Add API field for switch-hub.

Signed-off-by: xuezhaojun <zxue@redhat.com>
open-cluster-management-io · Apr 17, 2024 · 90159c7 · 90159c7
1 parent 29e1b1d
commit 90159c7
Show file tree

Hide file tree

Showing 4 changed files with 159 additions and 5 deletions.
diff --git a/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml
@@ -145,6 +145,12 @@ spec:
                         enum:
                           - Enable
                           - Disable
+                hubConnectionTimeoutSeconds:
+                  description: HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster. When agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap. By default is 10 mins.
+                  type: integer
+                  format: int32
+                  default: 600
+                  minimum: 0
                 kubeAPIBurst:
                   description: 'KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 100'
                   type: integer
@@ -155,6 +161,33 @@ spec:
                   type: integer
                   format: int32
                   default: 50
+                priorityBootstrapKubeconfigs:
+                  description: "PriorityBootstrapKubeconfigs defines the list of bootstrap kubeconfigs in the order of priority. They are used for an agent to connect to multiple hubs in cases like auto-failover, backup&restore, rollout upgrade etc. \n When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR is set `hubAcceptsClient=false` on the hub, we mark the related bootstrap secret as failed. A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeconfigSeconds. \n If the user updates the content of a failed bootstrapkubeconfig, the \"failed\" mark will be cleared. \n Then the agent will try to choose another bootstrapkubeconfig from the list by order, replace the current bootstrapkubeconfig and trigger the rebootstrap."
+                  type: object
+                  properties:
+                    localSecrets:
+                      description: LocalSecrets is a list of secrets that contains the kubeconfigs for priority bootstrap. The secrets must be in the same namespace where the agent controller runs.
+                      type: array
+                      items:
+                        description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace.
+                        type: object
+                        properties:
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                    skipFailedBootstrapKubeconfigSeconds:
+                      description: SkipFailedBootstrapKubeconfigSeconds. When selecting a new bootstrapkubeconfig, the controller will skip the item in the list that fails recently. By default is 3 mins.
+                      type: integer
+                      format: int32
+                      default: 180
+                      minimum: 0
+                    type:
+                      description: Type specifies the type of priority bootstrap kubeconfigs. By default, it is set to None, representing no priority bootstrap kubeconfigs are set.
+                      type: string
+                      default: None
+                      enum:
+                        - None
+                        - LocalSecrets
             registrationImagePullSpec:
               description: RegistrationImagePullSpec represents the desired image configuration of registration agent. quay.io/open-cluster-management.io/registration:latest will be used if unspecified.
               type: string

diff --git a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml
@@ -228,6 +228,15 @@ spec:
                       - feature
                       type: object
                     type: array
+                  hubConnectionTimeoutSeconds:
+                    default: 600
+                    description: HubConnectionTimeoutSeconds is used to set the timeout
+                      of connecting to the hub cluster. When agent loses the connection
+                      to the hub over the timeout seconds, the agent do a rebootstrap.
+                      By default is 10 mins.
+                    format: int32
+                    minimum: 0
+                    type: integer
                   kubeAPIBurst:
                     default: 100
                     description: 'KubeAPIBurst indicates the maximum burst of the
@@ -242,6 +251,55 @@ spec:
                       is set empty, use the default value: 50'
                     format: int32
                     type: integer
+                  priorityBootstrapKubeconfigs:
+                    description: "PriorityBootstrapKubeconfigs defines the list of
+                      bootstrap kubeconfigs in the order of priority. They are used
+                      for an agent to connect to multiple hubs in cases like auto-failover,
+                      backup&restore, rollout upgrade etc. \n When the agent loses
+                      the connection to the current hub over HubConnectionTimeoutSeconds,
+                      or the managedcluster CR is set `hubAcceptsClient=false` on
+                      the hub, we mark the related bootstrap secret as failed. A failed
+                      bootstrapkubeconfig won't be used for the duration specified
+                      by SkipFailedBootstrapKubeconfigSeconds. \n If the user updates
+                      the content of a failed bootstrapkubeconfig, the \"failed\"
+                      mark will be cleared. \n Then the agent will try to choose another
+                      bootstrapkubeconfig from the list by order, replace the current
+                      bootstrapkubeconfig and trigger the rebootstrap."
+                    properties:
+                      localSecrets:
+                        description: LocalSecrets is a list of secrets that contains
+                          the kubeconfigs for priority bootstrap. The secrets must
+                          be in the same namespace where the agent controller runs.
+                        items:
+                          description: LocalObjectReference contains enough information
+                            to let you locate the referenced object inside the same
+                            namespace.
+                          properties:
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                TODO: Add other useful fields. apiVersion, kind, uid?'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        type: array
+                      skipFailedBootstrapKubeconfigSeconds:
+                        default: 180
+                        description: SkipFailedBootstrapKubeconfigSeconds. When selecting
+                          a new bootstrapkubeconfig, the controller will skip the
+                          item in the list that fails recently. By default is 3 mins.
+                        format: int32
+                        minimum: 0
+                        type: integer
+                      type:
+                        default: None
+                        description: Type specifies the type of priority bootstrap
+                          kubeconfigs. By default, it is set to None, representing
+                          no priority bootstrap kubeconfigs are set.
+                        enum:
+                        - None
+                        - LocalSecrets
+                        type: string
+                    type: object
                 type: object
               registrationImagePullSpec:
                 description: RegistrationImagePullSpec represents the desired image

diff --git a/operator/v1/types_klusterlet.go b/operator/v1/types_klusterlet.go
@@ -1,6 +1,7 @@
 package v1
 
 import (
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -162,6 +163,56 @@ type RegistrationConfiguration struct {
 	// +optional
 	// +kubebuilder:default:=100
 	KubeAPIBurst int32 `json:"kubeAPIBurst,omitempty"`
+
+	// PriorityBootstrapKubeconfigs defines the list of bootstrap kubeconfigs in the order of priority.
+	// They are used for an agent to connect to multiple hubs in cases like auto-failover, backup&restore, rollout upgrade etc.
+	//
+	// When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR
+	// is set `hubAcceptsClient=false` on the hub, we mark the related bootstrap secret as failed.
+	// A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeconfigSeconds.
+	//
+	// If the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared.
+	//
+	// Then the agent will try to choose another bootstrapkubeconfig from the list by order, replace the current bootstrapkubeconfig and trigger the rebootstrap.
+	// +optional
+	PriorityBootstrapKubeconfigs PriorityBootstrapKubeconfigs `json:"priorityBootstrapKubeconfigs,omitempty"`
+
+	// HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster.
+	// When agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap.
+	// By default is 10 mins.
+	// +optional
+	// +kubebuilder:default:=600
+	// +kubebuilder:validation:Minimum=0
+	HubConnectionTimeoutSeconds int32 `json:"hubConnectionTimeoutSeconds,omitempty"`
+}
+
+type TypePriorityBootstrapKubeconfigs string
+
+const (
+	LocalSecrets TypePriorityBootstrapKubeconfigs = "LocalSecrets"
+	None         TypePriorityBootstrapKubeconfigs = "None"
+)
+
+type PriorityBootstrapKubeconfigs struct {
+	// Type specifies the type of priority bootstrap kubeconfigs.
+	// By default, it is set to None, representing no priority bootstrap kubeconfigs are set.
+	// +required
+	// +kubebuilder:default:=None
+	// +kubebuilder:validation:Enum=None;LocalSecrets
+	Type TypePriorityBootstrapKubeconfigs `json:"type,omitempty"`
+
+	// LocalSecrets is a list of secrets that contains the kubeconfigs for priority bootstrap.
+	// The secrets must be in the same namespace where the agent controller runs.
+	// +optional
+	LocalSecrets []corev1.LocalObjectReference `json:"localSecrets,omitempty"`
+
+	// SkipFailedBootstrapKubeconfigSeconds. When selecting a new bootstrapkubeconfig, the controller will skip the item in the list
+	// that fails recently.
+	// By default is 3 mins.
+	// +optional
+	// +kubebuilder:default:=180
+	// +kubebuilder:validation:Minimum=0
+	SkipFailedBootstrapKubeconfigSeconds int32 `json:"skipFailedBootstrapKubeconfigSeconds,omitempty"`
 }
 
 type WorkAgentConfiguration struct {

diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go