feat: add support for "none" CNI type

Closes #3411. Signed-off-by: Alexey Palazhchenko <alexey.palazhchenko@gmail.com>
siderolabs · Apr 9, 2021 · 1fcf38f · 1fcf38f
1 parent 37a5edf
commit 1fcf38f
Show file tree

Hide file tree

Showing 15 changed files with 227 additions and 62 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,9 @@
+.env
+.envrc
 bin
 _out
 .vscode
+*.code-workspace
 init.yaml
 controlplane.yaml
 join.yaml

diff --git a/cmd/talosctl/cmd/mgmt/cluster/create.go b/cmd/talosctl/cmd/mgmt/cluster/create.go
@@ -291,7 +291,7 @@ func create(ctx context.Context) (err error) {
 
 		if customCNIUrl != "" {
 			genOptions = append(genOptions, generate.WithClusterCNIConfig(&v1alpha1.CNIConfig{
-				CNIName: "custom",
+				CNIName: constants.CustomCNI,
 				CNIUrls: []string{customCNIUrl},
 			}))
 		}

diff --git a/internal/app/machined/pkg/controllers/config/k8s_control_plane.go b/internal/app/machined/pkg/controllers/config/k8s_control_plane.go
@@ -230,7 +230,7 @@ func (ctrl *K8sControlPlaneController) manageManifestsConfig(ctx context.Context
 			DNSServiceIP:   dnsServiceIP,
 			DNSServiceIPv6: dnsServiceIPv6,
 
-			FlannelEnabled:  cfgProvider.Cluster().Network().CNI().Name() != constants.CustomCNI,
+			FlannelEnabled:  cfgProvider.Cluster().Network().CNI().Name() == constants.FlannelCNI,
 			FlannelImage:    images.Flannel,
 			FlannelCNIImage: images.FlannelCNI,
 		})
@@ -243,13 +243,11 @@ func (ctrl *K8sControlPlaneController) manageExtraManifestsConfig(ctx context.Co
 	return r.Modify(ctx, config.NewK8sExtraManifests(), func(r resource.Resource) error {
 		spec := config.K8sExtraManifestsSpec{}
 
-		if cfgProvider.Cluster().Network().CNI().Name() == constants.CustomCNI {
-			for _, url := range cfgProvider.Cluster().Network().CNI().URLs() {
-				spec.ExtraManifests = append(spec.ExtraManifests, config.ExtraManifest{
-					URL:      url,
-					Priority: "05", // push CNI to the top
-				})
-			}
+		for _, url := range cfgProvider.Cluster().Network().CNI().URLs() {
+			spec.ExtraManifests = append(spec.ExtraManifests, config.ExtraManifest{
+				URL:      url,
+				Priority: "05", // push CNI to the top
+			})
 		}
 
 		for _, url := range cfgProvider.Cluster().ExternalCloudProvider().ManifestURLs() {

diff --git a/internal/integration/api/generate-config.go b/internal/integration/api/generate-config.go
@@ -70,7 +70,7 @@ func (suite *GenerateConfigSuite) TestGenerate() {
 			ClusterNetwork: &machineapi.ClusterNetworkConfig{
 				DnsDomain: "cluster.test",
 				CniConfig: &machineapi.CNIConfig{
-					Name: "custom",
+					Name: constants.CustomCNI,
 					Urls: []string{
 						"https://raw.githubusercontent.com/cilium/cilium/v1.8/install/kubernetes/quick-install.yaml",
 					},

diff --git a/internal/integration/provision/upgrade.go b/internal/integration/provision/upgrade.go
@@ -332,7 +332,7 @@ func (suite *UpgradeSuite) setupCluster() {
 
 	if DefaultSettings.CustomCNIURL != "" {
 		genOptions = append(genOptions, generate.WithClusterCNIConfig(&v1alpha1.CNIConfig{
-			CNIName: "custom",
+			CNIName: constants.CustomCNI,
 			CNIUrls: []string{DefaultSettings.CustomCNIURL},
 		}))
 	}

diff --git a/internal/pkg/tui/installer/state.go b/internal/pkg/tui/installer/state.go
@@ -24,13 +24,11 @@ import (
 	"github.com/talos-systems/talos/pkg/machinery/constants"
 )
 
-// cniPresets defines custom CNI presets.
-var cniPresets = map[string]*machineapi.CNIConfig{
-	"cilium": {
-		Name: "custom",
-		Urls: []string{
-			"https://raw.githubusercontent.com/cilium/cilium/v1.8/install/kubernetes/quick-install.yaml",
-		},
+const ciliumCustomCNI = "cilium"
+
+var customCNIPresets = map[string][]string{
+	ciliumCustomCNI: {
+		"https://raw.githubusercontent.com/cilium/cilium/v1.8/install/kubernetes/quick-install.yaml",
 	},
 }
 
@@ -52,6 +50,7 @@ func NewState(ctx context.Context, installer *Installer, conn *Connection) (*Sta
 			ControlPlane: &machineapi.ControlPlaneConfig{},
 			ClusterNetwork: &machineapi.ClusterNetworkConfig{
 				DnsDomain: "cluster.local",
+				CniConfig: nil, // set at GenConfig
 			},
 		},
 	}
@@ -96,9 +95,9 @@ func NewState(ctx context.Context, installer *Installer, conn *Connection) (*Sta
 	}
 
 	state := &State{
-		cni:  constants.DefaultCNI,
-		conn: conn,
 		opts: opts,
+		conn: conn,
+		cni:  constants.FlannelCNI,
 	}
 
 	networkConfigItems := []*components.Item{
@@ -153,8 +152,9 @@ func NewState(ctx context.Context, installer *Installer, conn *Connection) (*Sta
 				v1alpha1.ClusterNetworkConfigDoc.Describe("cni", true),
 				&state.cni,
 				components.NewTableHeaders("CNI", "description"),
-				constants.DefaultCNI, "CNI used by Talos by default",
-				"cilium", "Cillium 1.8 installed through quick-install.yaml",
+				constants.FlannelCNI, "CNI used by Talos by default",
+				ciliumCustomCNI, "Cillium 1.8 installed through quick-install.yaml",
+				constants.NoneCNI, "CNI will not be installed",
 			))
 	}
 
@@ -221,11 +221,17 @@ type State struct {
 
 // GenConfig returns current config encoded in yaml.
 func (s *State) GenConfig() (*machineapi.GenerateConfigurationResponse, error) {
-	// configure custom cni from the preset
-	if customCNI, ok := cniPresets[s.cni]; ok {
-		s.opts.ClusterConfig.ClusterNetwork.CniConfig = customCNI
+	cniConfig := &machineapi.CNIConfig{
+		Name: s.cni,
 	}
 
+	if urls, ok := customCNIPresets[s.cni]; ok {
+		cniConfig.Name = constants.CustomCNI
+		cniConfig.Urls = urls
+	}
+
+	s.opts.ClusterConfig.ClusterNetwork.CniConfig = cniConfig
+
 	s.opts.OverrideTime = timestamppb.New(time.Now().UTC())
 
 	return s.conn.GenerateConfiguration(s.opts)

diff --git a/pkg/machinery/config/types/v1alpha1/v1alpha1_clusterconfig.go b/pkg/machinery/config/types/v1alpha1/v1alpha1_clusterconfig.go
@@ -194,7 +194,7 @@ func (c *ClusterConfig) CNI() config.CNI {
 
 	case c.ClusterNetwork.CNI == nil:
 		return &CNIConfig{
-			CNIName: constants.DefaultCNI,
+			CNIName: constants.FlannelCNI,
 		}
 	}
 

diff --git a/pkg/machinery/config/types/v1alpha1/v1alpha1_cniconfig.go b/pkg/machinery/config/types/v1alpha1/v1alpha1_cniconfig.go
@@ -0,0 +1,15 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package v1alpha1
+
+// Name implements the config.CNI interface.
+func (c *CNIConfig) Name() string {
+	return c.CNIName
+}
+
+// URLs implements the config.CNI interface.
+func (c *CNIConfig) URLs() []string {
+	return c.CNIUrls
+}
diff --git a/pkg/machinery/config/types/v1alpha1/v1alpha1_provider.go b/pkg/machinery/config/types/v1alpha1/v1alpha1_provider.go
@@ -403,16 +403,6 @@ func (r *RegistryTLSConfig) GetTLSConfig() (*tls.Config, error) {
 	return tlsConfig, nil
 }
 
-// Name implements the config.Provider interface.
-func (c *CNIConfig) Name() string {
-	return c.CNIName
-}
-
-// URLs implements the config.Provider interface.
-func (c *CNIConfig) URLs() []string {
-	return c.CNIUrls
-}
-
 // Hostname implements the config.Provider interface.
 func (n *NetworkConfig) Hostname() string {
 	return n.NetworkHostname

diff --git a/pkg/machinery/config/types/v1alpha1/v1alpha1_types.go b/pkg/machinery/config/types/v1alpha1/v1alpha1_types.go
@@ -32,6 +32,7 @@ import (
 
 	"github.com/talos-systems/talos/pkg/machinery/config"
 	"github.com/talos-systems/talos/pkg/machinery/config/types/v1alpha1/machine"
+	"github.com/talos-systems/talos/pkg/machinery/constants"
 )
 
 func init() {
@@ -263,7 +264,7 @@ var (
 
 	clusterNetworkExample = &ClusterNetworkConfig{
 		CNI: &CNIConfig{
-			CNIName: "flannel",
+			CNIName: constants.FlannelCNI,
 		},
 		DNSDomain:     "cluster.local",
 		PodSubnet:     []string{"10.244.0.0/16"},
@@ -422,7 +423,7 @@ var (
 	}
 
 	clusterCustomCNIExample = &CNIConfig{
-		CNIName: "custom",
+		CNIName: constants.CustomCNI,
 		CNIUrls: []string{
 			"https://raw.githubusercontent.com/cilium/cilium/v1.8/install/kubernetes/quick-install.yaml",
 		},
@@ -1164,11 +1165,11 @@ type EtcdConfig struct {
 type ClusterNetworkConfig struct {
 	//   description: |
 	//     The CNI used.
-	//     Composed of "name" and "url".
-	//     The "name" key only supports options of "flannel" or "custom".
-	//     URLs is only used if name is equal to "custom".
-	//     URLs should point to the set of YAML files to be deployed.
-	//     An empty struct or any other name will default to Flannel CNI.
+	//     Composed of "name" and "urls".
+	//     The "name" key supports the following options: "flannel", "custom", and "none".
+	//     "flannel" uses Talos-managed Flannel CNI, and that's the default option.
+	//     "custom" uses custom manifests that should be provided in "urls".
+	//     "none" indicates that Talos will not manage any CNI installation.
 	//   examples:
 	//     - value: clusterCustomCNIExample
 	CNI *CNIConfig `yaml:"cni,omitempty"`
@@ -1197,9 +1198,14 @@ type ClusterNetworkConfig struct {
 type CNIConfig struct {
 	//   description: |
 	//     Name of CNI to use.
-	CNIName string `yaml:"name"`
+	//   values:
+	//     - flannel
+	//     - custom
+	//     - none
+	CNIName string `yaml:"name,omitempty"`
 	//   description: |
 	//     URLs containing manifests to apply for the CNI.
+	//     Should be present for "custom", must be empty for "flannel" and "none".
 	CNIUrls []string `yaml:"urls,omitempty"`
 }
 

diff --git a/pkg/machinery/config/types/v1alpha1/v1alpha1_types_doc.go b/pkg/machinery/config/types/v1alpha1/v1alpha1_types_doc.go
@@ -932,7 +932,7 @@ func init() {
 	ClusterNetworkConfigDoc.Fields[0].Name = "cni"
 	ClusterNetworkConfigDoc.Fields[0].Type = "CNIConfig"
 	ClusterNetworkConfigDoc.Fields[0].Note = ""
-	ClusterNetworkConfigDoc.Fields[0].Description = "The CNI used.\nComposed of \"name\" and \"url\".\nThe \"name\" key only supports options of \"flannel\" or \"custom\".\nURLs is only used if name is equal to \"custom\".\nURLs should point to the set of YAML files to be deployed.\nAn empty struct or any other name will default to Flannel CNI."
+	ClusterNetworkConfigDoc.Fields[0].Description = "The CNI used.\nComposed of \"name\" and \"urls\".\nThe \"name\" key supports the following options: \"flannel\", \"custom\", and \"none\".\n\"flannel\" uses Talos-managed Flannel CNI, and that's the default option.\n\"custom\" uses custom manifests that should be provided in \"urls\".\n\"none\" indicates that Talos will not manage any CNI installation."
 	ClusterNetworkConfigDoc.Fields[0].Comments[encoder.LineComment] = "The CNI used."
 
 	ClusterNetworkConfigDoc.Fields[0].AddExample("", clusterCustomCNIExample)
@@ -975,10 +975,15 @@ func init() {
 	CNIConfigDoc.Fields[0].Note = ""
 	CNIConfigDoc.Fields[0].Description = "Name of CNI to use."
 	CNIConfigDoc.Fields[0].Comments[encoder.LineComment] = "Name of CNI to use."
+	CNIConfigDoc.Fields[0].Values = []string{
+		"flannel",
+		"custom",
+		"none",
+	}
 	CNIConfigDoc.Fields[1].Name = "urls"
 	CNIConfigDoc.Fields[1].Type = "[]string"
 	CNIConfigDoc.Fields[1].Note = ""
-	CNIConfigDoc.Fields[1].Description = "URLs containing manifests to apply for the CNI."
+	CNIConfigDoc.Fields[1].Description = "URLs containing manifests to apply for the CNI.\nShould be present for \"custom\", must be empty for \"flannel\" and \"none\"."
 	CNIConfigDoc.Fields[1].Comments[encoder.LineComment] = "URLs containing manifests to apply for the CNI."
 
 	ExternalCloudProviderConfigDoc.Type = "ExternalCloudProviderConfig"

diff --git a/pkg/machinery/config/types/v1alpha1/v1alpha1_validation.go b/pkg/machinery/config/types/v1alpha1/v1alpha1_validation.go
@@ -108,14 +108,9 @@ func (c *Config) Validate(mode config.RuntimeMode, options ...config.ValidationO
 	}
 
 	if c.Machine().Type() == machine.TypeInit || c.Machine().Type() == machine.TypeControlPlane {
-		switch c.Cluster().Network().CNI().Name() {
-		case constants.CustomCNI:
-			// custom CNI with URLs or an empty list of manifests which will get applied
-		case constants.DefaultCNI:
-			// it's flannel bby
-		default:
-			result = multierror.Append(result, errors.New("cni name should be one of [custom,flannel]"))
-		}
+		warn, err := ValidateCNI(c.Cluster().Network().CNI())
+		warnings = append(warnings, warn...)
+		result = multierror.Append(result, err)
 	}
 
 	if c.Machine().Type() == machine.TypeJoin {
@@ -204,6 +199,42 @@ func (c *ClusterConfig) Validate() error {
 	return result.ErrorOrNil()
 }
 
+// ValidateCNI validates CNI config.
+func ValidateCNI(cni config.CNI) ([]string, error) {
+	var (
+		warnings []string
+		result   *multierror.Error
+	)
+
+	switch cni.Name() {
+	case constants.FlannelCNI:
+		fallthrough
+	case constants.NoneCNI:
+		if len(cni.URLs()) != 0 {
+			err := fmt.Errorf(`"urls" field should be empty for %q CNI`, cni.Name())
+			result = multierror.Append(result, err)
+		}
+
+	case constants.CustomCNI:
+		if len(cni.URLs()) == 0 {
+			warn := fmt.Sprintf(`"urls" field should not be empty for %q CNI`, cni.Name())
+			warnings = append(warnings, warn)
+		}
+
+		for _, u := range cni.URLs() {
+			if err := talosnet.ValidateEndpointURI(u); err != nil {
+				result = multierror.Append(result, err)
+			}
+		}
+
+	default:
+		err := fmt.Errorf("cni name should be one of [%q, %q, %q]", constants.FlannelCNI, constants.CustomCNI, constants.NoneCNI)
+		result = multierror.Append(result, err)
+	}
+
+	return warnings, result.ErrorOrNil()
+}
+
 // Validate validates external cloud provider configuration.
 func (ecp *ExternalCloudProviderConfig) Validate() error {
 	if !ecp.ExternalEnabled && (len(ecp.ExternalManifests) != 0) {