From 1029226fb9f993b1f1ec02c46366c57df13c2935 Mon Sep 17 00:00:00 2001 From: Rico Pahlisch Date: Tue, 27 Feb 2024 11:24:30 +0100 Subject: [PATCH 1/3] feat: azure support --- config/rbac/role.yaml | 1 + ...jicontrolplane_controller_cluster_patch.go | 4 +- docs/providers-azure.md | 173 ++++++++++++++++++ 3 files changed, 177 insertions(+), 1 deletion(-) create mode 100644 docs/providers-azure.md diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 29ea2f5..fc1e5ed 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -54,6 +54,7 @@ rules: - infrastructure.cluster.x-k8s.io resources: - awsclusters + - azureclusters - hetznerclusters - kubevirtclusters - nutanixclusters diff --git a/controllers/kamajicontrolplane_controller_cluster_patch.go b/controllers/kamajicontrolplane_controller_cluster_patch.go index c9a8144..f67ead0 100644 --- a/controllers/kamajicontrolplane_controller_cluster_patch.go +++ b/controllers/kamajicontrolplane_controller_cluster_patch.go @@ -36,6 +36,8 @@ func (r *KamajiControlPlaneReconciler) patchCluster(ctx context.Context, cluster switch cluster.Spec.InfrastructureRef.Kind { case "AWSCluster": return r.patchGenericCluster(ctx, cluster, endpoint, port, false) + case "AzureCluster": + return r.patchGenericCluster(ctx, cluster, endpoint, port, false) case "HetznerCluster": return r.patchGenericCluster(ctx, cluster, endpoint, port, false) case "KubevirtCluster": @@ -70,7 +72,7 @@ func (r *KamajiControlPlaneReconciler) checkOrPatchVSphereCluster(ctx context.Co return nil } -//+kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=kubevirtclusters;nutanixclusters;packetclusters;awsclusters;hetznerclusters,verbs=patch +//+kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=kubevirtclusters;nutanixclusters;packetclusters;awsclusters;hetznerclusters;azureclusters,verbs=patch //+kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=kubevirtclusters/status;nutanixclusters/status;packetclusters/status,verbs=patch func (r *KamajiControlPlaneReconciler) patchGenericCluster(ctx context.Context, cluster capiv1beta1.Cluster, endpoint string, port int64, patchStatus bool) error { diff --git a/docs/providers-azure.md b/docs/providers-azure.md new file mode 100644 index 0000000..4963e2b --- /dev/null +++ b/docs/providers-azure.md @@ -0,0 +1,173 @@ +# Kamaji and AWS + +The Kamaji Control Plane provider was able to create an _Azure_ backed Kubernetes cluster by providing Kamaji Control Planes. + +``` +NAME READY SEVERITY REASON SINCE MESSAGE +Cluster/capi-quickstart True 31m +├─ClusterInfrastructure - AzureCluster/kamaji-quickstart-control-plane True 31m +├─ControlPlane - KamajiControlPlane/kamaji-azure-127 +└─Workers + └─MachineDeployment/capi-quickstart-md-0 True 28s + └─3 Machines... True 12m See capi-quickstart-md-0-6848dccdffxn5j9b-cjgp5, capi-quickstart-md-0-6848dccdffxn5j9b-gk95g, ... +``` + +## Example manifests + +The said cluster has been created with the following manifests. + +```yaml +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + name: capi-quickstart + namespace: default +spec: + clusterNetwork: + pods: + cidrBlocks: + - 192.168.0.0/16 + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KamajiControlPlane + name: kamaji-quickstart-control-plane + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureCluster + name: capi-quickstart +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureCluster +metadata: + name: capi-quickstart + namespace: default +spec: + identityRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureClusterIdentity + name: azure-identity + location: germanywestcentral + networkSpec: + subnets: + - name: control-plane-subnet + role: control-plane + - name: node-subnet + role: node + vnet: + name: workload + resourceGroup: test-resource-group + subscriptionID: 00000000-0000-0000-0000-000000000000 +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureClusterIdentity +metadata: + labels: + clusterctl.cluster.x-k8s.io/move-hierarchy: "true" + name: azure-identity +spec: + allowedNamespaces: {} + clientID: 00000000-0000-0000-0000-000000000000 + clientSecret: + name: azure-client-secret + namespace: azure + tenantID: 00000000-0000-0000-0000-000000000000 + type: ServicePrincipal +--- +apiVersion: controlplane.cluster.x-k8s.io/v1alpha1 +kind: KamajiControlPlane +metadata: + name: kamaji-quickstart-control-plane + namespace: default +spec: + apiServer: + extraArgs: + - --cloud-provider=external + controllerManager: + extraArgs: + - --cloud-provider=external + dataStoreName: default + addons: + coreDNS: { } + konnectivity: { } + kubeProxy: { } + kubelet: + cgroupfs: systemd + preferredAddressTypes: + - ExternalIP + - InternalIP + - Hostname + network: + serviceAddress: 78.134.89.204 + serviceType: ClusterIP + deployment: + replicas: 2 + version: 1.26.0 +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineDeployment +metadata: + name: capi-quickstart-md-0 + namespace: default +spec: + clusterName: capi-quickstart + replicas: 2 + selector: + matchLabels: null + template: + spec: + bootstrap: + configRef: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfigTemplate + name: capi-quickstart-md-0 + clusterName: workload + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureMachineTemplate + name: capi-quickstart-md-0 + version: v1.26.0 +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureMachineTemplate +metadata: + name: capi-quickstart-md-0 + namespace: default +spec: + template: + spec: + osDisk: + diskSizeGB: 128 + osType: Linux + sshPublicKey: "" + vmSize: Standard_DS3_v2 +--- +apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 +kind: KubeadmConfigTemplate +metadata: + name: capi-quickstart-md-0 + namespace: default +spec: + template: + spec: + files: + - contentFrom: + secret: + key: worker-node-azure.json + name: workload-md-0-azure-json + owner: root:root + path: /etc/kubernetes/azure.json + permissions: "0644" + joinConfiguration: + nodeRegistration: + kubeletExtraArgs: + cloud-provider: external + name: '{{ ds.meta_data["local_hostname"] }}' + preKubeadmCommands: [] +``` + +## Technical considerations + +The Cluster API Azure infrastructure provider supports starting from [v1.13.0](https://github.com/kubernetes-sigs/cluster-api-provider-azure). +The Azure Cluster API operator will create some additional network components for the control plane which are not needed but do not hinder the cluster from working. + +Once the cluster has been provisioned, you need to install the [Azure Cloud Controller Manager](https://github.com/kubernetes-sigs/cloud-provider-azure). From cc2f8cd9e23b873b7b0f3f5e5b9c0ed9c28e9511 Mon Sep 17 00:00:00 2001 From: Rico Pahlisch Date: Tue, 2 Apr 2024 11:20:48 +0200 Subject: [PATCH 2/3] Update docs/providers-azure.md MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Léonard Suslian <58216931+synthe102@users.noreply.github.com> --- docs/providers-azure.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/providers-azure.md b/docs/providers-azure.md index 4963e2b..29414aa 100644 --- a/docs/providers-azure.md +++ b/docs/providers-azure.md @@ -1,4 +1,4 @@ -# Kamaji and AWS +# Kamaji and Azure The Kamaji Control Plane provider was able to create an _Azure_ backed Kubernetes cluster by providing Kamaji Control Planes. From 3e6fffa655b6148aaca16d0712f1016cf7c983ba Mon Sep 17 00:00:00 2001 From: Rico Pahlisch Date: Wed, 24 Jul 2024 14:06:08 +0200 Subject: [PATCH 3/3] change docs --- docs/providers-azure.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/docs/providers-azure.md b/docs/providers-azure.md index 29414aa..7f72fb9 100644 --- a/docs/providers-azure.md +++ b/docs/providers-azure.md @@ -24,9 +24,10 @@ metadata: namespace: default spec: clusterNetwork: + apiServerPort: 443 pods: cidrBlocks: - - 192.168.0.0/16 + - 10.244.0.0/16 controlPlaneRef: apiVersion: controlplane.cluster.x-k8s.io/v1beta1 kind: KamajiControlPlane @@ -46,11 +47,10 @@ spec: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: AzureClusterIdentity name: azure-identity - location: germanywestcentral + location: westeurope + controlPlaneEnabled: false networkSpec: subnets: - - name: control-plane-subnet - role: control-plane - name: node-subnet role: node vnet: @@ -97,11 +97,10 @@ spec: - InternalIP - Hostname network: - serviceAddress: 78.134.89.204 - serviceType: ClusterIP + serviceType: LoadBalancer deployment: replicas: 2 - version: 1.26.0 + version: 1.30.0 --- apiVersion: cluster.x-k8s.io/v1beta1 kind: MachineDeployment @@ -125,7 +124,7 @@ spec: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: AzureMachineTemplate name: capi-quickstart-md-0 - version: v1.26.0 + version: v1.30.0 --- apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: AzureMachineTemplate