From a19871cb46b206d83c009316b2d447784efe4ea3 Mon Sep 17 00:00:00 2001 From: Suvaansh <34331549+suvaanshkumar@users.noreply.github.com> Date: Fri, 30 Aug 2024 04:07:17 -0400 Subject: [PATCH] Updating api for klusterlet to accomodate awsirsa registration (#339) Signed-off-by: Erica <132393634+EricaJ6@users.noreply.github.com> --- ...cluster-management.io_klusterlets.crd.yaml | 18 +++++++++ ...cluster-management.io_klusterlets.crd.yaml | 25 ++++++++++++ operator/v1/types_klusterlet.go | 22 +++++++++++ operator/v1/zz_generated.deepcopy.go | 38 +++++++++++++++++++ .../v1/zz_generated.swagger_doc_generated.go | 18 +++++++++ 5 files changed, 121 insertions(+) diff --git a/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml index 576ca94ff..dd5cb6a8b 100644 --- a/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml +++ b/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml @@ -185,6 +185,24 @@ spec: type: integer format: int32 default: 50 + registrationDriver: + description: This provides driver details required to register with hub + type: object + properties: + authType: + description: Type of the authentication used by managedcluster to register as well as pull work from hub. Possible values are csr and awsirsa. + type: string + default: csr + enum: + - csr + - awsirsa + awsIrsa: + description: 'Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account. This is required only when the authType is awsirsa.' + type: object + properties: + hubClusterArn: + description: 'The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet. Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1.' + type: string registrationImagePullSpec: description: RegistrationImagePullSpec represents the desired image configuration of registration agent. quay.io/open-cluster-management.io/registration:latest will be used if unspecified. type: string diff --git a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml index c1cbc503a..73d782804 100644 --- a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml +++ b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml @@ -289,6 +289,31 @@ spec: If it is set empty, use the default value: 50 format: int32 type: integer + registrationDriver: + description: This provides driver details required to register + with hub + properties: + authType: + default: csr + description: Type of the authentication used by managedcluster + to register as well as pull work from hub. Possible values + are csr and awsirsa. + enum: + - csr + - awsirsa + type: string + awsIrsa: + description: |- + Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account. + This is required only when the authType is awsirsa. + properties: + hubClusterArn: + description: |- + The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet. + Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1. + type: string + type: object + type: object type: object registrationImagePullSpec: description: |- diff --git a/operator/v1/types_klusterlet.go b/operator/v1/types_klusterlet.go index 395340504..97e6fa538 100644 --- a/operator/v1/types_klusterlet.go +++ b/operator/v1/types_klusterlet.go @@ -172,6 +172,28 @@ type RegistrationConfiguration struct { // But if the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared. // +optional BootstrapKubeConfigs BootstrapKubeConfigs `json:"bootstrapKubeConfigs,omitempty"` + + // This provides driver details required to register with hub + // +optional + RegistrationDriver RegistrationDriver `json:"registrationDriver,omitempty"` +} + +type RegistrationDriver struct { + // Type of the authentication used by managedcluster to register as well as pull work from hub. Possible values are csr and awsirsa. + // +kubebuilder:default:=csr + // +kubebuilder:validation:Enum=csr;awsirsa + AuthType string `json:"authType"` + + // Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account. + // This is required only when the authType is awsirsa. + AwsIrsa *AwsIrsa `json:"awsIrsa,omitempty"` +} + +type AwsIrsa struct { + // The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet. + // Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1. + // +required + HubClusterArn string `json:"hubClusterArn"` } type TypeBootstrapKubeConfigs string diff --git a/operator/v1/zz_generated.deepcopy.go b/operator/v1/zz_generated.deepcopy.go index c4df39e13..64a618ba5 100644 --- a/operator/v1/zz_generated.deepcopy.go +++ b/operator/v1/zz_generated.deepcopy.go @@ -32,6 +32,22 @@ func (in *AddOnManagerConfiguration) DeepCopy() *AddOnManagerConfiguration { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AwsIrsa) DeepCopyInto(out *AwsIrsa) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsIrsa. +func (in *AwsIrsa) DeepCopy() *AwsIrsa { + if in == nil { + return nil + } + out := new(AwsIrsa) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BootstrapKubeConfigs) DeepCopyInto(out *BootstrapKubeConfigs) { *out = *in @@ -506,6 +522,7 @@ func (in *RegistrationConfiguration) DeepCopyInto(out *RegistrationConfiguration } } in.BootstrapKubeConfigs.DeepCopyInto(&out.BootstrapKubeConfigs) + in.RegistrationDriver.DeepCopyInto(&out.RegistrationDriver) return } @@ -519,6 +536,27 @@ func (in *RegistrationConfiguration) DeepCopy() *RegistrationConfiguration { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RegistrationDriver) DeepCopyInto(out *RegistrationDriver) { + *out = *in + if in.AwsIrsa != nil { + in, out := &in.AwsIrsa, &out.AwsIrsa + *out = new(AwsIrsa) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegistrationDriver. +func (in *RegistrationDriver) DeepCopy() *RegistrationDriver { + if in == nil { + return nil + } + out := new(RegistrationDriver) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RegistrationHubConfiguration) DeepCopyInto(out *RegistrationHubConfiguration) { *out = *in diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go index b01728bc7..c6085cdc4 100644 --- a/operator/v1/zz_generated.swagger_doc_generated.go +++ b/operator/v1/zz_generated.swagger_doc_generated.go @@ -163,6 +163,14 @@ func (WorkConfiguration) SwaggerDoc() map[string]string { return map_WorkConfiguration } +var map_AwsIrsa = map[string]string{ + "hubClusterArn": "The arn of the hub cluster (ie: an EKS cluster). This will be required to pass information to hub, which hub will use to create IAM identities for this klusterlet. Example - arn:eks:us-west-2:12345678910:cluster/hub-cluster1.", +} + +func (AwsIrsa) SwaggerDoc() map[string]string { + return map_AwsIrsa +} + var map_BootstrapKubeConfigs = map[string]string{ "type": "Type specifies the type of priority bootstrap kubeconfigs. By default, it is set to None, representing no priority bootstrap kubeconfigs are set.", "localSecretsConfig": "LocalSecretsConfig include a list of secrets that contains the kubeconfigs for ordered bootstrap kubeconifigs. The secrets must be in the same namespace where the agent controller runs.", @@ -268,12 +276,22 @@ var map_RegistrationConfiguration = map[string]string{ "kubeAPIQPS": "KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 50", "kubeAPIBurst": "KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 100", "bootstrapKubeConfigs": "BootstrapKubeConfigs defines the ordered list of bootstrap kubeconfigs. The order decides which bootstrap kubeconfig to use first when rebootstrap.\n\nWhen the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR is set `hubAcceptsClient=false` on the hub, the controller marks the related bootstrap kubeconfig as \"failed\".\n\nA failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeConfigSeconds. But if the user updates the content of a failed bootstrapkubeconfig, the \"failed\" mark will be cleared.", + "registrationDriver": "This provides driver details required to register with hub", } func (RegistrationConfiguration) SwaggerDoc() map[string]string { return map_RegistrationConfiguration } +var map_RegistrationDriver = map[string]string{ + "authType": "Type of the authentication used by managedcluster to register as well as pull work from hub. Possible values are csr and awsirsa.", + "awsIrsa": "Contain the details required for registering with hub cluster (ie: an EKS cluster) using AWS IAM roles for service account. This is required only when the authType is awsirsa.", +} + +func (RegistrationDriver) SwaggerDoc() map[string]string { + return map_RegistrationDriver +} + var map_ServerURL = map[string]string{ "": "ServerURL represents the apiserver url and ca bundle that is accessible externally", "url": "URL is the url of apiserver endpoint of the managed cluster.",