cdi changes

Signed-off-by: yaroslavborbat <[email protected]>
deckhouse · Apr 17, 2024 · 3ca8c10 · 3ca8c10
1 parent 297c254
commit 3ca8c10
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 139 deletions.
diff --git a/.github/workflows/build_dev.yml b/.github/workflows/build_dev.yml
@@ -33,7 +33,7 @@ jobs:
         run: |
           MODULES_MODULE_TAG="$(echo pr${{github.event.pull_request.number}})"
           echo "MODULES_MODULE_TAG=$MODULES_MODULE_TAG" >> "$GITHUB_ENV"
-      
+
       - name: Set vars for main
         if: ${{ github.ref_name == 'main' }}
         run: |
@@ -88,31 +88,31 @@ jobs:
         uses: actions/setup-go@v5
         with:
           go-version: "1.21"
-      
+
       - name: Install Task
         uses: arduino/setup-task@v2
-        
+
       - uses: actions/checkout@v4
-        
+
       - name: Run lint virtualization-controller
         run: |
           task virtualization-controller:init
           task virtualization-controller:lint:go
-  
+
   lint_yaml:
     runs-on: ubuntu-latest
     name: Run yaml linter
     steps:
       - name: Install Task
         uses: arduino/setup-task@v2
-        
+
       - uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
       - name: Lint yaml with prettier
         run: task -p lint:prettier:yaml
-  
+
   test:
     runs-on: ubuntu-latest
     name: Run unit test
@@ -126,7 +126,7 @@ jobs:
         uses: arduino/setup-task@v2
 
       - uses: actions/checkout@v4
-      
+
       - name: Run test hooks
         run: |
           task hooks:test
@@ -139,7 +139,7 @@ jobs:
   dev_setup_build:
     runs-on: ubuntu-latest
     name: Build and Push images
-    steps:      
+    steps:
       - name: Set vars for PR
         if: ${{ github.ref_name != 'main' }}
         run: |
@@ -171,9 +171,9 @@ jobs:
       - uses: deckhouse/modules-actions/build@v1
 
       - run: |
-              IMAGE_SRC="$(jq -r '.Images."bundle".DockerImageName' images_tags_werf.json)"
-              IMAGE_DST="$(jq -r '.Images.bundle.DockerRepo' images_tags_werf.json):main"
-              echo "✨ Bundle image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}"
-              crane copy ${IMAGE_SRC} ${IMAGE_DST} 
+          IMAGE_SRC="$(jq -r '.Images."bundle".DockerImageName' images_tags_werf.json)"
+          IMAGE_DST="$(jq -r '.Images.bundle.DockerRepo' images_tags_werf.json):main"
+          echo "✨ Bundle image : Pushing ${IMAGE_SRC} to ${IMAGE_DST}"
+          crane copy ${IMAGE_SRC} ${IMAGE_DST}
         if: ${{ github.ref_name == 'main' }}
         name: Bundle image tag main
diff --git a/images/virtualization-artifact/cmd/virtualization-controller/main.go b/images/virtualization-artifact/cmd/virtualization-controller/main.go
@@ -46,17 +46,17 @@ var (
 
 const (
 	defaultVerbosity = "1"
-	//kubevirtCoreGroupName = "x.virtualization.deckhouse.io"
-	//cdiCoreGroupName      = "x.virtualization.deckhouse.io"
+	// kubevirtCoreGroupName = "x.virtualization.deckhouse.io"
+	// cdiCoreGroupName      = "x.virtualization.deckhouse.io"
 )
 
 func init() {
 	importerImage = getRequiredEnvVar(common.ImporterPodImageNameVar)
 	uploaderImage = getRequiredEnvVar(common.UploaderPodImageNameVar)
 	controllerNamespace = getRequiredEnvVar(common.PodNamespaceVar)
 
-	//overrideKubevirtCoreGroupName(kubevirtCoreGroupName)
-	//overrideCDICoreGroupName(cdiCoreGroupName)
+	// overrideKubevirtCoreGroupName(kubevirtCoreGroupName)
+	// overrideCDICoreGroupName(cdiCoreGroupName)
 }
 
 func setupLogger() {
@@ -97,7 +97,7 @@ func getRequiredEnvVar(name string) string {
 	return val
 }
 
-//func overrideKubevirtCoreGroupName(groupName string) {
+// func overrideKubevirtCoreGroupName(groupName string) {
 //	virtv1.GroupVersion.Group = groupName
 //	virtv1.SchemeGroupVersion.Group = groupName
 //	virtv1.StorageGroupVersion.Group = groupName
@@ -116,7 +116,7 @@ func getRequiredEnvVar(name string) string {
 //	virtv1.AddToScheme = virtv1.SchemeBuilder.AddToScheme
 //}
 
-//func overrideCDICoreGroupName(groupName string) {
+// func overrideCDICoreGroupName(groupName string) {
 //	cdiv1beta1.SchemeGroupVersion.Group = groupName
 //	cdiv1beta1.CDIGroupVersionKind.Group = groupName
 //
@@ -125,7 +125,7 @@ func getRequiredEnvVar(name string) string {
 //}
 
 // Adds the list of known types to Scheme.
-//func addKnownTypes(scheme *apiruntime.Scheme) error {
+// func addKnownTypes(scheme *apiruntime.Scheme) error {
 //	scheme.AddKnownTypes(cdiv1beta1.SchemeGroupVersion,
 //		&cdiv1beta1.DataVolume{},
 //		&cdiv1beta1.DataVolumeList{},

diff --git a/templates/cdi/_helpers.tpl b/templates/cdi/_helpers.tpl
@@ -29,10 +29,10 @@ spec:
 {{- end }}
 
 {{- define "cdi.tmplKubeProxy" -}}
-  {{- $context := index . 0 -}}
+  {{- $ctx := index . 0 -}}
   {{- $containerName := index . 1 -}}
   {{- $webhookProxy := index . 2 -}}
-  {{- $proxyImage := include "helm_lib_module_image" (list $context "kubeApiProxy") }}
+  {{- $proxyImage := include "helm_lib_module_image" (list $ctx "kubeApiProxy") }}
 spec:
   template:
     spec:
@@ -46,8 +46,10 @@ spec:
         imagePullPolicy: IfNotPresent
         resources:
           requests:
+          {{- if not ( $ctx.Values.global.enabledModules | has "vertical-pod-autoscaler-crd") }}
             cpu: 10m
             memory: 150Mi
+          {{- end }}
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
@@ -71,4 +73,4 @@ spec:
         volumeMounts:
         - name: kube-api-proxy-kubeconfig
           mountPath: /kubeconfig.local
-{{- end -}}
+{{- end -}}
diff --git a/templates/cdi/cdi.yaml b/templates/cdi/cdi.yaml
@@ -2,6 +2,7 @@
 {{- $nodeSelectorMaster := index (include "helm_lib_node_selector" (tuple . "master") | fromYaml) "nodeSelector" | default (dict) | toJson }}
 {{- $tolerationsSystem := index (include "helm_lib_tolerations" (tuple . "system") | fromYaml) "tolerations" | default (list) | toJson }}
 {{- $tolerationsAnyNode := index (include "helm_lib_tolerations" (tuple . "any-node") | fromYaml) "tolerations" | default (list) | toJson }}
+{{- $proxyImage := include "helm_lib_module_image" (list . "kubeApiProxy") | toJson }}
 {{- $kubeAPIProxyRewriter := true }}
 ---
 apiVersion: internal.virtualization.deckhouse.io/v1beta1
@@ -38,35 +39,6 @@ spec:
         patch: '[{"op":"replace","path":"/spec/replicas","value":0}]'
         type: json
 
-      - resourceType: Deployment
-        resourceName: cdi-apiserver
-        patch: {{ include "cdi.strategic_kubeproxy_patch" (list . "cdi-apiserver" "yes") }}
-        type: strategic
-
-      - resourceType: Deployment
-        resourceName: cdi-deployment
-        patch: {{ include "cdi.strategic_kubeproxy_patch" (list . "cdi-controller" "no") }}
-        type: strategic
-
-    {{- if ( .Values.global.enabledModules | has "vertical-pod-autoscaler-crd") }}
-      - resourceType: Deployment
-        resourceName: cdi-apiserver
-        patch: '[{"op":"replace","path":"/spec/template/spec/containers/0/resources/requests","value":{}}]'
-        type: json
-      - resourceType: Deployment
-        resourceName: cdi-deployment
-        patch: '[{"op":"replace","path":"/spec/template/spec/containers/0/resources/requests","value":{}}]'
-        type: json
-      - resourceType: Deployment
-        resourceName: cdi-apiserver
-        patch: '[{"op":"replace","path":"/spec/template/spec/containers/1/resources/requests","value":{}}]'
-        type: json
-      - resourceType: Deployment
-        resourceName: cdi-deployment
-        patch: '[{"op":"replace","path":"/spec/template/spec/containers/1/resources/requests","value":{}}]'
-        type: json
-    {{- end }}
-
     {{- if (include "helm_lib_ha_enabled" .) }}
       - resourceType: Deployment
         resourceName: cdi-apiserver
@@ -89,96 +61,15 @@ spec:
 
     {{- if $kubeAPIProxyRewriter }}
       - resourceType: Deployment
-        resourceName: cdi-deployment
-        patch: |
-          {"spec":{"template":{"spec":{
-            "volumes": [{
-              "name":"kube-api-proxy-kubeconfig",
-              "configMap": {"name": "kube-api-proxy-kubeconfig" }
-            }],
-            "containers":[{
-              "name":"cdi-controller",
-              "volumeMounts":[{
-                "name": "kube-api-proxy-kubeconfig",
-                "mountPath": "/kubeconfig.local"
-              }],
-              "env":[{
-                "name":"KUBECONFIG",
-                "value":"/kubeconfig.local/proxy.kubeconfig"
-              }]
-            }, {
-              "name": "proxy",
-              "image": "dev-registry.deckhouse.io/virt/dev/diafour/kube-api-proxy:latest",
-              "imagePullPolicy": "Always",
-              "command": ["/proxy"],
-              "securityContext": {
-                "allowPrivilegeEscalation": false,
-                "capabilities": {"drop": ["ALL"]},
-                "seccompProfile": {
-                  "type": "RuntimeDefault"
-                }
-              },
-              "terminationMessagePath": "/dev/termination-log",
-              "terminationMessagePolicy": "File",
-              "env": [
-                {"name": "WEBHOOK_PROXY",
-                  "value": "no"
-                }
-              ]
-            }]
-          }}}}
+        resourceName: cdi-apiserver
+        patch: {{ include "cdi.strategic_kubeproxy_patch" (list . "cdi-apiserver" "yes") }}
         type: strategic
+
       - resourceType: Deployment
-        resourceName: cdi-apiserver
-        patch: |
-          {"spec":{"template":{"spec":{
-            "volumes": [{
-              "name":"kube-api-proxy-kubeconfig",
-              "configMap": {"name": "kube-api-proxy-kubeconfig" }
-            }],
-            "containers":[{
-              "name":"cdi-apiserver",
-              "volumeMounts":[{
-                "name": "kube-api-proxy-kubeconfig",
-                "mountPath": "/kubeconfig.local"
-              }],
-              "env":[{
-                "name":"KUBECONFIG",
-                "value":"/kubeconfig.local/proxy.kubeconfig"
-              }]
-            }, {
-              "name": "proxy",
-              "image": "dev-registry.deckhouse.io/virt/dev/diafour/kube-api-proxy:latest",
-              "imagePullPolicy": "Always",
-              "command": ["/proxy"],
-              "securityContext": {
-                "allowPrivilegeEscalation": false,
-                "capabilities": {"drop": ["ALL"]},
-                "seccompProfile": {
-                  "type": "RuntimeDefault"
-                }
-              },
-              "terminationMessagePath": "/dev/termination-log",
-              "terminationMessagePolicy": "File",
-              "env": [
-                { "name": "WEBHOOK_ADDRESS",
-                  "value": "https://127.0.0.1:8443"
-                },
-                { "name": "WEBHOOK_CERT_FILE",
-                  "value": "/var/run/certs/cdi-apiserver-server-cert/tls.crt"
-                },
-                { "name": "WEBHOOK_KEY_FILE",
-                  "value": "/var/run/certs/cdi-apiserver-server-cert/tls.key"
-                }
-              ],
-              "volumeMounts":[{
-                "name": "server-cert",
-                "mountPath": "/var/run/certs/cdi-apiserver-server-cert",
-                "readOnly": true
-              }]
-            }]
-          }}}}
+        resourceName: cdi-deployment
+        patch: {{ include "cdi.strategic_kubeproxy_patch" (list . "cdi-controller" "no") }}
         type: strategic
+
       # Change service in webhook configurations to point to the rewriter proxy.
       # cdi-api-webhook-proxy service is created separately.
       - resourceName: cdi-api-datavolume-mutate
@@ -229,7 +120,9 @@ spec:
               "clientConfig":{"service":{"name":"cdi-api-webhook-proxy"}}}
           ]}
         type: strategic
+
     {{- end }}
+
   workload:
     nodeSelector:
       kubernetes.io/os: linux