Remove v2 for luigi and hostplumber, updates go-to-1.22 , deps, alpin…

…e. Backport fixes. (#259) * Updated to go1.22, Alpine 3.20, latest controller-tools controller-gen and setup-envtest * Backport : Added metricsPort to hostplumber plugin (#230) * Backport : Update sampleplugins.yaml (#241) * Backport : [PMK-6474] : Restrict TLS cipher suites for kube-rbac-proxy container (#213) * [Backport for PMK 5.10] Added ability to customize hostplumber metrics port (#216) * Added ability to customize hostplumber metrics port (#211) * Added ability to customize hostplumber metrics port * Removing unused packages * RUN apk update && apk upgrade from hostplumber/Dockerfile --------- Co-authored-by: Jayanth_Reddy_0916 <[email protected]> Co-authored-by: Manasa Bellamkonda <[email protected]>
platform9 · Nov 18, 2024 · f8155a1 · f8155a1
1 parent ba24692
commit f8155a1
Show file tree

Hide file tree

Showing 164 changed files with 1,129 additions and 9,221 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -18,7 +18,7 @@ jobs:
         uses: actions/setup-go@v5
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
-          go-version: 1.21
+          go-version: 1.22
           check-latest: true
           cache: true
       - name: Print the version of golang
@@ -37,7 +37,7 @@ jobs:
         uses: actions/setup-go@v5
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
-          go-version: 1.21
+          go-version: 1.22
           check-latest: true
           cache: true
       - name: Print the version of golang

diff --git a/.github/workflows/hostplumber-multiarch-build-and-push.yml b/.github/workflows/hostplumber-multiarch-build-and-push.yml
@@ -14,6 +14,7 @@ jobs:
     env:
       USERNAME: ${{ secrets.QUAY_USERNAME }}
       PASSWORD: ${{ secrets.QUAY_PASSWORD }}
+      OVERRIDE_HOSTPLUMBER_VERSION: ${{ secrets.OVERRIDE_HOSTPLUMBER_VERSION || '' }}
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4

diff --git a/.github/workflows/luigi-build-and-push.yml b/.github/workflows/luigi-build-and-push.yml
@@ -12,6 +12,7 @@ jobs:
     env:
       USERNAME: ${{ secrets.QUAY_USERNAME }}
       PASSWORD: ${{ secrets.QUAY_PASSWORD }}
+      OVERRIDE_LUIGI_VERSION: ${{ secrets.OVERRIDE_LUIGI_VERSION || '' }}
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4

diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,5 @@
 # Build the manager binary
-FROM golang:1.22 as builder
+FROM golang:1.22 AS builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
@@ -23,7 +23,7 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go
 # Refer to https://github.com/GoogleContainerTools/distroless for more details
 #FROM gcr.io/distroless/static:nonroot
 
-FROM alpine:3.19
+FROM alpine:3.20
 RUN apk add --no-cache bash
 WORKDIR /
 COPY --from=builder /workspace/manager .

diff --git a/Makefile b/Makefile
@@ -1,10 +1,18 @@
 SHELL=/bin/bash
 # Image URL to use all building/pushing image targets
 #IMG ?= controller:latest
-VER_LABEL=$(shell ./get-label.bash)
-IMG ?= quay.io/platform9/luigi-plugins:$(VER_LABEL)
+ifndef OVERRIDE_LUIGI_VERSION
+	IMG_TAG = $(shell ./get-label.bash)
+else
+	ifneq ($(strip $(OVERRIDE_LUIGI_VERSION)),)
+		IMG_TAG ?= $(OVERRIDE_LUIGI_VERSION)
+	else
+		IMG_TAG = $(shell ./get-label.bash)
+	endif
+endif
+IMG ?= quay.io/platform9/luigi-plugins:$(IMG_TAG)
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
-ENVTEST_K8S_VERSION = 1.27
+ENVTEST_K8S_VERSION = 1.29
 
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
@@ -128,7 +136,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest
 
 ## Tool Versions
 KUSTOMIZE_VERSION ?= v3.8.7
-CONTROLLER_TOOLS_VERSION ?= v0.8.0
+CONTROLLER_TOOLS_VERSION ?= v0.16.3
 
 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
 .PHONY: kustomize
@@ -144,10 +152,10 @@ $(CONTROLLER_GEN): $(LOCALBIN)
 .PHONY: envtest
 envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
 $(ENVTEST): $(LOCALBIN)
-	GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.0.0-20230216140739-c98506dc3b8e
+	GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest
 
 img-test:
-	docker run --rm  -v $(SRCROOT):/luigi -w /luigi golang:1.21  bash -c "GOFLAGS=-buildvcs=false make test"
+	docker run --rm  -v $(SRCROOT):/luigi -w /luigi golang:1.22  bash -c "GOFLAGS=-buildvcs=false make test"
 
 img-build: $(BUILD_DIR) img-test 
 	docker build --network host . -t ${IMG}

diff --git a/README.md b/README.md
@@ -1,37 +1,61 @@
 # Luigi
+
 Luigi is a Kubernetes Operator to deploy, manage, and upgrade advanced networking plugins. The default Kubernetes networking model with one CNI and cluster-wide network can be too restrictive for many advanced networking use cases like NFV or virtualization
 
 There are many discrete plugins and solutions, but knowing which ones to use, deploying and managing them can be tedious. Secondary CNIs? Multus? SRIOV? Device plugins? OVS? Which IPAM? What's the current Linux networking state of my nodes? How do I configure my nodes in order to support all of these?
 
-# How to deploy
-This will require an already working K8s cluster with DNS and a primary CNI up and running. 
+## How to deploy
+
+This will require an already working K8s cluster with DNS and a primary CNI up and running.
 Deploy the manifest found in samples in this repo:
-```
+
+```shell
 kubectl apply -f https://raw.githubusercontent.com/platform9/luigi/master/samples/luigi-plugins-operator.yaml
 ```
+
 A deployment of 1 replica will be created in the luigi-system namespace.
 
 Or, To get started sign up for Platform9 Managed Kubernetes(PMK) for free at platform9.com/signup, see more about our Telco 5G offerings at platform9.com/solutions/telco-5g or contact us at platform9.com/contact. With PMK, Luigi will already be deployed and managed itself
 
-# Plugins supported
+## How to build
+
+Platform9 publishes the images to Docker Hub under platform9 organisation.
+
+- Luigi image is published as
+  `platform9/luigi-plugins:<version tag>`
+- Hostplumber image is published as
+  `platform9/hostplumber:<version tag>`
+
+The version tag is set to the git tag in git repository.
+In the absence of a tag, it is set to [git branch]-pmk-[git revision id]
+
+Override the version tag using env variable
+
+- For Luigi:
+  `OVERRIDE_LUIGI_VERSION`
+- For Hostplumber:
+  `OVERRIDE_HOSTPLUMBER_VERSION`
+
+## Plugins supported
+
 The scope of each plugin is beyond this documentation. But if you know you need it, luigi will deploy the following:
 
- - HostPlumber: A subset of Luigi, an operator to configure/prep networking on the node and retrieve node details
-	 - See: https://github.com/platform9/luigi/blob/master/hostplumber/README.md
-	 - Use to create SRIOV VFs, configure OVS, create VLAN interfaces, etc...
-	 - Recommended unless you have your own tooling to configure nodes
- - Multus
-	 - Almost always required - the only way K8S can support multiple CNIs and networks
- - SRIOV CNI
- - SRIOV Device Plugin
- - OpenVSwitch daemon & CLI tools
- - OVS CNI plugin
- - Macvlan, IPvlan
- - Whereabouts IPAM driver
-	 - Required for dynamic IP assignment without an external DHCP service.
- - Node Feature Discovery
-
-# Configuration:
+- HostPlumber: A subset of Luigi, an operator to configure/prep networking on the node and retrieve node details
+  - See: [README.md](https://github.com/platform9/luigi/blob/master/hostplumber/README.md)
+  - Use to create SRIOV VFs, configure OVS, create VLAN interfaces, etc...
+  - Recommended unless you have your own tooling to configure nodes
+- Multus
+  - Almost always required - the only way K8S can support multiple CNIs and networks
+- SRIOV CNI
+  - SRIOV Device Plugin
+- OpenVSwitch daemon & CLI tools
+  - OVS CNI plugin
+  - Macvlan, IPvlan
+- Whereabouts IPAM driver
+  - Required for dynamic IP assignment without an external DHCP service.
+- Node Feature Discovery
+
+## Configuration
 
 **namespace**: Each plugin will take in a namespace override to deploy, default namespace otherwise
 
@@ -42,21 +66,23 @@ The scope of each plugin is beyond this documentation. But if you know you need
 **privateRegistryBase**: Some airgapped env's may have a custom container registry. If this is specified, it will replace the public container registry URL (docker.io, gcr.io, quay, etc..) with this path
 
 Each plugin may or may not have some further specific configuration. Here are the current options as of release v0.3:
- - HostPlumber - none
- - Multus - none
- - SRIOV - none
- - Node-feature-discovery - none
- - OVS - none
- - Whereabouts
-	 - ipReconcilerSchedule - specify the CronJob schedule of the whereabouts IP cleanup Job
-	 - ipReconcilerNodeSelector - specify the nodeSelector Labels on which to schedule the ip-reconciler
-
-# NetworkPlugins CRD:
+
+- HostPlumber - none
+- Multus - none
+- SRIOV - none
+- Node-feature-discovery - none
+- OVS - none
+- Whereabouts
+  - ipReconcilerSchedule - specify the CronJob schedule of the whereabouts IP cleanup Job
+  - ipReconcilerNodeSelector - specify the nodeSelector Labels on which to schedule the ip-reconciler
+
+## NetworkPlugins CRD
+
 In it's current phase, only one instance of the CRD is supported. It will reflect the final, desired state of all plugins to be deployed.
 
 If it is present, Luigi will ensure that the plugin is deployed and upgraded. If missing and re-applied, Luigi will remove the plugin if it was previously managing it.
 
-```
+```YAML
 apiVersion: plumber.k8s.pf9.io/v1
 kind: NetworkPlugins
 metadata:
@@ -78,7 +104,7 @@ spec:
 
 The above will deploy all the plugins specified in the default namespace. To override the namespace, and deploy in kube-system:
 
-```
+```YAML
 apiVersion: plumber.k8s.pf9.io/v1
 kind: NetworkPlugins
 metadata:
@@ -98,9 +124,9 @@ spec:
       namespace: "kube-system"
 ```
 
-That is it! Now that you have the secondary CNIs and other related plugins deployed, you may need to prep the nodes before you can actually create Multus Networks and assign them to Pods. In order to do so, use Luigi's own HostPlumber plugin: https://github.com/platform9/luigi/blob/master/hostplumber/README.md
+That is it! Now that you have the secondary CNIs and other related plugins deployed, you may need to prep the nodes before you can actually create Multus Networks and assign them to Pods. In order to do so, use Luigi's own HostPlumber plugin. See [README for HostPlumber](https://github.com/platform9/luigi/blob/master/hostplumber/README.md)
 
+## Dev note
 
-##### Dev note
 This project needs to migrate to Kubebuilder/v4.
-webhooks where added manually `make generate && make manifestes` will not add required feild for webhook in crds and luigi deployment. refer `samples/luigi-plugins-operator-v2.yaml`
+webhooks where added manually `make generate && make manifestes` will not add required field for webhook in crds and luigi deployment. refer `samples/luigi-plugins-operator-v2.yaml`
diff --git a/api/v1/networkplugins_types.go b/api/v1/networkplugins_types.go
@@ -68,6 +68,7 @@ type HostPlumber struct {
 	Namespace        string `json:"namespace,omitempty"`
 	ImagePullPolicy  string `json:"imagePullPolicy,omitempty"`
 	HostPlumberImage string `json:"hostPlumberImage,omitempty"`
+	MetricsPort      string `json:"metricsPort,omitempty"`
 }
 
 type Whereabouts struct {

diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go
diff --git a/config/crd/bases/dhcp.plumber.k8s.pf9.io_dhcpservers.yaml b/config/crd/bases/dhcp.plumber.k8s.pf9.io_dhcpservers.yaml
@@ -0,0 +1,97 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.16.3
+  name: dhcpservers.dhcp.plumber.k8s.pf9.io
+spec:
+  group: dhcp.plumber.k8s.pf9.io
+  names:
+    kind: DHCPServer
+    listKind: DHCPServerList
+    plural: dhcpservers
+    singular: dhcpserver
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: DHCPServer is the Schema for the dhcpservers API
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: DHCPServerSpec defines the desired state of DHCPServer
+            properties:
+              networks:
+                description: Details of Networks
+                items:
+                  properties:
+                    cidr:
+                      description: refers to CIDR of server
+                      properties:
+                        gateway:
+                          description: refers to gateway IP
+                          type: string
+                        range:
+                          description: refers to cidr range
+                          type: string
+                        range_end:
+                          description: refers to end IP of range
+                          type: string
+                        range_start:
+                          description: refers to start IP of range
+                          type: string
+                      required:
+                      - range
+                      type: object
+                    interfaceIp:
+                      description: refers to IP address to bind interface to
+                      type: string
+                    leaseDuration:
+                      description: refers to leasetime of IP
+                      type: string
+                    networkName:
+                      description: refers to net-attach-def to be served
+                      type: string
+                    vlanId:
+                      description: refers to vlan
+                      type: string
+                  required:
+                  - cidr
+                  - interfaceIp
+                  - networkName
+                  type: object
+                type: array
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                description: Node Selector for the DHCPServer VM
+                type: object
+            required:
+            - networks
+            type: object
+          status:
+            description: DHCPServerStatus defines the observed state of DHCPServer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}