From 57551b79b2581cdc32416b6816199d23f15fda5a Mon Sep 17 00:00:00 2001 From: "naman.gupta" Date: Thu, 2 Nov 2023 19:31:03 +0530 Subject: [PATCH] Base Code for the kubernetes Operator Base Code for the kubernetes Operator. Change-Id: Ifc3bbe38cee31d0dd2f54280f55d9501e3edae52 Signed-off-by: naman.gupta --- xappKubernetesOperator/.gitignore | 26 ++++ xappKubernetesOperator/Dockerfile | 0 xappKubernetesOperator/Makefile | 0 xappKubernetesOperator/README.md | 0 xappKubernetesOperator/api/v1/groupversion_info.go | 36 ++++++ xappKubernetesOperator/api/v1/xappdep_types.go | 64 +++++++++ .../api/v1/zz_generated.deepcopy.go | 115 ++++++++++++++++ xappKubernetesOperator/cmd/main.go | 17 +++ .../config/default/kustomization.yaml | 144 +++++++++++++++++++++ .../config/default/manager_auth_proxy_patch.yaml | 39 ++++++ .../config/default/manager_config_patch.yaml | 10 ++ .../internal/controller/xappdep_controller.go | 17 +++ 12 files changed, 468 insertions(+) create mode 100644 xappKubernetesOperator/.gitignore create mode 100644 xappKubernetesOperator/Dockerfile create mode 100644 xappKubernetesOperator/Makefile create mode 100644 xappKubernetesOperator/README.md create mode 100644 xappKubernetesOperator/api/v1/groupversion_info.go create mode 100644 xappKubernetesOperator/api/v1/xappdep_types.go create mode 100644 xappKubernetesOperator/api/v1/zz_generated.deepcopy.go create mode 100644 xappKubernetesOperator/cmd/main.go create mode 100644 xappKubernetesOperator/config/default/kustomization.yaml create mode 100644 xappKubernetesOperator/config/default/manager_auth_proxy_patch.yaml create mode 100644 xappKubernetesOperator/config/default/manager_config_patch.yaml create mode 100644 xappKubernetesOperator/internal/controller/xappdep_controller.go diff --git a/xappKubernetesOperator/.gitignore b/xappKubernetesOperator/.gitignore new file mode 100644 index 0000000..7f02333 --- /dev/null +++ b/xappKubernetesOperator/.gitignore @@ -0,0 +1,26 @@ + +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib +bin/* +Dockerfile.cross + +# Test binary, build with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# Kubernetes Generated files - skip generated files, except for vendored files + +!vendor/**/zz_generated.* + +# editor and IDE paraphernalia +.idea +.vscode +*.swp +*.swo +*~ diff --git a/xappKubernetesOperator/Dockerfile b/xappKubernetesOperator/Dockerfile new file mode 100644 index 0000000..e69de29 diff --git a/xappKubernetesOperator/Makefile b/xappKubernetesOperator/Makefile new file mode 100644 index 0000000..e69de29 diff --git a/xappKubernetesOperator/README.md b/xappKubernetesOperator/README.md new file mode 100644 index 0000000..e69de29 diff --git a/xappKubernetesOperator/api/v1/groupversion_info.go b/xappKubernetesOperator/api/v1/groupversion_info.go new file mode 100644 index 0000000..69f8aff --- /dev/null +++ b/xappKubernetesOperator/api/v1/groupversion_info.go @@ -0,0 +1,36 @@ +/* +Copyright 2023. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package v1 contains API Schema definitions for the depxapp v1 API group +// +kubebuilder:object:generate=true +// +groupName=depxapp.xapp.com +package v1 + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +var ( + // GroupVersion is group version used to register these objects + GroupVersion = schema.GroupVersion{Group: "depxapp.xapp.com", Version: "v1"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} + + // AddToScheme adds the types in this group-version to the given scheme. + AddToScheme = SchemeBuilder.AddToScheme +) diff --git a/xappKubernetesOperator/api/v1/xappdep_types.go b/xappKubernetesOperator/api/v1/xappdep_types.go new file mode 100644 index 0000000..7da9b82 --- /dev/null +++ b/xappKubernetesOperator/api/v1/xappdep_types.go @@ -0,0 +1,64 @@ +/* +Copyright 2023. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// XappDepSpec defines the desired state of XappDep +type XappDepSpec struct { + // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + // Important: Run "make" to regenerate code after modifying this file + + // Foo is an example field of XappDep. Edit xappdep_types.go to remove/update + Foo string `json:"foo,omitempty"` +} + +// XappDepStatus defines the observed state of XappDep +type XappDepStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status + +// XappDep is the Schema for the xappdeps API +type XappDep struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec XappDepSpec `json:"spec,omitempty"` + Status XappDepStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// XappDepList contains a list of XappDep +type XappDepList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []XappDep `json:"items"` +} + +func init() { + SchemeBuilder.Register(&XappDep{}, &XappDepList{}) +} diff --git a/xappKubernetesOperator/api/v1/zz_generated.deepcopy.go b/xappKubernetesOperator/api/v1/zz_generated.deepcopy.go new file mode 100644 index 0000000..c0c085c --- /dev/null +++ b/xappKubernetesOperator/api/v1/zz_generated.deepcopy.go @@ -0,0 +1,115 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* +Copyright 2023. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by controller-gen. DO NOT EDIT. + +package v1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *XappDep) DeepCopyInto(out *XappDep) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XappDep. +func (in *XappDep) DeepCopy() *XappDep { + if in == nil { + return nil + } + out := new(XappDep) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *XappDep) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *XappDepList) DeepCopyInto(out *XappDepList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]XappDep, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XappDepList. +func (in *XappDepList) DeepCopy() *XappDepList { + if in == nil { + return nil + } + out := new(XappDepList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *XappDepList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *XappDepSpec) DeepCopyInto(out *XappDepSpec) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XappDepSpec. +func (in *XappDepSpec) DeepCopy() *XappDepSpec { + if in == nil { + return nil + } + out := new(XappDepSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *XappDepStatus) DeepCopyInto(out *XappDepStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XappDepStatus. +func (in *XappDepStatus) DeepCopy() *XappDepStatus { + if in == nil { + return nil + } + out := new(XappDepStatus) + in.DeepCopyInto(out) + return out +} diff --git a/xappKubernetesOperator/cmd/main.go b/xappKubernetesOperator/cmd/main.go new file mode 100644 index 0000000..94f0cd4 --- /dev/null +++ b/xappKubernetesOperator/cmd/main.go @@ -0,0 +1,17 @@ +/* +Copyright 2023. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package main diff --git a/xappKubernetesOperator/config/default/kustomization.yaml b/xappKubernetesOperator/config/default/kustomization.yaml new file mode 100644 index 0000000..bb0d39c --- /dev/null +++ b/xappKubernetesOperator/config/default/kustomization.yaml @@ -0,0 +1,144 @@ +# Adds namespace to all resources. +namespace: depxapp-system + +# Value of this field is prepended to the +# names of all resources, e.g. a deployment named +# "wordpress" becomes "alices-wordpress". +# Note that it should also match with the prefix (text before '-') of the namespace +# field above. +namePrefix: depxapp- + +# Labels to add to all resources and selectors. +#labels: +#- includeSelectors: true +# pairs: +# someName: someValue + +resources: +- ../crd +- ../rbac +- ../manager +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in +# crd/kustomization.yaml +#- ../webhook +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. +#- ../certmanager +# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. +#- ../prometheus + +patchesStrategicMerge: +# Protect the /metrics endpoint by putting it behind auth. +# If you want your controller-manager to expose the /metrics +# endpoint w/o any authn/z, please comment the following line. +- manager_auth_proxy_patch.yaml + + + +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in +# crd/kustomization.yaml +#- manager_webhook_patch.yaml + +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. +# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. +# 'CERTMANAGER' needs to be enabled to use ca injection +#- webhookcainjection_patch.yaml + +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. +# Uncomment the following replacements to add the cert-manager CA injection annotations +#replacements: +# - source: # Add cert-manager annotation to ValidatingWebhookConfiguration, MutatingWebhookConfiguration and CRDs +# kind: Certificate +# group: cert-manager.io +# version: v1 +# name: serving-cert # this name should match the one in certificate.yaml +# fieldPath: .metadata.namespace # namespace of the certificate CR +# targets: +# - select: +# kind: ValidatingWebhookConfiguration +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 0 +# create: true +# - select: +# kind: MutatingWebhookConfiguration +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 0 +# create: true +# - select: +# kind: CustomResourceDefinition +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 0 +# create: true +# - source: +# kind: Certificate +# group: cert-manager.io +# version: v1 +# name: serving-cert # this name should match the one in certificate.yaml +# fieldPath: .metadata.name +# targets: +# - select: +# kind: ValidatingWebhookConfiguration +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 1 +# create: true +# - select: +# kind: MutatingWebhookConfiguration +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 1 +# create: true +# - select: +# kind: CustomResourceDefinition +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 1 +# create: true +# - source: # Add cert-manager annotation to the webhook Service +# kind: Service +# version: v1 +# name: webhook-service +# fieldPath: .metadata.name # namespace of the service +# targets: +# - select: +# kind: Certificate +# group: cert-manager.io +# version: v1 +# fieldPaths: +# - .spec.dnsNames.0 +# - .spec.dnsNames.1 +# options: +# delimiter: '.' +# index: 0 +# create: true +# - source: +# kind: Service +# version: v1 +# name: webhook-service +# fieldPath: .metadata.namespace # namespace of the service +# targets: +# - select: +# kind: Certificate +# group: cert-manager.io +# version: v1 +# fieldPaths: +# - .spec.dnsNames.0 +# - .spec.dnsNames.1 +# options: +# delimiter: '.' +# index: 1 +# create: true diff --git a/xappKubernetesOperator/config/default/manager_auth_proxy_patch.yaml b/xappKubernetesOperator/config/default/manager_auth_proxy_patch.yaml new file mode 100644 index 0000000..73fad2a --- /dev/null +++ b/xappKubernetesOperator/config/default/manager_auth_proxy_patch.yaml @@ -0,0 +1,39 @@ +# This patch inject a sidecar container which is a HTTP proxy for the +# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: kube-rbac-proxy + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.14.1 + args: + - "--secure-listen-address=0.0.0.0:8443" + - "--upstream=http://127.0.0.1:8080/" + - "--logtostderr=true" + - "--v=0" + ports: + - containerPort: 8443 + protocol: TCP + name: https + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - name: manager + args: + - "--health-probe-bind-address=:8081" + - "--metrics-bind-address=127.0.0.1:8080" + - "--leader-elect" diff --git a/xappKubernetesOperator/config/default/manager_config_patch.yaml b/xappKubernetesOperator/config/default/manager_config_patch.yaml new file mode 100644 index 0000000..f6f5891 --- /dev/null +++ b/xappKubernetesOperator/config/default/manager_config_patch.yaml @@ -0,0 +1,10 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager diff --git a/xappKubernetesOperator/internal/controller/xappdep_controller.go b/xappKubernetesOperator/internal/controller/xappdep_controller.go new file mode 100644 index 0000000..ec9a60c --- /dev/null +++ b/xappKubernetesOperator/internal/controller/xappdep_controller.go @@ -0,0 +1,17 @@ +/* +Copyright 2023. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller -- 2.16.6