PCP-22: capi1 v1 Boostrap and CAPI changes

api/v1beta1/common_types.go

@@ -136,6 +136,9 @@ const (
  // instead of being a source of truth for eventual consistency.
  // This annotation can be used to inform MachinePool status during in-progress scaling scenarios.
  ReplicasManagedByAnnotation = "cluster.x-k8s.io/replicas-managed-by"
+
+ // TakeOverCluster is the label used to mark the nodes that run on takeover-cluster instances.
+ TakeOverCluster = "cluster.x-k8s.io/takeover-cluster"
 )
 
 const (

bootstrap/kubeadm/internal/controllers/kubeadmconfig_controller.go

@@ -19,6 +19,7 @@ package controllers
 import (
  "context"
  "fmt"
+ "log"
  "strconv"
  "time"
 
@@ -277,8 +278,12 @@ func (r *KubeadmConfigReconciler) Reconcile(ctx context.Context, req ctrl.Reques
  return ctrl.Result{}, nil
  }
 
+ // TODO: PCP-22 check (annotation to skip handleClusterNotInitialized and go for join )
+ // how to make this condition true for new cluster as kubeadm cluster is already initialized
  // Note: can't use IsFalse here because we need to handle the absence of the condition as well as false.
- if !conditions.IsTrue(cluster, clusterv1.ControlPlaneInitializedCondition) {
+ log.Info("TESTING... skip handleClusterNotInitialized and push cluster for join")
+
+ if !annotations.IsTakeOverCluster(cluster.GetObjectMeta()) && !conditions.IsTrue(cluster, clusterv1.ControlPlaneInitializedCondition) {
  return r.handleClusterNotInitialized(ctx, scope)
  }
 
@@ -296,10 +301,12 @@ func (r *KubeadmConfigReconciler) Reconcile(ctx context.Context, req ctrl.Reques
 
  // it's a control plane join
  if configOwner.IsControlPlaneMachine() {
+ log.Info("TESTING.... joinControlplane")
  return r.joinControlplane(ctx, scope)
  }
 
  // It's a worker join
+ log.Info("TESTING.... It's a worker join")
  return r.joinWorker(ctx, scope)
 }
 
@@ -520,8 +527,12 @@ func (r *KubeadmConfigReconciler) handleClusterNotInitialized(ctx context.Contex
 }
 
 func (r *KubeadmConfigReconciler) joinWorker(ctx context.Context, scope *Scope) (ctrl.Result, error) {
+
  scope.Info("Creating BootstrapData for the worker node")
 
+ scope.Info("TESTING.... joinWorker")
+ log.Println("TESTING.... joinWorker")
+
  certificates := secret.NewCertificatesForWorker(scope.Config.Spec.JoinConfiguration.CACertPath)
  err := certificates.Lookup(
  ctx,

controlplane/kubeadm/api/v1beta1/kubeadm_control_plane_webhook.go

@@ -110,25 +110,23 @@ func (in *KubeadmControlPlane) ValidateCreate() error {
 }
 
 const (
- spec = "spec"
- kubeadmConfigSpec = "kubeadmConfigSpec"
- clusterConfiguration = "clusterConfiguration"
- initConfiguration = "initConfiguration"
- joinConfiguration = "joinConfiguration"
- nodeRegistration = "nodeRegistration"
- skipPhases = "skipPhases"
- patches = "patches"
- directory = "directory"
- preKubeadmCommands = "preKubeadmCommands"
- postKubeadmCommands = "postKubeadmCommands"
- files = "files"
- users = "users"
- apiServer = "apiServer"
- controllerManager = "controllerManager"
- scheduler = "scheduler"
- ntp = "ntp"
- ignition = "ignition"
- diskSetup = "diskSetup"
+ spec = "spec"
+ kubeadmConfigSpec = "kubeadmConfigSpec"
+ // clusterConfiguration = "clusterConfiguration"
+ // initConfiguration = "initConfiguration"
+ // joinConfiguration = "joinConfiguration"
+ // nodeRegistration = "nodeRegistration"
+ // patches = "patches"
+ // directory = "directory"
+ // preKubeadmCommands = "preKubeadmCommands"
+ // postKubeadmCommands = "postKubeadmCommands"
+ // files = "files"
+ // users = "users"
+ // apiServer = "apiServer"
+ // controllerManager = "controllerManager"
+ // scheduler = "scheduler"
+ // ntp = "ntp"
+ // ignition = "ignition"
 )
 
 const minimumCertificatesExpiryDays = 7
@@ -139,26 +137,26 @@ func (in *KubeadmControlPlane) ValidateUpdate(old runtime.Object) error {
  // For example, {"spec", "*"} will allow any path under "spec" to change.
  allowedPaths := [][]string{
  {"metadata", "*"},
- //{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "imageRepository"},
- //{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "imageTag"},
- //{spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "extraArgs", "*"},
- //{spec, kubeadmConfigSpec, clusterConfiguration, "dns", "imageRepository"},
- //{spec, kubeadmConfigSpec, clusterConfiguration, "dns", "imageTag"},
- //{spec, kubeadmConfigSpec, clusterConfiguration, "imageRepository"},
- //{spec, kubeadmConfigSpec, clusterConfiguration, apiServer, "*"},
- //{spec, kubeadmConfigSpec, clusterConfiguration, controllerManager, "*"},
- //{spec, kubeadmConfigSpec, clusterConfiguration, scheduler, "*"},
- //{spec, kubeadmConfigSpec, initConfiguration, nodeRegistration, "*"},
- //{spec, kubeadmConfigSpec, initConfiguration, patches, directory},
- //{spec, kubeadmConfigSpec, joinConfiguration, nodeRegistration, "*"},
- //{spec, kubeadmConfigSpec, joinConfiguration, patches, directory},
- //{spec, kubeadmConfigSpec, preKubeadmCommands},
- //{spec, kubeadmConfigSpec, postKubeadmCommands},
- //{spec, kubeadmConfigSpec, files},
- //{spec, kubeadmConfigSpec, "verbosity"},
- //{spec, kubeadmConfigSpec, users},
- //{spec, kubeadmConfigSpec, ntp, "*"},
- //{spec, kubeadmConfigSpec, ignition, "*"},
+ // {spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "imageRepository"},
+ // {spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "imageTag"},
+ // {spec, kubeadmConfigSpec, clusterConfiguration, "etcd", "local", "extraArgs", "*"},
+ // {spec, kubeadmConfigSpec, clusterConfiguration, "dns", "imageRepository"},
+ // {spec, kubeadmConfigSpec, clusterConfiguration, "dns", "imageTag"},
+ // {spec, kubeadmConfigSpec, clusterConfiguration, "imageRepository"},
+ // {spec, kubeadmConfigSpec, clusterConfiguration, apiServer, "*"},
+ // {spec, kubeadmConfigSpec, clusterConfiguration, controllerManager, "*"},
+ // {spec, kubeadmConfigSpec, clusterConfiguration, scheduler, "*"},
+ // {spec, kubeadmConfigSpec, initConfiguration, nodeRegistration, "*"},
+ // {spec, kubeadmConfigSpec, initConfiguration, patches, directory},
+ // {spec, kubeadmConfigSpec, joinConfiguration, nodeRegistration, "*"},
+ // {spec, kubeadmConfigSpec, joinConfiguration, patches, directory},
+ // {spec, kubeadmConfigSpec, preKubeadmCommands},
+ // {spec, kubeadmConfigSpec, postKubeadmCommands},
+ // {spec, kubeadmConfigSpec, files},
+ // {spec, kubeadmConfigSpec, "verbosity"},
+ // {spec, kubeadmConfigSpec, users},
+ // {spec, kubeadmConfigSpec, ntp, "*"},
+ // {spec, kubeadmConfigSpec, ignition, "*"},
  // allow all fields to be modified
  {spec, kubeadmConfigSpec, "*"},
  {spec, "machineTemplate", "metadata", "*"},

controlplane/kubeadm/internal/controllers/controller.go

@@ -394,12 +394,19 @@ func (r *KubeadmControlPlaneReconciler) reconcile(ctx context.Context, cluster *
  switch {
  // We are creating the first replica
  case numMachines < desiredReplicas && numMachines == 0:
+
+ if annotations.IsTakeOverCluster(controlPlane.Cluster.GetObjectMeta()) {
+ // Create a new Machine w/ join
+ log.Info("Scaling up control plane", "Desired", desiredReplicas, "Existing", numMachines)
+ return r.scaleUpControlPlane(ctx, cluster, kcp, controlPlane)
+ }
+
  // Create new Machine w/ init
  log.Info("Initializing control plane", "Desired", desiredReplicas, "Existing", numMachines)
  conditions.MarkFalse(controlPlane.KCP, controlplanev1.AvailableCondition, controlplanev1.WaitingForKubeadmInitReason, clusterv1.ConditionSeverityInfo, "")
  return r.initializeControlPlane(ctx, cluster, kcp, controlPlane)
  // We are scaling up
- case numMachines < desiredReplicas && numMachines > 0:
+ case numMachines < desiredReplicas && numMachines >= 0:
  // Create a new Machine w/ join
  log.Info("Scaling up control plane", "Desired", desiredReplicas, "Existing", numMachines)
  return r.scaleUpControlPlane(ctx, cluster, kcp, controlPlane)
@@ -568,7 +575,7 @@ func (r *KubeadmControlPlaneReconciler) reconcileEtcdMembers(ctx context.Context
  log := ctrl.LoggerFrom(ctx)
 
  // If etcd is not managed by KCP this is a no-op.
- if !controlPlane.IsEtcdManaged() {
+ if annotations.IsTakeOverCluster(controlPlane.Cluster.GetObjectMeta()) || !controlPlane.IsEtcdManaged() {
  return ctrl.Result{}, nil
  }
 

controlplane/kubeadm/internal/controllers/helpers.go

@@ -74,8 +74,12 @@ func (r *KubeadmControlPlaneReconciler) reconcileKubeconfig(ctx context.Context,
  return ctrl.Result{}, errors.Wrap(err, "failed to retrieve kubeconfig Secret")
  }
 
- if err := r.adoptKubeconfigSecret(ctx, cluster, configSecret, kcp); err != nil {
- return ctrl.Result{}, err
+ // check if the kubeconfig secret was created by v1alpha2 controllers, and thus it has the Cluster as the owner instead of KCP;
+ // if yes, adopt it.
+ if util.IsOwnedByObject(configSecret, cluster) && !util.IsControlledBy(configSecret, kcp) {
+ if err := r.adoptKubeconfigSecret(ctx, cluster, configSecret, kcp); err != nil {
+ return ctrl.Result{}, err
+ }
  }
 
  // only do rotation on owned secrets

hack/tools/go.mod

@@ -7,14 +7,14 @@ replace sigs.k8s.io/cluster-api => ../../
 replace sigs.k8s.io/cluster-api/test => ../../test
 
 require (
- cloud.google.com/go/storage v1.22.1
+ cloud.google.com/go/storage v1.30.1
  github.com/blang/semver v3.5.1+incompatible
  github.com/hashicorp/go-multierror v1.1.1
  github.com/pkg/errors v0.9.1
  github.com/spf13/pflag v1.0.5
  github.com/valyala/fastjson v1.6.3
- golang.org/x/tools v0.1.12
- google.golang.org/api v0.84.0
+ golang.org/x/tools v0.6.0
+ google.golang.org/api v0.126.0
  helm.sh/helm/v3 v3.9.4
  k8s.io/api v0.25.0
  k8s.io/apiextensions-apiserver v0.25.0
@@ -33,9 +33,9 @@ require (
 )
 
 require (
- cloud.google.com/go v0.102.0 // indirect
- cloud.google.com/go/compute v1.7.0 // indirect
- cloud.google.com/go/iam v0.3.0 // indirect
+ cloud.google.com/go v0.110.4 // indirect
+ cloud.google.com/go/compute v1.21.0 // indirect
+ cloud.google.com/go/iam v1.1.1 // indirect
  github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
  github.com/MakeNowJust/heredoc v1.0.0 // indirect
  github.com/Masterminds/goutils v1.1.1 // indirect
@@ -46,7 +46,7 @@ require (
  github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect
  github.com/beorn7/perks v1.0.1 // indirect
  github.com/blang/semver/v4 v4.0.0 // indirect
- github.com/cespare/xxhash/v2 v2.1.2 // indirect
+ github.com/cespare/xxhash/v2 v2.2.0 // indirect
  github.com/containerd/containerd v1.6.6 // indirect
  github.com/davecgh/go-spew v1.1.1 // indirect
  github.com/docker/cli v20.10.17+incompatible // indirect
@@ -69,7 +69,7 @@ require (
  github.com/gobuffalo/flect v0.3.0 // indirect
  github.com/gogo/protobuf v1.3.2 // indirect
  github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
- github.com/golang/protobuf v1.5.2 // indirect
+ github.com/golang/protobuf v1.5.3 // indirect
  github.com/google/btree v1.0.1 // indirect
  github.com/google/cel-go v0.12.4 // indirect
  github.com/google/gnostic v0.6.9 // indirect
@@ -79,8 +79,8 @@ require (
  github.com/google/gofuzz v1.2.0 // indirect
  github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
  github.com/google/uuid v1.3.0 // indirect
- github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa // indirect
- github.com/googleapis/gax-go/v2 v2.4.0 // indirect
+ github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
+ github.com/googleapis/gax-go/v2 v2.11.0 // indirect
  github.com/googleapis/go-type-adapters v1.0.0 // indirect
  github.com/gorilla/mux v1.8.0 // indirect
  github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect
@@ -126,23 +126,23 @@ require (
  github.com/stoewer/go-strcase v1.2.0 // indirect
  github.com/subosito/gotenv v1.4.1 // indirect
  github.com/xlab/treeprint v1.1.0 // indirect
- go.opencensus.io v0.23.0 // indirect
+ go.opencensus.io v0.24.0 // indirect
  go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect
- golang.org/x/crypto v0.3.0 // indirect
- golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect
- golang.org/x/net v0.7.0 // indirect
- golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1 // indirect
- golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect
- golang.org/x/sys v0.5.0 // indirect
- golang.org/x/term v0.5.0 // indirect
- golang.org/x/text v0.7.0 // indirect
+ golang.org/x/crypto v0.14.0 // indirect
+ golang.org/x/mod v0.8.0 // indirect
+ golang.org/x/net v0.17.0 // indirect
+ golang.org/x/oauth2 v0.10.0 // indirect
+ golang.org/x/sync v0.3.0 // indirect
+ golang.org/x/sys v0.13.0 // indirect
+ golang.org/x/term v0.13.0 // indirect
+ golang.org/x/text v0.13.0 // indirect
  golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 // indirect
- golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f // indirect
+ golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
  gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
  google.golang.org/appengine v1.6.7 // indirect
- google.golang.org/genproto v0.0.0-20220616135557-88e70c0c3a90 // indirect
- google.golang.org/grpc v1.47.0 // indirect
- google.golang.org/protobuf v1.28.1 // indirect
+ google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 // indirect
+ google.golang.org/grpc v1.58.3 // indirect
+ google.golang.org/protobuf v1.31.0 // indirect
  gopkg.in/inf.v0 v0.9.1 // indirect
  gopkg.in/ini.v1 v1.67.0 // indirect
  gopkg.in/yaml.v2 v2.4.0 // indirect