From d2266002aab2d1dbdbaf98f9b14e8b04569d49b8 Mon Sep 17 00:00:00 2001 From: Dan Norris Date: Mon, 6 May 2024 21:11:02 -0400 Subject: [PATCH] feat: add additional host configuration options for images, policy Add additional host options for the policy service, allowing insecure registries and pulling the latest tag of an OCI ref. Signed-off-by: Dan Norris --- Cargo.lock | 4 +- Cargo.toml | 2 +- crates/types/Cargo.toml | 2 +- .../src/v1alpha1/wasmcloud_host_config.rs | 16 +++++++ sample.yaml | 38 ++++++++++++----- src/controller.rs | 42 +++++++++++++++++++ 6 files changed, 89 insertions(+), 15 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 0877717..4f38799 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4414,7 +4414,7 @@ dependencies = [ [[package]] name = "wasmcloud-operator" -version = "0.2.0" +version = "0.2.1" dependencies = [ "anyhow", "async-nats", @@ -4452,7 +4452,7 @@ dependencies = [ [[package]] name = "wasmcloud-operator-types" -version = "0.1.2" +version = "0.1.3" dependencies = [ "k8s-openapi", "kube", diff --git a/Cargo.toml b/Cargo.toml index 070f800..28101ad 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "wasmcloud-operator" -version = "0.2.0" +version = "0.2.1" edition = "2021" [[bin]] diff --git a/crates/types/Cargo.toml b/crates/types/Cargo.toml index 5e1ec1c..51db27c 100644 --- a/crates/types/Cargo.toml +++ b/crates/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "wasmcloud-operator-types" -version = "0.1.2" +version = "0.1.3" edition = "2021" [dependencies] diff --git a/crates/types/src/v1alpha1/wasmcloud_host_config.rs b/crates/types/src/v1alpha1/wasmcloud_host_config.rs index cb6cd19..5feb063 100644 --- a/crates/types/src/v1alpha1/wasmcloud_host_config.rs +++ b/crates/types/src/v1alpha1/wasmcloud_host_config.rs @@ -54,14 +54,30 @@ pub struct WasmCloudHostConfigSpec { /// The Jetstream domain to use for the NATS sidecar. Defaults to "default". #[serde(default = "default_jetstream_domain")] pub jetstream_domain: String, + /// Allow the host to deploy using the latest tag on OCI components or providers + #[serde(default)] + pub allow_latest: bool, + /// Allow the host to pull artifacts from OCI registries insecurely + #[serde(default)] + pub allowed_insecure: Option>, /// The log level to use for the host. Defaults to "INFO". #[serde(default = "default_log_level")] pub log_level: String, + pub policy_service: Option, /// Kubernetes scheduling options for the wasmCloud host. pub scheduling_options: Option, } #[derive(Serialize, Deserialize, Clone, Debug, JsonSchema)] +#[serde(rename_all = "camelCase")] +pub struct PolicyService { + pub topic: Option, + pub timeout_ms: Option, + pub changes_topic: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, JsonSchema)] +#[serde(rename_all = "camelCase")] pub struct KubernetesSchedulingOptions { /// Run hosts as a DaemonSet instead of a Deployment. #[serde(default)] diff --git a/sample.yaml b/sample.yaml index bce34e6..404f8c2 100644 --- a/sample.yaml +++ b/sample.yaml @@ -4,7 +4,7 @@ metadata: name: my-wasmcloud-cluster namespace: default spec: - hostReplicas: 2 + hostReplicas: 1 issuers: - CDKF6OKPOBQKAX57UOXO7SCHURTOZWKWIVPC2HFJTGFXY5VJX44ECEHH # The lattice to connect the hosts to @@ -18,23 +18,39 @@ spec: secretName: cluster-secrets logLevel: INFO natsAddress: nats://nats-cluster.default.svc.cluster.local + ################################################ + # Additional options that can be set for hosts: + ################################################ + # allowLatest: true + # allowedInsecure: + # - "localhost:5001" + # - "kind-registry:5000" + # Policy service configuration + # policyService: + # topic: "foo" + # changesTopic: "bar" + # timeoutMs: 5000 # Additional options to control how the underlying wasmCloud hosts are scheduled in Kubernetes. # This includes setting resource requirements for the nats and wasmCloud host # containers along with any additional pot template settings. - #schedulingOptions: + # schedulingOptions: # Enable the following to run the wasmCloud hosts as a DaemonSet - #daemonset: true + # daemonset: true # Set the resource requirements for the nats and wasmCloud host containers. - #resources: - # nats: - # requests: - # cpu: 100m - # wasmCloudHost: - # requests: - # cpu: 100m + # resources: + # nats: + # requests: + # cpu: 100m + # wasmCloudHost: + # requests: + # cpu: 100m # Any additional pod template settings to apply to the wasmCloud host pods. # See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#podspec-v1-core for all valid options. # Note that you *cannot* set the `containers` field here as it is managed by the controller. - #pod_template_additions: + # podTemplateAdditions: + # spec: + # env: + # - name: HOST_IP + # value: spec.hostIP # nodeSelector: # kubernetes.io/os: linux diff --git a/src/controller.rs b/src/controller.rs index 550a6da..cfd5b00 100644 --- a/src/controller.rs +++ b/src/controller.rs @@ -342,6 +342,48 @@ fn pod_template(config: &WasmCloudHostConfig, _ctx: Arc) -> PodTemplate }); } + if config.spec.allow_latest { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_OCI_ALLOW_LATEST".to_string(), + value: Some("true".to_string()), + ..Default::default() + }); + } + + if let Some(values) = &config.spec.allowed_insecure { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_OCI_ALLOWED_INSECURE".to_string(), + value: Some(values.join(",")), + ..Default::default() + }); + } + + if let Some(policy) = &config.spec.policy_service { + if let Some(subject) = &policy.topic { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_POLICY_TOPIC".to_string(), + value: Some(subject.clone()), + ..Default::default() + }); + } + + if let Some(changes) = &policy.changes_topic { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_POLICY_CHANGES_TOPIC".to_string(), + value: Some(changes.clone()), + ..Default::default() + }); + } + + if let Some(timeout) = &policy.timeout_ms { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_POLICY_TIMEOUT".to_string(), + value: Some(timeout.to_string()), + ..Default::default() + }); + } + } + if let Some(labels) = &config.spec.host_labels { for (k, v) in labels.iter() { wasmcloud_env.push(EnvVar {