tigera · coutinhop · Sep 18, 2023 · Nov 2, 2022 · Jul 11, 2023 · Jul 11, 2023
@@ -0,0 +1,236 @@
+// Copyright (c) 2023 Tigera, Inc. All rights reserved.
+/*
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1
+
+import (
+	appsv1 "k8s.io/api/apps/v1"
+	v1 "k8s.io/api/core/v1"
+)
+
+// CalicoNodeWindowsDaemonSetContainer is a calico-node-windows DaemonSet container.
+type CalicoNodeWindowsDaemonSetContainer struct {
+	// Name is an enum which identifies the calico-node-windows DaemonSet container by name.
+	// +kubebuilder:validation:Enum=calico-node-windows
+	Name string `json:"name"`
+
+	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
+	// If specified, this overrides the named calico-node-windows DaemonSet container's resources.
+	// If omitted, the calico-node-windows DaemonSet will use its default value for this container's resources.
+	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
+	// +optional
+	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
+}
+
+// CalicoNodeWindowsDaemonSetInitContainer is a calico-node-windows DaemonSet init container.
+type CalicoNodeWindowsDaemonSetInitContainer struct {
+	// Name is an enum which identifies the calico-node-windows DaemonSet init container by name.
+	// +kubebuilder:validation:Enum=install-cni;hostpath-init;flexvol-driver;mount-bpffs;node-certs-key-cert-provisioner;calico-node-windows-prometheus-server-tls-key-cert-provisioner
+	Name string `json:"name"`
+
+	// Resources allows customization of limits and requests for compute resources such as cpu and memory.
+	// If specified, this overrides the named calico-node-windows DaemonSet init container's resources.
+	// If omitted, the calico-node-windows DaemonSet will use its default value for this container's resources.
+	// If used in conjunction with the deprecated ComponentResources, then this value takes precedence.
+	// +optional
+	Resources *v1.ResourceRequirements `json:"resources,omitempty"`
+}
+
+// CalicoNodeWindowsDaemonSetPodSpec is the calico-node-windows DaemonSet's PodSpec.
+type CalicoNodeWindowsDaemonSetPodSpec struct {
+	// InitContainers is a list of calico-node-windows init containers.
+	// If specified, this overrides the specified calico-node-windows DaemonSet init containers.
+	// If omitted, the calico-node-windows DaemonSet will use its default values for its init containers.
+	// +optional
+	InitContainers []CalicoNodeWindowsDaemonSetInitContainer `json:"initContainers,omitempty"`
+
+	// Containers is a list of calico-node-windows containers.
+	// If specified, this overrides the specified calico-node-windows DaemonSet containers.
+	// If omitted, the calico-node-windows DaemonSet will use its default values for its containers.
+	// +optional
+	Containers []CalicoNodeWindowsDaemonSetContainer `json:"containers,omitempty"`
+
+	// Affinity is a group of affinity scheduling rules for the calico-node-windows pods.
+	// If specified, this overrides any affinity that may be set on the calico-node-windows DaemonSet.
+	// If omitted, the calico-node-windows DaemonSet will use its default value for affinity.
+	// WARNING: Please note that this field will override the default calico-node-windows DaemonSet affinity.
+	// +optional
+	Affinity *v1.Affinity `json:"affinity"`
+
+	// NodeSelector is the calico-node-windows pod's scheduling constraints.
+	// If specified, each of the key/value pairs are added to the calico-node-windows DaemonSet nodeSelector provided
+	// the key does not already exist in the object's nodeSelector.
+	// If omitted, the calico-node-windows DaemonSet will use its default value for nodeSelector.
+	// WARNING: Please note that this field will modify the default calico-node-windows DaemonSet nodeSelector.
+	// +optional
+	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
+
+	// Tolerations is the calico-node-windows pod's tolerations.
+	// If specified, this overrides any tolerations that may be set on the calico-node-windows DaemonSet.
+	// If omitted, the calico-node-windows DaemonSet will use its default value for tolerations.
+	// WARNING: Please note that this field will override the default calico-node-windows DaemonSet tolerations.
+	// +optional
+	Tolerations []v1.Toleration `json:"tolerations"`
+}
+
+// CalicoNodeWindowsDaemonSetPodTemplateSpec is the calico-node-windows DaemonSet's PodTemplateSpec
+type CalicoNodeWindowsDaemonSetPodTemplateSpec struct {
+	// Metadata is a subset of a Kubernetes object's metadata that is added to
+	// the pod's metadata.
+	// +optional
+	Metadata *Metadata `json:"metadata,omitempty"`
+
+	// Spec is the calico-node-windows DaemonSet's PodSpec.
+	// +optional
+	Spec *CalicoNodeWindowsDaemonSetPodSpec `json:"spec,omitempty"`
+}
+
+// CalicoNodeWindowsDaemonSet is the configuration for the calico-node-windows DaemonSet.
+type CalicoNodeWindowsDaemonSet struct {
+	// Metadata is a subset of a Kubernetes object's metadata that is added to the DaemonSet.
+	// +optional
+	Metadata *Metadata `json:"metadata,omitempty"`
+
+	// Spec is the specification of the calico-node-windows DaemonSet.
+	// +optional
+	Spec *CalicoNodeWindowsDaemonSetSpec `json:"spec,omitempty"`
+}
+
+// CalicoNodeWindowsDaemonSetSpec defines configuration for the calico-node-windows DaemonSet.
+type CalicoNodeWindowsDaemonSetSpec struct {
+	// MinReadySeconds is the minimum number of seconds for which a newly created DaemonSet pod should
+	// be ready without any of its container crashing, for it to be considered available.
+	// If specified, this overrides any minReadySeconds value that may be set on the calico-node-windows DaemonSet.
+	// If omitted, the calico-node-windows DaemonSet will use its default value for minReadySeconds.
+	// +optional
+	// +kubebuilder:validation:Minimum=0
+	// +kubebuilder:validation:Maximum=2147483647
+	MinReadySeconds *int32 `json:"minReadySeconds,omitempty"`
+
+	// Template describes the calico-node-windows DaemonSet pod that will be created.
+	// +optional
+	Template *CalicoNodeWindowsDaemonSetPodTemplateSpec `json:"template,omitempty"`
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetMetadata() *Metadata {
+	return c.Metadata
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetMinReadySeconds() *int32 {
+	if c.Spec != nil {
+		return c.Spec.MinReadySeconds
+	}
+	return nil
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetPodTemplateMetadata() *Metadata {
+	if c.Spec != nil {
+		if c.Spec.Template != nil {
+			return c.Spec.Template.Metadata
+		}
+	}
+	return nil
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetInitContainers() []v1.Container {
+	if c.Spec != nil {
+		if c.Spec.Template != nil {
+			if c.Spec.Template.Spec != nil {
+				if c.Spec.Template.Spec.InitContainers != nil {
+					cs := make([]v1.Container, len(c.Spec.Template.Spec.InitContainers))
+					for i, v := range c.Spec.Template.Spec.InitContainers {
+						// Only copy and return the container if it has resources set.
+						if v.Resources == nil {
+							continue
+						}
+						c := v1.Container{Name: v.Name, Resources: *v.Resources}
+						cs[i] = c
+					}
+					return cs
+				}
+			}
+		}
+	}
+	return nil
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetContainers() []v1.Container {
+	if c.Spec != nil {
+		if c.Spec.Template != nil {
+			if c.Spec.Template.Spec != nil {
+				if c.Spec.Template.Spec.Containers != nil {
+					cs := make([]v1.Container, len(c.Spec.Template.Spec.Containers))
+					for i, v := range c.Spec.Template.Spec.Containers {
+						// Only copy and return the container if it has resources set.
+						if v.Resources == nil {
+							continue
+						}
+						c := v1.Container{Name: v.Name, Resources: *v.Resources}
+						cs[i] = c
+					}
+					return cs
+				}
+			}
+		}
+	}
+	return nil
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetAffinity() *v1.Affinity {
+	if c.Spec != nil {
+		if c.Spec.Template != nil {
+			if c.Spec.Template.Spec != nil {
+				return c.Spec.Template.Spec.Affinity
+			}
+		}
+	}
+	return nil
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetTopologySpreadConstraints() []v1.TopologySpreadConstraint {
+	// TopologySpreadConstraints aren't needed for Calico DaemonSet resources.
+	return nil
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetNodeSelector() map[string]string {
+	if c.Spec != nil {
+		if c.Spec.Template != nil {
+			if c.Spec.Template.Spec != nil {
+				return c.Spec.Template.Spec.NodeSelector
+			}
+		}
+	}
+	return nil
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetTolerations() []v1.Toleration {
+	if c.Spec != nil {
+		if c.Spec.Template != nil {
+			if c.Spec.Template.Spec != nil {
+				return c.Spec.Template.Spec.Tolerations
+			}
+		}
+	}
+	return nil
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetTerminationGracePeriodSeconds() *int64 {
+	return nil
+}
+
+func (c *CalicoNodeWindowsDaemonSet) GetDeploymentStrategy() *appsv1.DeploymentStrategy {
+	return nil
+}
@@ -171,9 +171,13 @@ type InstallationSpec struct {
 	// ComponentResources or TyphaAffinity, then these overrides take precedence.
 	TyphaDeployment *TyphaDeployment `json:"typhaDeployment,omitempty"`
 
+	// Deprecated. The CalicoWindowsUpgradeDaemonSet is deprecated and will be removed from the API in the future.
 	// CalicoWindowsUpgradeDaemonSet configures the calico-windows-upgrade DaemonSet.
 	CalicoWindowsUpgradeDaemonSet *CalicoWindowsUpgradeDaemonSet `json:"calicoWindowsUpgradeDaemonSet,omitempty"`
 
+	// CalicoNodeWindowsDaemonSet configures the calico-node-windows DaemonSet.
+	CalicoNodeWindowsDaemonSet *CalicoNodeWindowsDaemonSet `json:"calicoNodeWindowsDaemonSet,omitempty"`
+
 	// FIPSMode uses images and features only that are using FIPS 140-2 validated cryptographic modules and standards.
 	// Default: Disabled
 	// +kubebuilder:validation:Enum=Enabled;Disabled
@@ -183,6 +187,14 @@ type InstallationSpec struct {
 	// Logging Configuration for Components
 	// +optional
 	Logging *Logging `json:"logging,omitempty"`
+
+	// Windows Configuration
+	// +optional
+	WindowsNodes *WindowsNodeSpec `json:"windowsNodes,omitempty"`
+
+	// Kubernetes Service CIDRs. Specifying this is required when using Calico for Windows.
+	// +optional
+	ServiceCIDRs []string `json:"serviceCIDRs,omitempty"`
 }
 
 type Logging struct {
@@ -256,6 +268,9 @@ type ComponentName string
 
 const (
 	ComponentNameNode            ComponentName = "Node"
+	ComponentNameNodeWindows     ComponentName = "NodeWindows"
+	ComponentNameFelixWindows    ComponentName = "FelixWindows"
+	ComponentNameConfdWindows    ComponentName = "ConfdWindows"
 	ComponentNameTypha           ComponentName = "Typha"
 	ComponentNameKubeControllers ComponentName = "KubeControllers"
 )
@@ -380,6 +395,14 @@ const (
 	LinuxDataplaneVPP      LinuxDataplaneOption = "VPP"
 )
 
+// +kubebuilder:validation:Enum=HNS;Disabled
+type WindowsDataplaneOption string
+
+const (
+	WindowsDataplaneDisabled WindowsDataplaneOption = "Disabled"
+	WindowsDataplaneHNS      WindowsDataplaneOption = "HNS"
+)
+
 // CalicoNetworkSpec specifies configuration options for Calico provided pod networking.
 type CalicoNetworkSpec struct {
 	// LinuxDataplane is used to select the dataplane used for Linux nodes. In particular, it
@@ -390,6 +413,13 @@ type CalicoNetworkSpec struct {
 	// +kubebuilder:validation:Enum=Iptables;BPF;VPP
 	LinuxDataplane *LinuxDataplaneOption `json:"linuxDataplane,omitempty"`
 
+	// WindowsDataplane is used to select the dataplane used for Windows nodes. In particular, it
+	// causes the operator to add required mounts and environment variables for the particular dataplane.
+	// If not specified, it is disabled and the operator will not render the Calico Windows nodes daemonset.
+	// Default: Disabled
+	// +optional
+	WindowsDataplane *WindowsDataplaneOption `json:"windowsDataplane,omitempty"`
+
 	// BGP configures whether or not to enable Calico's BGP capabilities.
 	// +optional
 	// +kubebuilder:validation:Enum=Enabled;Disabled
@@ -764,3 +794,34 @@ func IsFIPSModeEnabled(mode *FIPSMode) bool {
 func IsFIPSModeEnabledString(mode *FIPSMode) string {
 	return fmt.Sprintf("%t", IsFIPSModeEnabled(mode))
 }
+
+type WindowsNodeSpec struct {
+	// CNIBinDir is the path to the CNI binaries directory on Windows, it must match what is used as 'bin_dir' under
+	// [plugins]
+	//   [plugins."io.containerd.grpc.v1.cri"]
+	//     [plugins."io.containerd.grpc.v1.cri".cni]
+	// on the containerd 'config.toml' file on the Windows nodes.
+	// +optional
+	CNIBinDir string `json:"cniBinDir,omitempty"`
+
+	// CNIConfigDir is the path to the CNI configuration directory on Windows, it must match what is used as 'conf_dir' under
+	// [plugins]
+	//   [plugins."io.containerd.grpc.v1.cri"]
+	//     [plugins."io.containerd.grpc.v1.cri".cni]
+	// on the containerd 'config.toml' file on the Windows nodes.
+	// +optional
+	CNIConfigDir string `json:"cniConfigDir,omitempty"`
+
+	// CNILogDir is the path to the Calico CNI logs directory on Windows.
+	// +optional
+	CNILogDir string `json:"cniLogDir,omitempty"`
+
+	// VXLANMACPrefix is the prefix used when generating MAC addresses for virtual NICs
+	// +optional
+	// +kubebuilder:validation:Pattern=`^[0-9A-Fa-f]{2}-[0-9A-Fa-f]{2}$`
+	VXLANMACPrefix string `json:"vxlanMACPrefix,omitempty"`
+
+	// VXLANAdapter is the Network Adapter used for VXLAN, leave blank for primary NIC
+	// +optional
+	VXLANAdapter string `json:"vxlanAdapter,omitempty"`
+}
@@ -1,4 +1,4 @@
-// Copyright (c) 2022 Tigera, Inc. All rights reserved.
+// Copyright (c) 2022-2023 Tigera, Inc. All rights reserved.
 /*
 
 Licensed under the Apache License, Version 2.0 (the "License");
@@ -77,6 +77,7 @@ type CalicoWindowsUpgradeDaemonSetPodTemplateSpec struct {
 	Spec *CalicoWindowsUpgradeDaemonSetPodSpec `json:"spec,omitempty"`
 }
 
+// Deprecated. The CalicoWindowsUpgradeDaemonSet is deprecated and will be removed from the API in the future.
 // CalicoWindowsUpgradeDaemonSet is the configuration for the calico-windows-upgrade DaemonSet.
 type CalicoWindowsUpgradeDaemonSet struct {
 	// Metadata is a subset of a Kubernetes object's metadata that is added to the Deployment.