From 90159c7f2a677f1238047c41e0a1d8ca19351ea2 Mon Sep 17 00:00:00 2001 From: xuezhaojun Date: Tue, 16 Apr 2024 20:19:15 +0800 Subject: [PATCH] Add API field for switch-hub. Signed-off-by: xuezhaojun --- ...cluster-management.io_klusterlets.crd.yaml | 33 +++++++++++ ...cluster-management.io_klusterlets.crd.yaml | 58 +++++++++++++++++++ operator/v1/types_klusterlet.go | 51 ++++++++++++++++ .../v1/zz_generated.swagger_doc_generated.go | 22 +++++-- 4 files changed, 159 insertions(+), 5 deletions(-) diff --git a/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml index c6c2b162a..5b2362518 100644 --- a/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml +++ b/crdsv1beta1/0001_00_operator.open-cluster-management.io_klusterlets.crd.yaml @@ -145,6 +145,12 @@ spec: enum: - Enable - Disable + hubConnectionTimeoutSeconds: + description: HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster. When agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap. By default is 10 mins. + type: integer + format: int32 + default: 600 + minimum: 0 kubeAPIBurst: description: 'KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 100' type: integer @@ -155,6 +161,33 @@ spec: type: integer format: int32 default: 50 + priorityBootstrapKubeconfigs: + description: "PriorityBootstrapKubeconfigs defines the list of bootstrap kubeconfigs in the order of priority. They are used for an agent to connect to multiple hubs in cases like auto-failover, backup&restore, rollout upgrade etc. \n When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR is set `hubAcceptsClient=false` on the hub, we mark the related bootstrap secret as failed. A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeconfigSeconds. \n If the user updates the content of a failed bootstrapkubeconfig, the \"failed\" mark will be cleared. \n Then the agent will try to choose another bootstrapkubeconfig from the list by order, replace the current bootstrapkubeconfig and trigger the rebootstrap." + type: object + properties: + localSecrets: + description: LocalSecrets is a list of secrets that contains the kubeconfigs for priority bootstrap. The secrets must be in the same namespace where the agent controller runs. + type: array + items: + description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + type: object + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + skipFailedBootstrapKubeconfigSeconds: + description: SkipFailedBootstrapKubeconfigSeconds. When selecting a new bootstrapkubeconfig, the controller will skip the item in the list that fails recently. By default is 3 mins. + type: integer + format: int32 + default: 180 + minimum: 0 + type: + description: Type specifies the type of priority bootstrap kubeconfigs. By default, it is set to None, representing no priority bootstrap kubeconfigs are set. + type: string + default: None + enum: + - None + - LocalSecrets registrationImagePullSpec: description: RegistrationImagePullSpec represents the desired image configuration of registration agent. quay.io/open-cluster-management.io/registration:latest will be used if unspecified. type: string diff --git a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml index 4896f275f..db00d5299 100644 --- a/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml +++ b/operator/v1/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml @@ -228,6 +228,15 @@ spec: - feature type: object type: array + hubConnectionTimeoutSeconds: + default: 600 + description: HubConnectionTimeoutSeconds is used to set the timeout + of connecting to the hub cluster. When agent loses the connection + to the hub over the timeout seconds, the agent do a rebootstrap. + By default is 10 mins. + format: int32 + minimum: 0 + type: integer kubeAPIBurst: default: 100 description: 'KubeAPIBurst indicates the maximum burst of the @@ -242,6 +251,55 @@ spec: is set empty, use the default value: 50' format: int32 type: integer + priorityBootstrapKubeconfigs: + description: "PriorityBootstrapKubeconfigs defines the list of + bootstrap kubeconfigs in the order of priority. They are used + for an agent to connect to multiple hubs in cases like auto-failover, + backup&restore, rollout upgrade etc. \n When the agent loses + the connection to the current hub over HubConnectionTimeoutSeconds, + or the managedcluster CR is set `hubAcceptsClient=false` on + the hub, we mark the related bootstrap secret as failed. A failed + bootstrapkubeconfig won't be used for the duration specified + by SkipFailedBootstrapKubeconfigSeconds. \n If the user updates + the content of a failed bootstrapkubeconfig, the \"failed\" + mark will be cleared. \n Then the agent will try to choose another + bootstrapkubeconfig from the list by order, replace the current + bootstrapkubeconfig and trigger the rebootstrap." + properties: + localSecrets: + description: LocalSecrets is a list of secrets that contains + the kubeconfigs for priority bootstrap. The secrets must + be in the same namespace where the agent controller runs. + items: + description: LocalObjectReference contains enough information + to let you locate the referenced object inside the same + namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + skipFailedBootstrapKubeconfigSeconds: + default: 180 + description: SkipFailedBootstrapKubeconfigSeconds. When selecting + a new bootstrapkubeconfig, the controller will skip the + item in the list that fails recently. By default is 3 mins. + format: int32 + minimum: 0 + type: integer + type: + default: None + description: Type specifies the type of priority bootstrap + kubeconfigs. By default, it is set to None, representing + no priority bootstrap kubeconfigs are set. + enum: + - None + - LocalSecrets + type: string + type: object type: object registrationImagePullSpec: description: RegistrationImagePullSpec represents the desired image diff --git a/operator/v1/types_klusterlet.go b/operator/v1/types_klusterlet.go index 96c51fdb6..edf17cb71 100644 --- a/operator/v1/types_klusterlet.go +++ b/operator/v1/types_klusterlet.go @@ -1,6 +1,7 @@ package v1 import ( + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -162,6 +163,56 @@ type RegistrationConfiguration struct { // +optional // +kubebuilder:default:=100 KubeAPIBurst int32 `json:"kubeAPIBurst,omitempty"` + + // PriorityBootstrapKubeconfigs defines the list of bootstrap kubeconfigs in the order of priority. + // They are used for an agent to connect to multiple hubs in cases like auto-failover, backup&restore, rollout upgrade etc. + // + // When the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR + // is set `hubAcceptsClient=false` on the hub, we mark the related bootstrap secret as failed. + // A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeconfigSeconds. + // + // If the user updates the content of a failed bootstrapkubeconfig, the "failed" mark will be cleared. + // + // Then the agent will try to choose another bootstrapkubeconfig from the list by order, replace the current bootstrapkubeconfig and trigger the rebootstrap. + // +optional + PriorityBootstrapKubeconfigs PriorityBootstrapKubeconfigs `json:"priorityBootstrapKubeconfigs,omitempty"` + + // HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster. + // When agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap. + // By default is 10 mins. + // +optional + // +kubebuilder:default:=600 + // +kubebuilder:validation:Minimum=0 + HubConnectionTimeoutSeconds int32 `json:"hubConnectionTimeoutSeconds,omitempty"` +} + +type TypePriorityBootstrapKubeconfigs string + +const ( + LocalSecrets TypePriorityBootstrapKubeconfigs = "LocalSecrets" + None TypePriorityBootstrapKubeconfigs = "None" +) + +type PriorityBootstrapKubeconfigs struct { + // Type specifies the type of priority bootstrap kubeconfigs. + // By default, it is set to None, representing no priority bootstrap kubeconfigs are set. + // +required + // +kubebuilder:default:=None + // +kubebuilder:validation:Enum=None;LocalSecrets + Type TypePriorityBootstrapKubeconfigs `json:"type,omitempty"` + + // LocalSecrets is a list of secrets that contains the kubeconfigs for priority bootstrap. + // The secrets must be in the same namespace where the agent controller runs. + // +optional + LocalSecrets []corev1.LocalObjectReference `json:"localSecrets,omitempty"` + + // SkipFailedBootstrapKubeconfigSeconds. When selecting a new bootstrapkubeconfig, the controller will skip the item in the list + // that fails recently. + // By default is 3 mins. + // +optional + // +kubebuilder:default:=180 + // +kubebuilder:validation:Minimum=0 + SkipFailedBootstrapKubeconfigSeconds int32 `json:"skipFailedBootstrapKubeconfigSeconds,omitempty"` } type WorkAgentConfiguration struct { diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go index 373b77999..c2d651829 100644 --- a/operator/v1/zz_generated.swagger_doc_generated.go +++ b/operator/v1/zz_generated.swagger_doc_generated.go @@ -234,12 +234,24 @@ func (KlusterletStatus) SwaggerDoc() map[string]string { return map_KlusterletStatus } +var map_PriorityBootstrapKubeconfigs = map[string]string{ + "type": "Type specifies the type of priority bootstrap kubeconfigs. By default, it is set to None, representing no priority bootstrap kubeconfigs are set.", + "localSecrets": "LocalSecrets is a list of secrets that contains the kubeconfigs for priority bootstrap. The secrets must be in the same namespace where the agent controller runs.", + "skipFailedBootstrapKubeconfigSeconds": "SkipFailedBootstrapKubeconfigSeconds. When selecting a new bootstrapkubeconfig, the controller will skip the item in the list that fails recently. By default is 3 mins.", +} + +func (PriorityBootstrapKubeconfigs) SwaggerDoc() map[string]string { + return map_PriorityBootstrapKubeconfigs +} + var map_RegistrationConfiguration = map[string]string{ - "clientCertExpirationSeconds": "clientCertExpirationSeconds represents the seconds of a client certificate to expire. If it is not set or 0, the default duration seconds will be set by the hub cluster. If the value is larger than the max signing duration seconds set on the hub cluster, the max signing duration seconds will be set.", - "featureGates": "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator will discard it\n 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false,\n \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false.", - "clusterAnnotations": "ClusterAnnotations is annotations with the reserve prefix \"agent.open-cluster-management.io\" set on ManagedCluster when creating only, other actors can update it afterwards.", - "kubeAPIQPS": "KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 50", - "kubeAPIBurst": "KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 100", + "clientCertExpirationSeconds": "clientCertExpirationSeconds represents the seconds of a client certificate to expire. If it is not set or 0, the default duration seconds will be set by the hub cluster. If the value is larger than the max signing duration seconds set on the hub cluster, the max signing duration seconds will be set.", + "featureGates": "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates:\n 1. If featuregate/Foo does not exist, registration-operator will discard it\n 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true]\n 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false,\n \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false.", + "clusterAnnotations": "ClusterAnnotations is annotations with the reserve prefix \"agent.open-cluster-management.io\" set on ManagedCluster when creating only, other actors can update it afterwards.", + "kubeAPIQPS": "KubeAPIQPS indicates the maximum QPS while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 50", + "kubeAPIBurst": "KubeAPIBurst indicates the maximum burst of the throttle while talking with apiserver of hub cluster from the spoke cluster. If it is set empty, use the default value: 100", + "priorityBootstrapKubeconfigs": "PriorityBootstrapKubeconfigs defines the list of bootstrap kubeconfigs in the order of priority. They are used for an agent to connect to multiple hubs in cases like auto-failover, backup&restore, rollout upgrade etc.\n\nWhen the agent loses the connection to the current hub over HubConnectionTimeoutSeconds, or the managedcluster CR is set `hubAcceptsClient=false` on the hub, we mark the related bootstrap secret as failed. A failed bootstrapkubeconfig won't be used for the duration specified by SkipFailedBootstrapKubeconfigSeconds.\n\nIf the user updates the content of a failed bootstrapkubeconfig, the \"failed\" mark will be cleared.\n\nThen the agent will try to choose another bootstrapkubeconfig from the list by order, replace the current bootstrapkubeconfig and trigger the rebootstrap.", + "hubConnectionTimeoutSeconds": "HubConnectionTimeoutSeconds is used to set the timeout of connecting to the hub cluster. When agent loses the connection to the hub over the timeout seconds, the agent do a rebootstrap. By default is 10 mins.", } func (RegistrationConfiguration) SwaggerDoc() map[string]string {