github/open-cluster-management
1
0
Fork 0
mirror of https://github.com/open-cluster-management-io/ocm.git synced 2026-02-14 18:09:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'remotes/registration-operator/main' into consolidate-code-from-0.11.0

Browse Source
This commit is contained in:
xuezhaojun
2023-05-25 12:39:32 +08:00
parent 30aee6e3e6 a9b50c6def
commit 71a8bba2da
7170 changed files with 2019856 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitattributes vendored Normal file
View File

@@ -0,0 +1,2 @@
# Set unix LF EOL for shell scripts
*.sh text eol=lf

22
.github/workflows/dco.yml vendored Normal file
View File

@@ -0,0 +1,22 @@
name: DCO
on:
workflow_dispatch: {}
pull_request:
branches:
- main
- release-*
jobs:
dco_check:
runs-on: ubuntu-latest
name: DCO Check
steps:
- name: Get PR Commits
id: 'get-pr-commits'
uses: tim-actions/get-pr-commits@master
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: DCO Check
uses: tim-actions/dco@master
with:
commits: ${{ steps.get-pr-commits.outputs.commits }}

72
.github/workflows/go-postsubmit.yml vendored Normal file
View File

@@ -0,0 +1,72 @@
name: GoPostSubmit
on:
push:
branches:
- main
workflow_dispatch: {}
env:
# Common versions
GO_VERSION: '1.19'
GO_REQUIRED_MIN_VERSION: ''
GOPATH: '/home/runner/work/registration-operator/registration-operator/go'
defaults:
run:
working-directory: go/src/open-cluster-management.io/registration-operator
jobs:
images:
name: images
runs-on: ubuntu-latest
strategy:
matrix:
arch: [ amd64, arm64 ]
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: install imagebuilder
run: go install github.com/openshift/imagebuilder/cmd/imagebuilder@v1.2.3
- name: pull base image
run: docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest --platform=linux/${{ matrix.arch }}
- name: images
run: |
IMAGE_TAG=latest-${{ matrix.arch }} \
IMAGE_BUILD_EXTRA_FLAGS="--build-arg OS=linux --build-arg ARCH=${{ matrix.arch }}" \
make images
- name: push
run: |
echo ${{ secrets.DOCKER_PASSWORD }} | docker login quay.io --username ${{ secrets.DOCKER_USER }} --password-stdin
docker push quay.io/open-cluster-management/registration-operator:latest-${{ matrix.arch }}
image-manifest:
name: image manifest
runs-on: ubuntu-latest
needs: [ images ]
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: create
run: |
echo ${{ secrets.DOCKER_PASSWORD }} | docker login quay.io --username ${{ secrets.DOCKER_USER }} --password-stdin
docker manifest create quay.io/open-cluster-management/registration-operator:latest \
quay.io/open-cluster-management/registration-operator:latest-amd64 \
quay.io/open-cluster-management/registration-operator:latest-arm64
- name: annotate
run: |
docker manifest annotate quay.io/open-cluster-management/registration-operator:latest \
quay.io/open-cluster-management/registration-operator:latest-amd64 --arch amd64
docker manifest annotate quay.io/open-cluster-management/registration-operator:latest \
quay.io/open-cluster-management/registration-operator:latest-arm64 --arch arm64
- name: push
run: |
docker manifest push quay.io/open-cluster-management/registration-operator:latest

129
.github/workflows/go-presubmit.yml vendored Normal file
View File

@@ -0,0 +1,129 @@
name: Go
on:
workflow_dispatch: {}
pull_request:
branches:
- main
- release-*
env:
# Common versions
GO_VERSION: '1.19'
GO_REQUIRED_MIN_VERSION: ''
GOPATH: '/home/runner/work/registration-operator/registration-operator/go'
defaults:
run:
working-directory: go/src/open-cluster-management.io/registration-operator
jobs:
verify:
name: verify
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: verify
run: make verify
verify-deps:
name: verify-deps
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: verify-deps
run: make verify-deps
build:
name: build
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: build
run: make build
unit:
name: unit
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: unit
run: make test
integration:
name: integration
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: integration
run: make test-integration
e2e:
name: e2e
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: install imagebuilder
run: go install github.com/openshift/imagebuilder/cmd/imagebuilder@v1.2.3
- name: images
run: make images
- name: setup kind
uses: engineerd/setup-kind@v0.5.0
with:
version: v0.17.0
name: cluster1
- name: Load image on the nodes of the cluster
run: |
kind load docker-image --name=cluster1 quay.io/open-cluster-management/registration-operator:latest
- name: Run e2e test
run: |
make test-e2e
env:
KUBECONFIG: /home/runner/.kube/config

113
.github/workflows/go-release.yml vendored Normal file
View File

@@ -0,0 +1,113 @@
name: GoRelease
on:
push:
tags:
- 'v*.*.*'
env:
# Common versions
GO_VERSION: '1.19'
GO_REQUIRED_MIN_VERSION: ''
GOPATH: '/home/runner/work/registration-operator/registration-operator/go'
GITHUB_REF: ${{ github.ref }}
defaults:
run:
working-directory: go/src/open-cluster-management.io/registration-operator
jobs:
env:
name: prepare release env
runs-on: ubuntu-latest
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: get release version
run: |
echo "RELEASE_VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
- name: get major release version
run: |
echo "MAJOR_RELEASE_VERSION=${RELEASE_VERSION%.*}" >> $GITHUB_ENV
echo "TRIMED_RELEASE_VERSION=${RELEASE_VERSION#v}" >> $GITHUB_ENV
outputs:
MAJOR_RELEASE_VERSION: ${{ env.MAJOR_RELEASE_VERSION }}
RELEASE_VERSION: ${{ env.RELEASE_VERSION }}
images:
name: images
runs-on: ubuntu-latest
needs: [ env ]
strategy:
matrix:
arch: [ amd64, arm64 ]
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: install imagebuilder
run: go install github.com/openshift/imagebuilder/cmd/imagebuilder@v1.2.3
- name: pull base image
run: docker pull registry.access.redhat.com/ubi8/ubi-minimal:latest --platform=linux/${{ matrix.arch }}
- name: images
run: |
IMAGE_TAG=${{ needs.env.outputs.RELEASE_VERSION }}-${{ matrix.arch }} \
IMAGE_BUILD_EXTRA_FLAGS="--build-arg OS=linux --build-arg ARCH=${{ matrix.arch }}" \
make images
- name: push
run: |
echo ${{ secrets.DOCKER_PASSWORD }} | docker login quay.io --username ${{ secrets.DOCKER_USER }} --password-stdin
docker push quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }}-${{ matrix.arch }}
image-manifest:
name: image manifest
runs-on: ubuntu-latest
needs: [ env, images ]
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: create
run: |
echo ${{ secrets.DOCKER_PASSWORD }} | docker login quay.io --username ${{ secrets.DOCKER_USER }} --password-stdin
docker manifest create quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }} \
quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }}-amd64 \
quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }}-arm64
- name: annotate
run: |
docker manifest annotate quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }} \
quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }}-amd64 --arch amd64
docker manifest annotate quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }} \
quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }}-arm64 --arch arm64
- name: push
run: |
docker manifest push quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }}
release:
name: release
runs-on: ubuntu-latest
needs: [ env, image-manifest ]
steps:
- name: checkout code
uses: actions/checkout@v3
with:
fetch-depth: 1
path: go/src/open-cluster-management.io/registration-operator
- name: generate changelog
run: |
echo "# Registration Operator ${{ needs.env.outputs.RELEASE_VERSION }}" > /home/runner/work/changelog.txt
echo "- See the [CHANGELOG](https://github.com/open-cluster-management-io/registration-operator/blob/main/CHANGELOG/CHANGELOG-${{ needs.env.outputs.MAJOR_RELEASE_VERSION }}.md) for more details." >> /home/runner/work/changelog.txt
echo "- The released image is quay.io/open-cluster-management/registration-operator:${{ needs.env.outputs.RELEASE_VERSION }}" >> /home/runner/work/changelog.txt
- name: publish release
uses: softprops/action-gh-release@v0.1.5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
body_path: /home/runner/work/changelog.txt

28
.gitignore vendored Normal file
View File

@@ -0,0 +1,28 @@
# Binaries for programs and plugins
registration-operator
*.exe
*.dll
*.so
*.dylib
!deploy/**
!vendor/**
dev-kubeconfig
e2e-kubeconfig
hub-kubeconfig
external-hub-kubeconfig
external-managed-kubeconfig
munge-csv
# Test binary, build with `go test -c`
*.test
# Output of the go coverage tool, specifically when used with LiteIDE
*.out
_output/
.kubeconfig
.hub-kubeconfig
.external-hub-kubeconfig
.external-managed-kubeconfig
.idea
.project

20
CHANGELOG/CHANGELOG-v0.1.md Normal file
View File

@@ -0,0 +1,20 @@
# Changelog
All notable changes to this project will be documented in this file.
## v0.1.0
### New Features
* Support to install registration, work and klusterlet by Operators.
### Added
* Add the foundation files of repo.
* Add the e2e tests.
### Changes
N/C
### Bug Fixes
N/C
### Removed & Deprecated
N/C

28
CHANGELOG/CHANGELOG-v0.10.md Normal file
View File

@@ -0,0 +1,28 @@
# Changelog since v0.9.1
All notable changes to this project will be documented in this file.
## v0.10.0
### New Features
N/A
### Added
* Make work agent feature gate configurable. ([#303](https://github.com/open-cluster-management-io/registration-operator/pull/303) [@zhujian7](https://github.com/zhujian7))
* Add test cases for hubConfigSecretMissing. ([#307](https://github.com/open-cluster-management-io/registration-operator/pull/307) [@xuezhaojun](https://github.com/xuezhaojun))
* Add OAuthClient permissions to klusterlet-work-clusterrole-execution. ([#310](https://github.com/open-cluster-management-io/registration-operator/pull/310) [@TheRealJon](https://github.com/TheRealJon))
* Allow customizing the klusterlet name when deploying in hosted mode. ([#311](https://github.com/open-cluster-management-io/registration-operator/pull/311) [@mprahl](https://github.com/mprahl))
### Changes
* Use CRD manager to update and clean CRDs. ([#297](https://github.com/open-cluster-management-io/registration-operator/pull/297) [@qiujian16](https://github.com/qiujian16))
* Upgrade appliedManifestWork API. ([#298](https://github.com/open-cluster-management-io/registration-operator/pull/298) [@qiujian16](https://github.com/qiujian16))
* Upgrade clusterManagementAddon API. ([#300](https://github.com/open-cluster-management-io/registration-operator/pull/300) [@skeeey](https://github.com/skeeey))
* Upgrade ginkgo to v2. ([#301](https://github.com/open-cluster-management-io/registration-operator/pull/301) [@xuezhaojun](https://github.com/xuezhaojun))
* Refactor clustermanager controller. ([#305](https://github.com/open-cluster-management-io/registration-operator/pull/305) [@qiujian16](https://github.com/qiujian16))
* Refactor klusterlet. ([#306](https://github.com/open-cluster-management-io/registration-operator/pull/306) [@qiujian16](https://github.com/qiujian16))
* Upgrade github action. ([#308](https://github.com/open-cluster-management-io/registration-operator/pull/308) [@ycyaoxdu](https://github.com/ycyaoxdu))
### Bug Fixes
* Fix the issue that cleanup is not completed if appliedmainfestWork is not found. ([#312](https://github.com/open-cluster-management-io/registration-operator/pull/312) [@zhiweiyin318](https://github.com/zhiweiyin318))
### Removed & Deprecated
N/A

31
CHANGELOG/CHANGELOG-v0.11.md Normal file
View File

@@ -0,0 +1,31 @@
# Changelog since v0.10.0
All notable changes to this project will be documented in this file.
## v0.11.0
### New Features
* Support the installation of addon-manager. ([#324](https://github.com/open-cluster-management-io/registration-operator/pull/324) [@qiujian16](https://github.com/qiujian16), [#325](https://github.com/open-cluster-management-io/registration-operator/pull/325) [#336](https://github.com/open-cluster-management-io/registration-operator/pull/336) [#341](https://github.com/open-cluster-management-io/registration-operator/pull/341) [#348](https://github.com/open-cluster-management-io/registration-operator/pull/348) [@haoqing0110](https://github.com/haoqing0110))
* Support the installation of work-controller. ([#331](https://github.com/open-cluster-management-io/registration-operator/pull/331) [#340](https://github.com/open-cluster-management-io/registration-operator/pull/340) [#345](https://github.com/open-cluster-management-io/registration-operator/pull/345) [@serngawy](https://github.com/serngawy))
* Support setting autoApprovedUser and certDurationSeconds. ([#351](https://github.com/open-cluster-management-io/registration-operator/pull/351) [#353](https://github.com/open-cluster-management-io/registration-operator/pull/353) [@qiujian16](https://github.com/qiujian16))
### Added
* Add e2e for deleting klusterlet when the managed cluster was destroyed. ([#339](https://github.com/open-cluster-management-io/registration-operator/pull/339) [@zhujian7](https://github.com/zhujian7))
* Enable addon management and workreplicaset featuregates in e2e. ([#346](https://github.com/open-cluster-management-io/registration-operator/pull/346) [@zhiweiyin318](https://github.com/zhiweiyin318))
### Changes
* Upgrade kube lib to 0.26. ([#329](https://github.com/open-cluster-management-io/registration-operator/pull/329) [@zhiweiyin318](https://github.com/zhiweiyin318), [#333](https://github.com/open-cluster-management-io/registration-operator/pull/333) [@xuezhaojun](https://github.com/xuezhaojun))
* Refactor migration and storedversion update. ([#332](https://github.com/open-cluster-management-io/registration-operator/pull/332) [@ldpliu](https://github.com/ldpliu))
* Update RBAC. ([#341](https://github.com/open-cluster-management-io/registration-operator/pull/341) [@xuezhaojun](https://github.com/xuezhaojun))
* Upgrade API for jsonRaw field in work. ([#352](https://github.com/open-cluster-management-io/registration-operator/pull/352) [@qiujian16](https://github.com/qiujian16))
### Bug Fixes
* Do not filter applied manifest work by hub host when deleting klusterlet. ([#321](https://github.com/open-cluster-management-io/registration-operator/pull/321) [@zhujian7](https://github.com/zhujian7))
* Fix migration issue. ([#328](https://github.com/open-cluster-management-io/registration-operator/pull/328) [@ldpliu](https://github.com/ldpliu))
* Fix Implicit memory aliasing in for loop. ([#335](https://github.com/open-cluster-management-io/registration-operator/pull/335) [@ldpliu](https://github.com/ldpliu))
* Check managed cluster connectivity when deleting klusterlet. ([#337](https://github.com/open-cluster-management-io/registration-operator/pull/337) [@zhujian7](https://github.com/zhujian7))
* Fix vulnerability issue. ([#344](https://github.com/open-cluster-management-io/registration-operator/pull/344) [#350](https://github.com/open-cluster-management-io/registration-operator/pull/350) [@zhiweiyin318](https://github.com/zhiweiyin318))
* Reduce error logs when cluster is deleting in hosted mode. ([#354](https://github.com/open-cluster-management-io/registration-operator/pull/354) [@zhiweiyin318](https://github.com/zhiweiyin318)
### Removed & Deprecated
* Remove old webhook. ([#330](https://github.com/open-cluster-management-io/registration-operator/pull/330) [@ldpliu](https://github.com/ldpliu))
* Remove addon enable field in clustermanager API. ([#338](https://github.com/open-cluster-management-io/registration-operator/pull/338) [@qiujian16](https://github.com/qiujian16))

20
CHANGELOG/CHANGELOG-v0.2.md Normal file
View File

@@ -0,0 +1,20 @@
# Changelog since v0.1.0
All notable changes to this project will be documented in this file.
## v0.2.0
### New Features
N/C
### Added
* Enable registration mutating webhook.
### Changes
* Refactor degraded condition logic.
### Bug Fixes
* Disable cert rotation for temporary kube client
### Removed & Deprecated
N/C

26
CHANGELOG/CHANGELOG-v0.3.md Normal file
View File

@@ -0,0 +1,26 @@
# Changelog since v0.2.0
All notable changes to this project will be documented in this file.
## v0.3.0
### New Features
* Support cert rotation for webhooks.
### Added
* Add cert rotation controller.
* Add metrics permissions.
* Create a new Makefile target for spoke deploy on kind.
* Add crd & rbac rule for ClusterClaim controller.
### Changes
* Upgrade operator-sdk to v1.1.0.
* Update ManagedClusterSet api to make ManagedClusterSet exclusive.
* Using hub kubeconfig secret controller instead of mounting the secret.
### Bug Fixes
* Fix wrong condition message in klusterlet.
* Fix wrong image path.
* Fix kind spoke deploy.
### Removed & Deprecated
N/C

25
CHANGELOG/CHANGELOG-v0.4.md Normal file
View File

@@ -0,0 +1,25 @@
# Changelog since v0.3.0
All notable changes to this project will be documented in this file.
## v0.4.0
### New Features
* Enable clusterManagementAddon and managedClusterAddon.
* Support to deploy placement controller.
* The replica of pods can be changed based on the number of master nodes.
### Added
* Add short names for mangedCluster and managedClusterSet.
* Support to check hub bootstrap secret expired.
### Changes
* Upgrade CRD to support placement API.
* Upgrade CRD to v1 and k8s lib to v0.21.0-rc.0.
* Upgrade Go to 1.16.
* Use kustomize to deploy by Makefile.
### Bug Fixes
* Fix some deploy issues about Makefile.
### Removed & Deprecated
N/C

22
CHANGELOG/CHANGELOG-v0.5.md Normal file
View File

@@ -0,0 +1,22 @@
# Changelog since v0.4.0
All notable changes to this project will be documented in this file.
## v0.5.0
### New Features
* We can customize the `NodeSelector` and `Tolerations` to the pods deployed by the ClusterManager and Klusterlet Operators. ([#145](https://github.com/open-cluster-management-io/registration-operator/pull/145) [@zhiweiyin318](https://github.com/zhiweiyin318))
### Added
* Add a new status `Available` for the Klusterlet.([#151](https://github.com/open-cluster-management-io/registration-operator/pull/151) [@kim-fitness](https://github.com/kim-fitness))
* Create `open-cluster-management-xxx-addon` namespace and sync the image pull secret to the `open-cluster-management-xxx-addon` namespace on the managed clusters. ([#147](https://github.com/open-cluster-management-io/registration-operator/pull/147) [@qiujian16](https://github.com/qiujian16))
### Changes
* Refine the permissions of Placement. ([#139](https://github.com/open-cluster-management-io/registration-operator/pull/139) [@elgnay](https://github.com/elgnay))
* Update the work and Placement APIs. ([#140](https://github.com/open-cluster-management-io/registration-operator/pull/140) [@qiujian16](https://github.com/qiujian16), [#153](https://github.com/open-cluster-management-io/registration-operator/pull/153) [@haoqing0110](https://github.com/haoqing0110))
* Upgrade the ClusterSet and ClusterSetBinding APIs to v1beta1. ([#148](https://github.com/open-cluster-management-io/registration-operator/pull/148), [#149](https://github.com/open-cluster-management-io/registration-operator/pull/149) [@elgnay](https://github.com/elgnay))
### Bug Fixes
* Fix the issue that too many SAR requests when lots of managed clusters registry once.([#152](https://github.com/open-cluster-management-io/registration-operator/pull/152) [@xuezhaojun](https://github.com/xuezhaojun))
### Removed & Deprecated
* Deprecated the ClusterSet and ClusterSetBinding v1alpha1 APIs. ([#148](https://github.com/open-cluster-management-io/registration-operator/pull/148), [#149](https://github.com/open-cluster-management-io/registration-operator/pull/149) [@elgnay](https://github.com/elgnay))

24
CHANGELOG/CHANGELOG-v0.6.md Normal file
View File

@@ -0,0 +1,24 @@
# Changelog since v0.5.0
All notable changes to this project will be documented in this file.
## v0.6.0
### New Features
* Support `Hosted` mode to deploy `Klusterlet` outside the managed cluster. ([#172](https://github.com/open-cluster-management-io/registration-operator/pull/172) [#180](https://github.com/open-cluster-management-io/registration-operator/pull/180) [@zhujian7](https://github.com/zhujian7), [#179](https://github.com/open-cluster-management-io/registration-operator/pull/179) [#186](https://github.com/open-cluster-management-io/registration-operator/pull/186) [#188](https://github.com/open-cluster-management-io/registration-operator/pull/188) [@xuezhaojun](https://github.com/xuezhaojun)
)
### Added
* Add a new API `AddonPlacementScores`. ([#187](https://github.com/open-cluster-management-io/registration-operator/pull/187) [@haoqing0110](https://github.com/haoqing0110))
### Changes
* Disable the leader election of agent pods when the replica is 1. ([#193](https://github.com/open-cluster-management-io/registration-operator/pull/193) [@qiujian16](https://github.com/qiujian16))
* Update `ManagerCluster` and `Placement` APIs to support taint. ([#183](https://github.com/open-cluster-management-io/registration-operator/pull/183) [@haoqing0110](https://github.com/haoqing0110))
* The `relatedResources` field in the status of `ClusterManager` and `Klusterlet` includes all related resources. ([#173](https://github.com/open-cluster-management-io/registration-operator/pull/173) [@zhiweiyin318](https://github.com/zhiweiyin318))
* Upgrade go to 1.17. ([#192](https://github.com/open-cluster-management-io/registration-operator/pull/192) [@zhiweiyin318](https://github.com/zhiweiyin318))
### Bug Fixes
* Fix the issue that apiService re-apply infinitely. ([#178](https://github.com/open-cluster-management-io/registration-operator/pull/178) [@xuezhaojun](https://github.com/xuezhaojun))
* Fix the issue that work agent works after 2min. ([#184](https://github.com/open-cluster-management-io/registration-operator/pull/184) [@zhiweiyin318](https://github.com/zhiweiyin318))
### Removed & Deprecated
N/C

30
CHANGELOG/CHANGELOG-v0.7.md Normal file
View File

@@ -0,0 +1,30 @@
# Changelog since v0.6.0
All notable changes to this project will be documented in this file.
## v0.7.0
### New Features
N/C
### Added
* Enable DefaultClusterSet feature-gate for registration and registration-webhook. ([#209](https://github.com/open-cluster-management-io/registration-operator/pull/209) [@ycyaoxdu](https://github.com/ycyaoxdu), [#210](https://github.com/open-cluster-management-io/registration-operator/pull/210) [@ldpliu](https://github.com/ldpliu))
* Support AddonPlacementScores in placement controller. ([#203](https://github.com/open-cluster-management-io/registration-operator/pull/203) [@haoqing0110](https://github.com/haoqing0110))
* Add disable-leader-election flag for Klusterlet. ([#221](https://github.com/open-cluster-management-io/registration-operator/pull/221))
### Changes
* Upgrade the Placement and PlacementDecision APIs to v1Beta1. ([#198](https://github.com/open-cluster-management-io/registration-operator/pull/198) [@haoqing0110](https://github.com/haoqing0110))
* Upgrade the API and library version.([#217](https://github.com/open-cluster-management-io/registration-operator/pull/217) [@qiujian16](https://github.com/qiujian16), [#208](https://github.com/open-cluster-management-io/registration-operator/pull/208) [@ldpliu](https://github.com/ldpliu))
* Change Detached mode to Hosted mode in ClusterManager and Klusterlet. ([#219](https://github.com/open-cluster-management-io/registration-operator/pull/219), [#220](https://github.com/open-cluster-management-io/registration-operator/pull/220) [@xuezhaojun](https://github.com/xuezhaojun))
* Make the installMode as an option for the klusterlet. ([#207](https://github.com/open-cluster-management-io/registration-operator/pull/207) [@zhujian7](https://github.com/zhujian7))
* Set the replica of work-agent to 0 when hub-kubeconfig-secret is missing. ([#213](https://github.com/open-cluster-management-io/registration-operator/pull/213) [@zhiweiyin318](https://github.com/zhiweiyin318))
* Reduce the resource request for the pods.([#218](https://github.com/open-cluster-management-io/registration-operator/pull/218) [@zhujian7](https://github.com/zhujian7))
* Change to use a community builder image. ([#199](https://github.com/open-cluster-management-io/registration-operator/pull/199) [@zhiweiyin318](https://github.com/zhiweiyin318))
* Code refactor. ([#202](https://github.com/open-cluster-management-io/registration-operator/pull/202), [#204](https://github.com/open-cluster-management-io/registration-operator/pull/204), [#222](https://github.com/open-cluster-management-io/registration-operator/pull/222) [@qiujian16](https://github.com/qiujian16), [#216](https://github.com/open-cluster-management-io/registration-operator/pull/216) [@zhujian7](https://github.com/zhujian7), [#206](https://github.com/open-cluster-management-io/registration-operator/pull/206) [@xuezhaojun](https://github.com/xuezhaojun))
### Bug Fixes
* Fix the issue that cannot get SA token secret when the secret name is long. ([#197](https://github.com/open-cluster-management-io/registration-operator/pull/197) [@xuezhaojun](https://github.com/xuezhaojun))
* Fix the issue that has wrong replica in condition message. ([#201](https://github.com/open-cluster-management-io/registration-operator/pull/201) [@qiujian16](https://github.com/qiujian16))
### Removed & Deprecated
N/C

34
CHANGELOG/CHANGELOG-v0.8.md Normal file
View File

@@ -0,0 +1,34 @@
# Changelog since v0.7.0
All notable changes to this project will be documented in this file.
## v0.8.0
### New Features
* Support Multi-arch images. ([#240](https://github.com/open-cluster-management-io/registration-operator/pull/240) [@yue9944882](https://github.com/yue9944882))
* Support Hosted mode. ([#227](https://github.com/open-cluster-management-io/registration-operator/pull/227) [@elgnay](https://github.com/elgnay), [#256](https://github.com/open-cluster-management-io/registration-operator/pull/256) [@zhujian7](https://github.com/zhujian7))
* Support to sync serviceAccount by token request. ([#259](https://github.com/open-cluster-management-io/registration-operator/pull/259) [@qiujian16](https://github.com/qiujian16))
* Support hubRegistrationFeatureGates and spokeRegistrationFeatureGates. ([#230](https://github.com/open-cluster-management-io/registration-operator/pull/230) [@ivan-cai](https://github.com/ivan-cai))
### Added
* Add goci lint. ([#243](https://github.com/open-cluster-management-io/registration-operator/pull/243) [@xuezhaojun](https://github.com/xuezhaojun))
* Add log flags. ([#249](https://github.com/open-cluster-management-io/registration-operator/pull/249) [@skeeey](https://github.com/skeeey))
* Add controller to sync image pull secret into addon namespaces. ([#253](https://github.com/open-cluster-management-io/registration-operator/pull/253) [@xuezhaojun](https://github.com/xuezhaojun))
### Changes
* Upgrade some libraries. ([#228](https://github.com/open-cluster-management-io/registration-operator/pull/228) [@zhiweiyin318](https://github.com/zhiweiyin318))
* Update golang builder in Dockerfile. ([#237](https://github.com/open-cluster-management-io/registration-operator/pull/237) [@elgnay](https://github.com/elgnay))
* Update makefile to pass IMAGE_TAG to make images. ([#239](https://github.com/open-cluster-management-io/registration-operator/pull/239) [@yue9944882](https://github.com/yue9944882))
* Update the managedClusterSet API and. ([#242](https://github.com/open-cluster-management-io/registration-operator/pull/242) [@ldpliu](https://github.com/ldpliu))
* Update the join permission. ([#236](https://github.com/open-cluster-management-io/registration-operator/pull/236) [@elgnay](https://github.com/elgnay), [#241](https://github.com/open-cluster-management-io/registration-operator/pull/241) [@ldpliu](https://github.com/ldpliu), [#248](https://github.com/open-cluster-management-io/registration-operator/pull/248) [@ldpliu](https://github.com/ldpliu))
* Update file name to reflect the change in Makefile. ([#245](https://github.com/open-cluster-management-io/registration-operator/pull/245) [@yitiangf](https://github.com/yitiangf))
* Split registration and work permissions. ([#250](https://github.com/open-cluster-management-io/registration-operator/pull/250),[#252](https://github.com/open-cluster-management-io/registration-operator/pull/252) [@haoqing0110](https://github.com/haoqing0110))
* Keep appliedManifestWork & managedClusterClaim CRDs when uninstalling klusterlet. ([#255](https://github.com/open-cluster-management-io/registration-operator/pull/255) [@elgnay](https://github.com/elgnay))
* Add HubApiServerHostAlias for registration-agent and work-agent. ([#258](https://github.com/open-cluster-management-io/registration-operator/pull/258) [@Promacanthus](https://github.com/Promacanthus))
### Bug Fixes
* Fix the issue that there is no lease permission for leader election. ([#229](https://github.com/open-cluster-management-io/registration-operator/pull/229) [@qiujian16](https://github.com/qiujian16), [#231](https://github.com/open-cluster-management-io/registration-operator/pull/231) [@haoqing0110](https://github.com/haoqing0110), [#232](https://github.com/open-cluster-management-io/registration-operator/pull/232) [@elgnay](https://github.com/elgnay), [#233](https://github.com/open-cluster-management-io/registration-operator/pull/233) [@skeeey](https://github.com/skeeey), [#260](https://github.com/open-cluster-management-io/registration-operator/pull/260) [@haoqing0110](https://github.com/haoqing0110))
* Fix the issue that there is some missing permission on kube v1.11.0. ([#234](https://github.com/open-cluster-management-io/registration-operator/pull/234) [@elgnay](https://github.com/elgnay))
* Fix the issue that it is failed to apply Klusterlet after upgrade. ([#257](https://github.com/open-cluster-management-io/registration-operator/pull/257) [@haoqing0110](https://github.com/haoqing0110))
### Removed & Deprecated
* Prune unused dockerfile cmd. ([#238](https://github.com/open-cluster-management-io/registration-operator/pull/238) [@yue9944882](https://github.com/yue9944882))

39
CHANGELOG/CHANGELOG-v0.9.md Normal file
View File

@@ -0,0 +1,39 @@
# Changelog since v0.8.0
All notable changes to this project will be documented in this file.
## v0.9.0
### New Features
N/A
### Added
* Add skip-remove-crds option for cluster-manager. ([#274](https://github.com/open-cluster-management-io/registration-operator/pull/274) [@ivanscai](https://github.com/ivan-cai))
* Add conversion webhook. ([#279](https://github.com/open-cluster-management-io/registration-operator/pull/279) [@ldpliu](https://github.com/ldpliu))
### Changes
* Allow OCM addons to set up metrics collection with Prometheus. ([#262](https://github.com/open-cluster-management-io/registration-operator/pull/262)[@mprahl](https://github.com/mprahl))
* Upgrade k8s lib to v0.24.3. ([#265](https://github.com/open-cluster-management-io/registration-operator/pull/265) [@zhiweiyin318](https://github.com/zhiweiyin318))
* Refactor to split two controllers to handle klusterlet deployment and cleanup. ([#269](https://github.com/open-cluster-management-io/registration-operator/pull/269) [@zhujian7](https://github.com/zhujian7))
* Apply Klusterlet only when having finalizer. ([#270](https://github.com/open-cluster-management-io/registration-operator/pull/270) [@qiujian16](https://github.com/qiujian16))
* Update AddOn configuration API. ([#272](https://github.com/open-cluster-management-io/registration-operator/pull/272) [@skeeey](https://github.com/skeeey))
* Allow work agent to impersonate serviceaccount. ([#275](https://github.com/open-cluster-management-io/registration-operator/pull/275) [@zhujian7](https://github.com/zhujian7))
* Make work webhook feature gate configurable. ([#276](https://github.com/open-cluster-management-io/registration-operator/pull/276) [@zhujian7](https://github.com/zhujian7))
### Bug Fixes
* Fix release yaml issue. ([#263](https://github.com/open-cluster-management-io/registration-operator/pull/263) [@qiujian16](https://github.com/qiujian16))
* Fix the managedCluster name in the apply-spoke-cr-hosted target. ([#266](https://github.com/open-cluster-management-io/registration-operator/pull/266)[@mprahl](https://github.com/mprahl))
* Fix to allow work agent to create subjectaccessreviews. ([#273](https://github.com/open-cluster-management-io/registration-operator/pull/273) [@zhujian7](https://github.com/zhujian7))
* Fix to delete addon crd at first. ([#277](https://github.com/open-cluster-management-io/registration-operator/pull/277) [@qiujian16](https://github.com/qiujian16))
* Fix token path in hosted mode. ([#284](https://github.com/open-cluster-management-io/registration-operator/pull/284) [@qiujian16](https://github.com/qiujian16))
### Removed & Deprecated
* Remove API Placement PlacementDecision ClusterSet ClusterSetBinding API version v1alpha. ([#278](https://github.com/open-cluster-management-io/registration-operator/pull/278) [@haoqing0110](https://github.com/haoqing0110))
* Remove install mode Detached. ([#282](https://github.com/open-cluster-management-io/registration-operator/pull/282) [@zhujian7](https://github.com/zhujian7))
* Remove clusterrole/role cleanBeforeApply code added in ocm 0.8.0. ([#283](https://github.com/open-cluster-management-io/registration-operator/pull/283) [@haoqing0110](https://github.com/haoqing0110))
## v0.9.1
### Bug Fixes
* Fix the incorrect managed cluster lease name. ([#288](https://github.com/open-cluster-management-io/registration-operator/pull/288) [@skeeey](https://github.com/skeeey))
* Fix the paradox description of the klusterlet condition([#294](https://github.com/open-cluster-management-io/registration-operator/pull/294) [@zhujian7](https://github.com/zhujian7))

77
CONTRIBUTING.md Normal file
View File

@@ -0,0 +1,77 @@
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
**Table of Contents** *generated with [DocToc](https://github.com/thlorenz/doctoc)*
- [Contributing guidelines](#contributing-guidelines)
- [Contributions](#contributions)
- [Certificate of Origin](#certificate-of-origin)
- [Contributing A Patch](#contributing-a-patch)
- [Issue and Pull Request Management](#issue-and-pull-request-management)
- [Pre-check before submitting a PR](#pre-check-before-submitting-a-pr)
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
# Contributing guidelines
## Contributions
All contributions to the repository must be submitted under the terms of the [Apache Public License 2.0](https://www.apache.org/licenses/LICENSE-2.0).
## Certificate of Origin
By contributing to this project you agree to the Developer Certificate of
Origin (DCO). This document was created by the Linux Kernel community and is a
simple statement that you, as a contributor, have the legal right to make the
contribution. See the [DCO](DCO) file for details.
## Contributing A Patch
1. Submit an issue describing your proposed change to the repo in question.
2. The [repo owners](OWNERS) will respond to your issue promptly.
3. Fork the desired repo, develop and test your code changes.
4. Submit a pull request.
## Issue and Pull Request Management
Anyone may comment on issues and submit reviews for pull requests. However, in
order to be assigned an issue or pull request, you must be a member of the
[open-cluster-management](https://github.com/open-cluster-management-io) GitHub organization.
Repo maintainers can assign you an issue or pull request by leaving a
`/assign <your Github ID>` comment on the issue or pull request.
## Pre-check before submitting a PR
After your PR is ready to commit, please run following commands to check your code.
- verify your code
```shell
make verify
```
- run the unit test
```shell
make test
```
- run the integration test
```shell
make test-integration
```
- run the end-to-end test, prepare a kind cluster and run the following command. Make sure [imagebuilder](https://github.com/openshift/imagebuilder) is installed.
```shell
go install github.com/openshift/imagebuilder/cmd/imagebuilder@v1.2.3
export KUBECONFIG={the kubeconfig of your kind cluster that will run the e2e test}
make images
kind load docker-image quay.io/open-cluster-management/registration-operator --name {your kind cluster name}
make test-e2e
```

37
DCO Normal file
View File

@@ -0,0 +1,37 @@
Developer Certificate of Origin
Version 1.1
Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
1 Letterman Drive
Suite D4700
San Francisco, CA, 94129
Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.

16
Dockerfile Normal file
View File

@@ -0,0 +1,16 @@
FROM golang:1.19 AS builder
ARG OS=linux
ARG ARCH=amd64
WORKDIR /go/src/open-cluster-management.io/registration-operator
COPY . .
ENV GO_PACKAGE open-cluster-management.io/registration-operator
RUN GOOS=${OS} \
GOARCH=${ARCH} \
make build --warn-undefined-variables
FROM registry.access.redhat.com/ubi8/ubi-minimal:latest
ENV USER_UID=10001
COPY --from=builder /go/src/open-cluster-management.io/registration-operator/registration-operator /
USER ${USER_UID}

201
LICENSE Normal file
View File

@@ -0,0 +1,201 @@
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

273
Makefile Normal file
View File

@@ -0,0 +1,273 @@
SHELL :=/bin/bash
all: build
.PHONY: all
# Include the library makefile
include $(addprefix ./vendor/github.com/openshift/build-machinery-go/make/, \
golang.mk \
targets/openshift/deps.mk \
targets/openshift/images.mk \
targets/openshift/yaml-patch.mk\
lib/tmp.mk\
)
# IMAGE_NAME can be set in the env to override calculated value for registration-operator image
IMAGE_REGISTRY?=quay.io/open-cluster-management
IMAGE_TAG?=latest
IMAGE_NAME?=$(IMAGE_REGISTRY)/registration-operator:$(IMAGE_TAG)
# CSV_VERSION is used to generate new CSV manifests
CSV_VERSION?=0.12.0
# WORK_IMAGE can be set in the env to override calculated value
WORK_TAG?=latest
WORK_IMAGE?=$(IMAGE_REGISTRY)/work:$(WORK_TAG)
# REGISTRATION_IMAGE can be set in the env to override calculated value
REGISTRATION_TAG?=latest
REGISTRATION_IMAGE?=$(IMAGE_REGISTRY)/registration:$(REGISTRATION_TAG)
# PLACEMENT_IMAGE can be set in the env to override calculated value
PLACEMENT_TAG?=latest
PLACEMENT_IMAGE?=$(IMAGE_REGISTRY)/placement:$(PLACEMENT_TAG)
# ADDON_MANAGER_IMAGE can be set in the env to override calculated value
ADDON_MANAGER_TAG?=latest
ADDON_MANAGER_IMAGE?=$(IMAGE_REGISTRY)/addon-manager:$(ADDON_MANAGER_TAG)
OPERATOR_SDK?=$(PERMANENT_TMP_GOPATH)/bin/operator-sdk
OPERATOR_SDK_VERSION?=v1.1.0
operatorsdk_gen_dir:=$(dir $(OPERATOR_SDK))
# On openshift, OLM is installed into openshift-operator-lifecycle-manager
OLM_NAMESPACE?=olm
OLM_VERSION?=0.16.1
PWD=$(shell pwd)
KUSTOMIZE?=$(PWD)/$(PERMANENT_TMP_GOPATH)/bin/kustomize
KUSTOMIZE_VERSION?=v3.5.4
KUSTOMIZE_ARCHIVE_NAME?=kustomize_$(KUSTOMIZE_VERSION)_$(GOHOSTOS)_$(GOHOSTARCH).tar.gz
kustomize_dir:=$(dir $(KUSTOMIZE))
KUBECTL?=kubectl
KUBECONFIG?=./.kubeconfig
HUB_KUBECONFIG?=./.hub-kubeconfig
HOSTED_CLUSTER_MANAGER_NAME?=cluster-manager
EXTERNAL_HUB_KUBECONFIG?=./.external-hub-kubeconfig
EXTERNAL_MANAGED_KUBECONFIG?=./.external-managed-kubeconfig
MANAGED_CLUSTER_NAME ?= cluster1
KLUSTERLET_NAME ?= klusterlet
OPERATOR_SDK_ARCHOS:=x86_64-linux-gnu
ifeq ($(GOHOSTOS),darwin)
ifeq ($(GOHOSTARCH),amd64)
OPERATOR_SDK_ARCHOS:=x86_64-apple-darwin
endif
endif
SED_CMD:=sed
ifeq ($(GOHOSTOS),darwin)
ifeq ($(GOHOSTARCH),amd64)
SED_CMD:=gsed
endif
endif
copy-crd:
bash -x hack/copy-crds.sh
patch-crd: ensure-yaml-patch
bash hack/patch/patch-crd.sh $(YAML_PATCH)
update: patch-crd copy-crd
verify-crds: patch-crd
bash -x hack/verify-crds.sh
verify-gocilint:
go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.45.2
golangci-lint run --timeout=3m --modules-download-mode vendor ./...
verify-gosec:
go install github.com/securego/gosec/v2/cmd/gosec@v2.15.0
gosec -exclude-dir=test ./...
verify: verify-crds verify-gocilint verify-gosec
update-csv: ensure-operator-sdk
cd deploy/cluster-manager && ../../$(OPERATOR_SDK) generate bundle --manifests --deploy-dir config/ --crds-dir config/crds/ --output-dir olm-catalog/cluster-manager/ --version $(CSV_VERSION)
cd deploy/klusterlet && ../../$(OPERATOR_SDK) generate bundle --manifests --deploy-dir config/ --crds-dir config/crds/ --output-dir olm-catalog/klusterlet/ --version=$(CSV_VERSION)
# delete useless serviceaccounts in manifests although they are copied from config by operator-sdk.
rm ./deploy/cluster-manager/olm-catalog/cluster-manager/manifests/cluster-manager_v1_serviceaccount.yaml
rm ./deploy/klusterlet/olm-catalog/klusterlet/manifests/klusterlet_v1_serviceaccount.yaml
deploy: deploy-hub cluster-ip deploy-spoke
hub-kubeconfig:
$(KUBECTL) config view --minify --flatten > $(HUB_KUBECONFIG)
# In hosted mode, hub-kubeconfig used in managedcluster should be the same as the external-hub-kubeconfig
hub-kubeconfig-hosted:
cat $(EXTERNAL_HUB_KUBECONFIG) > $(HUB_KUBECONFIG)
clean-deploy: clean-spoke-cr clean-hub-cr clean-spoke-operator clean-hub-operator
deploy-hub: deploy-hub-operator apply-hub-cr hub-kubeconfig
deploy-hub-hosted: deploy-hub-operator apply-hub-cr-hosted hub-kubeconfig-hosted
deploy-spoke: deploy-spoke-operator apply-spoke-cr
deploy-spoke-hosted: deploy-spoke-operator apply-spoke-cr-hosted
deploy-hub-operator: ensure-kustomize
cp deploy/cluster-manager/config/kustomization.yaml deploy/cluster-manager/config/kustomization.yaml.tmp
cd deploy/cluster-manager/config && $(KUSTOMIZE) edit set image quay.io/open-cluster-management/registration-operator:latest=$(IMAGE_NAME)
$(KUSTOMIZE) build deploy/cluster-manager/config | $(KUBECTL) apply -f -
mv deploy/cluster-manager/config/kustomization.yaml.tmp deploy/cluster-manager/config/kustomization.yaml
apply-hub-cr:
$(SED_CMD) -e "s,quay.io/open-cluster-management/registration,$(REGISTRATION_IMAGE)," -e "s,quay.io/open-cluster-management/work,$(WORK_IMAGE)," -e "s,quay.io/open-cluster-management/placement,$(PLACEMENT_IMAGE)," -e "s,quay.io/open-cluster-management/addon-manager,$(ADDON_MANAGER_IMAGE)," deploy/cluster-manager/config/samples/operator_open-cluster-management_clustermanagers.cr.yaml | $(KUBECTL) apply -f -
apply-hub-cr-hosted: external-hub-secret
$(SED_CMD) -e "s,quay.io/open-cluster-management/registration,$(REGISTRATION_IMAGE)," -e "s,quay.io/open-cluster-management/work,$(WORK_IMAGE)," -e "s,quay.io/open-cluster-management/placement,$(PLACEMENT_IMAGE)," -e "s,quay.io/open-cluster-management/addon-manager,$(ADDON_MANAGER_IMAGE)," deploy/cluster-manager/config/samples/operator_open-cluster-management_clustermanagers_hosted.cr.yaml | $(KUBECTL) apply -f -
clean-hub: clean-hub-cr clean-hub-operator
clean-spoke: clean-spoke-cr clean-spoke-operator
clean-spoke-hosted: clean-spoke-cr-hosted clean-spoke-operator
cluster-ip:
$(eval HUB_CONTEXT := $(shell $(KUBECTL) config current-context --kubeconfig $(HUB_KUBECONFIG)))
$(eval HUB_CLUSTER_IP := $(shell $(KUBECTL) get svc kubernetes -n default -o jsonpath="{.spec.clusterIP}" --kubeconfig $(HUB_KUBECONFIG)))
$(KUBECTL) config set clusters.$(HUB_CONTEXT).server https://$(HUB_CLUSTER_IP) --kubeconfig $(HUB_KUBECONFIG)
bootstrap-secret:
cp $(HUB_KUBECONFIG) deploy/klusterlet/config/samples/bootstrap/hub-kubeconfig
$(KUBECTL) get ns open-cluster-management-agent; if [ $$? -ne 0 ] ; then $(KUBECTL) create ns open-cluster-management-agent; fi
$(KUSTOMIZE) build deploy/klusterlet/config/samples/bootstrap | $(KUBECTL) apply -f -
bootstrap-secret-hosted:
cp $(HUB_KUBECONFIG) deploy/klusterlet/config/samples/bootstrap/hub-kubeconfig
$(KUBECTL) get ns $(KLUSTERLET_NAME); if [ $$? -ne 0 ] ; then $(KUBECTL) create ns $(KLUSTERLET_NAME); fi
$(KUSTOMIZE) build deploy/klusterlet/config/samples/bootstrap | $(SED_CMD) -e "s,namespace: open-cluster-management-agent,namespace: $(KLUSTERLET_NAME)," | $(KUBECTL) apply -f -
external-hub-secret:
cp $(EXTERNAL_HUB_KUBECONFIG) deploy/cluster-manager/config/samples/cluster-manager/external-hub-kubeconfig
$(KUBECTL) get ns $(HOSTED_CLUSTER_MANAGER_NAME); if [ $$? -ne 0 ] ; then $(KUBECTL) create ns $(HOSTED_CLUSTER_MANAGER_NAME); fi
$(KUSTOMIZE) build deploy/cluster-manager/config/samples/cluster-manager | $(SED_CMD) -e "s,cluster-manager,$(HOSTED_CLUSTER_MANAGER_NAME)," | $(KUBECTL) apply -f -
external-managed-secret:
cp $(EXTERNAL_MANAGED_KUBECONFIG) deploy/klusterlet/config/samples/managedcluster/external-managed-kubeconfig
$(KUBECTL) get ns $(KLUSTERLET_NAME); if [ $$? -ne 0 ] ; then $(KUBECTL) create ns $(KLUSTERLET_NAME); fi
$(KUSTOMIZE) build deploy/klusterlet/config/samples/managedcluster | $(SED_CMD) -e "s,namespace: klusterlet,namespace: $(KLUSTERLET_NAME)," | $(KUBECTL) apply -f -
deploy-spoke-operator: ensure-kustomize
cp deploy/klusterlet/config/kustomization.yaml deploy/klusterlet/config/kustomization.yaml.tmp
cd deploy/klusterlet/config && $(KUSTOMIZE) edit set image quay.io/open-cluster-management/registration-operator:latest=$(IMAGE_NAME)
$(KUSTOMIZE) build deploy/klusterlet/config | $(KUBECTL) apply -f -
mv deploy/klusterlet/config/kustomization.yaml.tmp deploy/klusterlet/config/kustomization.yaml
apply-spoke-cr: bootstrap-secret
$(KUSTOMIZE) build deploy/klusterlet/config/samples \
| $(SED_CMD) -e "s,quay.io/open-cluster-management/registration,$(REGISTRATION_IMAGE)," -e "s,quay.io/open-cluster-management/work,$(WORK_IMAGE)," -e "s,cluster1,$(MANAGED_CLUSTER_NAME)," \
| $(KUBECTL) apply -f -
apply-spoke-cr-hosted: bootstrap-secret-hosted external-managed-secret
$(KUSTOMIZE) build deploy/klusterlet/config/samples | $(SED_CMD) -e "s,mode: Default,mode: Hosted," -e "s,quay.io/open-cluster-management/registration,$(REGISTRATION_IMAGE)," -e "s,quay.io/open-cluster-management/work,$(WORK_IMAGE)," -e "s,cluster1,$(MANAGED_CLUSTER_NAME)," -e "s,name: klusterlet,name: $(KLUSTERLET_NAME)," -r | $(KUBECTL) apply -f -
clean-hub-cr:
$(KUBECTL) delete managedcluster --all --ignore-not-found
$(KUSTOMIZE) build deploy/cluster-manager/config/samples | $(KUBECTL) delete --ignore-not-found -f -
clean-hub-cr-hosted:
$(KUBECTL) delete managedcluster --all --ignore-not-found
$(KUSTOMIZE) build deploy/cluster-manager/config/samples | $(SED_CMD) -e "s,cluster-manager,$(HOSTED_CLUSTER_MANAGER_NAME)," | $(KUBECTL) delete --ignore-not-found -f -
$(KUSTOMIZE) build deploy/cluster-manager/config/samples/cluster-manager | $(SED_CMD) -e "s,cluster-manager,$(HOSTED_CLUSTER_MANAGER_NAME)," | $(KUBECTL) delete --ignore-not-found -f -
clean-hub-operator:
$(KUSTOMIZE) build deploy/cluster-manager/config | $(KUBECTL) delete --ignore-not-found -f -
clean-spoke-cr:
$(KUSTOMIZE) build deploy/klusterlet/config/samples | $(KUBECTL) delete --ignore-not-found -f -
$(KUSTOMIZE) build deploy/klusterlet/config/samples/bootstrap | $(KUBECTL) delete --ignore-not-found -f -
clean-spoke-cr-hosted:
$(KUSTOMIZE) build deploy/klusterlet/config/samples | $(KUBECTL) delete --ignore-not-found -f -
$(KUSTOMIZE) build deploy/klusterlet/config/samples/bootstrap | $(SED_CMD) -e "s,namespace: open-cluster-management-agent,namespace: $(KLUSTERLET_NAME)," | $(KUBECTL) delete --ignore-not-found -f -
$(KUSTOMIZE) build deploy/klusterlet/config/samples/managedcluster | $(KUBECTL) delete --ignore-not-found -f -
clean-spoke-operator:
$(KUSTOMIZE) build deploy/klusterlet/config | $(KUBECTL) delete --ignore-not-found -f -
$(KUBECTL) delete ns open-cluster-management-agent --ignore-not-found
# Registration e2e expects to read bootstrap secret from open-cluster-management/e2e-bootstrap-secret
# TODO: think about how to factor this
e2e-bootstrap-secret: cluster-ip
$(KUBECTL) delete secret e2e-bootstrap-secret -n open-cluster-management --ignore-not-found
$(KUBECTL) create secret generic e2e-bootstrap-secret --from-file=kubeconfig=$(HUB_KUBECONFIG) -n open-cluster-management
install-olm: ensure-operator-sdk
$(KUBECTL) get crds | grep clusterserviceversion ; if [ $$? -ne 0 ] ; then $(OPERATOR_SDK) olm install --version $(OLM_VERSION); fi
$(KUBECTL) get ns open-cluster-management ; if [ $$? -ne 0 ] ; then $(KUBECTL) create ns open-cluster-management ; fi
deploy-hub-operator-olm: install-olm
$(OPERATOR_SDK) run packagemanifests deploy/cluster-manager/olm-catalog/cluster-manager/ --namespace open-cluster-management --version $(CSV_VERSION) --install-mode OwnNamespace --timeout=10m
clean-hub-olm: ensure-operator-sdk
$(KUBECTL) delete -f deploy/cluster-manager/config/samples/operator_open-cluster-management_clustermanagers.cr.yaml --ignore-not-found
$(OPERATOR_SDK) cleanup cluster-manager --namespace open-cluster-management --timeout 10m
deploy-spoke-operator-olm: install-olm bootstrap-secret
$(OPERATOR_SDK) run packagemanifests deploy/klusterlet/olm-catalog/klusterlet/ --namespace open-cluster-management --version $(CSV_VERSION) --install-mode OwnNamespace --timeout=10m
clean-spoke-olm: ensure-operator-sdk
$(KUBECTL) delete -f deploy/klusterlet/config/samples/operator_open-cluster-management_klusterlets.cr.yaml --ignore-not-found
$(OPERATOR_SDK) cleanup klusterlet --namespace open-cluster-management --timeout 10m
test-e2e: deploy-hub deploy-spoke-operator run-e2e
run-e2e: cluster-ip bootstrap-secret
go test -c ./test/e2e
./e2e.test -test.v -ginkgo.v
clean-e2e:
$(RM) ./e2e.test
ensure-operator-sdk:
ifeq "" "$(wildcard $(OPERATOR_SDK))"
$(info Installing operator-sdk into '$(OPERATOR_SDK)')
mkdir -p '$(operatorsdk_gen_dir)'
curl -s -f -L https://github.com/operator-framework/operator-sdk/releases/download/$(OPERATOR_SDK_VERSION)/operator-sdk-$(OPERATOR_SDK_VERSION)-$(OPERATOR_SDK_ARCHOS) -o '$(OPERATOR_SDK)'
chmod +x '$(OPERATOR_SDK)';
else
$(info Using existing operator-sdk from "$(OPERATOR_SDK)")
endif
ensure-kustomize:
ifeq "" "$(wildcard $(KUSTOMIZE))"
$(info Installing kustomize into '$(KUSTOMIZE)')
mkdir -p '$(kustomize_dir)'
curl -s -f -L https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2F$(KUSTOMIZE_VERSION)/$(KUSTOMIZE_ARCHIVE_NAME) -o '$(kustomize_dir)$(KUSTOMIZE_ARCHIVE_NAME)'
tar -C '$(kustomize_dir)' -zvxf '$(kustomize_dir)$(KUSTOMIZE_ARCHIVE_NAME)'
chmod +x '$(KUSTOMIZE)';
else
$(info Using existing kustomize from "$(KUSTOMIZE)")
endif
# This will call a macro called "build-image" which will generate image specific targets based on the parameters:
# $0 - macro name
# $1 - target suffix
# $2 - Dockerfile path
# $3 - context directory for image build
# It will generate target "image-$(1)" for building the image an binding it as a prerequisite to target "images".
$(call build-image,registration-operator,$(IMAGE_REGISTRY)/registration-operator:$(IMAGE_TAG),./Dockerfile,.)
clean:
$(RM) ./registration-operator
.PHONY: clean
GO_TEST_PACKAGES :=./pkg/... ./cmd/...
include ./test/integration-test.mk

12
OWNERS Normal file
View File

@@ -0,0 +1,12 @@
approvers:
- deads2k
- pmorie
- qiujian16
- zhiweiyin318
reviewers:
- deads2k
- pmorie
- qiujian16
- mdelder
- zhiweiyin318

264
README.md Normal file
View File

@@ -0,0 +1,264 @@
# Registration Operator
The Registration Operator has 2 operators, **Cluster Manager** and **Klusterlet**.
**Cluster Manager** installs the foundational components of OCM for the Hub cluster.
And we can use the **Klusterlet** to install the agent components on the manged clusters when we import the manged clusters to the Hub.
The 2 operators are available on OperatorHub [Cluster Manager](https://operatorhub.io/operator/cluster-manager) and [Klusterlet](https://operatorhub.io/operator/klusterlet).
## Concepts
### Cluster Manager
The operator ClusterManager configures the controllers on the hub that govern [registration](https://github.com/open-cluster-management-io/registration), [placement](https://github.com/open-cluster-management-io/placement) and [work](https://github.com/open-cluster-management-io/work) distribution for attached Klusterlets.
The controllers are all deployed in _open-cluster-management-hub_ namespace on the Hub cluster.
### Klusterlet
The operator Klusterlet represents the agent controllers [registration](https://github.com/open-cluster-management-io/registration) and [work](https://github.com/open-cluster-management-io/work) on the managed cluster.
The Klusterlet requires a secret named of _bootstrap-hub-kubeconfig_ in the same namespace to allow API requests to the hub for the registration protocol.
The controllers are all deployed in _open-cluster-management-agent_ namespace by default. The namespace can be specified in Klusterlet CR.
## Get started with [Kind](https://kind.sigs.k8s.io/)
1. Create a cluster with kind
```shell
kind create cluster
```
2. Deploy
```shell
export KUBECONFIG=$HOME/.kube/config
make deploy
```
**PLEASE NOTE**: if the server address in kubeconfig is a domain name, the hub api server may not be accessible for `klusterlet` operator、 `registration` and `work` agent. In this case, you need to set hostAlias for [`klusterlet` deployment](deploy/klusterlet/config/operator/operator.yaml#L65) and [`klusterlet` CR](deploy/klusterlet/config/samples/operator_open-cluster-management_klusterlets.cr.yaml#L18) explicitly.
## More details about deployment
We mainly provide deployment in two scenarios:
1. All-in-one: using one cluster as hub and spoke at the same time.
2. Hub-spoke: using one cluster as hub and another cluster as spoke.
### Deploy all-in-on deployment
1. Set the env variable `KUBECONFIG` to kubeconfig file path.
```shell
export KUBECONFIG=$HOME/.kube/config
```
2. Deploy all components on the cluster.
```shell
make deploy
```
3. To clean the environment, run `make clean-deploy`
### Deploy hub-spoke deployment
1. Set env variables.
```shell
export KUBECONFIG=$HOME/.kube/config
```
2. Switch to hub context and deploy hub components.
```shell
kubectl config use-context {hub-context}
make deploy-hub
```
**PLEASE NOTE**: If you're running kubernetes in docker, the `server` address in kubeconfig may not be accessible for other clusters. In this case, you need to set `HUB_KUBECONFIG` explicitly.
For example, if your clusters are created by kind, you need to use kind's command to export a kubeconfig of hub with an accessible `server` address. ([The related issue](https://github.com/kubernetes-sigs/kind/issues/1305))
```shell
kind get kubeconfig --name {your kind cluster name} --internal > ./.hub-kubeconfig # ./.hub-kubeconfig is default value of HUB_KUBECONFIG
```
3. Switch to spoke context and deploy agent components.
```shell
kubectl config use-context {spoke context}
make deploy-spoke
```
4. To clean the hub environment.
```shell
kubectl config use-context {hub-context}
make clean-hub
```
5. To clean the spoke environment.
```shell
kubectl config use-context {spoke-context}
make clean-spoke
```
### Deploy hub(Clustermanager) with Hosted mode
1. Create 3 Kind clusters: management cluster, hub cluster and a managed cluster.
```shell
kind create cluster --name hub
cat <<EOF | kind create cluster --name management --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
extraPortMappings:
- containerPort: 30443
hostPort: 30443
protocol: TCP
- containerPort: 31443
hostPort: 31443
protocol: TCP
EOF
kind create cluster --name managed
```
2. Set the env variable `KUBECONFIG` to kubeconfig file path.
```shell
export KUBECONFIG=$HOME/.kube/config
```
3. Get the `EXTERNAL_HUB_KUBECONFIG` kubeconfig.
```shell
kind get kubeconfig --name hub --internal > ./.external-hub-kubeconfig
```
4. Switch to management cluster and deploy hub components.
```shell
kubectl config use-context {management-context}
make deploy-hub-hosted
```
After deploy hub successfully, the user needs to expose webhook-servers in the management cluster manually.
```shell
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Service
metadata:
name: cluster-manager-registration-webhook-external
namespace: cluster-manager
spec:
type: NodePort
selector:
app: cluster-manager-registration-webhook
ports:
- port: 9443
nodePort: 30443
---
apiVersion: v1
kind: Service
metadata:
name: cluster-manager-work-webhook-external
namespace: cluster-manager
spec:
type: NodePort
selector:
app: cluster-manager-work-webhook
ports:
- port: 9443
nodePort: 31443
EOF
```
### Deploy spoke(Klusterlet) with Hosted mode
We support deploy the Klusterlet(registration-agent, work-agent) outside of managed cluster, called `Hosted` mode, and we define the cluster where the Klusterlet runs as management-cluster.
1. Set env variables.
```shell
export KUBECONFIG=$HOME/.kube/config
```
2. Switch to hub context and deploy hub components.
```shell
kubectl config use-context {hub-context}
make deploy-hub
```
**PLEASE NOTE**: If you're running kubernetes in docker, the `server` address in kubeconfig may not be accessible for other clusters. In this case, you need to set `HUB_KUBECONFIG` explicitly.
For example, if your clusters are created by kind, you need to use kind's command to export a kubeconfig of hub with an accessible `server` address. ([The related issue](https://github.com/kubernetes-sigs/kind/issues/1305))
```shell
kind get kubeconfig --name {kind-hub-cluster-name} --internal > ./.hub-kubeconfig # ./.hub-kubeconfig is default value of HUB_KUBECONFIG
```
3. Switch to management context and deploy agent components on management cluster.
```shell
kubectl config use-context {management-context}
make deploy-spoke-hosted
```
**PLEASE NOTE**: If you're running kubernetes in docker, the `server` address in kubeconfig may not be accessible for other clusters. In this case, you need to set `EXTERNAL_MANAGED_KUBECONFIG` explicitly.
For example, if your clusters are created by kind, you need to use kind's command to export a kubeconfig of managed/spoke cluster with an accessible `server` address. ([The related issue](https://github.com/kubernetes-sigs/kind/issues/1305))
```shell
kind get kubeconfig --name {kind-managed-cluster-name} --internal > ./.external-managed-kubeconfig # ./.external-managed-kubeconfig is default value of EXTERNAL_MANAGED_KUBECONFIG, it is only useful in Hosted mode.
```
4. To clean the hub environment.
```shell
kubectl config use-context {hub-context}
make clean-hub
```
5. To clean the spoke environment.
```shell
kubectl config use-context {management-context}
make clean-spoke-hosted
## What is next
After a successful deployment, a `certificatesigningrequest` and a `managedcluster` will
be created on the hub.
Switch to hub context and deploy hub components.
```shell
kubectl config use-context {hub-context}
kubectl get csr
```
Next approve the csr and set managedCluster to be accepted by hub with the following command
```shell
kubectl certificate approve {csr name}
kubectl patch managedcluster {cluster name} -p='{"spec":{"hubAcceptsClient":true}}' --type=merge
kubectl get managedcluster
```
## Community, discussion, contribution, and support
Check the [CONTRIBUTING Doc](CONTRIBUTING.md) for how to contribute to the repo.
### Communication channels
Slack channel: [#open-cluster-mgmt](http://slack.k8s.io/#open-cluster-mgmt)
## License
This code is released under the Apache 2.0 license. See the file LICENSE for more information.

1
SECURITY.md Normal file
View File

@@ -0,0 +1 @@
Refer to our [Community Security Response](https://github.com/open-cluster-management-io/community/blob/main/SECURITY.md).

57
cmd/registration-operator/main.go Normal file
View File

@@ -0,0 +1,57 @@
package main
import (
goflag "flag"
"fmt"
"math/rand"
"os"
"time"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
utilflag "k8s.io/component-base/cli/flag"
"k8s.io/component-base/logs"
"open-cluster-management.io/registration-operator/pkg/cmd/operator"
"open-cluster-management.io/registration-operator/pkg/version"
)
func main() {
rand.Seed(time.Now().UTC().UnixNano())
pflag.CommandLine.SetNormalizeFunc(utilflag.WordSepNormalizeFunc)
pflag.CommandLine.AddGoFlagSet(goflag.CommandLine)
logs.AddFlags(pflag.CommandLine)
logs.InitLogs()
defer logs.FlushLogs()
command := newNucleusCommand()
if err := command.Execute(); err != nil {
fmt.Fprintf(os.Stderr, "%v\n", err)
os.Exit(1)
}
}
func newNucleusCommand() *cobra.Command {
cmd := &cobra.Command{
Use: "registration-operator",
Short: "Nucleus Operator",
Run: func(cmd *cobra.Command, args []string) {
_ = cmd.Help()
os.Exit(1)
},
}
if v := version.Get().String(); len(v) == 0 {
cmd.Version = "<unknown>"
} else {
cmd.Version = v
}
cmd.AddCommand(operator.NewHubOperatorCmd())
cmd.AddCommand(operator.NewKlusterletOperatorCmd())
return cmd
}

2
deploy/cluster-manager/PROJECT Normal file
View File

@@ -0,0 +1,2 @@
projectName: cluster-manager
version: 2

457
deploy/cluster-manager/config/crds/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml Normal file
View File

@@ -0,0 +1,457 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
preserveUnknownFields: false
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern
registration and work distribution for attached Klusterlets. In Default
mode, ClusterManager will only be deployed in open-cluster-management-hub
namespace. In Hosted mode, ClusterManager will be deployed in the namespace
with the same name as cluster manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
default:
deployOption:
mode: Default
description: Spec represents a desired deployment configuration of controllers
that govern registration and work distribution for attached Klusterlets.
properties:
addOnManagerConfiguration:
description: AddOnManagerConfiguration contains the configuration
of addon manager
properties:
featureGates:
description: 'FeatureGates represents the list of feature gates
for addon manager If it is set empty, default feature gates
will be used. If it is set, featuregate/Foo is an example of
one item in FeatureGates: 1. If featuregate/Foo does not exist,
registration-operator will discard it 2. If featuregate/Foo
exists and is false by default. It is now possible to set featuregate/Foo=[false|true]
3. If featuregate/Foo exists and is true by default. If a cluster-admin
upgrading from 1 to 2 wants to continue having featuregate/Foo=false,
he can set featuregate/Foo=false before upgrading. Let''s say
the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where ""
is Disable by default. In Enable mode, a valid feature
gate `featuregate/Foo` will be set to "--featuregate/Foo=true".
In Disable mode, a valid feature gate `featuregate/Foo`
will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
addOnManagerImagePullSpec:
default: quay.io/open-cluster-management/addon-manager
description: AddOnManagerImagePullSpec represents the desired image
configuration of addon manager controller/webhook installed on hub.
type: string
deployOption:
default:
mode: Default
description: DeployOption contains the options of deploying a cluster-manager
Default mode is used if DeployOption is not set.
properties:
hosted:
description: Hosted includes configurations we needs for clustermanager
in the Hosted mode.
properties:
registrationWebhookConfiguration:
description: RegistrationWebhookConfiguration represents the
customized webhook-server configuration of registration.
properties:
address:
description: Address represents the address of a webhook-server.
It could be in IP format or fqdn format. The Address
must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server.
The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
workWebhookConfiguration:
description: WorkWebhookConfiguration represents the customized
webhook-server configuration of work.
properties:
address:
description: Address represents the address of a webhook-server.
It could be in IP format or fqdn format. The Address
must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server.
The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
type: object
mode:
default: Default
description: 'Mode can be Default or Hosted. In Default mode,
the Hub is installed as a whole and all parts of Hub are deployed
in the same cluster. In Hosted mode, only crd and configurations
are installed on one cluster(defined as hub-cluster). Controllers
run in another cluster (defined as management-cluster) and connect
to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a
kubeconfig of hub-cluster with cluster-admin permission). Note:
Do not modify the Mode field once it''s applied.'
enum:
- Default
- Hosted
type: string
required:
- mode
type: object
nodePlacement:
description: NodePlacement enables explicit control over the scheduling
of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled
on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint
that matches the triple <key,value,effect> using the matching
operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates
any taint that matches the triple <key,value,effect> using
the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match.
Empty means match all taint effects. When specified, allowed
values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies
to. Empty means match all taint keys. If the key is empty,
operator must be Exists; this combination means to match
all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to
the value. Valid operators are Exists and Equal. Defaults
to Equal. Exists is equivalent to wildcard for value,
so that a pod can tolerate all taints of a particular
category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of
time the toleration (which must be of effect NoExecute,
otherwise this field is ignored) tolerates the taint.
By default, it is not set, which means tolerate the taint
forever (do not evict). Zero and negative values will
be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches
to. If the operator is Exists, the value should be empty,
otherwise just a regular string.
type: string
type: object
type: array
type: object
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration
of placement controller/webhook installed on hub.
type: string
registrationConfiguration:
description: RegistrationConfiguration contains the configuration
of registration
properties:
autoApproveUsers:
description: AutoApproveUser represents a list of users that can
auto approve CSR and accept client. If the credential of the
bootstrap-hub-kubeconfig matches to the users, the cluster created
by the bootstrap-hub-kubeconfig will be auto-registered into
the hub cluster. This takes effect only when ManagedClusterAutoApproval
feature gate is enabled.
items:
type: string
type: array
featureGates:
description: 'FeatureGates represents the list of feature gates
for registration If it is set empty, default feature gates will
be used. If it is set, featuregate/Foo is an example of one
item in FeatureGates: 1. If featuregate/Foo does not exist,
registration-operator will discard it 2. If featuregate/Foo
exists and is false by default. It is now possible to set featuregate/Foo=[false|true]
3. If featuregate/Foo exists and is true by default. If a cluster-admin
upgrading from 1 to 2 wants to continue having featuregate/Foo=false,
he can set featuregate/Foo=false before upgrading. Let''s say
the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where ""
is Disable by default. In Enable mode, a valid feature
gate `featuregate/Foo` will be set to "--featuregate/Foo=true".
In Disable mode, a valid feature gate `featuregate/Foo`
will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image
of registration controller/webhook installed on hub.
type: string
workConfiguration:
description: WorkConfiguration contains the configuration of work
properties:
featureGates:
description: 'FeatureGates represents the list of feature gates
for work If it is set empty, default feature gates will be used.
If it is set, featuregate/Foo is an example of one item in FeatureGates:
1. If featuregate/Foo does not exist, registration-operator
will discard it 2. If featuregate/Foo exists and is false by
default. It is now possible to set featuregate/Foo=[false|true]
3. If featuregate/Foo exists and is true by default. If a cluster-admin
upgrading from 1 to 2 wants to continue having featuregate/Foo=false,
he can set featuregate/Foo=false before upgrading. Let''s say
the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where ""
is Disable by default. In Enable mode, a valid feature
gate `featuregate/Foo` will be set to "--featuregate/Foo=true".
In Disable mode, a valid feature gate `featuregate/Foo`
will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration
of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that
govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses
for this ClusterManager. Valid condition types are: Applied: Components
in hub are applied. Available: Components in hub are available and
ready to serve. Progressing: Components in hub are in a transitioning
state. Degraded: Components in hub do not match the desired configuration
and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs
to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for
a given resource so that decisions about forced updates can be
made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're
tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource
that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking
is
type: string
resource:
description: resource is the resource type of the resource that
you're tracking
type: string
version:
description: version is the version of the resource that you're
tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've
dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that
are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is
managed by an operator
properties:
group:
description: group is the group of the resource that you're
tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that
you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

2
deploy/cluster-manager/config/crds/kustomization.yaml Normal file
View File

@@ -0,0 +1,2 @@
resources:
- 0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml

27
deploy/cluster-manager/config/kustomization.yaml Normal file
View File

@@ -0,0 +1,27 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- crds/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml
- rbac/cluster_role.yaml
- rbac/cluster_role_binding.yaml
- operator/namespace.yaml
- operator/service_account.yaml
- operator/operator.yaml
replicas:
- name: cluster-manager
count: 1
images:
- name: quay.io/open-cluster-management/registration-operator:latest
newName: quay.io/open-cluster-management/registration-operator
newTag: latest
patches:
- target:
kind: Deployment
patch: |-
- op: replace
path: "/spec/template/spec/containers/0/imagePullPolicy"
value: IfNotPresent

87
deploy/cluster-manager/config/manifests/bases/cluster-manager.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

4
deploy/cluster-manager/config/manifests/kustomization.yaml Normal file
View File

@@ -0,0 +1,4 @@
bases:
- ../crds
- ../rbac
- ../operator

4
deploy/cluster-manager/config/operator/kustomization.yaml Normal file
View File

@@ -0,0 +1,4 @@
resources:
- namespace.yaml
- service_account.yaml
- operator.yaml

4
deploy/cluster-manager/config/operator/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: open-cluster-management

69
deploy/cluster-manager/config/operator/operator.yaml Normal file
View File

@@ -0,0 +1,69 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: cluster-manager
namespace: open-cluster-management
labels:
app: cluster-manager
spec:
replicas: 3
selector:
matchLabels:
app: cluster-manager
template:
metadata:
labels:
app: cluster-manager
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 70
podAffinityTerm:
topologyKey: failure-domain.beta.kubernetes.io/zone
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- cluster-manager
- weight: 30
podAffinityTerm:
topologyKey: kubernetes.io/hostname
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- cluster-manager
serviceAccountName: cluster-manager
containers:
- name: registration-operator
image: quay.io/open-cluster-management/registration-operator:latest
args:
- "/registration-operator"
- "hub"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
runAsNonRoot: true
livenessProbe:
httpGet:
path: /healthz
scheme: HTTPS
port: 8443
initialDelaySeconds: 2
periodSeconds: 10
readinessProbe:
httpGet:
path: /healthz
scheme: HTTPS
port: 8443
initialDelaySeconds: 2
resources:
requests:
cpu: 100m
memory: 128Mi

5
deploy/cluster-manager/config/operator/service_account.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: cluster-manager
namespace: open-cluster-management

138
deploy/cluster-manager/config/rbac/cluster_role.yaml Normal file
View File

@@ -0,0 +1,138 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cluster-manager
rules:
# Allow the registration-operator to create workload
- apiGroups: [""]
resources: ["configmaps", "namespaces", "serviceaccounts", "services", "pods"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete", "deletecollection"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list", "watch", "update", "patch", "delete"]
resourceNames:
- "signer-secret"
- "registration-webhook-serving-cert"
- "work-webhook-serving-cert"
- "registration-controller-sa-kubeconfig"
- "registration-webhook-sa-kubeconfig"
- "work-webhook-sa-kubeconfig"
- "placement-controller-sa-kubeconfig"
- "work-controller-sa-kubeconfig"
- "external-hub-kubeconfig"
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["authorization.k8s.io"]
resources: ["subjectaccessreviews"]
verbs: ["create", "get"]
- apiGroups: ["", "events.k8s.io"]
resources: ["events"]
verbs: ["get", "list", "watch", "create", "patch", "update", "delete", "deletecollection"]
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
- apiGroups: ["apps"]
resources: ["replicasets"]
verbs: ["get"]
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["clusterrolebindings", "rolebindings"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["clusterroles", "roles"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
# Allow the registration-operator to create crds
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
# Allow the registration-operator to update crds status
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions/status"]
verbs: ["update", "patch"]
# Allow the registration-operator to create apiservice
- apiGroups: ["apiregistration.k8s.io"]
resources: ["apiservices"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
# Allow the registration-operator to create validatingwebhookconfigurration
- apiGroups: ["admissionregistration.k8s.io"]
resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
# Allow the nuclues to manage clustermanager apis.
- apiGroups: ["operator.open-cluster-management.io"]
resources: ["clustermanagers"]
verbs: ["get", "list", "watch", "update", "delete"]
- apiGroups: ["operator.open-cluster-management.io"]
resources: ["clustermanagers/status"]
verbs: ["update", "patch"]
# Allow the registration-operator to create storageversionmigration
- apiGroups: ["migration.k8s.io"]
resources: ["storageversionmigrations"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
# Some rbac needed in cluster-manager
- apiGroups: ["addon.open-cluster-management.io"]
resources: ["managedclusteraddons", "clustermanagementaddons"]
verbs: ["create", "update", "patch", "get", "list", "watch", "delete"]
- apiGroups: ["addon.open-cluster-management.io"]
resources: ["managedclusteraddons/status", "clustermanagementaddons/status"]
verbs: ["patch", "update"]
- apiGroups: ["addon.open-cluster-management.io"]
resources: [managedclusteraddons/finalizers, "clustermanagementaddons/finalizers"]
verbs: ["update"]
- apiGroups: ["authentication.k8s.io"]
resources: ["tokenreviews"]
verbs: ["create"]
- apiGroups: ["certificates.k8s.io"]
resources: ["certificatesigningrequests"]
verbs: ["create", "get", "list", "watch"]
- apiGroups: ["certificates.k8s.io"]
resources: ["certificatesigningrequests/approval", "certificatesigningrequests/status"]
verbs: ["update"]
- apiGroups: ["certificates.k8s.io"]
resources: ["signers"]
resourceNames: ["kubernetes.io/kube-apiserver-client"]
verbs: ["approve"]
- apiGroups: ["cluster.open-cluster-management.io"]
resources: ["managedclusters"]
verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: ["cluster.open-cluster-management.io"]
resources: ["managedclustersetbindings", "placements", "addonplacementscores"]
verbs: ["get", "list", "watch"]
- apiGroups: ["cluster.open-cluster-management.io"]
resources: ["managedclustersets","placementdecisions"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["cluster.open-cluster-management.io"]
resources: ["managedclusters/status","managedclustersetbindings/status", "managedclustersets/status", "placements/status", "placementdecisions/status"]
verbs: ["update", "patch"]
- apiGroups: ["cluster.open-cluster-management.io"]
resources: ["placements/finalizers"]
verbs: ["update"]
- apiGroups: ["register.open-cluster-management.io"]
resources: ["managedclusters/clientcertificates"]
verbs: ["renew"]
- apiGroups: ["register.open-cluster-management.io"]
resources: ["managedclusters/accept"]
verbs: ["update"]
- apiGroups: ["work.open-cluster-management.io"]
resources: ["manifestworkreplicasets"]
verbs: ["get", "list", "watch", "create", "update", "delete", "deletecollection", "patch"]
- apiGroups: ["work.open-cluster-management.io"]
resources: ["manifestworkreplicasets/finalizers"]
verbs: ["update"]
- apiGroups: ["work.open-cluster-management.io"]
resources: ["manifestworks"]
verbs: ["get", "list", "watch", "create", "update", "delete", "deletecollection", "patch", "execute-as"]
- apiGroups: ["work.open-cluster-management.io"]
resources: ["manifestworks/status", "manifestworkreplicasets/status"]
verbs: ["update", "patch"]
- apiGroups: ["flowcontrol.apiserver.k8s.io"]
resources: ["flowschemas", "prioritylevelconfigurations"]
verbs: ["get", "list", "watch"]
- apiGroups: ["config.openshift.io"]
resources: ["infrastructures"]
verbs: ["get"]

12
deploy/cluster-manager/config/rbac/cluster_role_binding.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cluster-manager
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-manager
subjects:
- kind: ServiceAccount
name: cluster-manager
namespace: open-cluster-management

3
deploy/cluster-manager/config/rbac/kustomization.yaml Normal file
View File

@@ -0,0 +1,3 @@
resources:
- cluster_role.yaml
- cluster_role_binding.yaml

9
deploy/cluster-manager/config/samples/cluster-manager/kustomization.yaml Normal file
View File

@@ -0,0 +1,9 @@
secretGenerator:
- name: external-hub-kubeconfig
namespace: cluster-manager
files:
- kubeconfig=external-hub-kubeconfig
type: "Opaque"
generatorOptions:
disableNameSuffixHash: true

2
deploy/cluster-manager/config/samples/kustomization.yaml Normal file
View File

@@ -0,0 +1,2 @@
resources:
- operator_open-cluster-management_clustermanagers.cr.yaml

15
deploy/cluster-manager/config/samples/operator_open-cluster-management_clustermanagers.cr.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: operator.open-cluster-management.io/v1
kind: ClusterManager
metadata:
name: cluster-manager
spec:
registrationImagePullSpec: quay.io/open-cluster-management/registration
workImagePullSpec: quay.io/open-cluster-management/work
placementImagePullSpec: quay.io/open-cluster-management/placement
addOnManagerImagePullSpec: quay.io/open-cluster-management/addon-manager
deployOption:
mode: Default
registrationConfiguration:
featureGates:
- feature: DefaultClusterSet
mode: Enable

18
deploy/cluster-manager/config/samples/operator_open-cluster-management_clustermanagers_hosted.cr.yaml Normal file
View File

@@ -0,0 +1,18 @@
apiVersion: operator.open-cluster-management.io/v1
kind: ClusterManager
metadata:
name: cluster-manager
spec:
registrationImagePullSpec: quay.io/open-cluster-management/registration
workImagePullSpec: quay.io/open-cluster-management/work
placementImagePullSpec: quay.io/open-cluster-management/placement
addOnManagerImagePullSpec: quay.io/open-cluster-management/addon-manager
deployOption:
mode: Hosted
hosted:
registrationWebhookConfiguration:
address: management-control-plane
port: 30443
workWebhookConfiguration:
address: management-control-plane
port: 31443

153
deploy/cluster-manager/olm-catalog/cluster-manager/0.1.0/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml Normal file
View File

@@ -0,0 +1,153 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern
registration and work distribution for attached Klusterlets. ClusterManager
will be only deployed in open-cluster-management-hub namespace.
type: object
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents a desired deployment configuration of controllers
that govern registration and work distribution for attached Klusterlets.
type: object
properties:
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image
of registration controller installed on hub.
type: string
status:
description: Status represents the current status of controllers that govern
the lifecycle of managed clusters.
type: object
properties:
conditions:
description: 'Conditions contain the different condition statuses for
this ClusterManager. Valid condition types are: Applied: components
in hub are applied. Available: components in hub are available and
ready to serve. Progressing: components in hub are in a transitioning
state. Degraded: components in hub do not match the desired configuration
and only provide degraded service.'
type: array
items:
description: StatusCondition contains condition information.
type: object
properties:
lastTransitionTime:
description: LastTransitionTime is the last time the condition
changed from one status to another.
type: string
format: date-time
message:
description: Message is a human-readable message indicating details
about the last status change.
type: string
reason:
description: Reason is a (brief) reason for the condition's last
status change.
type: string
status:
description: Status is the status of the condition. One of True,
False, Unknown.
type: string
type:
description: Type is the type of the cluster condition.
type: string
generations:
description: Generations are used to determine when an item needs to
be reconciled or has changed in a way that needs a reaction.
type: array
items:
description: GenerationStatus keeps track of the generation for a
given resource so that decisions about forced updates can be made.
the definition matches the GenerationStatus defined in github.com/openshift/api/v1
type: object
properties:
group:
description: group is the group of the thing you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the thing
that controller applies
type: integer
format: int64
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're
tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
observedGeneration:
description: ObservedGeneration is the last generation change you've
dealt with
type: integer
format: int64
relatedResources:
description: RelatedResources are used to track the resources that are
related to this ClusterManager
type: array
items:
description: RelatedResourceMeta represents the resource that is managed
by an operator
type: object
properties:
group:
description: group is the group of the thing you're tracking
type: string
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're
tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
version: v1
versions:
- name: v1
served: true
storage: true
preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

286
deploy/cluster-manager/olm-catalog/cluster-manager/0.1.0/cluster-manager.v0.1.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

377
deploy/cluster-manager/olm-catalog/cluster-manager/0.10.0/cluster-manager.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

284
deploy/cluster-manager/olm-catalog/cluster-manager/0.10.0/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,284 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. In Default mode, ClusterManager will only be deployed in open-cluster-management-hub namespace. In Hosted mode, ClusterManager will be deployed in the namespace with the same name as cluster manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
default:
deployOption:
mode: Default
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
deployOption:
default:
mode: Default
description: DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set.
properties:
hosted:
description: Hosted includes configurations we needs for clustermanager in the Hosted mode.
properties:
registrationWebhookConfiguration:
description: RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
workWebhookConfiguration:
description: WorkWebhookConfiguration represents the customized webhook-server configuration of work.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
type: object
mode:
default: Default
description: 'Mode can be Default or Hosted. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). Note: Do not modify the Mode field once it''s applied.'
enum:
- Default
- Hosted
type: string
required:
- mode
type: object
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration of placement controller/webhook installed on hub.
type: string
registrationConfiguration:
description: RegistrationConfiguration contains the configuration of registration
properties:
featureGates:
description: "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false."
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workConfiguration:
description: WorkConfiguration contains the configuration of work
properties:
featureGates:
description: "FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false."
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

586
deploy/cluster-manager/olm-catalog/cluster-manager/0.11.0/cluster-manager.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

315
deploy/cluster-manager/olm-catalog/cluster-manager/0.11.0/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,315 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. In Default mode, ClusterManager will only be deployed in open-cluster-management-hub namespace. In Hosted mode, ClusterManager will be deployed in the namespace with the same name as cluster manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
default:
deployOption:
mode: Default
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
addOnManagerConfiguration:
description: AddOnManagerConfiguration contains the configuration of addon manager
properties:
featureGates:
description: 'FeatureGates represents the list of feature gates for addon manager If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let''s say the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
addOnManagerImagePullSpec:
default: quay.io/open-cluster-management/addon-manager
description: AddOnManagerImagePullSpec represents the desired image configuration of addon manager controller/webhook installed on hub.
type: string
deployOption:
default:
mode: Default
description: DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set.
properties:
hosted:
description: Hosted includes configurations we needs for clustermanager in the Hosted mode.
properties:
registrationWebhookConfiguration:
description: RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
workWebhookConfiguration:
description: WorkWebhookConfiguration represents the customized webhook-server configuration of work.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
type: object
mode:
default: Default
description: 'Mode can be Default or Hosted. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). Note: Do not modify the Mode field once it''s applied.'
enum:
- Default
- Hosted
type: string
required:
- mode
type: object
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration of placement controller/webhook installed on hub.
type: string
registrationConfiguration:
description: RegistrationConfiguration contains the configuration of registration
properties:
autoApproveUsers:
description: AutoApproveUser represents a list of users that can auto approve CSR and accept client. If the credential of the bootstrap-hub-kubeconfig matches to the users, the cluster created by the bootstrap-hub-kubeconfig will be auto-registered into the hub cluster. This takes effect only when ManagedClusterAutoApproval feature gate is enabled.
items:
type: string
type: array
featureGates:
description: 'FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let''s say the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workConfiguration:
description: WorkConfiguration contains the configuration of work
properties:
featureGates:
description: 'FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let''s say the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

200
deploy/cluster-manager/olm-catalog/cluster-manager/0.2.0/0000_01_operator.open-cluster-management.io_clustermanagers.crd.yaml Normal file
View File

@@ -0,0 +1,200 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern
registration and work distribution for attached Klusterlets. ClusterManager
will be only deployed in open-cluster-management-hub namespace.
type: object
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents a desired deployment configuration of controllers
that govern registration and work distribution for attached Klusterlets.
type: object
properties:
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image
of registration controller/webhook installed on hub.
type: string
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration
of work controller/webhook installed on hub.
type: string
status:
description: Status represents the current status of controllers that govern
the lifecycle of managed clusters.
type: object
properties:
conditions:
description: 'Conditions contain the different condition statuses for
this ClusterManager. Valid condition types are: Applied: components
in hub are applied. Available: components in hub are available and
ready to serve. Progressing: components in hub are in a transitioning
state. Degraded: components in hub do not match the desired configuration
and only provide degraded service.'
type: array
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a foo's
current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type //
+patchStrategy=merge // +listType=map // +listMapKey=type
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
\n // other fields }"
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details
about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers of
specific condition types may define expected values and meanings
for this field, and whether the values are considered a guaranteed
API. The value should be a CamelCase string. This field may
not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
generations:
description: Generations are used to determine when an item needs to
be reconciled or has changed in a way that needs a reaction.
type: array
items:
description: GenerationStatus keeps track of the generation for a
given resource so that decisions about forced updates can be made.
the definition matches the GenerationStatus defined in github.com/openshift/api/v1
type: object
properties:
group:
description: group is the group of the thing you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the thing
that controller applies
type: integer
format: int64
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're
tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
observedGeneration:
description: ObservedGeneration is the last generation change you've
dealt with
type: integer
format: int64
relatedResources:
description: RelatedResources are used to track the resources that are
related to this ClusterManager
type: array
items:
description: RelatedResourceMeta represents the resource that is managed
by an operator
type: object
properties:
group:
description: group is the group of the thing you're tracking
type: string
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're
tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
version: v1
versions:
- name: v1
served: true
storage: true
preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

291
deploy/cluster-manager/olm-catalog/cluster-manager/0.2.0/cluster-manager.v0.2.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

292
deploy/cluster-manager/olm-catalog/cluster-manager/0.3.0/cluster-manager.v0.3.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

150
deploy/cluster-manager/olm-catalog/cluster-manager/0.3.0/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,150 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
preserveUnknownFields: false
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. ClusterManager will be only deployed in open-cluster-management-hub namespace.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: components in hub are applied. Available: components in hub are available and ready to serve. Progressing: components in hub are in a transitioning state. Degraded: components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. the definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the thing you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the thing that controller applies
format: int64
type: integer
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the thing you're tracking
type: string
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
version: v1
versions:
- name: v1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

311
deploy/cluster-manager/olm-catalog/cluster-manager/0.4.0/cluster-manager.v0.4.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

154
deploy/cluster-manager/olm-catalog/cluster-manager/0.4.0/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,154 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. ClusterManager will only be deployed in open-cluster-management-hub namespace.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration of placement controller/webhook installed on hub.
type: string
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

323
deploy/cluster-manager/olm-catalog/cluster-manager/0.5.0/cluster-manager.v0.5.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

186
deploy/cluster-manager/olm-catalog/cluster-manager/0.5.0/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,186 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. ClusterManager will only be deployed in open-cluster-management-hub namespace.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration of placement controller/webhook installed on hub.
type: string
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

326
deploy/cluster-manager/olm-catalog/cluster-manager/0.6.0/cluster-manager.v0.6.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

201
deploy/cluster-manager/olm-catalog/cluster-manager/0.6.0/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,201 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. In Default mode, ClusterManager will only be deployed in open-cluster-management-hub namespace. In Detached mode, ClusterManager will be deployed in the namespace with the same name as cluster manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
deployOption:
default:
mode: Default
description: DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set.
properties:
mode:
default: Default
description: "Mode can be Default or Detached. For cluster-manager: - In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. - In Detached mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of \"external-hub-kubeconfig\"(a kubeconfig of hub-cluster with cluster-admin permission). For klusterlet: - In Default mode, all klusterlet related resources are deployed on the managed cluster. - In Detached mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of \"external-managed-kubeconfig\"(a kubeconfig of managed-cluster with cluster-admin permission). The purpose of Detached mode is to give it more flexibility, for example we can install a hub on a cluster with no worker nodes, meanwhile running all deployments on another more powerful cluster. And we can also register a managed cluster to the hub that has some firewall rules preventing access from the managed cluster. \n Note: Do not modify the Mode field once it's applied."
enum:
- Default
- Detached
type: string
required:
- mode
type: object
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration of placement controller/webhook installed on hub.
type: string
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

337
deploy/cluster-manager/olm-catalog/cluster-manager/0.7.0/cluster-manager.v0.7.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

240
deploy/cluster-manager/olm-catalog/cluster-manager/0.7.0/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,240 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. In Default mode, ClusterManager will only be deployed in open-cluster-management-hub namespace. In Hosted mode, ClusterManager will be deployed in the namespace with the same name as cluster manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
default:
deployOption:
mode: Default
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
deployOption:
default:
mode: Default
description: DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set.
properties:
hosted:
description: Hosted includes configurations we needs for clustermanager in the Hosted mode.
properties:
registrationWebhookConfiguration:
description: RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
workWebhookConfiguration:
description: WorkWebhookConfiguration represents the customized webhook-server configuration of work.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
type: object
mode:
default: Default
description: 'Mode can be Default or Hosted. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). Note: Do not modify the Mode field once it''s applied.'
enum:
- Default
- Hosted
type: string
required:
- mode
type: object
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration of placement controller/webhook installed on hub.
type: string
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

345
deploy/cluster-manager/olm-catalog/cluster-manager/0.8.0/cluster-manager.v0.8.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

262
deploy/cluster-manager/olm-catalog/cluster-manager/0.8.0/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,262 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. In Default mode, ClusterManager will only be deployed in open-cluster-management-hub namespace. In Hosted mode, ClusterManager will be deployed in the namespace with the same name as cluster manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
default:
deployOption:
mode: Default
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
deployOption:
default:
mode: Default
description: DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set.
properties:
hosted:
description: Hosted includes configurations we needs for clustermanager in the Hosted mode.
properties:
registrationWebhookConfiguration:
description: RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
workWebhookConfiguration:
description: WorkWebhookConfiguration represents the customized webhook-server configuration of work.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
type: object
mode:
default: Default
description: 'Mode can be Default or Hosted. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). Note: Do not modify the Mode field once it''s applied.'
enum:
- Default
- Hosted
type: string
required:
- mode
type: object
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration of placement controller/webhook installed on hub.
type: string
registrationConfiguration:
description: RegistrationConfiguration contains the configuration of registration
properties:
featureGates:
description: "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false."
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

377
deploy/cluster-manager/olm-catalog/cluster-manager/0.9.1/cluster-manager.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

284
deploy/cluster-manager/olm-catalog/cluster-manager/0.9.1/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,284 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. In Default mode, ClusterManager will only be deployed in open-cluster-management-hub namespace. In Hosted mode, ClusterManager will be deployed in the namespace with the same name as cluster manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
default:
deployOption:
mode: Default
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
deployOption:
default:
mode: Default
description: DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set.
properties:
hosted:
description: Hosted includes configurations we needs for clustermanager in the Hosted mode.
properties:
registrationWebhookConfiguration:
description: RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
workWebhookConfiguration:
description: WorkWebhookConfiguration represents the customized webhook-server configuration of work.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
type: object
mode:
default: Default
description: 'Mode can be Default or Hosted. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). Note: Do not modify the Mode field once it''s applied.'
enum:
- Default
- Hosted
type: string
required:
- mode
type: object
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration of placement controller/webhook installed on hub.
type: string
registrationConfiguration:
description: RegistrationConfiguration contains the configuration of registration
properties:
featureGates:
description: "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false."
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workConfiguration:
description: WorkConfiguration contains the configuration of work
properties:
featureGates:
description: "FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false."
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

5
deploy/cluster-manager/olm-catalog/cluster-manager/cluster-manager.package.yaml Normal file
View File

@@ -0,0 +1,5 @@
channels:
- name: stable
currentCSV: cluster-manager.v0.12.0
defaultChannel: stable
packageName: cluster-manager

586
deploy/cluster-manager/olm-catalog/cluster-manager/manifests/cluster-manager.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

315
deploy/cluster-manager/olm-catalog/cluster-manager/manifests/operator.open-cluster-management.io_clustermanagers.yaml Normal file
View File

@@ -0,0 +1,315 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clustermanagers.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: ClusterManager
listKind: ClusterManagerList
plural: clustermanagers
singular: clustermanager
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: ClusterManager configures the controllers on the hub that govern registration and work distribution for attached Klusterlets. In Default mode, ClusterManager will only be deployed in open-cluster-management-hub namespace. In Hosted mode, ClusterManager will be deployed in the namespace with the same name as cluster manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
default:
deployOption:
mode: Default
description: Spec represents a desired deployment configuration of controllers that govern registration and work distribution for attached Klusterlets.
properties:
addOnManagerConfiguration:
description: AddOnManagerConfiguration contains the configuration of addon manager
properties:
featureGates:
description: 'FeatureGates represents the list of feature gates for addon manager If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let''s say the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
addOnManagerImagePullSpec:
default: quay.io/open-cluster-management/addon-manager
description: AddOnManagerImagePullSpec represents the desired image configuration of addon manager controller/webhook installed on hub.
type: string
deployOption:
default:
mode: Default
description: DeployOption contains the options of deploying a cluster-manager Default mode is used if DeployOption is not set.
properties:
hosted:
description: Hosted includes configurations we needs for clustermanager in the Hosted mode.
properties:
registrationWebhookConfiguration:
description: RegistrationWebhookConfiguration represents the customized webhook-server configuration of registration.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
workWebhookConfiguration:
description: WorkWebhookConfiguration represents the customized webhook-server configuration of work.
properties:
address:
description: Address represents the address of a webhook-server. It could be in IP format or fqdn format. The Address must be reachable by apiserver of the hub cluster.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
port:
default: 443
description: Port represents the port of a webhook-server. The default value of Port is 443.
format: int32
maximum: 65535
type: integer
required:
- address
type: object
type: object
mode:
default: Default
description: 'Mode can be Default or Hosted. In Default mode, the Hub is installed as a whole and all parts of Hub are deployed in the same cluster. In Hosted mode, only crd and configurations are installed on one cluster(defined as hub-cluster). Controllers run in another cluster (defined as management-cluster) and connect to the hub with the kubeconfig in secret of "external-hub-kubeconfig"(a kubeconfig of hub-cluster with cluster-admin permission). Note: Do not modify the Mode field once it''s applied.'
enum:
- Default
- Hosted
type: string
required:
- mode
type: object
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
placementImagePullSpec:
default: quay.io/open-cluster-management/placement
description: PlacementImagePullSpec represents the desired image configuration of placement controller/webhook installed on hub.
type: string
registrationConfiguration:
description: RegistrationConfiguration contains the configuration of registration
properties:
autoApproveUsers:
description: AutoApproveUser represents a list of users that can auto approve CSR and accept client. If the credential of the bootstrap-hub-kubeconfig matches to the users, the cluster created by the bootstrap-hub-kubeconfig will be auto-registered into the hub cluster. This takes effect only when ManagedClusterAutoApproval feature gate is enabled.
items:
type: string
type: array
featureGates:
description: 'FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let''s say the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
registrationImagePullSpec:
default: quay.io/open-cluster-management/registration
description: RegistrationImagePullSpec represents the desired image of registration controller/webhook installed on hub.
type: string
workConfiguration:
description: WorkConfiguration contains the configuration of work
properties:
featureGates:
description: 'FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let''s say the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
workImagePullSpec:
default: quay.io/open-cluster-management/work
description: WorkImagePullSpec represents the desired image configuration of work controller/webhook installed on hub.
type: string
type: object
status:
description: Status represents the current status of controllers that govern the lifecycle of managed clusters.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this ClusterManager. Valid condition types are: Applied: Components in hub are applied. Available: Components in hub are available and ready to serve. Progressing: Components in hub are in a transitioning state. Degraded: Components in hub do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this ClusterManager.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

7
deploy/cluster-manager/olm-catalog/cluster-manager/metadata/annotations.yaml Normal file
View File

@@ -0,0 +1,7 @@
annotations:
operators.operatorframework.io.bundle.channel.default.v1: stable
operators.operatorframework.io.bundle.channels.v1: stable
operators.operatorframework.io.bundle.manifests.v1: manifests/
operators.operatorframework.io.bundle.mediatype.v1: registry+v1
operators.operatorframework.io.bundle.metadata.v1: metadata/
operators.operatorframework.io.bundle.package.v1: cluster-manager

2
deploy/klusterlet/PROJECT Normal file
View File

@@ -0,0 +1,2 @@
projectName: klusterlet
version: 2

413
deploy/klusterlet/config/crds/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml Normal file
View File

@@ -0,0 +1,413 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: klusterlets.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: Klusterlet
listKind: KlusterletList
plural: klusterlets
singular: klusterlet
preserveUnknownFields: false
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: Klusterlet represents controllers to install the resources for
a managed cluster. When configured, the Klusterlet requires a secret named
bootstrap-hub-kubeconfig in the agent namespace to allow API requests to
the hub for the registration protocol. In Hosted mode, the Klusterlet requires
an additional secret named external-managed-kubeconfig in the agent namespace
to allow API requests to the managed cluster for resources installation.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired deployment configuration of Klusterlet
agent.
properties:
clusterName:
description: ClusterName is the name of the managed cluster to be
created on hub. The Klusterlet agent generates a random name if
it is not set, or discovers the appropriate cluster name on OpenShift.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
deployOption:
description: DeployOption contains the options of deploying a klusterlet
properties:
mode:
description: 'Mode can be Default or Hosted. It is Default mode
if not specified In Default mode, all klusterlet related resources
are deployed on the managed cluster. In Hosted mode, only crd
and configurations are installed on the spoke/managed cluster.
Controllers run in another cluster (defined as management-cluster)
and connect to the mangaged cluster with the kubeconfig in secret
of "external-managed-kubeconfig"(a kubeconfig of managed-cluster
with cluster-admin permission). Note: Do not modify the Mode
field once it''s applied.'
type: string
type: object
externalServerURLs:
description: ExternalServerURLs represents the a list of apiserver
urls and ca bundles that is accessible externally If it is set empty,
managed cluster has no externally accessible url that hub cluster
can visit.
items:
description: ServerURL represents the apiserver url and ca bundle
that is accessible externally
properties:
caBundle:
description: CABundle is the ca bundle to connect to apiserver
of the managed cluster. System certs are used if it is not
set.
format: byte
type: string
url:
description: URL is the url of apiserver endpoint of the managed
cluster.
type: string
type: object
type: array
hubApiServerHostAlias:
description: HubApiServerHostAlias contains the host alias for hub
api server. registration-agent and work-agent will use it to communicate
with hub api server.
properties:
hostname:
description: Hostname for the above IP address.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
ip:
description: IP address of the host file entry.
pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
type: string
required:
- hostname
- ip
type: object
namespace:
description: Namespace is the namespace to deploy the agent on the
managed cluster. The namespace must have a prefix of "open-cluster-management-",
and if it is not set, the namespace of "open-cluster-management-agent"
is used to deploy agent. In addition, the add-ons are deployed to
the namespace of "{Namespace}-addon". In the Hosted mode, this namespace
still exists on the managed cluster to contain necessary resources,
like service accounts, roles and rolebindings, while the agent is
deployed to the namespace with the same name as klusterlet on the
management cluster.
maxLength: 63
pattern: ^open-cluster-management-[-a-z0-9]*[a-z0-9]$
type: string
nodePlacement:
description: NodePlacement enables explicit control over the scheduling
of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled
on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint
that matches the triple <key,value,effect> using the matching
operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates
any taint that matches the triple <key,value,effect> using
the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match.
Empty means match all taint effects. When specified, allowed
values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies
to. Empty means match all taint keys. If the key is empty,
operator must be Exists; this combination means to match
all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to
the value. Valid operators are Exists and Equal. Defaults
to Equal. Exists is equivalent to wildcard for value,
so that a pod can tolerate all taints of a particular
category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of
time the toleration (which must be of effect NoExecute,
otherwise this field is ignored) tolerates the taint.
By default, it is not set, which means tolerate the taint
forever (do not evict). Zero and negative values will
be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches
to. If the operator is Exists, the value should be empty,
otherwise just a regular string.
type: string
type: object
type: array
type: object
registrationConfiguration:
description: RegistrationConfiguration contains the configuration
of registration
properties:
clientCertExpirationSeconds:
description: clientCertExpirationSeconds represents the seconds
of a client certificate to expire. If it is not set or 0, the
default duration seconds will be set by the hub cluster. If
the value is larger than the max signing duration seconds set
on the hub cluster, the max signing duration seconds will be
set.
format: int32
type: integer
featureGates:
description: 'FeatureGates represents the list of feature gates
for registration If it is set empty, default feature gates will
be used. If it is set, featuregate/Foo is an example of one
item in FeatureGates: 1. If featuregate/Foo does not exist,
registration-operator will discard it 2. If featuregate/Foo
exists and is false by default. It is now possible to set featuregate/Foo=[false|true]
3. If featuregate/Foo exists and is true by default. If a cluster-admin
upgrading from 1 to 2 wants to continue having featuregate/Foo=false,
he can set featuregate/Foo=false before upgrading. Let''s say
the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where ""
is Disable by default. In Enable mode, a valid feature
gate `featuregate/Foo` will be set to "--featuregate/Foo=true".
In Disable mode, a valid feature gate `featuregate/Foo`
will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image
configuration of registration agent. quay.io/open-cluster-management.io/registration:latest
will be used if unspecified.
type: string
workConfiguration:
description: WorkConfiguration contains the configuration of work
properties:
featureGates:
description: 'FeatureGates represents the list of feature gates
for work If it is set empty, default feature gates will be used.
If it is set, featuregate/Foo is an example of one item in FeatureGates:
1. If featuregate/Foo does not exist, registration-operator
will discard it 2. If featuregate/Foo exists and is false by
default. It is now possible to set featuregate/Foo=[false|true]
3. If featuregate/Foo exists and is true by default. If a cluster-admin
upgrading from 1 to 2 wants to continue having featuregate/Foo=false,
he can set featuregate/Foo=false before upgrading. Let''s say
the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where ""
is Disable by default. In Enable mode, a valid feature
gate `featuregate/Foo` will be set to "--featuregate/Foo=true".
In Disable mode, a valid feature gate `featuregate/Foo`
will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration
of work agent. quay.io/open-cluster-management.io/work:latest will
be used if unspecified.
type: string
type: object
status:
description: Status represents the current status of Klusterlet agent.
properties:
conditions:
description: 'Conditions contain the different condition statuses
for this Klusterlet. Valid condition types are: Applied: Components
have been applied in the managed cluster. Available: Components
in the managed cluster are available and ready to serve. Progressing:
Components in the managed cluster are in a transitioning state.
Degraded: Components in the managed cluster do not match the desired
configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs
to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for
a given resource so that decisions about forced updates can be
made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're
tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource
that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking
is
type: string
resource:
description: resource is the resource type of the resource that
you're tracking
type: string
version:
description: version is the version of the resource that you're
tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've
dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that
are related to this Klusterlet.
items:
description: RelatedResourceMeta represents the resource that is
managed by an operator
properties:
group:
description: group is the group of the resource that you're
tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that
you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

2
deploy/klusterlet/config/crds/kustomization.yaml Normal file
View File

@@ -0,0 +1,2 @@
resources:
- 0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml

30
deploy/klusterlet/config/kustomization.yaml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- crds/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml
- rbac/cluster_role.yaml
- rbac/cluster_role_binding.yaml
- operator/namespace.yaml
- operator/service_account.yaml
- operator/operator.yaml
generatorOptions:
disableNameSuffixHash: true
replicas:
- count: 1
name: klusterlet
images:
- name: quay.io/open-cluster-management/registration-operator:latest
newName: quay.io/open-cluster-management/registration-operator
newTag: latest
patches:
- patch: |-
- op: replace
path: "/spec/template/spec/containers/0/imagePullPolicy"
value: IfNotPresent
target:
kind: Deployment

94
deploy/klusterlet/config/manifests/bases/klusterlet.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

4
deploy/klusterlet/config/manifests/kustomization.yaml Normal file
View File

@@ -0,0 +1,4 @@
bases:
- ../crds
- ../rbac
- ../operator

4
deploy/klusterlet/config/operator/kustomization.yaml Normal file
View File

@@ -0,0 +1,4 @@
resources:
- namespace.yaml
- service_account.yaml
- operator.yaml

6
deploy/klusterlet/config/operator/namespace.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
annotations:
workload.openshift.io/allowed: "management"
name: open-cluster-management

73
deploy/klusterlet/config/operator/operator.yaml Normal file
View File

@@ -0,0 +1,73 @@
kind: Deployment
apiVersion: apps/v1
metadata:
name: klusterlet
namespace: open-cluster-management
labels:
app: klusterlet
spec:
replicas: 3
selector:
matchLabels:
app: klusterlet
template:
metadata:
annotations:
target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}'
labels:
app: klusterlet
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 70
podAffinityTerm:
topologyKey: failure-domain.beta.kubernetes.io/zone
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- klusterlet
- weight: 30
podAffinityTerm:
topologyKey: kubernetes.io/hostname
labelSelector:
matchExpressions:
- key: app
operator: In
values:
- klusterlet
serviceAccountName: klusterlet
containers:
- name: klusterlet
image: quay.io/open-cluster-management/registration-operator:latest
args:
- "/registration-operator"
- "klusterlet"
livenessProbe:
httpGet:
path: /healthz
scheme: HTTPS
port: 8443
initialDelaySeconds: 2
periodSeconds: 10
readinessProbe:
httpGet:
path: /healthz
scheme: HTTPS
port: 8443
initialDelaySeconds: 2
resources:
requests:
cpu: 100m
memory: 128Mi
# Uncomment the following configuration lines to add hostAliases for hub api server,
# if the server field in your hub cluster kubeconfig is a domain name instead of an ipv4 address.
# For example, https://xxx.yyy.zzz.
# hostAliases:
# - hostnames:
# set the target hostname
# - xxx.yyy.zzz
# set the target ipv4 address
# ip: 1.2.3.4

5
deploy/klusterlet/config/operator/service_account.yaml Normal file
View File

@@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: klusterlet
namespace: open-cluster-management

48
deploy/klusterlet/config/rbac/cluster_role.yaml Normal file
View File

@@ -0,0 +1,48 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: klusterlet
rules:
# Allow the registration-operator to create workload
- apiGroups: [""]
resources: ["secrets", "configmaps", "serviceaccounts"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["create", "get", "list", "update", "watch", "patch"]
- apiGroups: ["authorization.k8s.io"]
resources: ["subjectaccessreviews"]
verbs: ["create"]
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["create", "get", "list", "watch", "delete"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["", "events.k8s.io"]
resources: ["events"]
verbs: ["create", "patch", "update"]
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["clusterrolebindings", "rolebindings"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["clusterroles", "roles"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete", "escalate", "bind"]
# Allow the registration-operator to create crds
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["create", "get", "list", "update", "watch", "patch", "delete"]
# Allow the registration-operator to manage klusterlet apis.
- apiGroups: ["operator.open-cluster-management.io"]
resources: ["klusterlets"]
verbs: ["get", "list", "watch", "update", "patch", "delete"]
- apiGroups: ["operator.open-cluster-management.io"]
resources: ["klusterlets/status"]
verbs: ["update", "patch"]
# Allow the registration-operator to update the appliedmanifestworks finalizer.
- apiGroups: ["work.open-cluster-management.io"]
resources: ["appliedmanifestworks"]
verbs: ["list", "update"]

12
deploy/klusterlet/config/rbac/cluster_role_binding.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: klusterlet
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: klusterlet
subjects:
- kind: ServiceAccount
name: klusterlet
namespace: open-cluster-management

3
deploy/klusterlet/config/rbac/kustomization.yaml Normal file
View File

@@ -0,0 +1,3 @@
resources:
- cluster_role.yaml
- cluster_role_binding.yaml

9
deploy/klusterlet/config/samples/bootstrap/kustomization.yaml Normal file
View File

@@ -0,0 +1,9 @@
secretGenerator:
- name: bootstrap-hub-kubeconfig
namespace: open-cluster-management-agent
files:
- kubeconfig=hub-kubeconfig
type: "Opaque"
generatorOptions:
disableNameSuffixHash: true

2
deploy/klusterlet/config/samples/kustomization.yaml Normal file
View File

@@ -0,0 +1,2 @@
resources:
- operator_open-cluster-management_klusterlets.cr.yaml

9
deploy/klusterlet/config/samples/managedcluster/kustomization.yaml Normal file
View File

@@ -0,0 +1,9 @@
secretGenerator:
- name: external-managed-kubeconfig
namespace: klusterlet
files:
- kubeconfig=external-managed-kubeconfig
type: "Opaque"
generatorOptions:
disableNameSuffixHash: true

24
deploy/klusterlet/config/samples/operator_open-cluster-management_klusterlets.cr.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: operator.open-cluster-management.io/v1
kind: Klusterlet
metadata:
name: klusterlet
spec:
deployOption:
mode: Default
registrationImagePullSpec: quay.io/open-cluster-management/registration
workImagePullSpec: quay.io/open-cluster-management/work
clusterName: cluster1
namespace: open-cluster-management-agent
externalServerURLs:
- url: https://localhost
registrationConfiguration:
featureGates:
- feature: AddonManagement
mode: Enable
# Uncomment the following configuration lines to add hostAliases for hub api server,
# if the server field in your hub cluster kubeconfig is a domain name instead of an ipv4 address.
# For example, https://xxx.yyy.zzz.
# This configuration is used for registration-agent and work-agent to communicate with hub api server.
# hubApiServerHostAlias:
# ip: "1.2.3.4"
# hostname: "xxx.yyy.zzz"

188
deploy/klusterlet/olm-catalog/klusterlet/0.1.0/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml Normal file
View File

@@ -0,0 +1,188 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: klusterlets.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: Klusterlet
listKind: KlusterletList
plural: klusterlets
singular: klusterlet
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
description: Klusterlet represents controllers on the managed cluster. When
configured, the Klusterlet requires a secret named of bootstrap-hub-kubeconfig
in the same namespace to allow API requests to the hub for the registration
protocol.
type: object
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired deployment configuration of Klusterlet
agent.
type: object
properties:
clusterName:
description: ClusterName is the name of the managed cluster to be created
on hub. The Klusterlet agent generates a random name if it is not
set, or discovers the appropriate cluster name on openshift.
type: string
externalServerURLs:
description: ExternalServerURLs represents the a list of apiserver urls
and ca bundles that is accessible externally If it is set empty, managed
cluster has no externally accessible url that hub cluster can visit.
type: array
items:
description: ServerURL represents the apiserver url and ca bundle
that is accessible externally
type: object
properties:
caBundle:
description: CABundle is the ca bundle to connect to apiserver
of the managed cluster. System certs are used if it is not set.
type: string
format: byte
url:
description: URL is the url of apiserver endpoint of the managed
cluster.
type: string
namespace:
description: Namespace is the namespace to deploy the agent. The namespace
must have a prefix of "open-cluster-management-", and if it is not
set, the namespace of "open-cluster-management-agent" is used to deploy
agent.
type: string
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image
configuration of registration agent.
type: string
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration
of work agent.
type: string
status:
description: Status represents the current status of Klusterlet agent.
type: object
properties:
conditions:
description: 'Conditions contain the different condition statuses for
this Klusterlet. Valid condition types are: Applied: components have
been applied in the managed cluster. Available: components in the
managed cluster are available and ready to serve. Progressing: components
in the managed cluster are in a transitioning state. Degraded: components
in the managed cluster do not match the desired configuration and
only provide degraded service.'
type: array
items:
description: StatusCondition contains condition information.
type: object
properties:
lastTransitionTime:
description: LastTransitionTime is the last time the condition
changed from one status to another.
type: string
format: date-time
message:
description: Message is a human-readable message indicating details
about the last status change.
type: string
reason:
description: Reason is a (brief) reason for the condition's last
status change.
type: string
status:
description: Status is the status of the condition. One of True,
False, Unknown.
type: string
type:
description: Type is the type of the cluster condition.
type: string
generations:
description: Generations are used to determine when an item needs to
be reconciled or has changed in a way that needs a reaction.
type: array
items:
description: GenerationStatus keeps track of the generation for a
given resource so that decisions about forced updates can be made.
the definition matches the GenerationStatus defined in github.com/openshift/api/v1
type: object
properties:
group:
description: group is the group of the thing you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the thing
that controller applies
type: integer
format: int64
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're
tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
observedGeneration:
description: ObservedGeneration is the last generation change you've
dealt with
type: integer
format: int64
relatedResources:
description: RelatedResources are used to track the resources that are
related to this Klusterlet
type: array
items:
description: RelatedResourceMeta represents the resource that is managed
by an operator
type: object
properties:
group:
description: group is the group of the thing you're tracking
type: string
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're
tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
version: v1
versions:
- name: v1
served: true
storage: true
preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

276
deploy/klusterlet/olm-catalog/klusterlet/0.1.0/klusterlet.v0.1.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

329
deploy/klusterlet/olm-catalog/klusterlet/0.10.0/klusterlet.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

268
deploy/klusterlet/olm-catalog/klusterlet/0.10.0/operator.open-cluster-management.io_klusterlets.yaml Normal file
View File

@@ -0,0 +1,268 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: klusterlets.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: Klusterlet
listKind: KlusterletList
plural: klusterlets
singular: klusterlet
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: Klusterlet represents controllers to install the resources for a managed cluster. When configured, the Klusterlet requires a secret named bootstrap-hub-kubeconfig in the agent namespace to allow API requests to the hub for the registration protocol. In Hosted mode, the Klusterlet requires an additional secret named external-managed-kubeconfig in the agent namespace to allow API requests to the managed cluster for resources installation.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired deployment configuration of Klusterlet agent.
properties:
clusterName:
description: ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift.
type: string
deployOption:
description: DeployOption contains the options of deploying a klusterlet
properties:
mode:
description: 'Mode can be Default or Hosted. It is Default mode if not specified In Default mode, all klusterlet related resources are deployed on the managed cluster. In Hosted mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of "external-managed-kubeconfig"(a kubeconfig of managed-cluster with cluster-admin permission). Note: Do not modify the Mode field once it''s applied.'
type: string
type: object
externalServerURLs:
description: ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit.
items:
description: ServerURL represents the apiserver url and ca bundle that is accessible externally
properties:
caBundle:
description: CABundle is the ca bundle to connect to apiserver of the managed cluster. System certs are used if it is not set.
format: byte
type: string
url:
description: URL is the url of apiserver endpoint of the managed cluster.
type: string
type: object
type: array
hubApiServerHostAlias:
description: HubApiServerHostAlias contains the host alias for hub api server. registration-agent and work-agent will use it to communicate with hub api server.
properties:
hostname:
description: Hostname for the above IP address.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
ip:
description: IP address of the host file entry.
pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
type: string
required:
- hostname
- ip
type: object
namespace:
description: Namespace is the namespace to deploy the agent on the managed cluster. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent. In addition, the add-ons are deployed to the namespace of "{Namespace}-addon". In the Hosted mode, this namespace still exists on the managed cluster to contain necessary resources, like service accounts, roles and rolebindings, while the agent is deployed to the namespace with the same name as klusterlet on the management cluster.
maxLength: 63
pattern: ^open-cluster-management-[-a-z0-9]*[a-z0-9]$
type: string
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
registrationConfiguration:
description: RegistrationConfiguration contains the configuration of registration
properties:
featureGates:
description: "FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false."
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image configuration of registration agent. quay.io/open-cluster-management.io/registration:latest will be used if unspecified.
type: string
workConfiguration:
description: WorkConfiguration contains the configuration of work
properties:
featureGates:
description: "FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, \the can set featuregate/Foo=false before upgrading. Let's say the cluster-admin wants featuregate/Foo=false."
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration of work agent. quay.io/open-cluster-management.io/work:latest will be used if unspecified.
type: string
type: object
status:
description: Status represents the current status of Klusterlet agent.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this Klusterlet. Valid condition types are: Applied: Components have been applied in the managed cluster. Available: Components in the managed cluster are available and ready to serve. Progressing: Components in the managed cluster are in a transitioning state. Degraded: Components in the managed cluster do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this Klusterlet.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

325
deploy/klusterlet/olm-catalog/klusterlet/0.11.0/klusterlet.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

274
deploy/klusterlet/olm-catalog/klusterlet/0.11.0/operator.open-cluster-management.io_klusterlets.yaml Normal file
View File

@@ -0,0 +1,274 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: klusterlets.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: Klusterlet
listKind: KlusterletList
plural: klusterlets
singular: klusterlet
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: Klusterlet represents controllers to install the resources for a managed cluster. When configured, the Klusterlet requires a secret named bootstrap-hub-kubeconfig in the agent namespace to allow API requests to the hub for the registration protocol. In Hosted mode, the Klusterlet requires an additional secret named external-managed-kubeconfig in the agent namespace to allow API requests to the managed cluster for resources installation.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired deployment configuration of Klusterlet agent.
properties:
clusterName:
description: ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift.
maxLength: 63
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
deployOption:
description: DeployOption contains the options of deploying a klusterlet
properties:
mode:
description: 'Mode can be Default or Hosted. It is Default mode if not specified In Default mode, all klusterlet related resources are deployed on the managed cluster. In Hosted mode, only crd and configurations are installed on the spoke/managed cluster. Controllers run in another cluster (defined as management-cluster) and connect to the mangaged cluster with the kubeconfig in secret of "external-managed-kubeconfig"(a kubeconfig of managed-cluster with cluster-admin permission). Note: Do not modify the Mode field once it''s applied.'
type: string
type: object
externalServerURLs:
description: ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit.
items:
description: ServerURL represents the apiserver url and ca bundle that is accessible externally
properties:
caBundle:
description: CABundle is the ca bundle to connect to apiserver of the managed cluster. System certs are used if it is not set.
format: byte
type: string
url:
description: URL is the url of apiserver endpoint of the managed cluster.
type: string
type: object
type: array
hubApiServerHostAlias:
description: HubApiServerHostAlias contains the host alias for hub api server. registration-agent and work-agent will use it to communicate with hub api server.
properties:
hostname:
description: Hostname for the above IP address.
pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$
type: string
ip:
description: IP address of the host file entry.
pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
type: string
required:
- hostname
- ip
type: object
namespace:
description: Namespace is the namespace to deploy the agent on the managed cluster. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent. In addition, the add-ons are deployed to the namespace of "{Namespace}-addon". In the Hosted mode, this namespace still exists on the managed cluster to contain necessary resources, like service accounts, roles and rolebindings, while the agent is deployed to the namespace with the same name as klusterlet on the management cluster.
maxLength: 63
pattern: ^open-cluster-management-[-a-z0-9]*[a-z0-9]$
type: string
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
registrationConfiguration:
description: RegistrationConfiguration contains the configuration of registration
properties:
clientCertExpirationSeconds:
description: clientCertExpirationSeconds represents the seconds of a client certificate to expire. If it is not set or 0, the default duration seconds will be set by the hub cluster. If the value is larger than the max signing duration seconds set on the hub cluster, the max signing duration seconds will be set.
format: int32
type: integer
featureGates:
description: 'FeatureGates represents the list of feature gates for registration If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let''s say the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image configuration of registration agent. quay.io/open-cluster-management.io/registration:latest will be used if unspecified.
type: string
workConfiguration:
description: WorkConfiguration contains the configuration of work
properties:
featureGates:
description: 'FeatureGates represents the list of feature gates for work If it is set empty, default feature gates will be used. If it is set, featuregate/Foo is an example of one item in FeatureGates: 1. If featuregate/Foo does not exist, registration-operator will discard it 2. If featuregate/Foo exists and is false by default. It is now possible to set featuregate/Foo=[false|true] 3. If featuregate/Foo exists and is true by default. If a cluster-admin upgrading from 1 to 2 wants to continue having featuregate/Foo=false, he can set featuregate/Foo=false before upgrading. Let''s say the cluster-admin wants featuregate/Foo=false.'
items:
properties:
feature:
description: Feature is the key of feature gate. e.g. featuregate/Foo.
type: string
mode:
default: Disable
description: Mode is either Enable, Disable, "" where "" is Disable by default. In Enable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=true". In Disable mode, a valid feature gate `featuregate/Foo` will be set to "--featuregate/Foo=false".
enum:
- Enable
- Disable
type: string
required:
- feature
type: object
type: array
type: object
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration of work agent. quay.io/open-cluster-management.io/work:latest will be used if unspecified.
type: string
type: object
status:
description: Status represents the current status of Klusterlet agent.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this Klusterlet. Valid condition types are: Applied: Components have been applied in the managed cluster. Available: Components in the managed cluster are available and ready to serve. Progressing: Components in the managed cluster are in a transitioning state. Degraded: Components in the managed cluster do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this Klusterlet.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

231
deploy/klusterlet/olm-catalog/klusterlet/0.2.0/0000_00_operator.open-cluster-management.io_klusterlets.crd.yaml Normal file
View File

@@ -0,0 +1,231 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: klusterlets.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: Klusterlet
listKind: KlusterletList
plural: klusterlets
singular: klusterlet
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
description: Klusterlet represents controllers on the managed cluster. When
configured, the Klusterlet requires a secret named of bootstrap-hub-kubeconfig
in the same namespace to allow API requests to the hub for the registration
protocol.
type: object
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired deployment configuration of Klusterlet
agent.
type: object
properties:
clusterName:
description: ClusterName is the name of the managed cluster to be created
on hub. The Klusterlet agent generates a random name if it is not
set, or discovers the appropriate cluster name on openshift.
type: string
externalServerURLs:
description: ExternalServerURLs represents the a list of apiserver urls
and ca bundles that is accessible externally If it is set empty, managed
cluster has no externally accessible url that hub cluster can visit.
type: array
items:
description: ServerURL represents the apiserver url and ca bundle
that is accessible externally
type: object
properties:
caBundle:
description: CABundle is the ca bundle to connect to apiserver
of the managed cluster. System certs are used if it is not set.
type: string
format: byte
url:
description: URL is the url of apiserver endpoint of the managed
cluster.
type: string
namespace:
description: Namespace is the namespace to deploy the agent. The namespace
must have a prefix of "open-cluster-management-", and if it is not
set, the namespace of "open-cluster-management-agent" is used to deploy
agent.
type: string
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image
configuration of registration agent.
type: string
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration
of work agent.
type: string
status:
description: Status represents the current status of Klusterlet agent.
type: object
properties:
conditions:
description: 'Conditions contain the different condition statuses for
this Klusterlet. Valid condition types are: Applied: components have
been applied in the managed cluster. Available: components in the
managed cluster are available and ready to serve. Progressing: components
in the managed cluster are in a transitioning state. Degraded: components
in the managed cluster do not match the desired configuration and
only provide degraded service.'
type: array
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a foo's
current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type //
+patchStrategy=merge // +listType=map // +listMapKey=type
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
\n // other fields }"
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details
about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers of
specific condition types may define expected values and meanings
for this field, and whether the values are considered a guaranteed
API. The value should be a CamelCase string. This field may
not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
generations:
description: Generations are used to determine when an item needs to
be reconciled or has changed in a way that needs a reaction.
type: array
items:
description: GenerationStatus keeps track of the generation for a
given resource so that decisions about forced updates can be made.
the definition matches the GenerationStatus defined in github.com/openshift/api/v1
type: object
properties:
group:
description: group is the group of the thing you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the thing
that controller applies
type: integer
format: int64
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're
tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
observedGeneration:
description: ObservedGeneration is the last generation change you've
dealt with
type: integer
format: int64
relatedResources:
description: RelatedResources are used to track the resources that are
related to this Klusterlet
type: array
items:
description: RelatedResourceMeta represents the resource that is managed
by an operator
type: object
properties:
group:
description: group is the group of the thing you're tracking
type: string
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're
tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
version: v1
versions:
- name: v1
served: true
storage: true
preserveUnknownFields: false
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

289
deploy/klusterlet/olm-catalog/klusterlet/0.2.0/klusterlet.v0.2.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

290
deploy/klusterlet/olm-catalog/klusterlet/0.3.0/klusterlet.v0.3.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

170
deploy/klusterlet/olm-catalog/klusterlet/0.3.0/operator.open-cluster-management.io_klusterlets.yaml Normal file
View File

@@ -0,0 +1,170 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: klusterlets.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: Klusterlet
listKind: KlusterletList
plural: klusterlets
singular: klusterlet
preserveUnknownFields: false
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
description: Klusterlet represents controllers on the managed cluster. When configured, the Klusterlet requires a secret named of bootstrap-hub-kubeconfig in the same namespace to allow API requests to the hub for the registration protocol.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired deployment configuration of Klusterlet agent.
properties:
clusterName:
description: ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on openshift.
type: string
externalServerURLs:
description: ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit.
items:
description: ServerURL represents the apiserver url and ca bundle that is accessible externally
properties:
caBundle:
description: CABundle is the ca bundle to connect to apiserver of the managed cluster. System certs are used if it is not set.
format: byte
type: string
url:
description: URL is the url of apiserver endpoint of the managed cluster.
type: string
type: object
type: array
namespace:
description: Namespace is the namespace to deploy the agent. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent.
type: string
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image configuration of registration agent.
type: string
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration of work agent.
type: string
type: object
status:
description: Status represents the current status of Klusterlet agent.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this Klusterlet. Valid condition types are: Applied: components have been applied in the managed cluster. Available: components in the managed cluster are available and ready to serve. Progressing: components in the managed cluster are in a transitioning state. Degraded: components in the managed cluster do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. the definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the thing you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the thing that controller applies
format: int64
type: integer
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this Klusterlet
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the thing you're tracking
type: string
name:
description: name is the name of the thing you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the thing you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
version: v1
versions:
- name: v1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

300
deploy/klusterlet/olm-catalog/klusterlet/0.4.0/klusterlet.v0.4.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

168
deploy/klusterlet/olm-catalog/klusterlet/0.4.0/operator.open-cluster-management.io_klusterlets.yaml Normal file
View File

@@ -0,0 +1,168 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: klusterlets.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: Klusterlet
listKind: KlusterletList
plural: klusterlets
singular: klusterlet
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: Klusterlet represents controllers on the managed cluster. When configured, the Klusterlet requires a secret named of bootstrap-hub-kubeconfig in the same namespace to allow API requests to the hub for the registration protocol.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired deployment configuration of Klusterlet agent.
properties:
clusterName:
description: ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift.
type: string
externalServerURLs:
description: ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit.
items:
description: ServerURL represents the apiserver url and ca bundle that is accessible externally
properties:
caBundle:
description: CABundle is the ca bundle to connect to apiserver of the managed cluster. System certs are used if it is not set.
format: byte
type: string
url:
description: URL is the url of apiserver endpoint of the managed cluster.
type: string
type: object
type: array
namespace:
description: Namespace is the namespace to deploy the agent. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent.
type: string
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image configuration of registration agent.
type: string
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration of work agent.
type: string
type: object
status:
description: Status represents the current status of Klusterlet agent.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this Klusterlet. Valid condition types are: Applied: Components have been applied in the managed cluster. Available: Components in the managed cluster are available and ready to serve. Progressing: Components in the managed cluster are in a transitioning state. Degraded: Components in the managed cluster do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this Klusterlet.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

300
deploy/klusterlet/olm-catalog/klusterlet/0.5.0/klusterlet.v0.5.0.clusterserviceversion.yaml Normal file
View File

File diff suppressed because one or more lines are too long

200
deploy/klusterlet/olm-catalog/klusterlet/0.5.0/operator.open-cluster-management.io_klusterlets.yaml Normal file
View File

@@ -0,0 +1,200 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: klusterlets.operator.open-cluster-management.io
spec:
group: operator.open-cluster-management.io
names:
kind: Klusterlet
listKind: KlusterletList
plural: klusterlets
singular: klusterlet
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: Klusterlet represents controllers on the managed cluster. When configured, the Klusterlet requires a secret named of bootstrap-hub-kubeconfig in the same namespace to allow API requests to the hub for the registration protocol.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired deployment configuration of Klusterlet agent.
properties:
clusterName:
description: ClusterName is the name of the managed cluster to be created on hub. The Klusterlet agent generates a random name if it is not set, or discovers the appropriate cluster name on OpenShift.
type: string
externalServerURLs:
description: ExternalServerURLs represents the a list of apiserver urls and ca bundles that is accessible externally If it is set empty, managed cluster has no externally accessible url that hub cluster can visit.
items:
description: ServerURL represents the apiserver url and ca bundle that is accessible externally
properties:
caBundle:
description: CABundle is the ca bundle to connect to apiserver of the managed cluster. System certs are used if it is not set.
format: byte
type: string
url:
description: URL is the url of apiserver endpoint of the managed cluster.
type: string
type: object
type: array
namespace:
description: Namespace is the namespace to deploy the agent. The namespace must have a prefix of "open-cluster-management-", and if it is not set, the namespace of "open-cluster-management-agent" is used to deploy agent.
type: string
nodePlacement:
description: NodePlacement enables explicit control over the scheduling of the deployed pods.
properties:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.
type: object
tolerations:
description: Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
registrationImagePullSpec:
description: RegistrationImagePullSpec represents the desired image configuration of registration agent.
type: string
workImagePullSpec:
description: WorkImagePullSpec represents the desired image configuration of work agent.
type: string
type: object
status:
description: Status represents the current status of Klusterlet agent.
properties:
conditions:
description: 'Conditions contain the different condition statuses for this Klusterlet. Valid condition types are: Applied: Components have been applied in the managed cluster. Available: Components in the managed cluster are available and ready to serve. Progressing: Components in the managed cluster are in a transitioning state. Degraded: Components in the managed cluster do not match the desired configuration and only provide degraded service.'
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
generations:
description: Generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
items:
description: GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. The definition matches the GenerationStatus defined in github.com/openshift/api/v1
properties:
group:
description: group is the group of the resource that you're tracking
type: string
lastGeneration:
description: lastGeneration is the last generation of the resource that controller applies
format: int64
type: integer
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the resource that you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the resource that you're tracking
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last generation change you've dealt with
format: int64
type: integer
relatedResources:
description: RelatedResources are used to track the resources that are related to this Klusterlet.
items:
description: RelatedResourceMeta represents the resource that is managed by an operator
properties:
group:
description: group is the group of the resource that you're tracking
type: string
name:
description: name is the name of the resource that you're tracking
type: string
namespace:
description: namespace is where the thing you're tracking is
type: string
resource:
description: resource is the resource type of the resource that you're tracking
type: string
version:
description: version is the version of the thing you're tracking
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

Some files were not shown because too many files have changed in this diff Show More