IntOrString{IntVal: int32(1)}}}, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + "checksum/config": "fd9d1d8386f97f2bd49e50f476520816168a1c9f60bbc43dec1347a64d239155", + "checksum/tls-secrets": "cd5650b43d26157935d13a561eed2f7c85b6d0cf988a024a52e005527240a49d", + }, + Labels: map[string]string{ + "app": "kuma-control-plane", + "app.kubernetes.io/instance": "kuma", + "app.kubernetes.io/name": "kuma", + }, + }, + Spec: corev1.PodSpec{ + Affinity: &corev1.Affinity{PodAntiAffinity: &corev1.PodAntiAffinity{PreferredDuringSchedulingIgnoredDuringExecution: []corev1.WeightedPodAffinityTerm{corev1.WeightedPodAffinityTerm{ + PodAffinityTerm: corev1.PodAffinityTerm{ + LabelSelector: &metav1.LabelSelector{MatchExpressions: []metav1.LabelSelectorRequirement{metav1.LabelSelectorRequirement{ + Key: "app.kubernetes.io/name", + Operator: metav1.LabelSelectorOperator("In"), + Values: []string{"kuma"}, + }, metav1.LabelSelectorRequirement{ + Key: "app.kubernetes.io/instance", + Operator: metav1.LabelSelectorOperator("In"), + Values: []string{"kuma"}, + }, metav1.LabelSelectorRequirement{ + Key: "app", + Operator: metav1.LabelSelectorOperator("In"), + Values: []string{"kuma-control-plane"}, + }}}, + TopologyKey: "kubernetes.io/hostname", + }, + Weight: int32(100), + }}}}, + AutomountServiceAccountToken: sdkkonnectgo.Pointer(true), + Containers: []corev1.Container{corev1.Container{ + Args: []string{"run", "--log-level=info", "--log-output-path=", "--config-file=/etc/kuma.io/kuma-control-plane/config.yaml"}, + Env: []corev1.EnvVar{corev1.EnvVar{ + Name: "KUMA_API_SERVER_AUTHN_LOCALHOST_IS_ADMIN", + Value: "false", + }, corev1.EnvVar{ + Name: "KUMA_API_SERVER_READ_ONLY", + Value: "true", + }, corev1.EnvVar{ + Name: "KUMA_DEFAULTS_SKIP_MESH_CREATION", + Value: "false", + }, corev1.EnvVar{ + Name: "KUMA_DP_SERVER_HDS_ENABLED", + Value: "false", + }, corev1.EnvVar{ + Name: "KUMA_ENVIRONMENT", + Value: "kubernetes", + }, corev1.EnvVar{ + Name: "KUMA_GENERAL_TLS_CERT_FILE", + Value: "/var/run/secrets/kuma.io/tls-cert/tls.crt", + }, corev1.EnvVar{ + Name: "KUMA_GENERAL_TLS_KEY_FILE", + Value: "/var/run/secrets/kuma.io/tls-cert/tls.key", + }, corev1.EnvVar{ + Name: "KUMA_INJECTOR_INIT_CONTAINER_IMAGE", + Value: "docker.io/kumahq/kuma-init:0.0.1", + }, corev1.EnvVar{ + Name: "KUMA_MODE", + Value: "zone", + }, corev1.EnvVar{ + Name: "KUMA_PLUGIN_POLICIES_ENABLED", + Value: "meshaccesslogs,meshcircuitbreakers,meshfaultinjections,meshhealthchecks,meshhttproutes,meshloadbalancingstrategies,meshmetrics,meshpassthroughs,meshproxypatches,meshratelimits,meshretries,meshtcproutes,meshtimeouts,meshtlses,meshtraces,meshtrafficpermissions", + }, corev1.EnvVar{ + Name: "KUMA_RUNTIME_KUBERNETES_ADMISSION_SERVER_CERT_DIR", + Value: "/var/run/secrets/kuma.io/tls-cert", + }, corev1.EnvVar{ + Name: "KUMA_RUNTIME_KUBERNETES_ADMISSION_SERVER_PORT", + Value: "5443", + }, corev1.EnvVar{ + Name: "KUMA_RUNTIME_KUBERNETES_ALLOWED_USERS", + Value: "system:serviceaccount:kuma-system:kuma-control-plane", + }, corev1.EnvVar{ + Name: "KUMA_RUNTIME_KUBERNETES_CONTROL_PLANE_SERVICE_NAME", + Value: "kuma-control-plane", + }, corev1.EnvVar{ + Name: "KUMA_RUNTIME_KUBERNETES_INJECTOR_CA_CERT_FILE", + Value: "/var/run/secrets/kuma.io/tls-cert/ca.crt", + }, corev1.EnvVar{ + Name: "KUMA_RUNTIME_KUBERNETES_INJECTOR_CNI_ENABLED", + Value: "false", + }, corev1.EnvVar{ + Name: "KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_IMAGE", + Value: "docker.io/kumahq/kuma-dp:0.0.1", + }, corev1.EnvVar{ + Name: "KUMA_STORE_KUBERNETES_SYSTEM_NAMESPACE", + Value: "kuma-system", + }, corev1.EnvVar{ + Name: "KUMA_STORE_TYPE", + Value: "kubernetes", + }, corev1.EnvVar{ + Name: "KUMA_INTER_CP_CATALOG_INSTANCE_ADDRESS", + ValueFrom: &corev1.EnvVarSource{FieldRef: &corev1.ObjectFieldSelector{FieldPath: "status.podIP"}}, + }, corev1.EnvVar{ + Name: "GOMEMLIMIT", + ValueFrom: &corev1.EnvVarSource{ResourceFieldRef: &corev1.ResourceFieldSelector{ + ContainerName: "control-plane", + Resource: "limits.memory", + }}, + }, corev1.EnvVar{ + Name: "GOMAXPROCS", + ValueFrom: &corev1.EnvVarSource{ResourceFieldRef: &corev1.ResourceFieldSelector{ + ContainerName: "control-plane", + Resource: "limits.cpu", + }}, + }}, + Image: "docker.io/kumahq/kuma-cp:0.0.1", + ImagePullPolicy: corev1.PullPolicy("IfNotPresent"), + LivenessProbe: &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{HTTPGet: &corev1.HTTPGetAction{ + Path: "/healthy", + Port: intstr.IntOrString{IntVal: int32(5680)}, + }}, + TimeoutSeconds: int32(10), + }, + Name: "control-plane", + Ports: []corev1.ContainerPort{corev1.ContainerPort{ + ContainerPort: int32(5680), + Name: "diagnostics", + Protocol: corev1.Protocol("TCP"), + }, corev1.ContainerPort{ContainerPort: int32(5681)}, corev1.ContainerPort{ContainerPort: int32(5682)}, corev1.ContainerPort{ContainerPort: int32(5443)}, corev1.ContainerPort{ContainerPort: int32(5678)}}, + ReadinessProbe: &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{HTTPGet: &corev1.HTTPGetAction{ + Path: "/ready", + Port: intstr.IntOrString{IntVal: int32(5680)}, + }}, + TimeoutSeconds: int32(10), + }, + Resources: corev1.ResourceRequirements{ + Limits: map[corev1.ResourceName]resource.Quantity{corev1.ResourceName("memory"): resource.MustParse("256Mi")}, + Requests: map[corev1.ResourceName]resource.Quantity{ + corev1.ResourceName("cpu"): resource.MustParse("500m"), + corev1.ResourceName("memory"): resource.MustParse("256Mi"), + }, + }, + SecurityContext: &corev1.SecurityContext{ReadOnlyRootFilesystem: sdkkonnectgo.Pointer(true)}, + VolumeMounts: []corev1.VolumeMount{corev1.VolumeMount{ + MountPath: "/var/run/secrets/kuma.io/tls-cert/tls.crt", + Name: "general-tls-cert", + ReadOnly: true, + SubPath: "tls.crt", + }, corev1.VolumeMount{ + MountPath: "/var/run/secrets/kuma.io/tls-cert/tls.key", + Name: "general-tls-cert", + ReadOnly: true, + SubPath: "tls.key", + }, corev1.VolumeMount{ + MountPath: "/var/run/secrets/kuma.io/tls-cert/ca.crt", + Name: "general-tls-cert", + ReadOnly: true, + SubPath: "ca.crt", + }, corev1.VolumeMount{ + MountPath: "/etc/kuma.io/kuma-control-plane", + Name: "kuma-control-plane-config", + ReadOnly: true, + }, corev1.VolumeMount{ + MountPath: "/tmp", + Name: "tmp", + }}, + }}, + NodeSelector: map[string]string{"kubernetes.io/os": "linux"}, + SecurityContext: &corev1.PodSecurityContext{RunAsNonRoot: sdkkonnectgo.Pointer(true)}, + ServiceAccountName: "kuma-control-plane", + TerminationGracePeriodSeconds: sdkkonnectgo.Pointer(int64(30)), + Volumes: []corev1.Volume{corev1.Volume{ + Name: "general-tls-cert", + VolumeSource: corev1.VolumeSource{Secret: &corev1.SecretVolumeSource{SecretName: "general-tls-secret"}}, + }, corev1.Volume{ + Name: "kuma-control-plane-config", + VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: "kuma-control-plane-config"}}}, + }, corev1.Volume{ + Name: "tmp", + VolumeSource: corev1.VolumeSource{}, + }}, + }, + }, + }, + TypeMeta: metav1.TypeMeta{ + APIVersion: "apps/v1", + Kind: "Deployment", + }, + } + + return deployment, nil +} + // GenerateContainerForControlPlaneParams is a parameter struct for GenerateControlPlaneContainer function. type GenerateContainerForControlPlaneParams struct { Image string