From 7c2f6f0a1e77e593d471bd5207d4e3fc4cdd847d Mon Sep 17 00:00:00 2001 From: Robert Volkmann <20912167+robertvolkmann@users.noreply.github.com> Date: Thu, 6 Jun 2024 12:43:05 +0200 Subject: [PATCH] Duros API endpoint is required (#380) --- .../templates/duros-controller.yaml | 8 ++++++-- pkg/apis/config/types.go | 16 +++++----------- pkg/apis/config/v1alpha1/types.go | 16 +++++----------- .../config/v1alpha1/zz_generated.conversion.go | 4 ++-- .../config/v1alpha1/zz_generated.deepcopy.go | 5 ----- pkg/apis/config/zz_generated.deepcopy.go | 5 ----- pkg/controller/controlplane/valuesprovider.go | 14 ++++++++------ 7 files changed, 26 insertions(+), 42 deletions(-) diff --git a/charts/internal/control-plane/templates/duros-controller.yaml b/charts/internal/control-plane/templates/duros-controller.yaml index 00d7644a1..9a23b2b0c 100644 --- a/charts/internal/control-plane/templates/duros-controller.yaml +++ b/charts/internal/control-plane/templates/duros-controller.yaml @@ -64,8 +64,10 @@ type: Opaque data: admin-key: {{ required ".Values.duros.controller.adminKey is required" (b64enc .Values.duros.controller.adminKey) }} admin-token: {{ required ".Values.duros.controller.adminToken is required" (b64enc .Values.duros.controller.adminToken) }} -{{- if .Values.duros.controller.apiEndpoint }} +{{- if .Values.duros.controller.apiCA }} api-ca: {{ required ".Values.duros.controller.apiCA is required" (b64enc .Values.duros.controller.apiCA) }} +{{- end }} +{{- if and (.Values.duros.controller.apiCert) (.Values.duros.controller.apiKey) }} api-cert: {{ required ".Values.duros.controller.apiCert is required" (b64enc .Values.duros.controller.apiCert) }} api-key: {{ required ".Values.duros.controller.apiKey is required" (b64enc .Values.duros.controller.apiKey) }} {{- end }} @@ -107,9 +109,11 @@ spec: - -admin-key=/duros/admin-key - -shoot-kubeconfig=/var/run/secrets/gardener.cloud/shoot/generic-kubeconfig/kubeconfig - -psp-disabled={{ .Values.pspDisabled }} -{{- if .Values.duros.controller.apiEndpoint }} - -api-endpoint={{ .Values.duros.controller.apiEndpoint }} +{{- if .Values.duros.controller.apiCA }} - -api-ca=/duros/api-ca +{{- end }} +{{- if and (.Values.duros.controller.apiCert) (.Values.duros.controller.apiKey) }} - -api-cert=/duros/api-cert - -api-key=/duros/api-key {{- end }} diff --git a/pkg/apis/config/types.go b/pkg/apis/config/types.go index 8ab5fbeb2..4c7cd86bb 100644 --- a/pkg/apis/config/types.go +++ b/pkg/apis/config/types.go @@ -110,19 +110,13 @@ type DurosPartitionConfiguration struct { // StorageClasses contain information on the storage classes that the duros-controller creates in the shoot cluster StorageClasses []DurosSeedStorageClass - // APIEndpoint is an optional endpoint used for control plane network communication. - // - // In certain scenarios the data plane network cannot be reached from the duros-controller in the seed - // (i.e. only the shoot is able to reach the storage network). - // - // In these cases, APIEndpoint can be utilized to point to a gRPC proxy such that the storage - // integration can be deployed anyway. - APIEndpoint *string - // APICA is the ca of the client cert to access the grpc-proxy + // APIEndpoint is the endpoint used for control plane network communication. + APIEndpoint string + // APICA is the ca of the client cert to access the api endpoint APICA string - // APICert is the cert of the client cert to access the grpc-proxy + // APICert is the cert of the client cert to access the api endpoint APICert string - // APIKey is the key of the client cert to access the grpc-proxy + // APIKey is the key of the client cert to access the api endpoint APIKey string } diff --git a/pkg/apis/config/v1alpha1/types.go b/pkg/apis/config/v1alpha1/types.go index 324e410b8..e0279d565 100644 --- a/pkg/apis/config/v1alpha1/types.go +++ b/pkg/apis/config/v1alpha1/types.go @@ -117,19 +117,13 @@ type DurosPartitionConfiguration struct { // StorageClasses contain information on the storage classes that the duros-controller creates in the shoot cluster StorageClasses []DurosSeedStorageClass `json:"storageClasses"` - // APIEndpoint is an optional endpoint used for control plane network communication. - // - // In certain scenarios the data plane network cannot be reached from the duros-controller in the seed - // (i.e. only the shoot is able to reach the storage network). - // - // In these cases, APIEndpoint can be utilized to point to a gRPC proxy such that the storage - // integration can be deployed anyway. - APIEndpoint *string `json:"apiEndpoint,omitempty"` - // APICA is the ca of the client cert to access the grpc-proxy + // APIEndpoint is the endpoint used for control plane network communication. + APIEndpoint string `json:"apiEndpoint"` + // APICA is the ca of the client cert to access the api endpoint APICA string `json:"apiCA,omitempty"` - // APICert is the cert of the client cert to access the grpc-proxy + // APICert is the cert of the client cert to access the api endpoint APICert string `json:"apiCert,omitempty"` - // APIKey is the key of the client cert to access the grpc-proxy + // APIKey is the key of the client cert to access the api endpoint APIKey string `json:"apiKey,omitempty"` } diff --git a/pkg/apis/config/v1alpha1/zz_generated.conversion.go b/pkg/apis/config/v1alpha1/zz_generated.conversion.go index 3785c1d57..b9d1f5723 100644 --- a/pkg/apis/config/v1alpha1/zz_generated.conversion.go +++ b/pkg/apis/config/v1alpha1/zz_generated.conversion.go @@ -213,7 +213,7 @@ func autoConvert_v1alpha1_DurosPartitionConfiguration_To_config_DurosPartitionCo out.AdminKey = in.AdminKey out.AdminToken = in.AdminToken out.StorageClasses = *(*[]config.DurosSeedStorageClass)(unsafe.Pointer(&in.StorageClasses)) - out.APIEndpoint = (*string)(unsafe.Pointer(in.APIEndpoint)) + out.APIEndpoint = in.APIEndpoint out.APICA = in.APICA out.APICert = in.APICert out.APIKey = in.APIKey @@ -230,7 +230,7 @@ func autoConvert_config_DurosPartitionConfiguration_To_v1alpha1_DurosPartitionCo out.AdminKey = in.AdminKey out.AdminToken = in.AdminToken out.StorageClasses = *(*[]DurosSeedStorageClass)(unsafe.Pointer(&in.StorageClasses)) - out.APIEndpoint = (*string)(unsafe.Pointer(in.APIEndpoint)) + out.APIEndpoint = in.APIEndpoint out.APICA = in.APICA out.APICert = in.APICert out.APIKey = in.APIKey diff --git a/pkg/apis/config/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/config/v1alpha1/zz_generated.deepcopy.go index 9ff9c4f32..d90f51b4c 100644 --- a/pkg/apis/config/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/config/v1alpha1/zz_generated.deepcopy.go @@ -108,11 +108,6 @@ func (in *DurosPartitionConfiguration) DeepCopyInto(out *DurosPartitionConfigura *out = make([]DurosSeedStorageClass, len(*in)) copy(*out, *in) } - if in.APIEndpoint != nil { - in, out := &in.APIEndpoint, &out.APIEndpoint - *out = new(string) - **out = **in - } return } diff --git a/pkg/apis/config/zz_generated.deepcopy.go b/pkg/apis/config/zz_generated.deepcopy.go index 455d6366f..30e6fece8 100644 --- a/pkg/apis/config/zz_generated.deepcopy.go +++ b/pkg/apis/config/zz_generated.deepcopy.go @@ -108,11 +108,6 @@ func (in *DurosPartitionConfiguration) DeepCopyInto(out *DurosPartitionConfigura *out = make([]DurosSeedStorageClass, len(*in)) copy(*out, *in) } - if in.APIEndpoint != nil { - in, out := &in.APIEndpoint, &out.APIEndpoint - *out = new(string) - **out = **in - } return } diff --git a/pkg/controller/controlplane/valuesprovider.go b/pkg/controller/controlplane/valuesprovider.go index 94f0ebd0c..645b459fe 100644 --- a/pkg/controller/controlplane/valuesprovider.go +++ b/pkg/controller/controlplane/valuesprovider.go @@ -869,16 +869,18 @@ func getStorageControlPlaneChartValues(ctx context.Context, client client.Client } controllerValues := map[string]any{ - "endpoints": partitionConfig.Endpoints, - "adminKey": partitionConfig.AdminKey, - "adminToken": partitionConfig.AdminToken, + "endpoints": partitionConfig.Endpoints, + "adminKey": partitionConfig.AdminKey, + "adminToken": partitionConfig.AdminToken, + "apiEndpoint": partitionConfig.APIEndpoint, } - if partitionConfig.APIEndpoint != nil { - controllerValues["apiEndpoint"] = *partitionConfig.APIEndpoint + if partitionConfig.APICA != "" { controllerValues["apiCA"] = partitionConfig.APICA - controllerValues["apiKey"] = partitionConfig.APIKey + } + if partitionConfig.APICert != "" && partitionConfig.APIKey != "" { controllerValues["apiCert"] = partitionConfig.APICert + controllerValues["apiKey"] = partitionConfig.APIKey } values := map[string]any{