From 6d13aa45b9ac20f2e62c1349d8aebcc47ac8e05d Mon Sep 17 00:00:00 2001 From: ahreehong <46465244+ahreehong@users.noreply.github.com> Date: Mon, 10 Jun 2024 19:09:58 -0700 Subject: [PATCH] Implement tinkerbell stack upgrade and migration to upstream chart --- pkg/executables/helm.go | 46 +- pkg/executables/helm_test.go | 112 ++++- pkg/helm/client.go | 5 +- pkg/helm/config.go | 8 + pkg/helm/config_test.go | 9 + pkg/helm/mocks/client.go | 35 +- pkg/providers/tinkerbell/create.go | 29 +- pkg/providers/tinkerbell/stack/mocks/stack.go | 87 +++- pkg/providers/tinkerbell/stack/stack.go | 410 +++++++++++++----- pkg/providers/tinkerbell/stack/stack_test.go | 102 +++-- .../stack/testdata/expected_upgrade.yaml | 78 ++-- .../testdata/expected_upgrade_with_proxy.yaml | 78 ++-- .../expected_with_boots_on_docker.yaml | 86 ++-- .../expected_with_boots_on_kubernetes.yaml | 86 ++-- .../expected_with_docker_options.yaml | 86 ++-- .../expected_with_envoy_enabled_false.yaml | 40 -- .../expected_with_envoy_enabled_true.yaml | 40 -- .../testdata/expected_with_hook_override.yaml | 86 ++-- ...expected_with_host_port_enabled_false.yaml | 86 ++-- .../expected_with_host_port_enabled_true.yaml | 86 ++-- .../expected_with_kubernetes_options.yaml | 86 ++-- ...cted_with_load_balancer_enabled_false.yaml | 86 ++-- ...ected_with_load_balancer_enabled_true.yaml | 86 ++-- .../expected_with_namespace_create_false.yaml | 40 -- .../expected_with_namespace_create_true.yaml | 40 -- .../testdata/expected_with_proxy_config.yaml | 86 ++-- .../expected_with_registry_mirror.yaml | 86 ++-- pkg/providers/tinkerbell/tinkerbell_test.go | 14 + pkg/providers/tinkerbell/upgrade.go | 102 ++++- pkg/providers/tinkerbell/upgrade_test.go | 116 +++++ 30 files changed, 1575 insertions(+), 762 deletions(-) delete mode 100644 pkg/providers/tinkerbell/stack/testdata/expected_with_envoy_enabled_false.yaml delete mode 100644 pkg/providers/tinkerbell/stack/testdata/expected_with_envoy_enabled_true.yaml delete mode 100644 pkg/providers/tinkerbell/stack/testdata/expected_with_namespace_create_false.yaml delete mode 100644 pkg/providers/tinkerbell/stack/testdata/expected_with_namespace_create_true.yaml diff --git a/pkg/executables/helm.go b/pkg/executables/helm.go index 1d16115a1ab05..7e43e3d313d02 100644 --- a/pkg/executables/helm.go +++ b/pkg/executables/helm.go @@ -155,8 +155,11 @@ func (h *Helm) InstallChart(ctx context.Context, chart, ociURI, version, kubecon // InstallChartWithValuesFile installs a helm chart with the provided values file and waits for the chart deployment to be ready // The default timeout for the chart to reach ready state is 5m. -func (h *Helm) InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string) error { +func (h *Helm) InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string) error { params := []string{"upgrade", "--install", chart, ociURI, "--version", version, "--values", valuesFilePath, "--kubeconfig", kubeconfigFilePath, "--wait"} + if len(namespace) > 0 { + params = append(params, "--namespace", namespace) + } params = h.addInsecureFlagIfProvided(params) _, err := h.executable.Command(ctx, params...).WithEnvVars(h.env).Run() return err @@ -200,6 +203,13 @@ func (h *Helm) addInsecureFlagIfProvided(params []string) []string { return params } +func (h *Helm) addExtraFlagsIfProvided(params []string) []string { + if len(h.helmConfig.ExtraFlags) != 0 { + return append(params, h.helmConfig.ExtraFlags...) + } + return params +} + func (h *Helm) url(originalURL string) string { registryMirror := h.helmConfig.RegistryMirror return registryMirror.ReplaceRegistry(originalURL) @@ -214,17 +224,21 @@ func GetHelmValueArgs(values []string) []string { return valueArgs } -// UpgradeChartWithValuesFile tuns a helm upgrade with the provided values file and waits for the +// UpgradeChartWithValuesFile runs a helm upgrade with the provided values file and waits for the // chart deployment to be ready. -func (h *Helm) UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string, opts ...helm.Opt) error { +func (h *Helm) UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string, opts ...helm.Opt) error { params := []string{ - "upgrade", chart, ociURI, + "upgrade", + chart, ociURI, "--version", version, "--values", valuesFilePath, "--kubeconfig", kubeconfigFilePath, "--wait", } + if len(namespace) > 0 { + params = append(params, "--namespace", namespace) + } // TODO: we should not update the receiver here, so this needs to change. // This is not thread safe. // https://github.com/aws/eks-anywhere/issues/7176 @@ -235,6 +249,30 @@ func (h *Helm) UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, ve mergeMaps(h.env, h.helmConfig.ProxyConfig) params = h.addInsecureFlagIfProvided(params) + params = h.addExtraFlagsIfProvided(params) + _, err := h.executable.Command(ctx, params...).WithEnvVars(h.env).Run() + return err +} + +func (h *Helm) Uninstall(ctx context.Context, chart, kubeconfigFilePath, namespace string, opts ...helm.Opt) error { + params := []string{ + "uninstall", chart, + "--kubeconfig", kubeconfigFilePath, + "--wait", + } + + if len(namespace) > 0 { + params = append(params, "--namespace", namespace) + } + + for _, opt := range opts { + opt(h.helmConfig) + } + + params = h.addInsecureFlagIfProvided(params) + params = h.addExtraFlagsIfProvided(params) + + logger.Info("Uninstalling helm chart on cluster", "chart", chart) _, err := h.executable.Command(ctx, params...).WithEnvVars(h.env).Run() return err } diff --git a/pkg/executables/helm_test.go b/pkg/executables/helm_test.go index 28c89f114a30e..2355fd4247dfe 100644 --- a/pkg/executables/helm_test.go +++ b/pkg/executables/helm_test.go @@ -251,7 +251,7 @@ func TestHelmInstallChartWithValuesFileSuccess(t *testing.T) { tt.e, tt.ctx, "upgrade", "--install", chart, url, "--version", version, "--values", valuesFileName, "--kubeconfig", kubeconfig, "--wait", ).withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) - tt.Expect(tt.h.InstallChartWithValuesFile(tt.ctx, chart, url, version, kubeconfig, valuesFileName)).To(Succeed()) + tt.Expect(tt.h.InstallChartWithValuesFile(tt.ctx, chart, url, version, kubeconfig, "", valuesFileName)).To(Succeed()) } func TestHelmInstallChartWithValuesFileSuccessWithInsecure(t *testing.T) { @@ -265,7 +265,22 @@ func TestHelmInstallChartWithValuesFileSuccessWithInsecure(t *testing.T) { tt.e, tt.ctx, "upgrade", "--install", chart, url, "--version", version, "--values", valuesFileName, "--kubeconfig", kubeconfig, "--wait", "--insecure-skip-tls-verify", ).withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) - tt.Expect(tt.h.InstallChartWithValuesFile(tt.ctx, chart, url, version, kubeconfig, valuesFileName)).To(Succeed()) + tt.Expect(tt.h.InstallChartWithValuesFile(tt.ctx, chart, url, version, kubeconfig, "", valuesFileName)).To(Succeed()) +} + +func TestHelmInstallChartWithValuesFileSuccessWithNamespace(t *testing.T) { + tt := newHelmTest(t) + chart := "chart" + url := "url" + version := "1.1" + kubeconfig := "/root/.kube/config" + valuesFileName := "values.yaml" + namespace := "test" + expectCommand( + tt.e, tt.ctx, "upgrade", "--install", chart, url, "--version", version, "--values", valuesFileName, "--kubeconfig", kubeconfig, "--wait", "--namespace", namespace, + ).withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) + + tt.Expect(tt.h.InstallChartWithValuesFile(tt.ctx, chart, url, version, kubeconfig, namespace, valuesFileName)).To(Succeed()) } func TestHelmListCharts(t *testing.T) { @@ -350,3 +365,96 @@ func TestHelmRegistryLoginSuccessWithInsecure(t *testing.T) { expectCommand(tt.e, tt.ctx, "registry", "login", registry, "--username", username, "--password-stdin", "--insecure").withEnvVars(tt.envVars).withStdIn([]byte(password)).to().Return(bytes.Buffer{}, nil) tt.Expect(tt.h.RegistryLogin(tt.ctx, registry, username, password)).To(Succeed()) } + +func TestHelmUpgradeChartWithValues(s *testing.T) { + url := "url" + version := "1.1" + kubeconfig := "/root/.kube/config" + valuesFileName := "values.yaml" + + s.Run("Success", func(t *testing.T) { + tt := newHelmTest(s) + installName := "test-install" + expectCommand(tt.e, tt.ctx, "upgrade", installName, url, "--version", version, "--values", valuesFileName, "--kubeconfig", kubeconfig, "--wait").withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) + err := tt.h.UpgradeChartWithValuesFile(tt.ctx, installName, url, version, kubeconfig, "", valuesFileName) + tt.Expect(err).NotTo(HaveOccurred()) + }) + + s.Run("passes the namespace, if present", func(t *testing.T) { + tt := newHelmTest(s) + testNamespace := "testing" + installName := "test-install" + expectCommand(tt.e, tt.ctx, "upgrade", installName, url, "--version", version, "--values", valuesFileName, "--kubeconfig", kubeconfig, "--wait", "--namespace", testNamespace).withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) + err := tt.h.UpgradeChartWithValuesFile(tt.ctx, installName, url, version, kubeconfig, testNamespace, valuesFileName) + tt.Expect(err).NotTo(HaveOccurred()) + }) + + s.Run("passes the insecure skip flag", func(t *testing.T) { + tt := newHelmTest(t, helm.WithInsecure()) + installName := "test-install" + expectCommand(tt.e, tt.ctx, "upgrade", installName, url, "--version", version, "--values", valuesFileName, "--kubeconfig", kubeconfig, "--wait", "--insecure-skip-tls-verify").withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) + err := tt.h.UpgradeChartWithValuesFile(tt.ctx, installName, url, version, kubeconfig, "", valuesFileName) + tt.Expect(err).NotTo(HaveOccurred()) + }) + + s.Run("passes extra flags", func(t *testing.T) { + tt := newHelmTest(t, helm.WithExtraFlags([]string{"--test", "--install"})) + installName := "test-install" + expectCommand(tt.e, tt.ctx, "upgrade", installName, url, "--version", version, "--values", valuesFileName, "--kubeconfig", kubeconfig, "--wait", "--test", "--install").withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) + err := tt.h.UpgradeChartWithValuesFile(tt.ctx, installName, url, version, kubeconfig, "", valuesFileName) + tt.Expect(err).NotTo(HaveOccurred()) + }) + + s.Run("returns errors from the helm executable", func(t *testing.T) { + tt := newHelmTest(s) + installName := "test-install" + expectCommand(tt.e, tt.ctx, "upgrade", installName, url, "--version", version, "--values", valuesFileName, "--kubeconfig", kubeconfig, "--wait").withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, fmt.Errorf("test error")) + err := tt.h.UpgradeChartWithValuesFile(tt.ctx, installName, url, version, kubeconfig, "", valuesFileName) + tt.Expect(err).To(HaveOccurred()) + }) +} + +func TestHelmUninstall(s *testing.T) { + kubeconfig := "/root/.kube/config" + + s.Run("Success", func(t *testing.T) { + tt := newHelmTest(t) + installName := "test-install" + expectCommand(tt.e, tt.ctx, "uninstall", installName, "--kubeconfig", kubeconfig, "--wait").withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) + err := tt.h.Uninstall(tt.ctx, installName, kubeconfig, "") + tt.Expect(err).NotTo(HaveOccurred()) + }) + + s.Run("passes the namespace, if present", func(t *testing.T) { + tt := newHelmTest(t) + testNamespace := "testing" + installName := "test-install" + expectCommand(tt.e, tt.ctx, "uninstall", installName, "--kubeconfig", kubeconfig, "--wait", "--namespace", testNamespace).withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) + err := tt.h.Uninstall(tt.ctx, installName, kubeconfig, testNamespace) + tt.Expect(err).NotTo(HaveOccurred()) + }) + + s.Run("passes the insecure skip flag", func(t *testing.T) { + tt := newHelmTest(t, helm.WithInsecure()) + installName := "test-install" + expectCommand(tt.e, tt.ctx, "uninstall", installName, "--kubeconfig", kubeconfig, "--wait", "--insecure-skip-tls-verify").withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) + err := tt.h.Uninstall(tt.ctx, installName, kubeconfig, "") + tt.Expect(err).NotTo(HaveOccurred()) + }) + + s.Run("passes extra flags", func(t *testing.T) { + tt := newHelmTest(t, helm.WithExtraFlags([]string{"--test"})) + installName := "test-install" + expectCommand(tt.e, tt.ctx, "uninstall", installName, "--kubeconfig", kubeconfig, "--wait", "--test").withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, nil) + err := tt.h.Uninstall(tt.ctx, installName, kubeconfig, "") + tt.Expect(err).NotTo(HaveOccurred()) + }) + + s.Run("returns errors from the helm executable", func(t *testing.T) { + tt := newHelmTest(t) + installName := "test-install" + expectCommand(tt.e, tt.ctx, "uninstall", installName, "--kubeconfig", kubeconfig, "--wait").withEnvVars(tt.envVars).to().Return(bytes.Buffer{}, fmt.Errorf("test error")) + err := tt.h.Uninstall(tt.ctx, installName, kubeconfig, "") + tt.Expect(err).To(HaveOccurred()) + }) +} diff --git a/pkg/helm/client.go b/pkg/helm/client.go index 85df22bf0557d..75db7cecd5fbc 100644 --- a/pkg/helm/client.go +++ b/pkg/helm/client.go @@ -9,9 +9,10 @@ type Client interface { ListCharts(ctx context.Context, kubeconfigFilePath string) ([]string, error) SaveChart(ctx context.Context, ociURI, version, folder string) error Delete(ctx context.Context, kubeconfigFilePath, installName, namespace string) error - UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string, opts ...Opt) error - InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string) error + UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string, opts ...Opt) error + InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string) error InstallChart(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valueFilePath string, skipCRDs bool, values []string) error + Uninstall(ctx context.Context, chart, kubeconfigFilePath, namespace string, opts ...Opt) error Template(ctx context.Context, ociURI, version, namespace string, values interface{}, kubeVersion string) ([]byte, error) RegistryLogin(ctx context.Context, registry, username, password string) error } diff --git a/pkg/helm/config.go b/pkg/helm/config.go index cb170b0e12920..23baa2236d048 100644 --- a/pkg/helm/config.go +++ b/pkg/helm/config.go @@ -7,6 +7,7 @@ type Config struct { RegistryMirror *registrymirror.RegistryMirror ProxyConfig map[string]string Insecure bool + ExtraFlags []string } // NewConfig retuns a new helm Config. @@ -49,3 +50,10 @@ func WithProxyConfig(proxyConfig map[string]string) Opt { c.ProxyConfig = proxyConfig } } + +// WithExtraFlags configures the extra flags to pass to helm. +func WithExtraFlags(extraFlags []string) Opt { + return func(c *Config) { + c.ExtraFlags = extraFlags + } +} diff --git a/pkg/helm/config_test.go b/pkg/helm/config_test.go index 292ec210b2d7b..4a863e0dbde00 100644 --- a/pkg/helm/config_test.go +++ b/pkg/helm/config_test.go @@ -63,3 +63,12 @@ func TestWithProxyConfig(t *testing.T) { config := helm.NewConfig(helm.WithProxyConfig(proxyConfigMap)) g.Expect(config.ProxyConfig).To(Equal(proxyConfigMap)) } + +func TestWithExtraArgs(t *testing.T) { + g := NewWithT(t) + extraFlags := []string{ + "--test-arg", + } + config := helm.NewConfig(helm.WithExtraFlags(extraFlags)) + g.Expect(config.ExtraFlags).To(Equal(extraFlags)) +} diff --git a/pkg/helm/mocks/client.go b/pkg/helm/mocks/client.go index 1faf512fed2a2..f00a8275b7da5 100644 --- a/pkg/helm/mocks/client.go +++ b/pkg/helm/mocks/client.go @@ -64,17 +64,17 @@ func (mr *MockClientMockRecorder) InstallChart(ctx, chart, ociURI, version, kube } // InstallChartWithValuesFile mocks base method. -func (m *MockClient) InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string) error { +func (m *MockClient) InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string) error { m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "InstallChartWithValuesFile", ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath) + ret := m.ctrl.Call(m, "InstallChartWithValuesFile", ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath) ret0, _ := ret[0].(error) return ret0 } // InstallChartWithValuesFile indicates an expected call of InstallChartWithValuesFile. -func (mr *MockClientMockRecorder) InstallChartWithValuesFile(ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath interface{}) *gomock.Call { +func (mr *MockClientMockRecorder) InstallChartWithValuesFile(ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "InstallChartWithValuesFile", reflect.TypeOf((*MockClient)(nil).InstallChartWithValuesFile), ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "InstallChartWithValuesFile", reflect.TypeOf((*MockClient)(nil).InstallChartWithValuesFile), ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath) } // ListCharts mocks base method. @@ -163,10 +163,29 @@ func (mr *MockClientMockRecorder) Template(ctx, ociURI, version, namespace, valu return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Template", reflect.TypeOf((*MockClient)(nil).Template), ctx, ociURI, version, namespace, values, kubeVersion) } +// Uninstall mocks base method. +func (m *MockClient) Uninstall(ctx context.Context, chart, kubeconfigFilePath, namespace string, opts ...helm.Opt) error { + m.ctrl.T.Helper() + varargs := []interface{}{ctx, chart, kubeconfigFilePath, namespace} + for _, a := range opts { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "Uninstall", varargs...) + ret0, _ := ret[0].(error) + return ret0 +} + +// Uninstall indicates an expected call of Uninstall. +func (mr *MockClientMockRecorder) Uninstall(ctx, chart, kubeconfigFilePath, namespace interface{}, opts ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{ctx, chart, kubeconfigFilePath, namespace}, opts...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Uninstall", reflect.TypeOf((*MockClient)(nil).Uninstall), varargs...) +} + // UpgradeChartWithValuesFile mocks base method. -func (m *MockClient) UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string, opts ...helm.Opt) error { +func (m *MockClient) UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string, opts ...helm.Opt) error { m.ctrl.T.Helper() - varargs := []interface{}{ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath} + varargs := []interface{}{ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath} for _, a := range opts { varargs = append(varargs, a) } @@ -176,8 +195,8 @@ func (m *MockClient) UpgradeChartWithValuesFile(ctx context.Context, chart, ociU } // UpgradeChartWithValuesFile indicates an expected call of UpgradeChartWithValuesFile. -func (mr *MockClientMockRecorder) UpgradeChartWithValuesFile(ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath interface{}, opts ...interface{}) *gomock.Call { +func (mr *MockClientMockRecorder) UpgradeChartWithValuesFile(ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath interface{}, opts ...interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath}, opts...) + varargs := append([]interface{}{ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath}, opts...) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpgradeChartWithValuesFile", reflect.TypeOf((*MockClient)(nil).UpgradeChartWithValuesFile), varargs...) } diff --git a/pkg/providers/tinkerbell/create.go b/pkg/providers/tinkerbell/create.go index 0c09038f878fd..dd0abdc2b1712 100644 --- a/pkg/providers/tinkerbell/create.go +++ b/pkg/providers/tinkerbell/create.go @@ -33,7 +33,17 @@ func (p *Provider) PreCAPIInstallOnBootstrap(ctx context.Context, cluster *types clusterSpec.Cluster.AddTinkerbellIPAnnotation(p.tinkerbellIP) versionsBundle := clusterSpec.RootVersionsBundle() - err := p.stackInstaller.Install( + err := p.stackInstaller.UpgradeCRDs( + ctx, + versionsBundle.Tinkerbell, + cluster.KubeconfigFile, + ) + + if err != nil { + return fmt.Errorf("installing tinkerbell crds on bootstrap cluster: %v", err) + } + + err = p.stackInstaller.Install( ctx, versionsBundle.Tinkerbell, p.tinkerbellIP, @@ -41,6 +51,8 @@ func (p *Provider) PreCAPIInstallOnBootstrap(ctx context.Context, cluster *types p.datacenterConfig.Spec.HookImagesURLPath, stack.WithBootsOnDocker(), stack.WithHostPortEnabled(true), // enable host port on bootstrap cluster + stack.WithLoadBalancerEnabled(false), + stack.WithStackServiceEnabled(false), ) if err != nil { return fmt.Errorf("install Tinkerbell stack on bootstrap cluster: %v", err) @@ -81,15 +93,24 @@ func (p *Provider) PostWorkloadInit(ctx context.Context, cluster *types.Cluster, versionsBundle := clusterSpec.RootVersionsBundle() - err := p.stackInstaller.Install( + err := p.stackInstaller.UpgradeCRDs( + ctx, + versionsBundle.Tinkerbell, + cluster.KubeconfigFile, + ) + if err != nil { + return fmt.Errorf("installing tinkerbell crds on workload cluster: %v", err) + } + + err = p.stackInstaller.Install( ctx, versionsBundle.Tinkerbell, p.templateBuilder.datacenterSpec.TinkerbellIP, cluster.KubeconfigFile, p.datacenterConfig.Spec.HookImagesURLPath, stack.WithBootsOnKubernetes(), - stack.WithHostPortEnabled(false), // disable host port on workload cluster - stack.WithEnvoyEnabled(true), // use envoy on workload cluster + stack.WithHostPortEnabled(false), // disable host port on workload cluster + stack.WithStackServiceEnabled(true), // use stack service on workload cluster stack.WithLoadBalancerEnabled( len(clusterSpec.Cluster.Spec.WorkerNodeGroupConfigurations) != 0 && // load balancer is handled by kube-vip in control plane nodes !p.datacenterConfig.Spec.SkipLoadBalancerDeployment), // configure load balancer based on datacenterConfig.Spec.SkipLoadBalancerDeployment diff --git a/pkg/providers/tinkerbell/stack/mocks/stack.go b/pkg/providers/tinkerbell/stack/mocks/stack.go index 7a4458958c918..60845dac7edd7 100644 --- a/pkg/providers/tinkerbell/stack/mocks/stack.go +++ b/pkg/providers/tinkerbell/stack/mocks/stack.go @@ -109,17 +109,17 @@ func (m *MockHelm) EXPECT() *MockHelmMockRecorder { } // InstallChartWithValuesFile mocks base method. -func (m *MockHelm) InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string) error { +func (m *MockHelm) InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string) error { m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "InstallChartWithValuesFile", ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath) + ret := m.ctrl.Call(m, "InstallChartWithValuesFile", ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath) ret0, _ := ret[0].(error) return ret0 } // InstallChartWithValuesFile indicates an expected call of InstallChartWithValuesFile. -func (mr *MockHelmMockRecorder) InstallChartWithValuesFile(ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath interface{}) *gomock.Call { +func (mr *MockHelmMockRecorder) InstallChartWithValuesFile(ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "InstallChartWithValuesFile", reflect.TypeOf((*MockHelm)(nil).InstallChartWithValuesFile), ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "InstallChartWithValuesFile", reflect.TypeOf((*MockHelm)(nil).InstallChartWithValuesFile), ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath) } // RegistryLogin mocks base method. @@ -136,10 +136,29 @@ func (mr *MockHelmMockRecorder) RegistryLogin(ctx, endpoint, username, password return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RegistryLogin", reflect.TypeOf((*MockHelm)(nil).RegistryLogin), ctx, endpoint, username, password) } +// Uninstall mocks base method. +func (m *MockHelm) Uninstall(ctx context.Context, chart, kubeconfigFilePath, namespace string, ops ...helm.Opt) error { + m.ctrl.T.Helper() + varargs := []interface{}{ctx, chart, kubeconfigFilePath, namespace} + for _, a := range ops { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "Uninstall", varargs...) + ret0, _ := ret[0].(error) + return ret0 +} + +// Uninstall indicates an expected call of Uninstall. +func (mr *MockHelmMockRecorder) Uninstall(ctx, chart, kubeconfigFilePath, namespace interface{}, ops ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{ctx, chart, kubeconfigFilePath, namespace}, ops...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Uninstall", reflect.TypeOf((*MockHelm)(nil).Uninstall), varargs...) +} + // UpgradeChartWithValuesFile mocks base method. -func (m *MockHelm) UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string, opts ...helm.Opt) error { +func (m *MockHelm) UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string, opts ...helm.Opt) error { m.ctrl.T.Helper() - varargs := []interface{}{ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath} + varargs := []interface{}{ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath} for _, a := range opts { varargs = append(varargs, a) } @@ -149,9 +168,9 @@ func (m *MockHelm) UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI } // UpgradeChartWithValuesFile indicates an expected call of UpgradeChartWithValuesFile. -func (mr *MockHelmMockRecorder) UpgradeChartWithValuesFile(ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath interface{}, opts ...interface{}) *gomock.Call { +func (mr *MockHelmMockRecorder) UpgradeChartWithValuesFile(ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath interface{}, opts ...interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() - varargs := append([]interface{}{ctx, chart, ociURI, version, kubeconfigFilePath, valuesFilePath}, opts...) + varargs := append([]interface{}{ctx, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath}, opts...) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpgradeChartWithValuesFile", reflect.TypeOf((*MockHelm)(nil).UpgradeChartWithValuesFile), varargs...) } @@ -237,6 +256,20 @@ func (mr *MockStackInstallerMockRecorder) Install(ctx, bundle, tinkerbellIP, kub return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Install", reflect.TypeOf((*MockStackInstaller)(nil).Install), varargs...) } +// Uninstall mocks base method. +func (m *MockStackInstaller) Uninstall(ctx context.Context, bundle v1alpha1.TinkerbellBundle, kubeconfig string) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "Uninstall", ctx, bundle, kubeconfig) + ret0, _ := ret[0].(error) + return ret0 +} + +// Uninstall indicates an expected call of Uninstall. +func (mr *MockStackInstallerMockRecorder) Uninstall(ctx, bundle, kubeconfig interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Uninstall", reflect.TypeOf((*MockStackInstaller)(nil).Uninstall), ctx, bundle, kubeconfig) +} + // UninstallLocal mocks base method. func (m *MockStackInstaller) UninstallLocal(ctx context.Context) error { m.ctrl.T.Helper() @@ -269,3 +302,41 @@ func (mr *MockStackInstallerMockRecorder) Upgrade(arg0, arg1, tinkerbellIP, kube varargs := append([]interface{}{arg0, arg1, tinkerbellIP, kubeconfig, hookOverride}, opts...) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Upgrade", reflect.TypeOf((*MockStackInstaller)(nil).Upgrade), varargs...) } + +// UpgradeCRDs mocks base method. +func (m *MockStackInstaller) UpgradeCRDs(ctx context.Context, bundle v1alpha1.TinkerbellBundle, kubeconfig string, opts ...stack.InstallOption) error { + m.ctrl.T.Helper() + varargs := []interface{}{ctx, bundle, kubeconfig} + for _, a := range opts { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "UpgradeCRDs", varargs...) + ret0, _ := ret[0].(error) + return ret0 +} + +// UpgradeCRDs indicates an expected call of UpgradeCRDs. +func (mr *MockStackInstallerMockRecorder) UpgradeCRDs(ctx, bundle, kubeconfig interface{}, opts ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{ctx, bundle, kubeconfig}, opts...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpgradeCRDs", reflect.TypeOf((*MockStackInstaller)(nil).UpgradeCRDs), varargs...) +} + +// UpgradeLegacy mocks base method. +func (m *MockStackInstaller) UpgradeLegacy(ctx context.Context, bundle v1alpha1.TinkerbellBundle, kubeconfig string, opts ...stack.InstallOption) error { + m.ctrl.T.Helper() + varargs := []interface{}{ctx, bundle, kubeconfig} + for _, a := range opts { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "UpgradeLegacy", varargs...) + ret0, _ := ret[0].(error) + return ret0 +} + +// UpgradeLegacy indicates an expected call of UpgradeLegacy. +func (mr *MockStackInstallerMockRecorder) UpgradeLegacy(ctx, bundle, kubeconfig interface{}, opts ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{ctx, bundle, kubeconfig}, opts...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UpgradeLegacy", reflect.TypeOf((*MockStackInstaller)(nil).UpgradeLegacy), varargs...) +} diff --git a/pkg/providers/tinkerbell/stack/stack.go b/pkg/providers/tinkerbell/stack/stack.go index 59de307dfabec..1d9948ab012b5 100644 --- a/pkg/providers/tinkerbell/stack/stack.go +++ b/pkg/providers/tinkerbell/stack/stack.go @@ -20,23 +20,28 @@ import ( const ( args = "args" - createNamespace = "createNamespace" deploy = "deploy" - env = "env" + additionalEnv = "additionalEnv" hostPortEnabled = "hostPortEnabled" image = "image" namespace = "namespace" overridesFileName = "tinkerbell-chart-overrides.yaml" port = "port" - - boots = "boots" - hegel = "hegel" - tinkController = "tinkController" - tinkServer = "tinkServer" - rufio = "rufio" - grpcPort = "42113" - kubevip = "kubevip" - envoy = "envoy" + addr = "addr" + enabled = "enabled" + + boots = "boots" + smee = "smee" + hegel = "hegel" + tink = "tink" + controller = "controller" + server = "server" + rufio = "rufio" + grpcPort = "42113" + kubevip = "kubevip" + stack = "stack" + hook = "hook" + service = "service" ) type Docker interface { @@ -47,8 +52,9 @@ type Docker interface { type Helm interface { RegistryLogin(ctx context.Context, endpoint, username, password string) error - InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string) error - UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, valuesFilePath string, opts ...helm.Opt) error + InstallChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string) error + UpgradeChartWithValuesFile(ctx context.Context, chart, ociURI, version, kubeconfigFilePath, namespace, valuesFilePath string, opts ...helm.Opt) error + Uninstall(ctx context.Context, chart, kubeconfigFilePath, namespace string, ops ...helm.Opt) error } // StackInstaller deploys a Tinkerbell stack. @@ -58,35 +64,31 @@ type StackInstaller interface { CleanupLocalBoots(ctx context.Context, forceCleanup bool) error Install(ctx context.Context, bundle releasev1alpha1.TinkerbellBundle, tinkerbellIP, kubeconfig, hookOverride string, opts ...InstallOption) error UninstallLocal(ctx context.Context) error + Uninstall(ctx context.Context, bundle releasev1alpha1.TinkerbellBundle, kubeconfig string) error Upgrade(_ context.Context, _ releasev1alpha1.TinkerbellBundle, tinkerbellIP, kubeconfig, hookOverride string, opts ...InstallOption) error + UpgradeCRDs(ctx context.Context, bundle releasev1alpha1.TinkerbellBundle, kubeconfig string, opts ...InstallOption) error + UpgradeLegacy(ctx context.Context, bundle releasev1alpha1.TinkerbellBundle, kubeconfig string, opts ...InstallOption) error AddNoProxyIP(IP string) GetNamespace() string } type Installer struct { - docker Docker - filewriter filewriter.FileWriter - helm Helm - podCidrRange string - registryMirror *registrymirror.RegistryMirror - proxyConfig *v1alpha1.ProxyConfiguration - namespace string - createNamespace bool - bootsOnDocker bool - hostPort bool - loadBalancer bool - envoy bool + docker Docker + filewriter filewriter.FileWriter + helm Helm + podCidrRange string + registryMirror *registrymirror.RegistryMirror + proxyConfig *v1alpha1.ProxyConfiguration + namespace string + bootsOnDocker bool + hostPort bool + loadBalancer bool + stackService bool + dhcpRelay bool } type InstallOption func(s *Installer) -// WithNamespaceCreate is an InstallOption is lets you specify whether to create the namespace needed for Tinkerbell stack. -func WithNamespaceCreate(create bool) InstallOption { - return func(s *Installer) { - s.createNamespace = create - } -} - // WithBootsOnDocker is an InstallOption to run Boots as a Docker container. func WithBootsOnDocker() InstallOption { return func(s *Installer) { @@ -108,16 +110,22 @@ func WithHostPortEnabled(enabled bool) InstallOption { } } -func WithEnvoyEnabled(enabled bool) InstallOption { +// WithLoadBalancer is an InstallOption that allows you to setup a LoadBalancer to expose hegel and tink-server. +func WithLoadBalancerEnabled(enabled bool) InstallOption { + return func(s *Installer) { + s.loadBalancer = enabled + } +} + +func WithStackServiceEnabled(enabled bool) InstallOption { return func(s *Installer) { - s.envoy = enabled + s.stackService = enabled } } -// WithLoadBalancer is an InstallOption that allows you to setup a LoadBalancer to expose hegel and tink-server. -func WithLoadBalancerEnabled(enabled bool) InstallOption { +func WithDHCPRelayEnabled(enabled bool) InstallOption { return func(s *Installer) { - s.loadBalancer = enabled + s.dhcpRelay = enabled } } @@ -150,60 +158,93 @@ func (s *Installer) Install(ctx context.Context, bundle releasev1alpha1.Tinkerbe bootEnv := s.getBootsEnv(bundle.TinkerbellStack, tinkerbellIP) - osiePath, err := getURIDir(bundle.TinkerbellStack.Hook.Initramfs.Amd.URI) + osieURI, err := getURIDir(bundle.TinkerbellStack.Hook.Initramfs.Amd.URI) if err != nil { return fmt.Errorf("getting directory path from hook uri: %v", err) } if hookOverride != "" { - osiePath = hookOverride + osieURI = hookOverride } + osieHost, osiePath := splitURI(osieURI) + valuesMap := map[string]interface{}{ - namespace: s.namespace, - createNamespace: s.createNamespace, - tinkController: map[string]interface{}{ - image: bundle.TinkerbellStack.Tink.TinkController.URI, - }, - tinkServer: map[string]interface{}{ - image: bundle.TinkerbellStack.Tink.TinkServer.URI, - args: []string{}, - port: map[string]bool{ - hostPortEnabled: s.hostPort, + namespace: s.namespace, + tink: map[string]interface{}{ + namespace: s.namespace, + controller: map[string]interface{}{ + image: bundle.TinkerbellStack.Tink.TinkController.URI, + }, + server: map[string]interface{}{ + image: bundle.TinkerbellStack.Tink.TinkServer.URI, + args: []string{}, }, }, hegel: map[string]interface{}{ - image: bundle.TinkerbellStack.Hegel.URI, - port: map[string]bool{ - hostPortEnabled: s.hostPort, - }, - env: []map[string]string{ - { - "name": "HEGEL_TRUSTED_PROXIES", - "value": s.podCidrRange, - }, + namespace: s.namespace, + image: bundle.TinkerbellStack.Hegel.URI, + "trustedProxies": []string{ + s.podCidrRange, }, }, - boots: map[string]interface{}{ - deploy: !s.bootsOnDocker, - image: bundle.TinkerbellStack.Boots.URI, - env: bootEnv, - args: []string{ - "-dhcp-addr=0.0.0.0:67", - fmt.Sprintf("-osie-path-override=%s", osiePath), + smee: map[string]interface{}{ + namespace: s.namespace, + deploy: !s.bootsOnDocker, + image: bundle.TinkerbellStack.Boots.URI, + additionalEnv: bootEnv, + "publicIP": tinkerbellIP, + "trustedProxies": []string{ + s.podCidrRange, + }, + "http": map[string]interface{}{ + "tinkServer": map[string]interface{}{ + "ip": tinkerbellIP, + port: grpcPort, + }, + "osieUrl": map[string]interface{}{ + "scheme": "http", + "host": osieHost, + "port": "", + "path": osiePath, + }, }, + // "dhcp": map[string]interface{}{ + // "tftpIp": "0.0.0.0:69", + // "ipForPacket": "0.0.0.0", + // }, + "hostNetwork": true, + "tinkWorkerImage": s.localRegistryURL(bundle.TinkerbellStack.Tink.TinkWorker.URI), }, rufio: map[string]interface{}{ - image: bundle.TinkerbellStack.Rufio.URI, - }, - kubevip: map[string]interface{}{ - image: bundle.KubeVip.URI, - deploy: s.loadBalancer, + namespace: s.namespace, + image: bundle.TinkerbellStack.Rufio.URI, + "additionalArgs": []string{ + "-metrics-bind-address=127.0.0.1:8080", + }, }, - envoy: map[string]interface{}{ - image: bundle.Envoy.URI, - deploy: s.envoy, - "externalIp": tinkerbellIP, + stack: map[string]interface{}{ + kubevip: map[string]interface{}{ + image: bundle.KubeVip.URI, + enabled: s.loadBalancer, + additionalEnv: []map[string]string{ + { + "name": "prometheus_server", + "value": ":2213", + }, + }, + }, + hook: map[string]interface{}{ + enabled: false, + }, + service: map[string]interface{}{ + enabled: s.stackService, + }, + "relay": map[string]interface{}{ + enabled: false, + }, + "loadBalancerIP": tinkerbellIP, + "hostNetwork": s.hostPort, }, } @@ -221,13 +262,20 @@ func (s *Installer) Install(ctx context.Context, bundle releasev1alpha1.Tinkerbe return err } - err = s.helm.InstallChartWithValuesFile( + additionalArgs := []string{ + "--install", + "--skip-crds", + } + + err = s.helm.UpgradeChartWithValuesFile( ctx, - bundle.TinkerbellStack.TinkebellChart.Name, - fmt.Sprintf("oci://%s", s.localRegistryURL(bundle.TinkerbellStack.TinkebellChart.Image())), - bundle.TinkerbellStack.TinkebellChart.Tag(), + bundle.TinkerbellStack.Stack.Name, + fmt.Sprintf("oci://%s", s.localRegistryURL(bundle.TinkerbellStack.Stack.Image())), + bundle.TinkerbellStack.Stack.Tag(), kubeconfig, + s.namespace, valuesPath, + helm.WithExtraFlags(additionalArgs), ) if err != nil { return fmt.Errorf("installing Tinkerbell helm chart: %v", err) @@ -268,9 +316,10 @@ func (s *Installer) installBootsOnDocker(ctx context.Context, bundle releasev1al } cmd := []string{ - "-kubeconfig", "/kubeconfig", + "-backend-kube-config", "/kubeconfig", "-dhcp-addr", "0.0.0.0:67", - "-osie-path-override", osiePath, + "-osie-url", osiePath, + "-tink-server", fmt.Sprintf("%s:%s", tinkServerIP, grpcPort), } if err := s.docker.Run(ctx, s.localRegistryURL(bundle.Boots.URI), boots, cmd, flags...); err != nil { return fmt.Errorf("running boots with docker: %v", err) @@ -283,7 +332,6 @@ func (s *Installer) getBootsEnv(bundle releasev1alpha1.TinkerbellStackBundle, ti env := []map[string]string{ toEnvEntry("DATA_MODEL_VERSION", "kubernetes"), toEnvEntry("TINKERBELL_TLS", "false"), - toEnvEntry("TINKERBELL_GRPC_AUTHORITY", fmt.Sprintf("%s:%s", tinkServerIP, grpcPort)), } extraKernelArgs := fmt.Sprintf("tink_worker_image=%s", s.localRegistryURL(bundle.Tink.TinkWorker.URI)) @@ -304,7 +352,7 @@ func (s *Installer) getBootsEnv(bundle releasev1alpha1.TinkerbellStackBundle, ti extraKernelArgs = fmt.Sprintf("%s HTTP_PROXY=%s HTTPS_PROXY=%s NO_PROXY=%s", extraKernelArgs, s.proxyConfig.HttpProxy, s.proxyConfig.HttpsProxy, noProxy) } - return append(env, toEnvEntry("BOOTS_EXTRA_KERNEL_ARGS", extraKernelArgs)) + return append(env, toEnvEntry("SMEE_EXTRA_KERNEL_ARGS", extraKernelArgs)) } func toEnvEntry(k, v string) map[string]string { @@ -336,6 +384,14 @@ func getURIDir(uri string) (string, error) { return uri[:index], nil } +// splitURI splits the osieURI into host and path to be consumed by smee +func splitURI(uri string) (string, string) { + trimmedUri := strings.TrimPrefix(uri, "https://") + + index := strings.Index(trimmedUri, "/") + return trimmedUri[:index], trimmedUri[index:] +} + // CleanupLocalBoots determines whether Boots is already running locally // and either cleans it up or errors out depending on the `remove` flag. func (s *Installer) CleanupLocalBoots(ctx context.Context, remove bool) error { @@ -387,49 +443,88 @@ func (s *Installer) Upgrade(ctx context.Context, bundle releasev1alpha1.Tinkerbe bootEnv := s.getBootsEnv(bundle.TinkerbellStack, tinkerbellIP) - osiePath, err := getURIDir(bundle.TinkerbellStack.Hook.Initramfs.Amd.URI) + osieURI, err := getURIDir(bundle.TinkerbellStack.Hook.Initramfs.Amd.URI) if err != nil { return fmt.Errorf("getting directory path from hook uri: %v", err) } + if hookOverride != "" { - osiePath = hookOverride + osieURI = hookOverride } + + osieHost, osiePath := splitURI(osieURI) + valuesMap := map[string]interface{}{ - namespace: s.namespace, - createNamespace: false, - tinkController: map[string]interface{}{ - image: bundle.TinkerbellStack.Tink.TinkController.URI, - }, - tinkServer: map[string]interface{}{ - image: bundle.TinkerbellStack.Tink.TinkServer.URI, - args: []string{}, + namespace: s.namespace, + tink: map[string]interface{}{ + namespace: s.namespace, + controller: map[string]interface{}{ + image: bundle.TinkerbellStack.Tink.TinkController.URI, + }, + server: map[string]interface{}{ + image: bundle.TinkerbellStack.Tink.TinkServer.URI, + args: []string{}, + }, }, hegel: map[string]interface{}{ - image: bundle.TinkerbellStack.Hegel.URI, - env: []map[string]string{ - { - "name": "HEGEL_TRUSTED_PROXIES", - "value": s.podCidrRange, - }, + namespace: s.namespace, + image: bundle.TinkerbellStack.Hegel.URI, + "trustedProxies": []string{ + s.podCidrRange, }, }, - boots: map[string]interface{}{ - image: bundle.TinkerbellStack.Boots.URI, - env: bootEnv, - args: []string{ - "-dhcp-addr=0.0.0.0:67", - fmt.Sprintf("-osie-path-override=%s", osiePath), + smee: map[string]interface{}{ + namespace: s.namespace, + image: bundle.TinkerbellStack.Boots.URI, + additionalEnv: bootEnv, + "publicIP": tinkerbellIP, + "trustedProxies": []string{ + s.podCidrRange, + }, + "http": map[string]interface{}{ + "tinkServer": map[string]interface{}{ + "ip": tinkerbellIP, + port: grpcPort, + }, + "osieUrl": map[string]interface{}{ + "scheme": "http", + "host": osieHost, + "port": "", + "path": osiePath, + }, }, + "hostNetwork": true, + "tinkWorkerImage": s.localRegistryURL(bundle.TinkerbellStack.Tink.TinkWorker.URI), }, rufio: map[string]interface{}{ - image: bundle.TinkerbellStack.Rufio.URI, - }, - kubevip: map[string]interface{}{ - image: bundle.KubeVip.URI, - deploy: s.loadBalancer, + namespace: s.namespace, + image: bundle.TinkerbellStack.Rufio.URI, + "additionalArgs": []string{ + "-metrics-bind-address=127.0.0.1:8080", + }, }, - envoy: map[string]interface{}{ - image: bundle.Envoy.URI, + stack: map[string]interface{}{ + kubevip: map[string]interface{}{ + image: bundle.KubeVip.URI, + enabled: s.loadBalancer, + additionalEnv: []map[string]string{ + { + "name": "prometheus_server", + "value": ":2213", + }, + }, + }, + hook: map[string]interface{}{ + enabled: false, + }, + service: map[string]interface{}{ + enabled: s.stackService, + }, + "relay": map[string]interface{}{ + enabled: false, + }, + "loadBalancerIP": tinkerbellIP, + "hostNetwork": s.hostPort, }, } @@ -451,14 +546,71 @@ func (s *Installer) Upgrade(ctx context.Context, bundle releasev1alpha1.Tinkerbe if s.proxyConfig != nil { envMap["NO_PROXY"] = strings.Join(s.proxyConfig.NoProxy, ",") } + + additionalArgs := []string{ + "--install", + "--skip-crds", + } return s.helm.UpgradeChartWithValuesFile( ctx, - bundle.TinkerbellStack.TinkebellChart.Name, - fmt.Sprintf("oci://%s", s.localRegistryURL(bundle.TinkerbellStack.TinkebellChart.Image())), - bundle.TinkerbellStack.TinkebellChart.Tag(), + bundle.TinkerbellStack.Stack.Name, + fmt.Sprintf("oci://%s", s.localRegistryURL(bundle.TinkerbellStack.Stack.Image())), + bundle.TinkerbellStack.Stack.Tag(), kubeconfig, + s.namespace, valuesPath, helm.WithProxyConfig(envMap), + helm.WithExtraFlags(additionalArgs), + ) +} + +// Upgrade the Tinkerbell stack using images specified in bundle. +func (s *Installer) UpgradeCRDs(ctx context.Context, bundle releasev1alpha1.TinkerbellBundle, kubeconfig string, opts ...InstallOption) error { + logger.V(6).Info("Upgrading Tinkerbell helm chart") + + for _, option := range opts { + option(s) + } + + if err := s.authenticateHelmRegistry(ctx); err != nil { + return err + } + + additionalArgs := []string{ + "--install", + } + + envMap := map[string]string{} + if s.proxyConfig != nil { + envMap["NO_PROXY"] = strings.Join(s.proxyConfig.NoProxy, ",") + } + return s.helm.UpgradeChartWithValuesFile( + ctx, + bundle.TinkerbellStack.TinkerbellCrds.Name, + fmt.Sprintf("oci://%s", s.localRegistryURL(bundle.TinkerbellStack.TinkerbellCrds.Image())), + bundle.TinkerbellStack.TinkerbellCrds.Tag(), + kubeconfig, + s.namespace, + "", + helm.WithProxyConfig(envMap), + helm.WithExtraFlags(additionalArgs), + ) +} + +// Uninstall uninstalls a tinkerbell chart of a certain name +func (s *Installer) Uninstall(ctx context.Context, bundle releasev1alpha1.TinkerbellBundle, kubeconfig string) error { + logger.V(6).Info("Uninstalling old Tinkerbell helm chart") + + additionalArgs := []string{ + "--ignore-not-found", + } + + return s.helm.Uninstall( + ctx, + bundle.TinkerbellStack.TinkebellChart.Name, + kubeconfig, + "", + helm.WithExtraFlags(additionalArgs), ) } @@ -466,3 +618,33 @@ func (s *Installer) Upgrade(ctx context.Context, bundle releasev1alpha1.Tinkerbe func (s *Installer) GetNamespace() string { return s.namespace } + +// Upgrade the Tinkerbell stack using images specified in bundle. +// Doesn't pass the --install flag to helm to prevent an upgrade if the legacy chart does not exist +func (s *Installer) UpgradeLegacy(ctx context.Context, bundle releasev1alpha1.TinkerbellBundle, kubeconfig string, opts ...InstallOption) error { + logger.V(6).Info("Upgrading Tinkerbell helm chart") + + for _, option := range opts { + option(s) + } + + if err := s.authenticateHelmRegistry(ctx); err != nil { + return err + } + + envMap := map[string]string{} + if s.proxyConfig != nil { + envMap["NO_PROXY"] = strings.Join(s.proxyConfig.NoProxy, ",") + } + + return s.helm.UpgradeChartWithValuesFile( + ctx, + bundle.TinkerbellStack.TinkebellChart.Name, + fmt.Sprintf("oci://%s", s.localRegistryURL(bundle.TinkerbellStack.TinkebellChart.Image())), + bundle.TinkerbellStack.TinkebellChart.Tag(), + kubeconfig, + "", + "", + helm.WithProxyConfig(envMap), + ) +} diff --git a/pkg/providers/tinkerbell/stack/stack_test.go b/pkg/providers/tinkerbell/stack/stack_test.go index 638adccd64dce..4d3e44b249aee 100644 --- a/pkg/providers/tinkerbell/stack/stack_test.go +++ b/pkg/providers/tinkerbell/stack/stack_test.go @@ -58,10 +58,18 @@ func getTinkBundle() releasev1alpha1.TinkerbellBundle { Rufio: releasev1alpha1.Image{ URI: "public.ecr.aws/eks-anywhere/rufio:latest", }, + Stack: releasev1alpha1.Image{ + Name: "stack", + URI: "public.ecr.aws/eks-anywhere/tinkerbell/stack:0.1.0", + }, TinkebellChart: releasev1alpha1.Image{ Name: helmChartName, URI: helmChartURI, }, + TinkerbellCrds: releasev1alpha1.Image{ + Name: "tinkerbellCrds", + URI: "public.ecr.aws/eks-anywhere/tinkerbell/tinkerbell-crds:0.1.0", + }, }, KubeVip: releasev1alpha1.Image{ URI: "public.ecr.aws/eks-anywhere/kube-vip:latest", @@ -112,16 +120,6 @@ func TestTinkerbellStackInstallWithDifferentOptions(t *testing.T) { proxyConfig *v1alpha1.ProxyConfiguration opts []stack.InstallOption }{ - { - name: "with_namespace_create_true", - expectedFile: "testdata/expected_with_namespace_create_true.yaml", - opts: []stack.InstallOption{stack.WithNamespaceCreate(true)}, - }, - { - name: "with_namespace_create_false", - expectedFile: "testdata/expected_with_namespace_create_false.yaml", - opts: []stack.InstallOption{stack.WithNamespaceCreate(false)}, - }, { name: "with_boots_on_docker", expectedFile: "testdata/expected_with_boots_on_docker.yaml", @@ -143,16 +141,6 @@ func TestTinkerbellStackInstallWithDifferentOptions(t *testing.T) { expectedFile: "testdata/expected_with_host_port_enabled_false.yaml", opts: []stack.InstallOption{stack.WithHostPortEnabled(false)}, }, - { - name: "with_envoy_enabled_true", - expectedFile: "testdata/expected_with_envoy_enabled_true.yaml", - opts: []stack.InstallOption{stack.WithEnvoyEnabled(true)}, - }, - { - name: "with_envoy_enabled_false", - expectedFile: "testdata/expected_with_envoy_enabled_false.yaml", - opts: []stack.InstallOption{stack.WithEnvoyEnabled(false)}, - }, { name: "with_load_balancer_enabled_true", expectedFile: "testdata/expected_with_load_balancer_enabled_true.yaml", @@ -167,9 +155,7 @@ func TestTinkerbellStackInstallWithDifferentOptions(t *testing.T) { name: "with_kubernetes_options", expectedFile: "testdata/expected_with_kubernetes_options.yaml", opts: []stack.InstallOption{ - stack.WithNamespaceCreate(true), stack.WithBootsOnKubernetes(), - stack.WithEnvoyEnabled(true), stack.WithLoadBalancerEnabled(true), }, }, @@ -178,10 +164,8 @@ func TestTinkerbellStackInstallWithDifferentOptions(t *testing.T) { expectedFile: "testdata/expected_with_docker_options.yaml", installOnDocker: true, opts: []stack.InstallOption{ - stack.WithNamespaceCreate(false), stack.WithBootsOnDocker(), stack.WithHostPortEnabled(true), - stack.WithEnvoyEnabled(false), stack.WithLoadBalancerEnabled(false), }, }, @@ -229,16 +213,15 @@ func TestTinkerbellStackInstallWithDifferentOptions(t *testing.T) { t.Setenv("REGISTRY_USERNAME", "username") t.Setenv("REGISTRY_PASSWORD", "password") helm.EXPECT().RegistryLogin(ctx, "1.2.3.4:443", "username", "password") - helm.EXPECT().InstallChartWithValuesFile(ctx, helmChartName, "oci://1.2.3.4:443/custom/eks-anywhere/tinkerbell/tinkerbell-chart", helmChartVersion, cluster.KubeconfigFile, generatedOverridesPath) - + helm.EXPECT().UpgradeChartWithValuesFile(ctx, "stack", fmt.Sprintf("oci://%s", "1.2.3.4:443/custom/eks-anywhere/tinkerbell/stack"), helmChartVersion, cluster.KubeconfigFile, constants.EksaSystemNamespace, generatedOverridesPath, gomock.Any()) } else { - helm.EXPECT().InstallChartWithValuesFile(ctx, helmChartName, fmt.Sprintf("oci://%s", helmChartPath), helmChartVersion, cluster.KubeconfigFile, generatedOverridesPath) + helm.EXPECT().UpgradeChartWithValuesFile(ctx, "stack", fmt.Sprintf("oci://%s", "public.ecr.aws/eks-anywhere/tinkerbell/stack"), helmChartVersion, cluster.KubeconfigFile, constants.EksaSystemNamespace, generatedOverridesPath, gomock.Any()) } if stackTest.installOnDocker { docker.EXPECT().Run(ctx, "public.ecr.aws/eks-anywhere/boots:latest", boots, - []string{"-kubeconfig", "/kubeconfig", "-dhcp-addr", "0.0.0.0:67", "-osie-path-override", "https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook"}, + []string{"-backend-kube-config", "/kubeconfig", "-dhcp-addr", "0.0.0.0:67", "-osie-url", "https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook", "-tink-server", "1.2.3.4:42113"}, "-v", gomock.Any(), "--network", "host", "-e", gomock.Any(), @@ -247,7 +230,6 @@ func TestTinkerbellStackInstallWithDifferentOptions(t *testing.T) { "-e", gomock.Any(), "-e", gomock.Any(), "-e", gomock.Any(), - "-e", gomock.Any(), ) } @@ -360,7 +342,7 @@ func TestUpgrade(t *testing.T) { helm.EXPECT(). UpgradeChartWithValuesFile(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), - gomock.Any(), gomock.Any(), gomock.Any()) + gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()) s := stack.NewInstaller(docker, writer, helm, constants.EksaSystemNamespace, "192.168.0.0/16", nil, nil) err := s.Upgrade(ctx, getTinkBundle(), testIP, cluster.KubeconfigFile, "") @@ -435,7 +417,7 @@ func TestUpgradeWithProxy(t *testing.T) { ctx = context.Background() ) - helm.EXPECT().UpgradeChartWithValuesFile(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()) + helm.EXPECT().UpgradeChartWithValuesFile(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()) proxyConfiguration := &v1alpha1.ProxyConfiguration{ HttpProxy: "1.2.3.4", @@ -452,3 +434,61 @@ func TestUpgradeWithProxy(t *testing.T) { assertYamlFilesEqual(t, "testdata/expected_upgrade_with_proxy.yaml", valuesFile) } + +func TestUpgradeCRDsChart(t *testing.T) { + mockCtrl := gomock.NewController(t) + docker := mocks.NewMockDocker(mockCtrl) + helm := mocks.NewMockHelm(mockCtrl) + + _, writer := test.NewWriter(t) + cluster := &types.Cluster{Name: "test"} + ctx := context.Background() + + helm.EXPECT(). + UpgradeChartWithValuesFile(ctx, "tinkerbellCrds", fmt.Sprintf("oci://%s", "public.ecr.aws/eks-anywhere/tinkerbell/tinkerbell-crds"), helmChartVersion, + cluster.KubeconfigFile, constants.EksaSystemNamespace, "", gomock.Any()) + s := stack.NewInstaller(docker, writer, helm, constants.EksaSystemNamespace, "192.168.0.0/16", nil, nil) + + err := s.UpgradeCRDs(ctx, getTinkBundle(), cluster.KubeconfigFile) + assert.NoError(t, err) +} + +func TestLegacyUpgrade(t *testing.T) { + mockCtrl := gomock.NewController(t) + docker := mocks.NewMockDocker(mockCtrl) + helm := mocks.NewMockHelm(mockCtrl) + + _, writer := test.NewWriter(t) + cluster := &types.Cluster{Name: "test"} + ctx := context.Background() + + helm.EXPECT(). + UpgradeChartWithValuesFile(ctx, "tinkerbell-chart", fmt.Sprintf("oci://%s", "public.ecr.aws/eks-anywhere/tinkerbell/tinkerbell-chart"), helmChartVersion, + cluster.KubeconfigFile, "", "", gomock.Any()) + s := stack.NewInstaller(docker, writer, helm, constants.EksaSystemNamespace, "192.168.0.0/16", nil, nil) + + err := s.UpgradeLegacy(ctx, getTinkBundle(), cluster.KubeconfigFile) + assert.NoError(t, err) +} + +func TestUninstall(t *testing.T) { + mockCtrl := gomock.NewController(t) + docker := mocks.NewMockDocker(mockCtrl) + helm := mocks.NewMockHelm(mockCtrl) + + _, writer := test.NewWriter(t) + cluster := &types.Cluster{Name: "test"} + ctx := context.Background() + + helm.EXPECT().UpgradeChartWithValuesFile(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()) + helm.EXPECT(). + Uninstall(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), + gomock.Any()) + s := stack.NewInstaller(docker, writer, helm, constants.EksaSystemNamespace, "192.168.0.0/16", nil, nil) + + err := s.Upgrade(ctx, getTinkBundle(), testIP, cluster.KubeconfigFile, "") + assert.NoError(t, err) + + err = s.Uninstall(ctx, getTinkBundle(), cluster.KubeconfigFile) + assert.NoError(t, err) +} diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_upgrade.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_upgrade.yaml index 1ac5a188028d4..17e9e81a96df0 100755 --- a/pkg/providers/tinkerbell/stack/testdata/expected_upgrade.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_upgrade.yaml @@ -1,33 +1,57 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_upgrade_with_proxy.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_upgrade_with_proxy.yaml index e3acca1366bf2..048c66992b188 100755 --- a/pkg/providers/tinkerbell/stack/testdata/expected_upgrade_with_proxy.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_upgrade_with_proxy.yaml @@ -1,34 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://my-local-web-server/hook - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest HTTP_PROXY=1.2.3.4 HTTPS_PROXY=1.2.3.4 NO_PROXY=localhost,.svc + hostNetwork: true + http: + osieUrl: + host: my-local-web-server + path: /hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_boots_on_docker.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_boots_on_docker.yaml index 15d107ddcd95a..1dd0d0ae97f47 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_boots_on_docker.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_boots_on_docker.yaml @@ -1,40 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: false - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest - image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" + image: public.ecr.aws/eks-anywhere/boots:latest + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_boots_on_kubernetes.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_boots_on_kubernetes.yaml index 8cb51eab27783..fc78f53bb3472 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_boots_on_kubernetes.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_boots_on_kubernetes.yaml @@ -1,40 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest + deploy: true + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_docker_options.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_docker_options.yaml index 5a12eb39ea37e..e870bc099c288 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_docker_options.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_docker_options.yaml @@ -1,40 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: false - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest - image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: true -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: true + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" + image: public.ecr.aws/eks-anywhere/boots:latest + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: true + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_envoy_enabled_false.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_envoy_enabled_false.yaml deleted file mode 100644 index 8cb51eab27783..0000000000000 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_envoy_enabled_false.yaml +++ /dev/null @@ -1,40 +0,0 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: - - name: DATA_MODEL_VERSION - value: kubernetes - - name: TINKERBELL_TLS - value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS - value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest - image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_envoy_enabled_true.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_envoy_enabled_true.yaml deleted file mode 100644 index e98728f3a5b07..0000000000000 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_envoy_enabled_true.yaml +++ /dev/null @@ -1,40 +0,0 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: - - name: DATA_MODEL_VERSION - value: kubernetes - - name: TINKERBELL_TLS - value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS - value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest - image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: true - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_hook_override.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_hook_override.yaml index 295872f84d79d..a418799336907 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_hook_override.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_hook_override.yaml @@ -1,40 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://my-local-web-server/hook - deploy: true - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest + deploy: true + hostNetwork: true + http: + osieUrl: + host: my-local-web-server + path: /hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_host_port_enabled_false.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_host_port_enabled_false.yaml index 8cb51eab27783..fc78f53bb3472 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_host_port_enabled_false.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_host_port_enabled_false.yaml @@ -1,40 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest + deploy: true + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_host_port_enabled_true.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_host_port_enabled_true.yaml index 7aa5851589df0..b9e781fe8d449 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_host_port_enabled_true.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_host_port_enabled_true.yaml @@ -1,40 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest + deploy: true + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: true -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: true + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: true + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_kubernetes_options.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_kubernetes_options.yaml index 2b9e295487163..bf6f76cc0db5e 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_kubernetes_options.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_kubernetes_options.yaml @@ -1,40 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest - image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: true -envoy: deploy: true - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: true - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" + image: public.ecr.aws/eks-anywhere/boots:latest + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: true + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_load_balancer_enabled_false.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_load_balancer_enabled_false.yaml index 8cb51eab27783..fc78f53bb3472 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_load_balancer_enabled_false.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_load_balancer_enabled_false.yaml @@ -1,40 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest + deploy: true + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_load_balancer_enabled_true.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_load_balancer_enabled_true.yaml index 3e659b572ebad..bf6f76cc0db5e 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_load_balancer_enabled_true.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_load_balancer_enabled_true.yaml @@ -1,40 +1,58 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest - image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: deploy: true - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" + image: public.ecr.aws/eks-anywhere/boots:latest + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: true + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_namespace_create_false.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_namespace_create_false.yaml deleted file mode 100644 index 8cb51eab27783..0000000000000 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_namespace_create_false.yaml +++ /dev/null @@ -1,40 +0,0 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: - - name: DATA_MODEL_VERSION - value: kubernetes - - name: TINKERBELL_TLS - value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS - value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest - image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_namespace_create_true.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_namespace_create_true.yaml deleted file mode 100644 index 088a729fc3eb1..0000000000000 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_namespace_create_true.yaml +++ /dev/null @@ -1,40 +0,0 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: - - name: DATA_MODEL_VERSION - value: kubernetes - - name: TINKERBELL_TLS - value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS - value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest - image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: true -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_proxy_config.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_proxy_config.yaml index bb14e0b331824..541bca991d94e 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_proxy_config.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_proxy_config.yaml @@ -1,41 +1,59 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=public.ecr.aws/eks-anywhere/tink-worker:latest HTTP_PROXY=1.2.3.4:3128 HTTPS_PROXY=1.2.3.4:3128 NO_PROXY= + deploy: true + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: public.ecr.aws/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/stack/testdata/expected_with_registry_mirror.yaml b/pkg/providers/tinkerbell/stack/testdata/expected_with_registry_mirror.yaml index f669c302d0f6d..8b881ec4d11e4 100644 --- a/pkg/providers/tinkerbell/stack/testdata/expected_with_registry_mirror.yaml +++ b/pkg/providers/tinkerbell/stack/testdata/expected_with_registry_mirror.yaml @@ -1,44 +1,62 @@ -boots: - args: - - -dhcp-addr=0.0.0.0:67 - - -osie-path-override=https://anywhere-assests.eks.amazonaws.com/tinkerbell/hook - deploy: true - env: +hegel: + image: public.ecr.aws/eks-anywhere/hegel:latest + namespace: eksa-system + trustedProxies: + - 192.168.0.0/16 +namespace: eksa-system +rufio: + additionalArgs: + - -metrics-bind-address=127.0.0.1:8080 + image: public.ecr.aws/eks-anywhere/rufio:latest + namespace: eksa-system +smee: + additionalEnv: - name: DATA_MODEL_VERSION value: kubernetes - name: TINKERBELL_TLS value: "false" - - name: TINKERBELL_GRPC_AUTHORITY - value: 1.2.3.4:42113 - name: REGISTRY_USERNAME value: username - name: REGISTRY_PASSWORD value: password - - name: BOOTS_EXTRA_KERNEL_ARGS + - name: SMEE_EXTRA_KERNEL_ARGS value: tink_worker_image=1.2.3.4:443/custom/eks-anywhere/tink-worker:latest insecure_registries=1.2.3.4:443 + deploy: true + hostNetwork: true + http: + osieUrl: + host: anywhere-assests.eks.amazonaws.com + path: /tinkerbell/hook + port: "" + scheme: http + tinkServer: + ip: 1.2.3.4 + port: "42113" image: public.ecr.aws/eks-anywhere/boots:latest -createNamespace: false -envoy: - deploy: false - externalIp: 1.2.3.4 - image: public.ecr.aws/eks-anywhere/envoy:latest -hegel: - env: - - name: HEGEL_TRUSTED_PROXIES - value: 192.168.0.0/16 - image: public.ecr.aws/eks-anywhere/hegel:latest - port: - hostPortEnabled: false -kubevip: - deploy: false - image: public.ecr.aws/eks-anywhere/kube-vip:latest -namespace: eksa-system -rufio: - image: public.ecr.aws/eks-anywhere/rufio:latest -tinkController: - image: public.ecr.aws/eks-anywhere/tink-controller:latest -tinkServer: - args: [] - image: public.ecr.aws/eks-anywhere/tink-server:latest - port: - hostPortEnabled: false + namespace: eksa-system + publicIP: 1.2.3.4 + tinkWorkerImage: 1.2.3.4:443/custom/eks-anywhere/tink-worker:latest + trustedProxies: + - 192.168.0.0/16 +stack: + hook: + enabled: false + hostNetwork: false + kubevip: + additionalEnv: + - name: prometheus_server + value: :2213 + enabled: false + image: public.ecr.aws/eks-anywhere/kube-vip:latest + loadBalancerIP: 1.2.3.4 + relay: + enabled: false + service: + enabled: false +tink: + controller: + image: public.ecr.aws/eks-anywhere/tink-controller:latest + namespace: eksa-system + server: + args: [] + image: public.ecr.aws/eks-anywhere/tink-server:latest diff --git a/pkg/providers/tinkerbell/tinkerbell_test.go b/pkg/providers/tinkerbell/tinkerbell_test.go index 1abfdbe113410..2dbd27a21c580 100644 --- a/pkg/providers/tinkerbell/tinkerbell_test.go +++ b/pkg/providers/tinkerbell/tinkerbell_test.go @@ -589,6 +589,12 @@ func TestPreCAPIInstallOnBootstrapSuccess(t *testing.T) { bundle := clusterSpec.RootVersionsBundle() + stackInstaller.EXPECT().UpgradeCRDs( + ctx, + bundle.Tinkerbell, + "test.kubeconfig", + ) + stackInstaller.EXPECT().Install( ctx, bundle.Tinkerbell, @@ -597,6 +603,8 @@ func TestPreCAPIInstallOnBootstrapSuccess(t *testing.T) { "", gomock.Any(), gomock.Any(), + gomock.Any(), + gomock.Any(), ) err := provider.PreCAPIInstallOnBootstrap(ctx, cluster, clusterSpec) @@ -626,6 +634,12 @@ func TestPostWorkloadInitSuccess(t *testing.T) { bundle := clusterSpec.RootVersionsBundle() + stackInstaller.EXPECT().UpgradeCRDs( + ctx, + bundle.Tinkerbell, + "test.kubeconfig", + ) + stackInstaller.EXPECT().Install( ctx, bundle.Tinkerbell, diff --git a/pkg/providers/tinkerbell/upgrade.go b/pkg/providers/tinkerbell/upgrade.go index 5c4a171aeac07..3fcd771b5e933 100644 --- a/pkg/providers/tinkerbell/upgrade.go +++ b/pkg/providers/tinkerbell/upgrade.go @@ -15,6 +15,7 @@ import ( "github.com/aws/eks-anywhere/pkg/cluster" "github.com/aws/eks-anywhere/pkg/collection" "github.com/aws/eks-anywhere/pkg/constants" + "github.com/aws/eks-anywhere/pkg/executables" "github.com/aws/eks-anywhere/pkg/providers/tinkerbell/hardware" "github.com/aws/eks-anywhere/pkg/providers/tinkerbell/rufiounreleased" "github.com/aws/eks-anywhere/pkg/providers/tinkerbell/stack" @@ -459,7 +460,48 @@ func (p *Provider) PreCoreComponentsUpgrade( // Attempt the upgrade. This should upgrade the stack in the mangement cluster by updating // images, installing new CRDs and possibly removing old ones. - err := p.stackInstaller.Upgrade( + + // Upgrade legacy to add resource policy keep to the crds + err := p.stackInstaller.UpgradeLegacy( + ctx, + managementComponents.Tinkerbell, + cluster.KubeconfigFile, + stack.WithLoadBalancerEnabled( + len(clusterSpec.Cluster.Spec.WorkerNodeGroupConfigurations) != 0 && // load balancer is handled by kube-vip in control plane nodes + !p.datacenterConfig.Spec.SkipLoadBalancerDeployment), // configure load balancer based on datacenterConfig.Spec.SkipLoadBalancerDeployment + ) + if err != nil { + return fmt.Errorf("upgrading stack: %v", err) + } + + // Uninstall + err = p.stackInstaller.Uninstall( + ctx, + managementComponents.Tinkerbell, + cluster.KubeconfigFile, + ) + if err != nil { + return fmt.Errorf("uninstalling old stack: %v", err) + } + + //annotate existing crds to point to new crds chart + err = p.annotateCRDs(ctx, cluster) + if err != nil { + return fmt.Errorf("annotating crds: %v", err) + } + + //upgrade install crds chart + err = p.stackInstaller.UpgradeCRDs( + ctx, + managementComponents.Tinkerbell, + cluster.KubeconfigFile, + ) + if err != nil { + return fmt.Errorf("upgrading crds chart: %v", err) + } + + // upgrade install tink stack chart + err = p.stackInstaller.Upgrade( ctx, managementComponents.Tinkerbell, p.datacenterConfig.Spec.TinkerbellIP, @@ -586,3 +628,61 @@ func toRufioMachines(items []rufiounreleased.BaseboardManagement) []rufiov1.Mach } return machines } + +func (p *Provider) annotateCRDs(ctx context.Context, cluster *types.Cluster) error { + + annotation := map[string]string{ + "meta.helm.sh/release-name": "tinkerbell-crds", + "meta.helm.sh/release-namespace": "eksa-system", + } + + //machine + err := p.providerKubectlClient.UpdateAnnotation(ctx, "customresourcedefinition", "machines.bmc.tinkerbell.org", annotation, + executables.WithCluster(cluster), + executables.WithOverwrite()) + if err != nil { + return fmt.Errorf("annotating rufio machines: %v", err) + } + + // task + err = p.providerKubectlClient.UpdateAnnotation(ctx, "customresourcedefinition", "tasks.bmc.tinkerbell.org", annotation, + executables.WithCluster(cluster), + executables.WithOverwrite()) + if err != nil { + return fmt.Errorf("annotating rufio tasks: %v", err) + } + + // job + err = p.providerKubectlClient.UpdateAnnotation(ctx, "customresourcedefinition", "jobs.bmc.tinkerbell.org", annotation, + executables.WithCluster(cluster), + executables.WithOverwrite()) + if err != nil { + return fmt.Errorf("annotating rufio jobs: %v", err) + } + + // hardware + err = p.providerKubectlClient.UpdateAnnotation(ctx, "customresourcedefinition", "hardware.tinkerbell.org", annotation, + executables.WithCluster(cluster), + executables.WithOverwrite()) + if err != nil { + return fmt.Errorf("annotating tinkerbell hardware: %v", err) + } + + // template + err = p.providerKubectlClient.UpdateAnnotation(ctx, "customresourcedefinition", "templates.tinkerbell.org", annotation, + executables.WithCluster(cluster), + executables.WithOverwrite()) + if err != nil { + return fmt.Errorf("annotating tinkerbell templates: %v", err) + } + + // workflow + err = p.providerKubectlClient.UpdateAnnotation(ctx, "customresourcedefinition", "workflows.tinkerbell.org", annotation, + executables.WithCluster(cluster), + executables.WithOverwrite()) + if err != nil { + return fmt.Errorf("annotating tinkerbell workflows: %v", err) + } + + return nil +} diff --git a/pkg/providers/tinkerbell/upgrade_test.go b/pkg/providers/tinkerbell/upgrade_test.go index ebc0e62d3acac..7e761cee22ac7 100644 --- a/pkg/providers/tinkerbell/upgrade_test.go +++ b/pkg/providers/tinkerbell/upgrade_test.go @@ -76,6 +76,35 @@ func TestProviderPreCoreComponentsUpgrade_StackUpgradeError(t *testing.T) { tconfig := NewPreCoreComponentsUpgradeTestConfig(t) expect := "foobar" + tconfig.Installer.EXPECT(). + UpgradeLegacy( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + gomock.Any(), + ) + tconfig.Installer.EXPECT(). + Uninstall( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + ) + tconfig.KubeClient.EXPECT(). + UpdateAnnotation( + gomock.Any(), + "customresourcedefinition", + gomock.Any(), + gomock.Any(), + gomock.Any(), + gomock.Any(), + ).Times(6) + tconfig.Installer.EXPECT(). + UpgradeCRDs( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + gomock.Any(), + ) tconfig.Installer.EXPECT(). Upgrade( gomock.Any(), @@ -101,6 +130,35 @@ func TestProviderPreCoreComponentsUpgrade_StackUpgradeError(t *testing.T) { func TestProviderPreCoreComponentsUpgrade_HasBaseboardManagementCRDError(t *testing.T) { tconfig := NewPreCoreComponentsUpgradeTestConfig(t) + tconfig.Installer.EXPECT(). + UpgradeLegacy( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + gomock.Any(), + ) + tconfig.Installer.EXPECT(). + Uninstall( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + ) + tconfig.KubeClient.EXPECT(). + UpdateAnnotation( + gomock.Any(), + "customresourcedefinition", + gomock.Any(), + gomock.Any(), + gomock.Any(), + gomock.Any(), + ).Times(6) + tconfig.Installer.EXPECT(). + UpgradeCRDs( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + gomock.Any(), + ) tconfig.Installer.EXPECT(). Upgrade( gomock.Any(), @@ -135,6 +193,35 @@ func TestProviderPreCoreComponentsUpgrade_HasBaseboardManagementCRDError(t *test func TestProviderPreCoreComponentsUpgrade_NoBaseboardManagementCRD(t *testing.T) { tconfig := NewPreCoreComponentsUpgradeTestConfig(t) + tconfig.Installer.EXPECT(). + UpgradeLegacy( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + gomock.Any(), + ) + tconfig.Installer.EXPECT(). + Uninstall( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + ) + tconfig.KubeClient.EXPECT(). + UpdateAnnotation( + gomock.Any(), + "customresourcedefinition", + gomock.Any(), + gomock.Any(), + gomock.Any(), + gomock.Any(), + ).Times(6) + tconfig.Installer.EXPECT(). + UpgradeCRDs( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + gomock.Any(), + ) tconfig.Installer.EXPECT(). Upgrade( gomock.Any(), @@ -445,6 +532,35 @@ func TestProviderPreCoreComponentsUpgrade_RufioConversions(t *testing.T) { // Configure the mocks to successfully upgrade the Tinkerbell stack using the installer // and identify the need to convert deprecated Rufio custom resources. + tconfig.Installer.EXPECT(). + UpgradeLegacy( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + gomock.Any(), + ) + tconfig.Installer.EXPECT(). + Uninstall( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + ) + tconfig.KubeClient.EXPECT(). + UpdateAnnotation( + gomock.Any(), + "customresourcedefinition", + gomock.Any(), + gomock.Any(), + gomock.Any(), + gomock.Any(), + ).Times(6) + tconfig.Installer.EXPECT(). + UpgradeCRDs( + gomock.Any(), + tconfig.managementComponents.Tinkerbell, + tconfig.Management.KubeconfigFile, + gomock.Any(), + ) tconfig.Installer.EXPECT(). Upgrade( gomock.Any(),