Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PLT-225] Feature/plt 225 crossplane integration #580

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

[PLT-225] Feature/plt 225 crossplane integration #580

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
fd8c276
wip
lreciomelero Jul 5, 2024
c802aa7
install Crossplane online ok
lreciomelero Jul 8, 2024
e15cfc0
Added Crossplane resource files and templates for aws hosted zones
lreciomelero Jul 18, 2024
ea86cf8
Generated a custom user and policy for crossplane in workload cluster
lreciomelero Jul 31, 2024
792fb9c
wip external-dns
lreciomelero Aug 14, 2024
44002ed
refactoring crossplane ingration over aws not managed
lreciomelero Aug 16, 2024
46fc7a8
refactoring crossplane ingration over aws not managed
lreciomelero Aug 16, 2024
8fd79cb
Added prerrequisites aws not managed compliance with crossplane
lreciomelero Aug 21, 2024
ddb15e3
removed useful file
lreciomelero Aug 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 24 additions & 14 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,9 @@ require (
golang.org/x/term v0.17.0
google.golang.org/api v0.149.0
gopkg.in/yaml.v3 v3.0.1
k8s.io/api v0.26.3 // indirect
k8s.io/apimachinery v0.26.3
k8s.io/client-go v0.26.1
sigs.k8s.io/yaml v1.4.0
)

Expand All @@ -39,49 +42,56 @@ require (
)

require (
github.com/checkpoint-restore/go-criu/v5 v5.3.0 // indirect
github.com/cilium/ebpf v0.7.0 // indirect
github.com/containerd/console v1.0.3 // indirect
github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect
github.com/containers/ocicrypt v1.1.9 // indirect
github.com/containers/storage v1.51.0 // indirect
github.com/coreos/go-systemd/v22 v22.5.0 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/distribution/reference v0.5.0 // indirect
github.com/docker/distribution v2.8.3+incompatible // indirect
github.com/docker/docker v24.0.7+incompatible // indirect
github.com/docker/docker-credential-helpers v0.8.0 // indirect
github.com/docker/go-connections v0.4.0 // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/godbus/dbus/v5 v5.1.0 // indirect
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
github.com/go-logr/logr v1.3.0 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.4 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
github.com/google/gnostic v0.5.7-v3refs // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/google/gofuzz v1.1.0 // indirect
github.com/google/s2a-go v0.1.7 // indirect
github.com/gorilla/mux v1.8.0 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/imdario/mergo v0.3.6 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/klauspost/compress v1.17.3 // indirect
github.com/klauspost/pgzip v1.2.6 // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/moby/sys/mountinfo v0.7.1 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/mrunalp/fileutils v0.5.1 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.0-rc5 // indirect
github.com/opencontainers/runc v1.1.12 // indirect
github.com/opencontainers/runtime-spec v1.1.0 // indirect
github.com/opencontainers/selinux v1.11.0 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/seccomp/libseccomp-golang v0.10.0 // indirect
github.com/sirupsen/logrus v1.9.3 // indirect
github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect
github.com/ulikunitz/xz v0.5.11 // indirect
github.com/urfave/cli v1.22.12 // indirect
github.com/vbatts/tar-split v0.11.5 // indirect
github.com/vishvananda/netlink v1.2.1-beta.2 // indirect
github.com/vishvananda/netns v0.0.4 // indirect
golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
k8s.io/klog/v2 v2.80.1 // indirect
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
k8s.io/utils v0.0.0-20221107191617-1a15be271d1d // indirect
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
)

require (
Expand Down
142 changes: 89 additions & 53 deletions go.sum
View file
Open in desktop

Large diffs are not rendered by default.

180 changes: 171 additions & 9 deletions pkg/cluster/internal/create/actions/createworker/aws.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,14 @@ import (
"strconv"
"strings"

"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/ec2"
"github.com/aws/aws-sdk-go-v2/service/ec2/types"
"github.com/aws/aws-sdk-go-v2/service/ecr"
"gopkg.in/yaml.v3"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/tools/clientcmd"
"sigs.k8s.io/kind/pkg/cluster/nodes"
"sigs.k8s.io/kind/pkg/commons"
"sigs.k8s.io/kind/pkg/errors"
Expand All @@ -39,22 +44,38 @@ var awsInternalIngress []byte
//go:embed files/aws/public-ingress-nginx.yaml
var awsPublicIngress []byte

//go:embed files/aws/compositeresourcedefinition-hostedzones-aws.yaml
var awsCRDHostedZones []byte

type AWSBuilder struct {
capxProvider string
capxVersion string
capxImageVersion string
capxManaged bool
capxName string
capxEnvVars []string
scParameters commons.SCParameters
scProvisioner string
csiNamespace string
capxProvider string
capxVersion string
capxImageVersion string
capxManaged bool
capxName string
capxEnvVars []string
scParameters commons.SCParameters
scProvisioner string
csiNamespace string
crossplaneProviders []string
crossplaneProvidersVersion string
}

func newAWSBuilder() *AWSBuilder {
return &AWSBuilder{}
}

type CrossplaneAwsParams struct {
Region string
VPCId string
ClusterName string
ExternalDomain string
CreateCredentials bool
Addon string
}

var crossplaneAwsAddons = []string{"external-dns"}

func (b *AWSBuilder) setCapx(managed bool) {
b.capxProvider = "aws"
b.capxVersion = "v2.2.1"
Expand Down Expand Up @@ -100,6 +121,27 @@ func (b *AWSBuilder) setSC(p ProviderParams) {
}
}

func (b *AWSBuilder) setCrossplaneProviders(addons []string) {

b.crossplaneProviders = []string{
"provider-family-aws",
}

for _, addon := range addons {
switch addon {
case "external-dns":
b.crossplaneProviders = append(b.crossplaneProviders, "provider-aws-route53")
b.crossplaneProviders = append(b.crossplaneProviders, "provider-aws-iam")
}
}
b.crossplaneProvidersVersion = "v1.8.0"
}

func (b *AWSBuilder) GetCrossplaneProviders(addons []string) ([]string, string) {
b.setCrossplaneProviders(addons)
return b.crossplaneProviders, b.crossplaneProvidersVersion
}

func (b *AWSBuilder) getProvider() Provider {
return Provider{
capxProvider: b.capxProvider,
Expand Down Expand Up @@ -370,3 +412,123 @@ func (b *AWSBuilder) postInstallPhase(n nodes.Node, k string) error {

return nil
}

func (b *AWSBuilder) getCrossplaneProviderConfigContent(credentials map[string]*map[string]string, addon string, clusterName string, kubeconfigString string) (string, bool, error) {
credentialsFound := true
addonCredentials := credentials[addon]
if isEmptyCredsMap(*addonCredentials) {
credentialsFound = false
addonCredentials = credentials["crossplane"]
}
awsCredentials := "[default]\naws_access_key_id = " + (*addonCredentials)["AccessKey"] + "\naws_secret_access_key = " + (*addonCredentials)["SecretKey"] + "\n"
return awsCredentials, credentialsFound, nil
}

func (b *AWSBuilder) getAddons(clusterManaged bool, addonsParams map[string]*bool) []string {
var addons []string
switch clusterManaged {
case true:
return addons
case false:
for _, addon := range crossplaneAwsAddons {
enabled := addonsParams[addon]
if (enabled != nil && *enabled) || enabled == nil {
addons = append(addons, addon)
}
}
}

return addons
}

func (b *AWSBuilder) getCrossplaneCRManifests(keosCluster commons.KeosCluster, credentials map[string]string, workloadClusterInstallation bool, credentialsFound bool, addon string) ([]string, map[string]string, error) {
var manifests = []string{}
compositionsToWait := make(map[string]string)
params := CrossplaneAwsParams{
Region: keosCluster.Spec.Region,
ClusterName: keosCluster.Metadata.Name,
ExternalDomain: keosCluster.Spec.ExternalDomain,
CreateCredentials: !credentialsFound,
Addon: addon,
}

switch addon {
case "external-dns":
vpcId := keosCluster.Spec.Networks.VPCID
if vpcId == "" {
var ctx = context.TODO()
cfg, err := commons.AWSGetConfig(ctx, credentials, keosCluster.Spec.Region)
if err != nil {
return nil, nil, err
}
vpcs, _ := getAWSVPCByName(cfg, keosCluster.Metadata.Name+"-vpc")
if len(vpcs) == 0 {
return nil, nil, errors.New("Cannot create Crossplane Resources: No VPCs found")
}
if len(vpcs) > 1 {
return nil, nil, errors.New("Cannot create Crossplane Resources: More than one VPC found")
}
vpcId = vpcs[0]

}

params.VPCId = vpcId
manifests = append(manifests, string(awsCRDHostedZones))
compositionsToWait["xZonesConfig"] = keosCluster.Metadata.Name + "-zones-config"
compositionHostedZones, err := getManifest("aws", "composition-hostedzones-aws.tmpl", params)
if err != nil {
return nil, nil, err
}
manifests = append(manifests, compositionHostedZones)
hostedZone, err := getManifest("aws", "hostedzone.aws.tmpl", params)
if err != nil {
return nil, nil, err
}
manifests = append(manifests, hostedZone)
}

return manifests, compositionsToWait, nil
}

func getAWSVPCByName(config aws.Config, vpcName string) ([]string, error) {
vpcs := []string{}

client := ec2.NewFromConfig(config)
DescribeVpcOpts := &ec2.DescribeVpcsInput{Filters: []types.Filter{
{
Name: aws.String("tag:Name"),
Values: []string{vpcName},
},
}}
output, err := client.DescribeVpcs(context.Background(), DescribeVpcOpts)
if err != nil {
return []string{}, err
}
for _, vpc := range output.Vpcs {
vpcs = append(vpcs, *vpc.VpcId)
}
return vpcs, nil
}

func getExternalDNSCreds(clusterName string, kubeconfigString string) (map[string]string, error) {

config, err := clientcmd.RESTConfigFromKubeConfig([]byte(kubeconfigString))
if err != nil {
panic(err.Error())
}
clientset, err := kubernetes.NewForConfig(config)
if err != nil {
panic(err.Error())
}
secret, err := clientset.CoreV1().Secrets("crossplane-system").Get(context.TODO(), clusterName+"-external-dns-accesskey-secret", metav1.GetOptions{})
if err != nil {
return nil, errors.Wrap(err, "failed to get external-dns credentials secret")
}
accessKey := string(secret.Data["username"])
secretKey := string(secret.Data["password"])
externalDnsCredsMap := map[string]string{
"AccessKey": accessKey,
"SecretKey": secretKey,
}
return externalDnsCredsMap, nil
}
53 changes: 44 additions & 9 deletions pkg/cluster/internal/create/actions/createworker/azure.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,17 +42,21 @@ var azureStorageClasses string
var azureInternalIngress []byte

type AzureBuilder struct {
capxProvider string
capxVersion string
capxImageVersion string
capxManaged bool
capxName string
capxEnvVars []string
scParameters commons.SCParameters
scProvisioner string
csiNamespace string
capxProvider string
capxVersion string
capxImageVersion string
capxManaged bool
capxName string
capxEnvVars []string
scParameters commons.SCParameters
scProvisioner string
csiNamespace string
crossplaneProviders []string
crossplaneProvidersVersion string
}

var crossplaneAzureAddons = []string{"external-dns"}

func newAzureBuilder() *AzureBuilder {
return &AzureBuilder{}
}
Expand Down Expand Up @@ -359,3 +363,34 @@ func (b *AzureBuilder) postInstallPhase(n nodes.Node, k string) error {
}
return nil
}

func (b *AzureBuilder) getCrossplaneProviderConfigContent(credentials map[string]*map[string]string, addon string, clusterName string, kubeconfigString string) (string, bool, error) {
return "", false, nil
}

func (b *AzureBuilder) getAddons(clusterManaged bool, addonsParams map[string]*bool) []string {
var addons []string
switch clusterManaged {
case true:
return addons
case false:
return addons
}

return addons
}

func (b *AzureBuilder) getCrossplaneCRManifests(keosCluster commons.KeosCluster, credentials map[string]string, workloadClusterInstallation bool, credentialsFound bool, addon string) ([]string, map[string]string, error) {
return []string{}, nil, nil
}

func (b *AzureBuilder) setCrossplaneProviders(addons []string) {

b.crossplaneProviders = []string{}
b.crossplaneProvidersVersion = ""
}

func (b *AzureBuilder) GetCrossplaneProviders(addons []string) ([]string, string) {
b.setCrossplaneProviders(addons)
return b.crossplaneProviders, b.crossplaneProvidersVersion
}
Loading