diff --git a/config/crd/bases/airship.airshipit.org_vinoes.yaml b/config/crd/bases/airship.airshipit.org_vinoes.yaml new file mode 100644 index 0000000..2446c5e --- /dev/null +++ b/config/crd/bases/airship.airshipit.org_vinoes.yaml @@ -0,0 +1,56 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.5 + creationTimestamp: null + name: vinoes.airship.airshipit.org +spec: + group: airship.airshipit.org + names: + kind: Vino + listKind: VinoList + plural: vinoes + singular: vino + scope: Namespaced + validation: + openAPIV3Schema: + description: Vino is the Schema for the vinoes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VinoSpec defines the desired state of Vino + properties: + foo: + description: Foo is an example field of Vino. Edit Vino_types.go to + remove/update + type: string + type: object + status: + description: VinoStatus defines the observed state of Vino + type: object + type: object + version: v1 + versions: + - name: v1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml new file mode 100644 index 0000000..703d82d --- /dev/null +++ b/config/crd/kustomization.yaml @@ -0,0 +1,21 @@ +# This kustomization.yaml is not intended to be run by itself, +# since it depends on service name and namespace that are out of this kustomize package. +# It should be run by config/default +resources: +- bases/airship.airshipit.org_vinoes.yaml +# +kubebuilder:scaffold:crdkustomizeresource + +patchesStrategicMerge: +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. +# patches here are for enabling the conversion webhook for each CRD +#- patches/webhook_in_vinoes.yaml +# +kubebuilder:scaffold:crdkustomizewebhookpatch + +# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. +# patches here are for enabling the CA injection for each CRD +#- patches/cainjection_in_vinoes.yaml +# +kubebuilder:scaffold:crdkustomizecainjectionpatch + +# the following config is for teaching kustomize how to do kustomization for CRDs. +configurations: +- kustomizeconfig.yaml diff --git a/config/crd/kustomizeconfig.yaml b/config/crd/kustomizeconfig.yaml new file mode 100644 index 0000000..6f83d9a --- /dev/null +++ b/config/crd/kustomizeconfig.yaml @@ -0,0 +1,17 @@ +# This file is for teaching kustomize how to substitute name and namespace reference in CRD +nameReference: +- kind: Service + version: v1 + fieldSpecs: + - kind: CustomResourceDefinition + group: apiextensions.k8s.io + path: spec/conversion/webhookClientConfig/service/name + +namespace: +- kind: CustomResourceDefinition + group: apiextensions.k8s.io + path: spec/conversion/webhookClientConfig/service/namespace + create: false + +varReference: +- path: metadata/annotations diff --git a/config/crd/patches/cainjection_in_vinoes.yaml b/config/crd/patches/cainjection_in_vinoes.yaml new file mode 100644 index 0000000..a38be7b --- /dev/null +++ b/config/crd/patches/cainjection_in_vinoes.yaml @@ -0,0 +1,8 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +# CRD conversion requires k8s 1.13 or later. +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: vinoes.airship.airshipit.org diff --git a/config/crd/patches/webhook_in_vinoes.yaml b/config/crd/patches/webhook_in_vinoes.yaml new file mode 100644 index 0000000..3659338 --- /dev/null +++ b/config/crd/patches/webhook_in_vinoes.yaml @@ -0,0 +1,17 @@ +# The following patch enables conversion webhook for CRD +# CRD conversion requires k8s 1.13 or later. +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: vinoes.airship.airshipit.org +spec: + conversion: + strategy: Webhook + webhookClientConfig: + # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, + # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) + caBundle: Cg== + service: + namespace: system + name: webhook-service + path: /convert diff --git a/config/samples/vino_cr.yaml b/config/samples/vino_cr.yaml new file mode 100644 index 0000000..9300b6b --- /dev/null +++ b/config/samples/vino_cr.yaml @@ -0,0 +1,109 @@ +apiVersion: airship.airshipit.org/v1 +kind: Vino +metadata: + name: vino + # labels: ... +spec: + nodeLabels: + node-type: worker + configuration: + cpuExclude: 0-4,54-60 + redfishCredentialSecret: + name: redfishSecret +networks: + - name: management + subnet: 192.168.2.0/20 + allocationStart: 192.168.2.10 + allocationStop: 192.168.2.14 # docs should specify that the range should = number of vms (to permit future expansion over multiple vino crs etc) + routes: + - to: 10.0.0.0/24 + via: $vino.nodebridgegw # vino will need to populate this from the nodelabel value `airshipit.org/vino.nodebridgegw` + dns_servers: ["135.188.34.124"] + - name: mobility-gn + subnet: 169.0.0.0/24 + routes: + - to: 0.0.0.0/0 + via: 169.0.0.1 + allocationStart: 169.0.0.10 + allocationStop: 169.0.0.254 +nodes: + - name: master + labels: + - vm-flavor: master + count: 1 + libvirtTemplateDefinition: + name: configmapfoothatsjinjaforworkers + namespace: foo + # actions the pod needs to take outside of applying the domain xml to libvirt: + networkInterfaces: + # vm bridge management link + - name: management + type: bridge + network: management + mtu: 1500 + options: + bridgeName: vminfra-bridge + # bonded calico link + - name: mobility-gn + type: sriov-bond + network: mobility-gn + mtu: 9100 + options: + # this is an 'open-ended' set of k/v pairs, validation is perfomed by vino rather than crd schema. + pf: [enp29s0f0,enp219s1f1] + vlan: 100 + bond_mode: 802.3ad + bond_xmit_hash_policy: layer3+4 + bond_miimon: 100 + # standard non-bonded sriov-link + - name: mobility-foobar + type: sriov + network: mobility-foobar + mtu: 9100 + options: + pf: enp29s0f0 + vlan: 200 + diskDrives: + - name: root + type: qcow2 + path: /home/foobar/qemu.img + options: + sizeGb: 300 + sparse: true + - name: worker-standard + labels: + - vm-flavor: worker-standard + count: 4 + libvirtTemplateDefinition: + name: configmapfoothatsjinjaforworkers + namespace: foo + networkInterfaces: + - name: management + type: bridge + network: management + bridgeName: vminfra-bridge + - name: mobility-gn + type: sriov + network: mobility-gn + pf: enp2s0f0 + vlan: 100 +# ... +# ... +status: + global: + libvirt: complete|failed + sushy?: complete|failed + domains: complete|failed + bmh: complete|failed + lastUpdated: + nodes: + - node1: + hypervisor: + state: complete|failed + lastUpdated: + domains: + state: complete|failed + lastUpdated: + bmh: + state: complete|failed + lastUpdated: