Support calico network plugin

controllers/checker/handle_calico.go

@@ -0,0 +1,200 @@
+/*
+Copyright 2021.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package checker
+
+import (
+	"context"
+
+	submarinerv1 "github.com/submariner-io/submariner/pkg/apis/submariner.io/v1"
+	netconsts "github.com/tkestack/knitnet-operator/controllers/discovery"
+	"github.com/tkestack/knitnet-operator/controllers/embeddedyamls"
+	"github.com/tkestack/knitnet-operator/controllers/ensures/broker"
+	"github.com/tkestack/knitnet-operator/controllers/ensures/common/configmaps"
+	"github.com/tkestack/knitnet-operator/controllers/ensures/common/daemonsets"
+	"github.com/tkestack/knitnet-operator/controllers/ensures/common/deployments"
+	"github.com/tkestack/knitnet-operator/controllers/ensures/common/ippools"
+	"github.com/tkestack/knitnet-operator/controllers/ensures/common/poddisruptionbudgets"
+	"github.com/tkestack/knitnet-operator/controllers/ensures/common/serviceaccount"
+	"github.com/tkestack/knitnet-operator/controllers/utils"
+	"k8s.io/client-go/rest"
+	"k8s.io/klog/v2"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+var kddCrds = []string{
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_bgpconfigurations_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_bgppeers_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_blockaffinities_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_clusterinformations_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_felixconfigurations_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_globalnetworkpolicies_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_globalnetworksets_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_hostendpoints_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_ipamblocks_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_ipamconfigs_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_ipamhandles_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_ippools_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_kubecontrollersconfigurations_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_networkpolicies_yaml,
+	embeddedyamls.Manifests_fix_calico_crds_crd_projectcalico_org_networksets_yaml,
+}
+
+func EnsureCalico(c client.Client) error {
+	if err := CreateOrUpdateKddCRD(c); err != nil {
+		return err
+	}
+	if err := CreateOrUpdateServiceAccount(c); err != nil {
+		return err
+	}
+	if err := CreateOrUpdateClusterRole(c); err != nil {
+		return err
+	}
+	if err := CreateOrUpdateClusterRoleBinding(c); err != nil {
+		return err
+	}
+	if err := CreateOrUpdateDeployment(c); err != nil {
+		return err
+	}
+	if err := CreateOrUpdateDaemonSet(c); err != nil {
+		return err
+	}
+	if err := CreateOrUpdateConfigMap(c); err != nil {
+		return err
+	}
+	if err := CreateOrUpdatePodDisruptionBudget(c); err != nil {
+		return err
+	}
+	return nil
+}
+
+func CreateOrUpdateIPPools(c client.Client, config *rest.Config, currentClusterID string, clusterInfos *[]broker.ClusterInfo) error {
+	klog.V(2).Infof("Creating IPPools")
+	clusters, err := GetClusters(c)
+	if err != nil {
+		return err
+	}
+	for _, clusterInfo := range *clusterInfos {
+		if clusterInfo.ClusterID == currentClusterID || clusterInfo.NetworkPlugin != netconsts.NetworkPluginCalico {
+			continue
+		}
+		cluster := GetClusterWithID(clusterInfo.ClusterID, clusters)
+		if err := ippools.EnsureIPPool(config, cluster.Spec.ClusterID+"-pod-cidr", cluster.Spec.ClusterCIDR[0]); err != nil {
+			return err
+		}
+		if err := ippools.EnsureIPPool(config, cluster.Spec.ClusterID+"-svc-cidr", cluster.Spec.ServiceCIDR[0]); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func GetClusterWithID(ID string, clusters *submarinerv1.ClusterList) *submarinerv1.Cluster {
+	for _, cluster := range clusters.Items {
+		if cluster.Spec.ClusterID == ID {
+			return &cluster
+		}
+	}
+	return nil
+}
+
+func GetClusters(c client.Client) (*submarinerv1.ClusterList, error) {
+	clusters := &submarinerv1.ClusterList{}
+	if err := c.List(context.TODO(), clusters); err != nil {
+		klog.Errorf("Failed to list Cluster: %v", err)
+		return nil, err
+	}
+	return clusters, nil
+}
+
+func CreateOrUpdateKddCRD(c client.Client) error {
+	for _, crd := range kddCrds {
+		if err := utils.CreateOrUpdateEmbeddedCRD(c, crd); err != nil {
+			klog.Errorf("Error creating the CRD: %v", err)
+			return err
+		}
+	}
+	return nil
+}
+
+func CreateOrUpdateServiceAccount(c client.Client) error {
+	if err := serviceaccount.EnsureServiceAccount(c, "kube-system",
+		embeddedyamls.Manifests_fix_calico_calico_kube_controllers_sa_yaml); err != nil {
+		return err
+	}
+
+	if err := serviceaccount.EnsureServiceAccount(c, "kube-system",
+		embeddedyamls.Manifests_fix_calico_calico_node_sa_yaml); err != nil {
+		return err
+	}
+	return nil
+}
+
+func CreateOrUpdateClusterRole(c client.Client) error {
+	if err := serviceaccount.EnsureClusterRole(c,
+		embeddedyamls.Manifests_fix_calico_calico_kube_controllers_clusterrole_yaml); err != nil {
+		return err
+	}
+	if err := serviceaccount.EnsureClusterRole(c,
+		embeddedyamls.Manifests_fix_calico_calico_node_clusterrole_yaml); err != nil {
+		return err
+	}
+	return nil
+}
+
+func CreateOrUpdateClusterRoleBinding(c client.Client) error {
+	if err := serviceaccount.EnsureClusterRoleBinding(c, "kube-system",
+		embeddedyamls.Manifests_fix_calico_calico_kube_controllers_clusterrolebinding_yaml); err != nil {
+		return err
+	}
+	if err := serviceaccount.EnsureClusterRoleBinding(c, "kube-system",
+		embeddedyamls.Manifests_fix_calico_calico_node_clusterrolebinding_yaml); err != nil {
+		return err
+	}
+	return nil
+}
+
+func CreateOrUpdateDeployment(c client.Client) error {
+	if err := deployments.EnsureDeployment(c, "kube-system",
+		embeddedyamls.Manifests_fix_calico_calico_kube_controllers_yaml); err != nil {
+		return err
+	}
+	return nil
+}
+
+func CreateOrUpdateDaemonSet(c client.Client) error {
+	if err := daemonsets.EnsureDaemonSet(c, "kube-system",
+		embeddedyamls.Manifests_fix_calico_calico_node_yaml); err != nil {
+		return err
+	}
+	return nil
+}
+
+func CreateOrUpdateConfigMap(c client.Client) error {
+	if err := configmaps.EnsureConfigMap(c, "kube-system",
+		embeddedyamls.Manifests_fix_calico_calico_config_yaml); err != nil {
+		return err
+	}
+	return nil
+}
+
+func CreateOrUpdatePodDisruptionBudget(c client.Client) error {
+	if err := poddisruptionbudgets.EnsurePodDisruptionBudget(c, "kube-system",
+		embeddedyamls.Manifests_fix_calico_calico_kube_controllers_pdb_yaml); err != nil {
+		return err
+	}
+	return nil
+}

controllers/discovery/globalnet/globalnet.go

@@ -58,6 +58,7 @@ type CIDR struct {
 }
 
 type Config struct {
+	NetworkPlugin           string
 	ClusterCIDR             string
 	ClusterID               string
 	GlobalnetCIDR           string

controllers/discovery/network/network.go

@@ -51,13 +51,6 @@ func (cn *ClusterNetwork) Show() {
 	}
 }
 
-// func (cn *ClusterNetwork) Log(logger logr.Logger) {
-// 	logger.Info("Discovered K8s network details",
-// 		"plugin", cn.NetworkPlugin,
-// 		"clusterCIDRs", cn.PodCIDRs,
-// 		"serviceCIDRs", cn.ServiceCIDRs)
-// }
-
 func (cn *ClusterNetwork) IsComplete() bool {
 	return cn != nil && len(cn.ServiceCIDRs) > 0 && len(cn.PodCIDRs) > 0
 }

controllers/embeddedyamls/generators/yamls2go.go

@@ -70,6 +70,31 @@ var files = []string{
 	"manifests/config/rbac/networkplugin_syncer/cluster_role.yaml",
 	"manifests/config/rbac/networkplugin_syncer/cluster_role_binding.yaml",
 	"manifests/fix/crds/discovery.k8s.io_endpointslices.yaml",
+	"manifests/fix/calico/calico-config.yaml",
+	"manifests/fix/calico/calico-kube-controllers-clusterrole.yaml",
+	"manifests/fix/calico/calico-kube-controllers-clusterrolebinding.yaml",
+	"manifests/fix/calico/calico-kube-controllers-pdb.yaml",
+	"manifests/fix/calico/calico-kube-controllers-sa.yaml",
+	"manifests/fix/calico/calico-kube-controllers.yaml",
+	"manifests/fix/calico/calico-node-clusterrole.yaml",
+	"manifests/fix/calico/calico-node-clusterrolebinding.yaml",
+	"manifests/fix/calico/calico-node-sa.yaml",
+	"manifests/fix/calico/calico-node.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_bgpconfigurations.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_bgppeers.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_blockaffinities.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_clusterinformations.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_felixconfigurations.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_globalnetworkpolicies.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_globalnetworksets.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_hostendpoints.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_ipamblocks.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_ipamconfigs.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_ipamhandles.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_ippools.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_kubecontrollersconfigurations.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_networkpolicies.yaml",
+	"manifests/fix/calico/crds/crd.projectcalico.org_networksets.yaml",
 }
 
 // Reads all .yaml files in the crdDirectory

controllers/ensures/broker/globalcidr_cm.go

@@ -37,8 +37,9 @@ const (
 )
 
 type ClusterInfo struct {
-	ClusterID  string   `json:"cluster_id"`
-	GlobalCidr []string `json:"global_cidr"`
+	ClusterID     string   `json:"cluster_id"`
+	NetworkPlugin string   `json:"network_plugin"`
+	GlobalCidr    []string `json:"global_cidr"`
 }
 
 func CreateGlobalnetConfigMap(c client.Client, globalnetEnabled bool, defaultGlobalCidrRange string,
@@ -90,28 +91,29 @@ func GeneralGlobalnetConfigMap(cm *v1.ConfigMap, globalnetEnabled bool, defaultG
 
 func UpdateGlobalnetConfigMap(c client.Client, namespace string,
 	configMap *v1.ConfigMap, newCluster ClusterInfo) error {
-	var clusterInfo []ClusterInfo
-	err := json.Unmarshal([]byte(configMap.Data[ClusterInfoKey]), &clusterInfo)
+	var clusterInfos []ClusterInfo
+	err := json.Unmarshal([]byte(configMap.Data[ClusterInfoKey]), &clusterInfos)
 	if err != nil {
 		return err
 	}
 
 	exists := false
-	for k, value := range clusterInfo {
+	for k, value := range clusterInfos {
 		if value.ClusterID == newCluster.ClusterID {
-			clusterInfo[k].GlobalCidr = newCluster.GlobalCidr
+			clusterInfos[k].GlobalCidr = newCluster.GlobalCidr
 			exists = true
 		}
 	}
 
 	if !exists {
-		var newEntry ClusterInfo
-		newEntry.ClusterID = newCluster.ClusterID
-		newEntry.GlobalCidr = newCluster.GlobalCidr
-		clusterInfo = append(clusterInfo, newEntry)
+		// var newEntry ClusterInfo
+		// newEntry.ClusterID = newCluster.ClusterID
+		// newEntry.NetworkPlugin = newCluster.NetworkPlugin
+		// newEntry.GlobalCidr = newCluster.GlobalCidr
+		clusterInfos = append(clusterInfos, newCluster)
 	}
 
-	data, err := json.MarshalIndent(clusterInfo, "", "\t")
+	data, err := json.MarshalIndent(clusterInfos, "", "\t")
 	if err != nil {
 		return err
 	}
@@ -128,3 +130,16 @@ func GetGlobalnetConfigMap(reader client.Reader, namespace string) (*v1.ConfigMa
 	}
 	return cm, nil
 }
+
+func GetClusterInfos(reader client.Reader, namespace string) ([]ClusterInfo, error) {
+	cm, err := GetGlobalnetConfigMap(reader, namespace)
+	if err != nil {
+		return nil, err
+	}
+	var clusterInfos []ClusterInfo
+	err = json.Unmarshal([]byte(cm.Data[ClusterInfoKey]), &clusterInfos)
+	if err != nil {
+		return nil, err
+	}
+	return clusterInfos, nil
+}

controllers/ensures/common/configmaps/ensure.go

@@ -0,0 +1,48 @@
+/*
+Copyright 2021.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package configmaps
+
+import (
+	"context"
+
+	"github.com/tkestack/knitnet-operator/controllers/embeddedyamls"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/klog/v2"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+func EnsureConfigMap(c client.Client, namespace, yaml string) error {
+	cmName, err := embeddedyamls.GetObjectName(yaml)
+	if err != nil {
+		return err
+	}
+	cm := &corev1.ConfigMap{ObjectMeta: metav1.ObjectMeta{Name: cmName, Namespace: namespace}}
+	or, err := ctrl.CreateOrUpdate(context.TODO(), c, cm, func() error {
+		if err := embeddedyamls.GetObject(yaml, cm); err != nil {
+			return err
+		}
+		return nil
+	})
+	if err != nil {
+		klog.Errorf("Failed to %s ConfigMap %s: %v", or, cm.GetName(), err)
+		return err
+	}
+	klog.V(2).Infof("ConfigMap %s %s", cm.GetName(), or)
+	return nil
+}