Merge pull request #78 from openinfradev/TACODEV-909_bugfix

TACODEV-909: integrate postjobs, update version and so on

cluster-api-aws/.helmignore

@@ -21,6 +21,7 @@
 .idea/
 *.tmproj
 .vscode/
+README.md
 artifacts/Dockerfile
 artifacts/helm
 artifacts/gh

cluster-api-aws/Chart.yaml

@@ -4,6 +4,6 @@ description: A chart to install Kubernetes cluster using Cluster API Provider AW
 
 type: application
 
-version: 0.3.1
+version: 0.3.2
 
 appVersion: "0.0.1"

cluster-api-aws/README.md

@@ -0,0 +1,35 @@
+# cluster-api-aws
+This chart creates a kubernetes resource for the Cluster API for AWS (CAPA).
+Since CAPA implementation is not a fully supported specification, this chart also includes several workaround tasks.
+There are also some useful features, such as cluster registration of argocd servers.
+
+## Resouce List
+- AWSCluster
+- AWSMachineTemplate
+- Cluster
+- ConfigMap
+- Job
+- Job-post
+- KubeadmControlPlane
+- RoleBinding
+- Role
+- ServiceAccount
+
+## Job List
+- CheckJob: Wait until kubconfig of the new cluster is created.
+- PostJob: Depend on the configured value, create machine pools, set labels, and register to the argocd server.
+
+## Configuration
+
+|Parameter|Description|Default|
+|---|---|---|
+|sshKeyName|sshkey to use to access the VMs|default|
+|cluster.name|cluster name|capi-quickstart|
+|cluster.region|cluster region|ap-northeast-2|
+|cluster.kubernetesVersion|kubernetes version|v1.18.16|
+|cluster.bastion.enabled|whether or not to use bastion for the cluster|false|
+|kubeadmControlPlane.replicas|the number of masters|3|
+|machinePool|define machinepools as a worker node, see annoations in the value file|[]|
+|machineDeployment.enabled|whether or not to use a machine deployment|false|
+|job.taconode.enabled|whether or not to initialize nodes for taco|false|
+|job.argo.enabled|whether or not to register to the argocd server|false|

cluster-api-aws/artifacts/Dockerfile

@@ -2,12 +2,16 @@ FROM python
 
 ADD https://dl.k8s.io/release/v1.22.0/bin/linux/amd64/kubectl /usr/local/bin/kubectl
 ADD https://github.com/argoproj/argo-cd/releases/download/v2.1.1/argocd-linux-amd64 /usr/local/bin/argocd 
+ADD https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 /get_helm.sh
+ADD https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 /usr/local/bin/jq
 
 COPY requirements.txt requirements.txt
 COPY generate_machine_pool.py /usr/local/bin/generate_machine_pool.py
 COPY gh /usr/local/bin/gh
 
 RUN pip3 install -r requirements.txt
-RUN chmod +x /usr/local/bin/argocd /usr/local/bin/generate_machine_pool.py /usr/local/bin/kubectl /usr/local/bin/gh
+RUN chmod +x /get_helm.sh
+RUN /get_helm.sh
+RUN chmod +x /usr/local/bin/argocd /usr/local/bin/generate_machine_pool.py /usr/local/bin/kubectl /usr/local/bin/gh /usr/local/bin/jq
 
 ENTRYPOINT [ "/usr/local/bin/generate_machine_pool.py" ]

cluster-api-aws/artifacts/argo-register.sh

@@ -2,7 +2,7 @@
 set -ex
 
 yes | argocd login --insecure $ARGO_SERVER --username $ARGO_USERNAME --password $ARGO_PASSWORD
-mkdir ~/.kube
+mkdir -p ~/.kube
 KUBECONFIG="/kube.config" kubectl config view --merge --flatten > ~/.kube/config
 CONTEXT_NAME=$(kubectl --kubeconfig=/kube.config config view -o jsonpath='{.current-context}')
 
@@ -15,6 +15,5 @@ done
 if [ $(argocd cluster list | grep \ $1\ | wc -l ) == 0 ]; then
     argocd cluster add $CONTEXT_NAME --name $1 --upsert
 else
-    echo "FATAL error: $1 is already registered on argo-cd server"
-    exit 1
+    echo "Warning: $1 is already registered on argo-cd server. If unintended, it may occure woring operations."
 fi

cluster-api-aws/artifacts/wait_and_k8s_init.sh

@@ -1,30 +1,40 @@
 #!/bin/bash
 set -ex
 
-# echo "> Wait for awsmachinepoool $1-$2-mp-0 generated"
-# while [ $(kubectl get awsmachinepool -n $3  $1-$2-mp-0 --ignore-not-found | wc -l) == 0 ]
-# do
-#   echo "> Wait for awsmachinepools deployed (20s)"
-#   sleep 20
-# done
-# kubectl wait awsmachinepool -n $3  $1-$2-mp-0 --for condition=Ready=true --timeout=600s
+# if taconode is set
+if [ $4 = 'true' ]; then
+  echo "> Wait for machinepoool $1-$2-mp-0 generated"
+  while [ $(kubectl get machinepool -n $3 $1-$2-mp-0 --ignore-not-found | wc -l) == 0 ]
+  do
+    echo "> Wait for machinepools deployed (60s)"
+    sleep 60
+  done
 
-echo "> Wait for machinepoool $1-$2-mp-0 generated"
-while [ $(kubectl get machinepool -n $3 $1-$2-mp-0 --ignore-not-found | wc -l) == 0 ]
-do
-  echo "> Wait for machinepools deployed (30s)"
-  sleep 30
-done
+  replicas=$( kubectl get machinepool -n $3 $1-$2-mp-0  -o jsonpath='{.spec.replicas}' )
+  while [ $(kubectl get machinepool -n $3 $1-$2-mp-0 -o=jsonpath='{.status.nodeRefs}'|jq|grep uid|wc -l) != $replicas ]
+  do
+    echo "> Wait for instance is ready (20s)"
+    sleep 20
+  done
 
-TACO_MP_REPLICAS=$(kubectl get mp -n $3 $1-$2-mp-0 -o=jsonpath='{.spec.replicas}')
+  for node in $(kubectl get machinepool -n $3 $1-$2-mp-0 -o=jsonpath='{.status.nodeRefs}'|jq | grep '"name":'| awk -F \" '{print $4}')
+  do
+    kubectl --kubeconfig=/kube.config label node $node taco-lma=enabled taco-ingress-gateway=enabled taco-egress-gateway=enabled servicemesh=enabled --overwrite
+  done
 
-while [ $(kubectl get machinepool -n $3 $1-$2-mp-0 -o=jsonpath='{.status.nodeRefs}' | wc -c) != $TACO_MP_REPLICAS ]
-do
-  echo "> Wait for instance is ready (20s)"
-  sleep 20
-done
+  cat <<EOF >/taco-system.yaml
+apiVersion: v1
+kind: Namespace
+metadata:
+  labels:
+    name: taco-system
+  name: taco-system
+EOF
 
-./node_label.py $1 $2 $3
+  kubectl --kubeconfig=/kube.config apply -f /taco-system.yaml
+fi
 
-kubectl --kubeconfig=/kube.config create ns taco-system
-kubectl --kubeconfig=/kube.config label ns taco-system name=taco-system
+# if argo-registeration is set
+if [ $5 = 'true' ]; then 
+  /argo-register.sh $1
+fi

cluster-api-aws/templates/job-post.yaml

@@ -32,7 +32,7 @@ spec:
           subPath: generate_machine_pool.py
           mountPath: /generate_machine_pool.py
 
-      {{- if .Values.job.taconode.enabled }}
+      {{- if or .Values.job.taconode.enabled .Values.job.argo.enabled  }}
       - name: wait-and-initialize
         image: "{{ .Values.job.image.repository }}:{{ .Values.job.image.tag | default .Chart.AppVersion }}"
         imagePullPolicy: {{ .Values.job.image.pullPolicy }}
@@ -43,6 +43,14 @@ spec:
         - {{ .Values.cluster.name }}
         - taco
         - {{ .Release.Namespace }}
+        - "{{ .Values.job.taconode.enabled }}"
+        - "{{ .Values.job.argo.enabled }}"
+
+        {{- if .Values.job.argo.enabled  }}
+        envFrom:
+        - secretRef:
+            name: decapod-argocd-config
+        {{- end }}
         volumeMounts:
         - name: kubeconfig
           subPath: value
@@ -53,23 +61,6 @@ spec:
         - name: vol
           subPath: wait_and_k8s_init.sh
           mountPath: /wait_and_k8s_init.sh
-      {{- end }}
-
-      {{- if .Values.job.argo.enabled }}
-      - name: register-argo
-        image: "{{ .Values.job.image.repository }}:{{ .Values.job.image.tag | default .Chart.AppVersion }}"
-        imagePullPolicy: {{ .Values.job.image.pullPolicy }}
-        command:
-        - /argo-register.sh
-        - {{.Values.cluster.name }}
-
-        envFrom:
-        - secretRef:
-            name: decapod-argocd-config
-        volumeMounts:
-        - name: kubeconfig
-          subPath: value
-          mountPath: /kube.config
         - name: vol
           subPath: argo-register.sh
           mountPath: /argo-register.sh

cluster-api-aws/templates/rbac.yaml

@@ -34,6 +34,7 @@ rules:
   - get
   - list
   - create
+  - patch
 - apiGroups:
   - 'infrastructure.cluster.x-k8s.io'
   resources:
@@ -42,6 +43,7 @@ rules:
   - get
   - list
   - create
+  - patch
 - apiGroups:
   - 'bootstrap.cluster.x-k8s.io'
   resources:
@@ -50,6 +52,7 @@ rules:
   - get
   - list
   - create
+  - patch
 - apiGroups:
   - ''
   resources:

cluster-api-aws/values.yaml

@@ -83,7 +83,7 @@ job:
   image:
     repository: ghcr.io/openinfradev/python_kubectl_argo
     pullPolicy: IfNotPresent
-    tag: v1.0.0
+    tag: v1.1.0
   taconode:
     enabled: false
     labels: