Skip to content

Commit

Permalink
support unregister cluster in karmada
Browse files Browse the repository at this point in the history
Signed-off-by: wulemao <[email protected]>
  • Loading branch information
wulemao committed Oct 24, 2024
1 parent e204459 commit d654302
Show file tree
Hide file tree
Showing 9 changed files with 396 additions and 53 deletions.
1 change: 1 addition & 0 deletions artifacts/deploy/bootstrap-token-configuration.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ rules:
- watch
- patch
- update
- delete
- apiGroups:
- cluster.karmada.io
resources:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,7 @@ rules:
- watch
- patch
- update
- delete
- apiGroups:
- cluster.karmada.io
resources:
Expand Down
2 changes: 1 addition & 1 deletion pkg/karmadactl/cmdinit/karmada/rbac.go
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ func grantAccessPermissionToAgent(clientSet kubernetes.Interface) error {
{
APIGroups: []string{"cluster.karmada.io"},
Resources: []string{"clusters"},
Verbs: []string{"create", "get", "list", "watch", "patch", "update"},
Verbs: []string{"create", "get", "list", "watch", "patch", "update", "delete"},
},
{
APIGroups: []string{"cluster.karmada.io"},
Expand Down
2 changes: 2 additions & 0 deletions pkg/karmadactl/karmadactl.go
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ import (
"github.com/karmada-io/karmada/pkg/karmadactl/token"
"github.com/karmada-io/karmada/pkg/karmadactl/top"
"github.com/karmada-io/karmada/pkg/karmadactl/unjoin"
"github.com/karmada-io/karmada/pkg/karmadactl/unregister"
"github.com/karmada-io/karmada/pkg/karmadactl/util"
utilcomp "github.com/karmada-io/karmada/pkg/karmadactl/util/completion"
"github.com/karmada-io/karmada/pkg/version/sharedcommand"
Expand Down Expand Up @@ -123,6 +124,7 @@ func NewKarmadaCtlCommand(cmdUse, parentCommand string) *cobra.Command {
unjoin.NewCmdUnjoin(f, parentCommand),
token.NewCmdToken(f, parentCommand, ioStreams),
register.NewCmdRegister(parentCommand),
unregister.NewCmdUnregister(parentCommand),
},
},
{
Expand Down
28 changes: 17 additions & 11 deletions pkg/karmadactl/register/register.go
Original file line number Diff line number Diff line change
Expand Up @@ -90,8 +90,14 @@ const (
// KarmadaAgentKubeConfigFileName defines the file name for the kubeconfig that the karmada-agent will use to do
// the TLS bootstrap to get itself an unique credential
KarmadaAgentKubeConfigFileName = "karmada-agent.conf"
// KarmadaKubeconfigName is the name of karmada kubeconfig
KarmadaKubeconfigName = "karmada-kubeconfig"
// KarmadaConfigSecretName is the secret name of karmada config for agent
KarmadaConfigSecretName = "karmada-agent-config"

Check failure on line 94 in pkg/karmadactl/register/register.go

View workflow job for this annotation

GitHub Actions / lint

G101: Potential hardcoded credentials (gosec)
// KarmadaConfigSecretKey is the key name in karmada config secret
KarmadaConfigSecretKey = "karmada.config"

Check failure on line 96 in pkg/karmadactl/register/register.go

View workflow job for this annotation

GitHub Actions / lint

G101: Potential hardcoded credentials (gosec)
// KarmadaConfigVolume is the volume name to mount karmada config secret
KarmadaConfigVolume = "karmada-config"
// KarmadaConfigMountPath is the mount path of karmada config secret
KarmadaConfigMountPath = "/etc/karmada/config"
// KarmadaAgentName is the name of karmada-agent
KarmadaAgentName = "karmada-agent"
// KarmadaAgentServiceAccountName is the name of karmada-agent serviceaccount
Expand Down Expand Up @@ -419,9 +425,9 @@ func (o *CommandRegisterOption) preflight() []error {
// check if relative resources already exist in member cluster
_, err := o.memberClusterClient.CoreV1().Namespaces().Get(context.TODO(), o.Namespace, metav1.GetOptions{})
if err == nil {
_, err = o.memberClusterClient.CoreV1().Secrets(o.Namespace).Get(context.TODO(), KarmadaKubeconfigName, metav1.GetOptions{})
_, err = o.memberClusterClient.CoreV1().Secrets(o.Namespace).Get(context.TODO(), KarmadaConfigSecretName, metav1.GetOptions{})
if err == nil {
errlist = append(errlist, fmt.Errorf("%s/%s Secret already exists", o.Namespace, KarmadaKubeconfigName))
errlist = append(errlist, fmt.Errorf("%s/%s Secret already exists", o.Namespace, KarmadaConfigSecretName))
} else if !apierrors.IsNotFound(err) {
errlist = append(errlist, err)
}
Expand Down Expand Up @@ -605,12 +611,12 @@ func (o *CommandRegisterOption) createSecretAndRBACInMemberCluster(karmadaAgentC
Kind: "Secret",
},
ObjectMeta: metav1.ObjectMeta{
Name: KarmadaKubeconfigName,
Name: KarmadaConfigSecretName,
Namespace: o.Namespace,
Labels: labels,
},
Type: corev1.SecretTypeOpaque,
StringData: map[string]string{KarmadaKubeconfigName: string(configBytes)},
StringData: map[string]string{KarmadaConfigSecretKey: string(configBytes)},
}

// create karmada-kubeconfig secret to be used by karmada-agent component.
Expand Down Expand Up @@ -711,7 +717,7 @@ func (o *CommandRegisterOption) makeKarmadaAgentDeployment() *appsv1.Deployment
Image: o.KarmadaAgentImage,
Command: []string{
"/bin/karmada-agent",
"--karmada-kubeconfig=/etc/kubeconfig/karmada-kubeconfig",
fmt.Sprintf("--karmada-kubeconfig=%s", filepath.Join(KarmadaConfigMountPath, KarmadaConfigSecretKey)),
fmt.Sprintf("--cluster-name=%s", o.ClusterName),
fmt.Sprintf("--cluster-api-endpoint=%s", o.memberClusterEndpoint),
fmt.Sprintf("--cluster-provider=%s", o.ClusterProvider),
Expand All @@ -735,18 +741,18 @@ func (o *CommandRegisterOption) makeKarmadaAgentDeployment() *appsv1.Deployment
},
VolumeMounts: []corev1.VolumeMount{
{
Name: "kubeconfig",
MountPath: "/etc/kubeconfig",
Name: KarmadaConfigVolume,
MountPath: KarmadaConfigMountPath,
},
},
},
},
Volumes: []corev1.Volume{
{
Name: "kubeconfig",
Name: KarmadaConfigVolume,
VolumeSource: corev1.VolumeSource{
Secret: &corev1.SecretVolumeSource{
SecretName: KarmadaKubeconfigName,
SecretName: KarmadaConfigSecretName,
},
},
},
Expand Down
42 changes: 1 addition & 41 deletions pkg/karmadactl/unjoin/unjoin.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,11 @@ limitations under the License.
package unjoin

import (
"context"
"fmt"
"time"

"github.com/spf13/cobra"
"github.com/spf13/pflag"
apierrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/wait"
kubeclient "k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
"k8s.io/klog/v2"
Expand Down Expand Up @@ -187,7 +183,7 @@ func (j *CommandUnjoinOption) RunUnJoinCluster(controlPlaneRestConfig, clusterCo
controlPlaneKarmadaClient := karmadaclientset.NewForConfigOrDie(controlPlaneRestConfig)

// delete the cluster object in host cluster that associates the unjoining cluster
err := j.deleteClusterObject(controlPlaneKarmadaClient)
err := cmdutil.DeleteClusterObject(controlPlaneKarmadaClient, j.ClusterName, j.Wait, j.DryRun)
if err != nil {
klog.Errorf("Failed to delete cluster object. cluster name: %s, error: %v", j.ClusterName, err)
return err
Expand Down Expand Up @@ -225,42 +221,6 @@ func (j *CommandUnjoinOption) RunUnJoinCluster(controlPlaneRestConfig, clusterCo
return nil
}

// deleteClusterObject delete the cluster object in host cluster that associates the unjoining cluster
func (j *CommandUnjoinOption) deleteClusterObject(controlPlaneKarmadaClient *karmadaclientset.Clientset) error {
if j.DryRun {
return nil
}

err := controlPlaneKarmadaClient.ClusterV1alpha1().Clusters().Delete(context.TODO(), j.ClusterName, metav1.DeleteOptions{})
if apierrors.IsNotFound(err) {
return fmt.Errorf("no cluster object %s found in karmada control Plane", j.ClusterName)
}
if err != nil {
klog.Errorf("Failed to delete cluster object. cluster name: %s, error: %v", j.ClusterName, err)
return err
}

// make sure the given cluster object has been deleted
err = wait.PollUntilContextTimeout(context.TODO(), 1*time.Second, j.Wait, false, func(context.Context) (done bool, err error) {
_, err = controlPlaneKarmadaClient.ClusterV1alpha1().Clusters().Get(context.TODO(), j.ClusterName, metav1.GetOptions{})
if apierrors.IsNotFound(err) {
return true, nil
}
if err != nil {
klog.Errorf("Failed to get cluster %s. err: %v", j.ClusterName, err)
return false, err
}
klog.Infof("Waiting for the cluster object %s to be deleted", j.ClusterName)
return false, nil
})
if err != nil {
klog.Errorf("Failed to delete cluster object. cluster name: %s, error: %v", j.ClusterName, err)
return err
}

return nil
}

// deleteRBACResources deletes the cluster role, cluster rolebindings from the unjoining cluster.
func deleteRBACResources(clusterKubeClient kubeclient.Interface, unjoiningClusterName string, forceDeletion, dryRun bool) error {
if dryRun {
Expand Down
Loading

0 comments on commit d654302

Please sign in to comment.