From 93914d8597d7052ef2ec4a7393f966fe87e29253 Mon Sep 17 00:00:00 2001 From: weixiao-huang Date: Wed, 31 Aug 2022 22:42:17 +0800 Subject: [PATCH] feat(deploy): add support for matching live migration --- deploy/helm/virtink/crds | 1 + ...rt.virtink.smartx.com_virtualmachines.yaml | 1 - .../templates/virt-controller/manifests.yaml | 21 +++++++++++++++++++ .../templates/virt-controller/rbac.yaml | 16 ++++++++++++++ .../virtink/templates/virt-daemon/cert.yaml | 20 ++++++++++++++++++ .../templates/virt-daemon/daemonset.yaml | 11 ++++++++++ 6 files changed, 69 insertions(+), 1 deletion(-) create mode 120000 deploy/helm/virtink/crds delete mode 120000 deploy/helm/virtink/crds/virt.virtink.smartx.com_virtualmachines.yaml create mode 100644 deploy/helm/virtink/templates/virt-daemon/cert.yaml diff --git a/deploy/helm/virtink/crds b/deploy/helm/virtink/crds new file mode 120000 index 0000000..bfd7290 --- /dev/null +++ b/deploy/helm/virtink/crds @@ -0,0 +1 @@ +../../crd \ No newline at end of file diff --git a/deploy/helm/virtink/crds/virt.virtink.smartx.com_virtualmachines.yaml b/deploy/helm/virtink/crds/virt.virtink.smartx.com_virtualmachines.yaml deleted file mode 120000 index de57bde..0000000 --- a/deploy/helm/virtink/crds/virt.virtink.smartx.com_virtualmachines.yaml +++ /dev/null @@ -1 +0,0 @@ -../../../crd/virt.virtink.smartx.com_virtualmachines.yaml \ No newline at end of file diff --git a/deploy/helm/virtink/templates/virt-controller/manifests.yaml b/deploy/helm/virtink/templates/virt-controller/manifests.yaml index f3ca2d9..1d7742c 100644 --- a/deploy/helm/virtink/templates/virt-controller/manifests.yaml +++ b/deploy/helm/virtink/templates/virt-controller/manifests.yaml @@ -55,3 +55,24 @@ webhooks: resources: - virtualmachines sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: {{ .Values.virtController.name }} + namespace: {{ .Release.Namespace }} + path: /validate-v1alpha1-virtualmachinemigration + failurePolicy: Fail + name: validate.virtualmachinemigration.v1alpha1.virt.virtink.smartx.com + rules: + - apiGroups: + - virt.virtink.smartx.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - virtualmachinemigrations + sideEffects: None \ No newline at end of file diff --git a/deploy/helm/virtink/templates/virt-controller/rbac.yaml b/deploy/helm/virtink/templates/virt-controller/rbac.yaml index fb22d37..a50ce4d 100644 --- a/deploy/helm/virtink/templates/virt-controller/rbac.yaml +++ b/deploy/helm/virtink/templates/virt-controller/rbac.yaml @@ -72,6 +72,22 @@ rules: - get - list - watch +- apiGroups: + - virt.virtink.smartx.com + resources: + - virtualmachinemigrations + verbs: + - get + - list + - watch +- apiGroups: + - virt.virtink.smartx.com + resources: + - virtualmachinemigrations/status + verbs: + - get + - patch + - update - apiGroups: - virt.virtink.smartx.com resources: diff --git a/deploy/helm/virtink/templates/virt-daemon/cert.yaml b/deploy/helm/virtink/templates/virt-daemon/cert.yaml new file mode 100644 index 0000000..314ddd0 --- /dev/null +++ b/deploy/helm/virtink/templates/virt-daemon/cert.yaml @@ -0,0 +1,20 @@ +{{- $service := .Values.virtDaemon }} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ $service.name }}-cert +spec: + issuerRef: + kind: Issuer + name: {{ $service.name }}-cert-issuer + dnsNames: + - {{ $service.name }}.{{ .Release.Namespace }}.svc + - {{ $service.name }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} + secretName: {{ $service.name }}-cert +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ $service.name }}-cert-issuer +spec: + selfSigned: {} diff --git a/deploy/helm/virtink/templates/virt-daemon/daemonset.yaml b/deploy/helm/virtink/templates/virt-daemon/daemonset.yaml index 07352dd..6f17774 100644 --- a/deploy/helm/virtink/templates/virt-daemon/daemonset.yaml +++ b/deploy/helm/virtink/templates/virt-daemon/daemonset.yaml @@ -35,12 +35,23 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + fieldPath: status.podIP args: - --zap-time-encoding=iso8601 volumeMounts: - name: kubelet-pods mountPath: /var/lib/kubelet/pods + - name: cert + mountPath: /var/lib/virtink/daemon/cert + readOnly: true volumes: - name: kubelet-pods hostPath: path: /var/lib/kubelet/pods + - name: cert + secret: + secretName: virt-daemon-cert + defaultMode: 420