From a3225cd951c11ff1a895972da3b3342de1eb7a0c Mon Sep 17 00:00:00 2001 From: Jan Schoone Date: Thu, 22 May 2025 09:48:21 +0200 Subject: [PATCH] feat(cluster-addons): Use clouds.yaml instead of cloud.conf Signed-off-by: Jan Schoone --- providers/openstack/scs/README.md | 8 +++-- .../scs/cluster-addon/ccm/values.yaml | 18 ++++++++--- .../scs/cluster-addon/csi/values.yaml | 32 ++++++++++++++++--- .../templates/cluster-resource-set.yaml | 12 +++++++ 4 files changed, 58 insertions(+), 12 deletions(-) create mode 100644 providers/openstack/scs/cluster-class/templates/cluster-resource-set.yaml diff --git a/providers/openstack/scs/README.md b/providers/openstack/scs/README.md index 6533d842..d62567a8 100644 --- a/providers/openstack/scs/README.md +++ b/providers/openstack/scs/README.md @@ -52,8 +52,12 @@ kubectl create namespace cluster ``` ``` -# Add secret using csp-helper chart -helm upgrade -i openstack-secrets -n cluster --create-namespace https://github.com/SovereignCloudStack/openstack-csp-helper/releases/latest/download/openstack-csp-helper.tgz -f +# Prepare the Secret as it will be deployed in the Workload Cluster +kubectl create secret -n kube-system generic clouds-yaml --from-file= --dry-run=client -oyaml > clouds-yaml-secret + +# Add the Secret to the ClusterResourceSet Secret in the Management Cluster +kubectl create -n cluster secret generic clouds-yaml --from-file=clouds-yaml-secret --type=addons.cluster.x-k8s.io/resource-set + ``` ```sh diff --git a/providers/openstack/scs/cluster-addon/ccm/values.yaml b/providers/openstack/scs/cluster-addon/ccm/values.yaml index 770706c7..3f290366 100644 --- a/providers/openstack/scs/cluster-addon/ccm/values.yaml +++ b/providers/openstack/scs/cluster-addon/ccm/values.yaml @@ -1,13 +1,21 @@ openstack-cloud-controller-manager: secret: enabled: true - name: cloud-config - create: false + name: ccm-cloud-config + create: true nodeSelector: - node-role.kubernetes.io/control-plane: "" tolerations: - key: node.cloudprovider.kubernetes.io/uninitialized value: "true" effect: NoSchedule - - key: node-role.kubernetes.io/control-plane - effect: NoSchedule + extraVolumes: + - name: clouds-yaml + secret: + secretName: clouds-yaml + extraVolumeMounts: + - name: clouds-yaml + readOnly: true + mountPath: /etc/openstack + cloudConfig: + global: + use-clouds: true diff --git a/providers/openstack/scs/cluster-addon/csi/values.yaml b/providers/openstack/scs/cluster-addon/csi/values.yaml index 83817b87..aa41a5f5 100644 --- a/providers/openstack/scs/cluster-addon/csi/values.yaml +++ b/providers/openstack/scs/cluster-addon/csi/values.yaml @@ -1,8 +1,33 @@ openstack-cinder-csi: secret: enabled: true - name: cloud-config - create: false + name: csi-cloud-config + create: true + filename: cloud.conf + data: + cloud.conf: |- + [Global] + use-clouds = "true" + clouds-file = /etc/openstack/clouds.yaml + storageClass: + delete: + isDefault: true + csi: + plugin: + volumes: + - name: clouds-yaml + secret: + secretName: clouds-yaml + - name: cloud-conf + secret: + secretName: csi-cloud-config + volumeMounts: + - name: clouds-yaml + readOnly: true + mountPath: /etc/openstack + - name: cloud-conf + readOnly: true + mountPath: /etc/kubernetes nodeSelector: node-role.kubernetes.io/control-plane: "" tolerations: @@ -11,6 +36,3 @@ openstack-cinder-csi: effect: NoSchedule - key: node-role.kubernetes.io/control-plane effect: NoSchedule - storageClass: - delete: - isDefault: true diff --git a/providers/openstack/scs/cluster-class/templates/cluster-resource-set.yaml b/providers/openstack/scs/cluster-class/templates/cluster-resource-set.yaml new file mode 100644 index 00000000..da7ceff2 --- /dev/null +++ b/providers/openstack/scs/cluster-class/templates/cluster-resource-set.yaml @@ -0,0 +1,12 @@ +apiVersion: addons.cluster.x-k8s.io/v1beta1 +kind: ClusterResourceSet +metadata: + name: {{ .Release.Name }}-{{ .Chart.Version }}-clouds-yaml +spec: + strategy: "Reconcile" + clusterSelector: + matchLabels: + managed-secret: clouds-yaml + resources: + - name: clouds-yaml + kind: Secret