USHIFT-6798: C2CC: RemoteClusters.microshift.io/v1alpha1 Custom Resource

Makefile

@@ -346,6 +346,11 @@ generate-config:
 verify-config: generate-config
 	./scripts/verify/verify-config.sh
 
+.PHONY: generate-crds
+generate-crds:
+	./scripts/fetch_tools.sh controller-gen && \
+	./scripts/generate-crds.sh
+
 # Run all of the end to end tests
 .PHONY: e2e
 e2e:

assets/crd/microshift.io_remoteclusters.yaml

@@ -0,0 +1,65 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.18.0
+  name: remoteclusters.microshift.io
+spec:
+  group: microshift.io
+  names:
+    kind: RemoteCluster
+    listKind: RemoteClusterList
+    plural: remoteclusters
+    singular: remotecluster
+  scope: Cluster
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: |-
+          RemoteCluster represents a remote cluster's healthcheck probe target.
+          Created by the C2CC controller, read and updated by the probe pod.
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              probeInterval:
+                default: 10s
+                description: Interval between probe attempts (e.g. "10s", "1m").
+                type: string
+              probeTarget:
+                description: IP:port of the remote cluster's probe service (11th IP
+                  in remote service CIDR, port 8080).
+                type: string
+            required:
+            - probeInterval
+            - probeTarget
+            type: object
+          status:
+            description: RemoteClusterStatus is populated by the probe pod in a future
+              ticket.
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}

cmd/generate-config/config/config-openapi-spec.json

@@ -203,6 +203,11 @@
             }
           }
         },
+        "probeInterval": {
+          "description": "Interval between healthcheck probe attempts to each remote cluster.\nParsed as a Go duration string (e.g. \"10s\", \"1m\"). Must be between 1s and 5m.",
+          "type": "string",
+          "default": "10s"
+        },
         "remoteClusters": {
           "description": "List of remote clusters to establish connectivity with.\nC2CC is disabled when this list is empty.",
           "type": "array",

docs/user/howto_config.md

@@ -34,6 +34,7 @@ clusterToCluster:
     dns:
         cacheNegativeTTL: 0
         cacheTTL: 0
+    probeInterval: ""
     remoteClusters:
         - clusterNetwork: []
           domain: ""
@@ -196,6 +197,7 @@ clusterToCluster:
     dns:
         cacheNegativeTTL: 10
         cacheTTL: 10
+    probeInterval: 10s
     remoteClusters:
         - clusterNetwork: []
           domain: ""

packaging/microshift/config.yaml

@@ -50,6 +50,9 @@ clusterToCluster:
         # Maximum TTL (seconds) for positive DNS cache entries in CoreDNS server blocks
         # generated for remote clusters. Must be >= 0. Setting to 0 disables positive caching.
         cacheTTL: 10
+    # Interval between healthcheck probe attempts to each remote cluster.
+    # Parsed as a Go duration string (e.g. "10s", "1m"). Must be between 1s and 5m.
+    probeInterval: 10s
     # List of remote clusters to establish connectivity with.
     # C2CC is disabled when this list is empty.
     remoteClusters:

pkg/apis/microshift/v1alpha1/doc.go

@@ -0,0 +1,5 @@
+// +kubebuilder:object:generate=true
+// +groupName=microshift.io
+// +k8s:deepcopy-gen=package
+
+package v1alpha1

pkg/apis/microshift/v1alpha1/groupversion_info.go

@@ -0,0 +1,30 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+var (
+	GroupName    = "microshift.io"
+	GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
+
+	SchemeGroupVersion = GroupVersion
+
+	schemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+	AddToScheme   = schemeBuilder.AddToScheme
+)
+
+func Resource(resource string) schema.GroupResource {
+	return schema.GroupResource{Group: GroupName, Resource: resource}
+}
+
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(GroupVersion,
+		&RemoteCluster{},
+		&RemoteClusterList{},
+	)
+	metav1.AddToGroupVersion(scheme, GroupVersion)
+	return nil
+}

pkg/apis/microshift/v1alpha1/types.go

@@ -0,0 +1,46 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// +genclient
+// +genclient:nonNamespaced
+// +kubebuilder:object:root=true
+// +kubebuilder:resource:scope=Cluster
+// +kubebuilder:subresource:status
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// RemoteCluster represents a remote cluster's healthcheck probe target.
+// Created by the C2CC controller, read and updated by the probe pod.
+type RemoteCluster struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   RemoteClusterSpec   `json:"spec"`
+	Status RemoteClusterStatus `json:"status,omitempty"`
+}
+
+type RemoteClusterSpec struct {
+	// IP:port of the remote cluster's probe service (11th IP in remote service CIDR, port 8080).
+	// +kubebuilder:validation:Required
+	ProbeTarget string `json:"probeTarget"`
+
+	// Interval between probe attempts (e.g. "10s", "1m").
+	// +kubebuilder:default="10s"
+	ProbeInterval metav1.Duration `json:"probeInterval"`
+}
+
+// RemoteClusterStatus is populated by the probe pod in a future ticket.
+type RemoteClusterStatus struct{}
+
+// +kubebuilder:object:root=true
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// RemoteClusterList contains a list of RemoteCluster resources.
+type RemoteClusterList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+
+	Items []RemoteCluster `json:"items"`
+}

pkg/assets/crd.go

@@ -2,13 +2,15 @@ package assets
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"time"
 
 	embedded "github.com/openshift/microshift/assets"
 
 	apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	apiextclientv1 "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	apiruntime "k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
@@ -107,13 +109,21 @@ func WaitForCrdsEstablished(ctx context.Context, cfg *config.Config) error {
 	return nil
 }
 
-func readCRDOrDie(objBytes []byte) *apiextv1.CustomResourceDefinition {
+func readCRD(objBytes []byte) (*apiextv1.CustomResourceDefinition, error) {
 	var crd apiextv1.CustomResourceDefinition
 	err := apiruntime.DecodeInto(apiExtensionsCodecs.UniversalDecoder(apiextv1.SchemeGroupVersion), objBytes, &crd)
+	if err != nil {
+		return nil, err
+	}
+	return &crd, nil
+}
+
+func readCRDOrDie(objBytes []byte) *apiextv1.CustomResourceDefinition {
+	crd, err := readCRD(objBytes)
 	if err != nil {
 		panic(err)
 	}
-	return &crd
+	return crd
 }
 
 func applyCRD(ctx context.Context, client *apiextclientv1.ApiextensionsV1Client, crd *apiextv1.CustomResourceDefinition) error {
@@ -182,6 +192,45 @@ func ApplyCRDs(ctx context.Context, cfg *config.Config) error {
 	return nil
 }
 
+func DeleteCRDs(ctx context.Context, crds []string, kubeconfigPath string) error {
+	lock.Lock()
+	defer lock.Unlock()
+
+	restConfig, err := clientcmd.BuildConfigFromFlags("", kubeconfigPath)
+	if err != nil {
+		return err
+	}
+	rest.AddUserAgent(restConfig, "crd-agent")
+
+	client, err := apiextclientv1.NewForConfig(restConfig)
+	if err != nil {
+		return fmt.Errorf("failed to create client: %v", err)
+	}
+
+	var errs []error
+	for _, crd := range crds {
+		crdBytes, err := embedded.Asset(crd)
+		if err != nil {
+			errs = append(errs, fmt.Errorf("error getting asset %s: %v", crd, err))
+			continue
+		}
+		c, err := readCRD(crdBytes)
+		if err != nil {
+			errs = append(errs, fmt.Errorf("decoding CRD from asset %s: %w", crd, err))
+			continue
+		}
+		klog.Infof("Deleting CRD %s", c.Name)
+		if err := client.CustomResourceDefinitions().Delete(ctx, c.Name, metav1.DeleteOptions{}); err != nil {
+			if !apierrors.IsNotFound(err) {
+				errs = append(errs, fmt.Errorf("deleting CRD %s: %w", c.Name, err))
+			}
+		} else {
+			klog.Infof("Deleted CRD %s", c.Name)
+		}
+	}
+	return errors.Join(errs...)
+}
+
 func ApplyCRDAndWaitForEstablish(ctx context.Context, crds []string, kubeconfigPath string) error {
 	lock.Lock()
 	defer lock.Unlock()