feat: support create kubernetes cluster

.golangci.yaml

@@ -11,6 +11,9 @@ run:
   skip-files:
     - "^zz_generated.*"
 
+  build-tags:
+    - containers_image_openpgp
+
 output:
   # colored-line-number|line-number|json|tab|checkstyle|code-climate, default is "colored-line-number"
   format: colored-line-number

Makefile

@@ -67,6 +67,8 @@ LD_FLAGS="-s -w -X main.version=v${VERSION} -X main.buildDate=`date -u +'%Y-%m-%
 local : ARCH ?= $(shell go env GOOS)-$(shell go env GOARCH)
 ARCH ?= linux-amd64
 
+# build tags
+BUILD_TAGS="containers_image_openpgp"
 
 
 TAG_LATEST ?= false
@@ -125,7 +127,7 @@ all: manager kbcli probe reloader ## Make all cmd binaries.
 
 .PHONY: manifests
 manifests: test-go-generate controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
-	$(CONTROLLER_GEN) rbac:roleName=manager-role crd:generateEmbeddedObjectMeta=true webhook paths="./cmd/manager/...;./apis/...;./controllers/...;./internal/..." output:crd:artifacts:config=config/crd/bases
+	$(CONTROLLER_GEN) rbac:roleName=manager-role crd:generateEmbeddedObjectMeta=true webhook paths="./cmd/manager/...;./apis/...;./controllers/..." output:crd:artifacts:config=config/crd/bases
 	@cp config/crd/bases/* $(CHART_PATH)/crds
 	@cp config/rbac/role.yaml $(CHART_PATH)/config/rbac/role.yaml
 	$(MAKE) client-sdk-gen
@@ -160,7 +162,7 @@ fmt: ## Run go fmt against code.
 
 .PHONY: vet
 vet: ## Run go vet against code.
-	GOOS=$(GOOS) $(GO) vet -mod=mod ./...
+	GOOS=$(GOOS) $(GO) vet -tags $(BUILD_TAGS) -mod=mod ./...
 
 .PHONY: cue-fmt
 cue-fmt: cuetool ## Run cue fmt against code.
@@ -180,7 +182,7 @@ golangci-lint: golangci ## Run golangci-lint against code.
 
 .PHONY: staticcheck
 staticcheck: staticchecktool ## Run staticcheck against code.
-	$(STATICCHECK) ./...
+	$(STATICCHECK) -tags $(BUILD_TAGS) ./...
 
 .PHONY: build-checks
 build-checks: generate fmt vet goimports lint-fast ## Run build checks.
@@ -211,22 +213,22 @@ endif
 
 .PHONY: test-current-ctx
 test-current-ctx: manifests generate add-k8s-host ## Run operator controller tests with current $KUBECONFIG context. if existing k8s cluster is k3d or minikube, specify EXISTING_CLUSTER_TYPE.
-	USE_EXISTING_CLUSTER=true KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GO) test  -p 1 -coverprofile cover.out $(TEST_PACKAGES)
+	USE_EXISTING_CLUSTER=true KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GO) test -tags $(BUILD_TAGS) -p 1 -coverprofile cover.out $(TEST_PACKAGES)
 
 .PHONY: test-fast
 test-fast: envtest
-	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GO) test -short -coverprofile cover.out $(TEST_PACKAGES)
+	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GO) test -tags $(BUILD_TAGS) -short -coverprofile cover.out $(TEST_PACKAGES)
 
 .PHONY: test
 test: manifests generate test-go-generate add-k8s-host test-fast ## Run tests. if existing k8s cluster is k3d or minikube, specify EXISTING_CLUSTER_TYPE.
 
 .PHONY: race
 race:
-	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GO) test -race $(TEST_PACKAGES)
+	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GO) test -tags $(BUILD_TAGS) -race $(TEST_PACKAGES)
 
 .PHONY: test-integration
 test-integration: manifests generate envtest add-k8s-host ## Run tests. if existing k8s cluster is k3d or minikube, specify EXISTING_CLUSTER_TYPE.
-	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GO) test ./test/integration
+	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GO) test -tags $(BUILD_TAGS) ./test/integration
 
 .PHONY: test-delve
 test-delve: manifests generate envtest ## Run tests.
@@ -265,7 +267,7 @@ CLI_LD_FLAGS ="-s -w \
 	-X github.com/apecloud/kubeblocks/version.DefaultKubeBlocksVersion=$(VERSION)"
 
 bin/kbcli.%: test-go-generate ## Cross build bin/kbcli.$(OS).$(ARCH).
-	GOOS=$(word 2,$(subst ., ,$@)) GOARCH=$(word 3,$(subst ., ,$@)) CGO_ENABLED=0 $(GO) build -ldflags=${CLI_LD_FLAGS} -o $@ cmd/cli/main.go
+	GOOS=$(word 2,$(subst ., ,$@)) GOARCH=$(word 3,$(subst ., ,$@)) CGO_ENABLED=0 $(GO) build -tags $(BUILD_TAGS) -ldflags=${CLI_LD_FLAGS} -o $@ cmd/cli/main.go
 
 .PHONY: kbcli-fast
 kbcli-fast: OS=$(shell $(GO) env GOOS)
@@ -283,9 +285,7 @@ clean-kbcli: ## Clean bin/kbcli*.
 
 .PHONY: kbcli-doc
 kbcli-doc: generate test-go-generate ## generate CLI command reference manual.
-	$(GO) run ./hack/docgen/cli/main.go ./docs/user_docs/cli
-
-
+	$(GO) run -tags $(BUILD_TAGS) ./hack/docgen/cli/main.go ./docs/user_docs/cli
 
 .PHONY: api-doc
 api-doc:  ## generate API reference manual.
@@ -296,7 +296,7 @@ api-doc:  ## generate API reference manual.
 
 .PHONY: manager
 manager: cue-fmt generate manager-go-generate test-go-generate build-checks ## Build manager binary.
-	$(GO) build -ldflags=${LD_FLAGS} -o bin/manager ./cmd/manager/main.go
+	$(GO) build -tags $(BUILD_TAGS) -ldflags=${LD_FLAGS} -o bin/manager ./cmd/manager/main.go
 
 CERT_ROOT_CA ?= $(WEBHOOK_CERT_DIR)/rootCA.key
 .PHONY: webhook-cert
@@ -331,26 +331,26 @@ endif
 
 .PHONY: install
 install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config.
-	($(KUSTOMIZE) build config/crd | kubectl replace -f -) || ($(KUSTOMIZE) build config/crd | kubectl create -f -)
+	($(KUSTOMIZE) build -tags $(BUILD_TAGS) config/crd | kubectl replace -f -) || ($(KUSTOMIZE) build config/crd | kubectl create -f -)
 
 .PHONY: uninstall
 uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
-	$(KUSTOMIZE) build config/crd | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
+	$(KUSTOMIZE) build -tags $(BUILD_TAGS) config/crd | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
 
 .PHONY: deploy
 deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
 	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
-	$(KUSTOMIZE) build config/default | kubectl apply -f -
+	$(KUSTOMIZE) build -tags $(BUILD_TAGS) config/default | kubectl apply -f -
 
 .PHONY: dry-run
 dry-run: manifests kustomize ## Dry-run deploy job.
 	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
 	mkdir -p dry-run
-	$(KUSTOMIZE) build config/default > dry-run/manifests.yaml
+	$(KUSTOMIZE) build -tags $(BUILD_TAGS) config/default > dry-run/manifests.yaml
 
 .PHONY: undeploy
 undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
-	$(KUSTOMIZE) build config/default | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
+	$(KUSTOMIZE) build -tags $(BUILD_TAGS) config/default | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
 
 ##@ Contributor
 

docker/Dockerfile-tools

@@ -70,7 +70,7 @@ RUN --mount=type=bind,target=. \
 RUN --mount=type=bind,target=. \
     --mount=type=cache,target=/root/.cache/go-build \
     --mount=type=cache,target=/go/pkg \
-    CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} GOFLAGS="-mod=mod" go build -ldflags="${LD_FLAGS}" -a -o /out/kbcli cmd/cli/main.go
+    CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} GOFLAGS="-mod=mod" go build -ldflags="${LD_FLAGS}" -tags="containers_image_openpgp" -a -o /out/kbcli cmd/cli/main.go
 
 # Use alpine with tag 20230329 is corresponding to "edge" tag (latest release to date is 3.18) as of 20230625
 FROM docker.io/alpine:edge as dist

docs/user_docs/cli/cli.md

@@ -136,6 +136,14 @@ Inject faults to pod.
 * [kbcli fault time](kbcli_fault_time.md)	 - Clock skew failure.
 
 
+## [infra](kbcli_infra.md)
+
+infra command
+
+* [kbcli infra create](kbcli_infra_create.md)	 - create kubernetes cluster.
+* [kbcli infra delete](kbcli_infra_delete.md)	 - delete kubernetes cluster.
+
+
 ## [kubeblocks](kbcli_kubeblocks.md)
 
 KubeBlocks operation commands.

docs/user_docs/cli/kbcli.md

@@ -64,6 +64,7 @@ kbcli [flags]
 * [kbcli clusterversion](kbcli_clusterversion.md)	 - ClusterVersion command.
 * [kbcli dashboard](kbcli_dashboard.md)	 - List and open the KubeBlocks dashboards.
 * [kbcli fault](kbcli_fault.md)	 - Inject faults to pod.
+* [kbcli infra](kbcli_infra.md)	 - infra command
 * [kbcli kubeblocks](kbcli_kubeblocks.md)	 - KubeBlocks operation commands.
 * [kbcli migration](kbcli_migration.md)	 - Data migration between two data sources.
 * [kbcli options](kbcli_options.md)	 - Print the list of flags inherited by all commands.

docs/user_docs/cli/kbcli_builder_template.md

@@ -21,10 +21,10 @@ kbcli builder template [flags]
 ### Options
 
 ```
-  -a, --all                         template all config specs
       --clean                       specify whether to clear the output dir
       --cluster string              the cluster yaml file
-      --cluster-definition string   the cluster definition yaml file
+      --cluster-definition string   specify the cluster definition name
+      --cluster-version string      specify the cluster version name
       --component-name string       specify the component name of the clusterdefinition
       --config-spec string          specify the config spec to be rendered
       --cpu string                  specify the cpu of the component

docs/user_docs/cli/kbcli_infra.md

@@ -0,0 +1,44 @@
+---
+title: kbcli infra
+---
+
+infra command
+
+### Options
+
+```
+  -h, --help   help for infra
+```
+
+### Options inherited from parent commands
+
+```
+      --as string                      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.
+      --as-group stringArray           Group to impersonate for the operation, this flag can be repeated to specify multiple groups.
+      --as-uid string                  UID to impersonate for the operation.
+      --cache-dir string               Default cache directory (default "$HOME/.kube/cache")
+      --certificate-authority string   Path to a cert file for the certificate authority
+      --client-certificate string      Path to a client certificate file for TLS
+      --client-key string              Path to a client key file for TLS
+      --cluster string                 The name of the kubeconfig cluster to use
+      --context string                 The name of the kubeconfig context to use
+      --disable-compression            If true, opt-out of response compression for all requests to the server
+      --insecure-skip-tls-verify       If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+      --kubeconfig string              Path to the kubeconfig file to use for CLI requests.
+      --match-server-version           Require server version to match client version
+  -n, --namespace string               If present, the namespace scope for this CLI request
+      --request-timeout string         The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+  -s, --server string                  The address and port of the Kubernetes API server
+      --tls-server-name string         Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used
+      --token string                   Bearer token for authentication to the API server
+      --user string                    The name of the kubeconfig user to use
+```
+
+### SEE ALSO
+
+
+* [kbcli infra create](kbcli_infra_create.md)	 - create kubernetes cluster.
+* [kbcli infra delete](kbcli_infra_delete.md)	 - delete kubernetes cluster.
+
+#### Go Back to [CLI Overview](cli.md) Homepage.
+

docs/user_docs/cli/kbcli_infra_create.md

@@ -0,0 +1,127 @@
+---
+title: kbcli infra create
+---
+
+create kubernetes cluster.
+
+```
+kbcli infra create [flags]
+```
+
+### Examples
+
+```
+  # Create kubernetes cluster with specified config yaml
+  kbcli infra create -c cluster.yaml
+
+  # example cluster.yaml
+  cat cluster.yaml
+  metadata:
+  name: kb-k8s-test-cluster
+  user:
+  name: user1
+  privateKeyPath: ~/.ssh/test.pem
+  nodes:
+  - name: kb-infra-node-0
+  address: 1.1.1.1
+  internalAddress: 10.128.0.19
+  - name: kb-infra-node-1
+  address: 1.1.1.2
+  internalAddress: 10.128.0.20
+  - name: kb-infra-node-2
+  address: 1.1.1.3
+  internalAddress: 10.128.0.21
+  options:
+  hugePageFeature:
+  hugePageSize: 10GB
+  roleGroup:
+  etcd:
+  - kb-infra-node-0
+  - kb-infra-node-1
+  - kb-infra-node-2
+  master:
+  - kb-infra-node-0
+  worker:
+  - kb-infra-node-1
+  - kb-infra-node-2
+
+  kubernetes:
+  containerManager: containerd
+  # apis/kubeadm/types.Networking
+  networking:
+  plugin: cilium
+  dnsDomain: cluster.local
+  podSubnet: 10.233.64.0/18
+  serviceSubnet: 10.233.0.0/18
+  controlPlaneEndpoint:
+  domain: lb.kubeblocks.local
+  port: 6443
+  cri:
+  containerRuntimeType: "containerd"
+  containerRuntimeEndpoint: "unix:///run/containerd/containerd.sock"
+  sandBoxImage: "k8s.gcr.io/pause:3.8"
+  addons:
+  - name: openebs
+  namespace: kube-blocks
+  sources:
+  chart:
+  name: openebs
+  version: 3.7.0
+  repo: https://openebs.github.io/charts
+  options:
+  values:
+  - "localprovisioner.basePath=/mnt/disks"
+  - "localprovisioner.hostpathClass.isDefaultClass=true"
+```
+
+### Options
+
+```
+  -c, --config string              Specify infra cluster config file. [option]
+      --container-runtime string   Specify kubernetes container runtime. default is containerd (default "containerd")
+      --debug                      set debug mode
+      --etcd strings               Specify etcd nodes
+  -h, --help                       help for create
+      --master strings             Specify master nodes
+      --name string                Specify kubernetes cluster name
+      --nodes strings              List of machines on which kubernetes is installed. [require]
+      --output-kubeconfig string   Specified output kubeconfig. [option] (default "/home/runner/.kube/config")
+  -p, --password string            Specify the password for the account to execute sudo. [option]
+      --private-key string         The PrimaryKey for ssh to the remote machine. [option]
+      --private-key-path string    Specify the file PrimaryKeyPath of ssh to the remote machine. default ~/.ssh/id_rsa.
+      --sandbox-image string       Specified sandbox-image will not be used by the cri. [option] (default "k8s.gcr.io/pause:3.8")
+  -t, --timeout int                Specify the ssh timeout.[option] (default 30)
+  -u, --user string                Specify the account to access the remote server. [require]
+      --version string             Specify install kubernetes version. default version is v1.26.5 (default "v1.26.5")
+      --worker strings             Specify worker nodes
+```
+
+### Options inherited from parent commands
+
+```
+      --as string                      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.
+      --as-group stringArray           Group to impersonate for the operation, this flag can be repeated to specify multiple groups.
+      --as-uid string                  UID to impersonate for the operation.
+      --cache-dir string               Default cache directory (default "$HOME/.kube/cache")
+      --certificate-authority string   Path to a cert file for the certificate authority
+      --client-certificate string      Path to a client certificate file for TLS
+      --client-key string              Path to a client key file for TLS
+      --cluster string                 The name of the kubeconfig cluster to use
+      --context string                 The name of the kubeconfig context to use
+      --disable-compression            If true, opt-out of response compression for all requests to the server
+      --insecure-skip-tls-verify       If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+      --kubeconfig string              Path to the kubeconfig file to use for CLI requests.
+      --match-server-version           Require server version to match client version
+  -n, --namespace string               If present, the namespace scope for this CLI request
+      --request-timeout string         The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+  -s, --server string                  The address and port of the Kubernetes API server
+      --tls-server-name string         Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used
+      --token string                   Bearer token for authentication to the API server
+```
+
+### SEE ALSO
+
+* [kbcli infra](kbcli_infra.md)	 - infra command
+
+#### Go Back to [CLI Overview](cli.md) Homepage.
+