diff --git a/.github/workflows/test_chart.yaml b/.github/workflows/test_chart.yaml index 7b697ebd..a14bbd1f 100644 --- a/.github/workflows/test_chart.yaml +++ b/.github/workflows/test_chart.yaml @@ -59,7 +59,7 @@ jobs: run: kind load docker-image ${{ env.MANIFEST_IMG }}:${{ env.TAG }} - name: Run chart-testing (install) - run: helm install rancher-turtles out/charts/rancher-turtles/ -n rancher-turtles-system --create-namespace --wait --set cluster-api-operator.cert-manager.enabled=true + run: helm install rancher-turtles out/charts/rancher-turtles/ -n rancher-turtles-system --create-namespace --wait --set cluster-api-operator.cluster-api.enabled=false --set cluster-api-operator.enabled=false - name: Run chart-testing (un-install) run: helm uninstall rancher-turtles -n rancher-turtles-system --wait diff --git a/README.md b/README.md index 2dad1d03..71b405ce 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,74 @@ Currently this project has the following functionality: ## How to use this? -Instructions coming soon :) +### Installation + +``` +Note: The following will only work after we release the first version of the extension. +``` + +Prerequisites: + +- Running [Rancher Manager cluster](https://ranchermanager.docs.rancher.com/) with cert-manager +- [Helm](https://helm.sh/) + +Quick start: + +These commands will install: Rancher turtles extension, CAPI Operator, CAPI itself with kubeadmin bootstrap and control plane providers. + +```bash +helm repo add rancher-turtles https://rancher-sandbox.github.io/rancher-turtles +helm repo update +helm install rancher-turtles rancher-turtles/rancher-turtles --create-namespace -n rancher-turtles-system +``` + +Customizing the deployment: + +The Rancher turtles Helm chart supports the following values: + +```yaml +rancherTurtles: + image: controller # image to use for the extension + tag: v0.0.0 # tag to use for the extension + imagePullPolicy: Never # image pull policy to use for the extension + namespace: rancher-turtles-system # namespace to deploy to (default: rancher-turtles-system) +cluster-api-operator: + enabled: true # indicates if CAPI operator should be installed (default: true) + cert-manager: + enabled: true # indicates if cert-manager should be installed (default: true) + cluster-api: + enabled: true # indicates if core CAPI controllers should be installed (default: true) + version: v1.4.6 # version of CAPI to install (default: v1.4.6) + configSecret: + name: "" # name of the config secret to use for core CAPI controllers, used by the CAPI operator. See [CAPI operator](https://github.com/kubernetes-sigs/cluster-api-operator/tree/main/docs#installing-azure-infrastructure-provider) docs for more details. + namespace: "" # namespace of the config secret to use for core CAPI controllers, used by the CAPI operator. + core: + namespace: capi-system + fetchConfig: # (only required for airgapped environments) + url: "" # url to fetch config from, used by the CAPI operator. See [CAPI operator](https://github.com/kubernetes-sigs/cluster-api-operator/tree/main/docs#provider-spec) docs for more details. + selector: "" # selector to use for fetching config, used by the CAPI operator. + kubeadmBootstrap: + namespace: capi-kubeadm-bootstrap-system + fetchConfig: + url: "" + selector: "" + kubeadmControlPlane: + namespace: capi-kubeadm-control-plane-system + fetchConfig: + url: "" + selector: "" + +``` +### Installing CAPI providers + +The Rancher turtles extension does not install any CAPI providers, you will need to install them yourself using [CAPI operator](https://github.com/kubernetes-sigs/cluster-api-operator/tree/main/docs). + +To quickly deploy docker infrastructure, kubeadm bootstrap and control plane providers, apply the following: + +``` +kubectl apply -f https://raw.githubusercontent.com/rancher-sandbox/rancher-turtles/main/test/e2e/resources/config/capi-providers-secret.yaml +kubectl apply -f https://raw.githubusercontent.com/rancher-sandbox/rancher-turtles/main/test/e2e/resources/config/capi-providers.yaml +``` ## How to contribute? See our [contributor guide](CONTRIBUTING.md) for more details on how to get involved. @@ -68,4 +135,4 @@ What happens when you run `make dev-env`? ## Code of Conduct -Participation in the project is governed by [Code of Conduct](code-of-conduct.md). \ No newline at end of file +Participation in the project is governed by [Code of Conduct](code-of-conduct.md). diff --git a/charts/rancher-turtles/templates/core-provider.yaml b/charts/rancher-turtles/templates/core-provider.yaml new file mode 100644 index 00000000..f0005472 --- /dev/null +++ b/charts/rancher-turtles/templates/core-provider.yaml @@ -0,0 +1,71 @@ +{{- if index .Values "cluster-api-operator" "cluster-api" "enabled" }} +--- +apiVersion: v1 +kind: Namespace +metadata: + annotations: + "helm.sh/hook": "post-install, post-upgrade" + "helm.sh/hook-weight": "1" + name: {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }} +--- +apiVersion: operator.cluster.x-k8s.io/v1alpha1 +kind: CoreProvider +metadata: + name: cluster-api + namespace: {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }} + annotations: + "helm.sh/hook": "post-install, post-upgrade" + "helm.sh/hook-weight": "2" +spec: + version: {{ index .Values "cluster-api-operator" "cluster-api" "version" }} + additionalManifests: + name: capi-additional-rbac-roles + namespace: {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }} +{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }} + secretName: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }} +{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "namespace" }} + secretNamespace: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "namespace" }} +{{- end }} +{{- end }} +{{- if or (index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "url") (index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "selector") }} + fetchConfig: + {{- if index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "url" }} + url: {{ index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "url" }} + {{- end }} + {{- if index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "selector" }} + selector: {{ index .Values "cluster-api-operator" "cluster-api" "core" "fetchConfig" "selector" }} + {{- end }} +{{- end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: capi-additional-rbac-roles + namespace: {{ index .Values "cluster-api-operator" "cluster-api" "core" "namespace" }} + annotations: + "helm.sh/hook": "post-install, post-upgrade" + "helm.sh/hook-weight": "2" +data: + manifests: |- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: provisioning-rke-cattle-io + labels: + cluster.x-k8s.io/aggregate-to-manager: "true" + rules: + - apiGroups: ["rke.cattle.io"] + resources: ["*"] + verbs: ["*"] + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: provisioning-rke-machine-cattle-io + labels: + cluster.x-k8s.io/aggregate-to-manager: "true" + rules: + - apiGroups: ["rke-machine.cattle.io"] + resources: ["*"] + verbs: ["*"] +{{- end }} diff --git a/charts/rancher-turtles/templates/kubeadm-bootstrap.yaml b/charts/rancher-turtles/templates/kubeadm-bootstrap.yaml new file mode 100644 index 00000000..2cba5554 --- /dev/null +++ b/charts/rancher-turtles/templates/kubeadm-bootstrap.yaml @@ -0,0 +1,36 @@ +{{- if index .Values "cluster-api-operator" "cluster-api" "enabled" }} +--- +apiVersion: v1 +kind: Namespace +metadata: + annotations: + "helm.sh/hook": "post-install, post-upgrade" + "helm.sh/hook-weight": "1" + name: {{ index .Values "cluster-api-operator" "cluster-api" "kubeadmBootstrap" "namespace" }} +--- +apiVersion: operator.cluster.x-k8s.io/v1alpha1 +kind: BootstrapProvider +metadata: + name: kubeadm + namespace: {{ index .Values "cluster-api-operator" "cluster-api" "kubeadmBootstrap" "namespace" }} + annotations: + "helm.sh/hook": "post-install, post-upgrade" + "helm.sh/hook-weight": "2" +spec: + version: {{ index .Values "cluster-api-operator" "cluster-api" "version" }} +{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }} + secretName: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }} +{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "namespace" }} + secretNamespace: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "namespace" }} +{{- end }} +{{- end }} +{{- if or (index .Values "cluster-api-operator" "cluster-api" "kubeadmBootstrap" "fetchConfig" "url") (index .Values "cluster-api-operator" "cluster-api" "kubeadmBootstrap" "fetchConfig" "selector") }} + fetchConfig: + {{- if index .Values "cluster-api-operator" "cluster-api" "kubeadmBootstrap" "fetchConfig" "url" }} + url: {{ index .Values "cluster-api-operator" "cluster-api" "kubeadmBootstrap" "fetchConfig" "url" }} + {{- end }} + {{- if index .Values "cluster-api-operator" "cluster-api" "kubeadmBootstrap" "fetchConfig" "selector" }} + selector: {{ index .Values "cluster-api-operator" "cluster-api" "kubeadmBootstrap" "fetchConfig" "selector" }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/rancher-turtles/templates/kubeadm-control-plane.yaml b/charts/rancher-turtles/templates/kubeadm-control-plane.yaml new file mode 100644 index 00000000..8eb5cf3e --- /dev/null +++ b/charts/rancher-turtles/templates/kubeadm-control-plane.yaml @@ -0,0 +1,36 @@ +{{- if index .Values "cluster-api-operator" "cluster-api" "enabled" }} +--- +apiVersion: v1 +kind: Namespace +metadata: + annotations: + "helm.sh/hook": "post-install, post-upgrade" + "helm.sh/hook-weight": "1" + name: {{ index .Values "cluster-api-operator" "cluster-api" "kubeadmControlPlane" "namespace" }} +--- +apiVersion: operator.cluster.x-k8s.io/v1alpha1 +kind: ControlPlaneProvider +metadata: + name: kubeadm + namespace: {{ index .Values "cluster-api-operator" "cluster-api" "kubeadmControlPlane" "namespace" }} + annotations: + "helm.sh/hook": "post-install, post-upgrade" + "helm.sh/hook-weight": "2" +spec: + version: {{ index .Values "cluster-api-operator" "cluster-api" "version" }} +{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }} + secretName: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "name" }} +{{- if index .Values "cluster-api-operator" "cluster-api" "configSecret" "namespace" }} + secretNamespace: {{ index .Values "cluster-api-operator" "cluster-api" "configSecret" "namespace" }} +{{- end }} +{{- end }} +{{- if or (index .Values "cluster-api-operator" "cluster-api" "kubeadmControlPlane" "fetchConfig" "url") (index .Values "cluster-api-operator" "cluster-api" "kubeadmControlPlane" "fetchConfig" "selector") }} + fetchConfig: + {{- if index .Values "cluster-api-operator" "cluster-api" "kubeadmControlPlane" "fetchConfig" "url" }} + url: {{ index .Values "cluster-api-operator" "cluster-api" "kubeadmControlPlane" "fetchConfig" "url" }} + {{- end }} + {{- if index .Values "cluster-api-operator" "cluster-api" "kubeadmControlPlane" "fetchConfig" "selector" }} + selector: {{ index .Values "cluster-api-operator" "cluster-api" "kubeadmControlPlane" "fetchConfig" "selector" }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/rancher-turtles/values.yaml b/charts/rancher-turtles/values.yaml index 1e92802b..54457d70 100644 --- a/charts/rancher-turtles/values.yaml +++ b/charts/rancher-turtles/values.yaml @@ -5,3 +5,26 @@ rancherTurtles: namespace: rancher-turtles-system cluster-api-operator: enabled: true + cert-manager: + enabled: true + cluster-api: + enabled: true + version: v1.4.6 + configSecret: + name: "" + namespace: "" + core: + namespace: capi-system + fetchConfig: + url: "" + selector: "" + kubeadmBootstrap: + namespace: capi-kubeadm-bootstrap-system + fetchConfig: + url: "" + selector: "" + kubeadmControlPlane: + namespace: capi-kubeadm-control-plane-system + fetchConfig: + url: "" + selector: "" diff --git a/test/e2e/e2e_suite_test.go b/test/e2e/e2e_suite_test.go index 05282355..2911d557 100644 --- a/test/e2e/e2e_suite_test.go +++ b/test/e2e/e2e_suite_test.go @@ -246,8 +246,8 @@ func initBootstrapCluster(bootstrapClusterProxy framework.ClusterProxy, config * } func initRancherTurtles(clusterProxy framework.ClusterProxy, config *clusterctl.E2EConfig) { - By("Adding docker variables secret") - Expect(clusterProxy.Apply(ctx, dockerVariablesSecret)).To(Succeed()) + By("Adding CAPI variables secret") + Expect(clusterProxy.Apply(ctx, capiProvidersSecret)).To(Succeed()) By("Installing rancher-turtles chart") chart := &HelmChart{ @@ -258,12 +258,50 @@ func initRancherTurtles(clusterProxy framework.ClusterProxy, config *clusterctl. AdditionalFlags: Flags("-n", rancherTurtlesNamespace, "--create-namespace", "--wait"), } _, err := chart.Run(map[string]string{ - "cluster-api-operator.cert-manager.enabled": "true", - "cluster-api-operator.infrastructure": config.GetVariable(capiInfrastructure), - "cluster-api-operator.secretName": "variables", - "cluster-api-operator.secretNamespace": "default", + "cluster-api-operator.cluster-api.configSecret.namespace": "default", + "cluster-api-operator.cluster-api.configSecret.name": "variables", }) Expect(err).ToNot(HaveOccurred()) + + By("Adding CAPI infrastructure providers") + Expect(clusterProxy.Apply(ctx, capiProviders)).To(Succeed()) + + By("Waiting for CAPI deployment to be available") + framework.WaitForDeploymentsAvailable(ctx, framework.WaitForDeploymentsAvailableInput{ + Getter: bootstrapClusterProxy.GetClient(), + Deployment: &appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Name: "capi-controller-manager", + Namespace: "capi-system", + }}, + }, config.GetIntervals(bootstrapClusterProxy.GetName(), "wait-controllers")...) + + By("Waiting for CAPI kubeadm bootstrap deployment to be available") + framework.WaitForDeploymentsAvailable(ctx, framework.WaitForDeploymentsAvailableInput{ + Getter: bootstrapClusterProxy.GetClient(), + Deployment: &appsv1.Deployment{ObjectMeta: metav1.ObjectMeta{ + Name: "capi-kubeadm-bootstrap-controller-manager", + Namespace: "capi-kubeadm-bootstrap-system", + }}, + }, config.GetIntervals(bootstrapClusterProxy.GetName(), "wait-controllers")...) + + By("Waiting for CAPI kubeadm control plane deployment to be available") + framework.WaitForDeploymentsAvailable(ctx, framework.WaitForDeploymentsAvailableInput{ + Getter: bootstrapClusterProxy.GetClient(), + Deployment: &appsv1.Deployment{ObjectMeta: metav1.ObjectMeta{ + Name: "capi-kubeadm-control-plane-controller-manager", + Namespace: "capi-kubeadm-control-plane-system", + }}, + }, config.GetIntervals(bootstrapClusterProxy.GetName(), "wait-controllers")...) + + By("Waiting for CAPI docker provider deployment to be available") + framework.WaitForDeploymentsAvailable(ctx, framework.WaitForDeploymentsAvailableInput{ + Getter: bootstrapClusterProxy.GetClient(), + Deployment: &appsv1.Deployment{ObjectMeta: metav1.ObjectMeta{ + Name: "capd-controller-manager", + Namespace: "capd-system", + }}, + }, config.GetIntervals(bootstrapClusterProxy.GetName(), "wait-controllers")...) } func initRancher(clusterProxy framework.ClusterProxy, config *clusterctl.E2EConfig) { diff --git a/test/e2e/helpers_test.go b/test/e2e/helpers_test.go index c18095ec..55fe70be 100644 --- a/test/e2e/helpers_test.go +++ b/test/e2e/helpers_test.go @@ -30,8 +30,11 @@ var ( //go:embed resources/testdata/fleet-capi-test.yaml fleetCAPITestdata []byte - //go:embed resources/config/docker-infra-secret.yaml - dockerVariablesSecret []byte + //go:embed resources/config/capi-providers-secret.yaml + capiProvidersSecret []byte + + //go:embed resources/config/capi-providers.yaml + capiProviders []byte //go:embed resources/config/ingress.yaml ingressConfig []byte diff --git a/test/e2e/resources/config/docker-infra-secret.yaml b/test/e2e/resources/config/capi-providers-secret.yaml similarity index 78% rename from test/e2e/resources/config/docker-infra-secret.yaml rename to test/e2e/resources/config/capi-providers-secret.yaml index 26715ea6..cb139b8e 100644 --- a/test/e2e/resources/config/docker-infra-secret.yaml +++ b/test/e2e/resources/config/capi-providers-secret.yaml @@ -6,4 +6,5 @@ metadata: type: Opaque stringData: CLUSTER_TOPOLOGY: "true" - EXP_CLUSTER_RESOURCE_SET: "true" \ No newline at end of file + EXP_CLUSTER_RESOURCE_SET: "true" + diff --git a/test/e2e/resources/config/capi-providers.yaml b/test/e2e/resources/config/capi-providers.yaml new file mode 100644 index 00000000..4069358d --- /dev/null +++ b/test/e2e/resources/config/capi-providers.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: capd-system +--- +apiVersion: operator.cluster.x-k8s.io/v1alpha1 +kind: InfrastructureProvider +metadata: + name: docker + namespace: capd-system +spec: + secretName: variables + secretNamespace: default