diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index af73ec76..ee707ce7 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -128,6 +128,14 @@ rules: - get - patch - update +- apiGroups: + - karpenter.azure.com + resources: + - aksnodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.k8s.aws resources: @@ -137,11 +145,28 @@ rules: - get - list - watch +- apiGroups: + - karpenter.k8s.gcp + resources: + - gcenodeclasses + verbs: + - get + - list + - watch +- apiGroups: + - karpenter.k8s.oracle + resources: + - ocinodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.sh resources: - machines - nodeclaims + - nodeoverlays - nodepools - provisioners verbs: diff --git a/dist/backend-install.yaml b/dist/backend-install.yaml index cf417d98..aa841383 100644 --- a/dist/backend-install.yaml +++ b/dist/backend-install.yaml @@ -1029,6 +1029,14 @@ rules: - get - patch - update + - apiGroups: + - karpenter.azure.com + resources: + - aksnodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.k8s.aws resources: @@ -1038,11 +1046,28 @@ rules: - get - list - watch + - apiGroups: + - karpenter.k8s.gcp + resources: + - gcenodeclasses + verbs: + - get + - list + - watch + - apiGroups: + - karpenter.k8s.oracle + resources: + - ocinodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.sh resources: - machines - nodeclaims + - nodeoverlays - nodepools - provisioners verbs: diff --git a/dist/install.yaml b/dist/install.yaml index cc5b17c8..dcd34e05 100644 --- a/dist/install.yaml +++ b/dist/install.yaml @@ -1034,6 +1034,14 @@ rules: - get - patch - update +- apiGroups: + - karpenter.azure.com + resources: + - aksnodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.k8s.aws resources: @@ -1043,11 +1051,28 @@ rules: - get - list - watch +- apiGroups: + - karpenter.k8s.gcp + resources: + - gcenodeclasses + verbs: + - get + - list + - watch +- apiGroups: + - karpenter.k8s.oracle + resources: + - ocinodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.sh resources: - machines - nodeclaims + - nodeoverlays - nodepools - provisioners verbs: diff --git a/dist/installer_updater.yaml b/dist/installer_updater.yaml index 5bc89353..08fbd226 100644 --- a/dist/installer_updater.yaml +++ b/dist/installer_updater.yaml @@ -1029,6 +1029,14 @@ rules: - get - patch - update + - apiGroups: + - karpenter.azure.com + resources: + - aksnodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.k8s.aws resources: @@ -1038,11 +1046,28 @@ rules: - get - list - watch + - apiGroups: + - karpenter.k8s.gcp + resources: + - gcenodeclasses + verbs: + - get + - list + - watch + - apiGroups: + - karpenter.k8s.oracle + resources: + - ocinodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.sh resources: - machines - nodeclaims + - nodeoverlays - nodepools - provisioners verbs: diff --git a/dist/zxporter.yaml b/dist/zxporter.yaml index 2ebeeec1..1cbbcdf7 100644 --- a/dist/zxporter.yaml +++ b/dist/zxporter.yaml @@ -266,6 +266,14 @@ rules: - get - patch - update +- apiGroups: + - karpenter.azure.com + resources: + - aksnodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.k8s.aws resources: @@ -275,11 +283,28 @@ rules: - get - list - watch +- apiGroups: + - karpenter.k8s.gcp + resources: + - gcenodeclasses + verbs: + - get + - list + - watch +- apiGroups: + - karpenter.k8s.oracle + resources: + - ocinodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.sh resources: - machines - nodeclaims + - nodeoverlays - nodepools - provisioners verbs: diff --git a/helm-chart/zxporter/templates/zxporter-rbac.yaml b/helm-chart/zxporter/templates/zxporter-rbac.yaml index bb82871f..d7ae9531 100644 --- a/helm-chart/zxporter/templates/zxporter-rbac.yaml +++ b/helm-chart/zxporter/templates/zxporter-rbac.yaml @@ -248,6 +248,14 @@ rules: - get - patch - update +- apiGroups: + - karpenter.azure.com + resources: + - aksnodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.k8s.aws resources: @@ -257,11 +265,28 @@ rules: - get - list - watch +- apiGroups: + - karpenter.k8s.gcp + resources: + - gcenodeclasses + verbs: + - get + - list + - watch +- apiGroups: + - karpenter.k8s.oracle + resources: + - ocinodeclasses + verbs: + - get + - list + - watch - apiGroups: - karpenter.sh resources: - machines - nodeclaims + - nodeoverlays - nodepools - provisioners verbs: diff --git a/internal/collector/karpenter_collector.go b/internal/collector/karpenter_collector.go index 2c161824..dc0e1342 100644 --- a/internal/collector/karpenter_collector.go +++ b/internal/collector/karpenter_collector.go @@ -118,12 +118,44 @@ func (c *KarpenterCollector) Start(ctx context.Context) error { Resource: "machines", Kind: "Machine", }, + + // v1alpha2 resources + { + GroupVersion: schema.GroupVersion{Group: "karpenter.azure.com", Version: "v1alpha2"}, + Resource: "aksnodeclasses", + Kind: "AKSNodeClass", + // https://github.com/Azure/karpenter-provider-azure/blob/main/pkg/apis/crds/karpenter.azure.com_aksnodeclasses.yaml + // https://github.com/Azure/karpenter-provider-azure/tree/main/pkg/apis + }, + // v1alpha1 resources { GroupVersion: schema.GroupVersion{Group: "karpenter.k8s.aws", Version: "v1alpha1"}, Resource: "awsnodetemplates", Kind: "AWSNodeTemplate", }, + { + GroupVersion: schema.GroupVersion{Group: "karpenter.sh", Version: "v1alpha1"}, + Resource: "nodeoverlays", + Kind: "NodeOverlay", + // https://github.com/kubernetes-sigs/karpenter/blob/main/pkg/apis/crds/karpenter.sh_nodeoverlays.yaml + // https://karpenter.sh/docs/concepts/nodeoverlays/ + }, + { + GroupVersion: schema.GroupVersion{Group: "karpenter.k8s.oracle", Version: "v1alpha1"}, + Resource: "ocinodeclasses", + Kind: "OciNodeClass", + // https://github.com/zoom/karpenter-oci/blob/main/pkg/apis/crds/karpenter.k8s.oracle_ocinodeclasses.yaml + // https://github.com/zoom/karpenter-oci/tree/main/pkg/apis + }, + { + GroupVersion: schema.GroupVersion{Group: "karpenter.k8s.gcp", Version: "v1alpha1"}, + Resource: "gcenodeclasses", + Kind: "GCENodeClass", + // https://github.com/cloudpilot-ai/karpenter-provider-gcp/blob/main/charts/karpenter/crds/karpenter.k8s.gcp_gcenodeclasses.yaml + // https://github.com/cloudpilot-ai/karpenter-provider-gcp/tree/main/pkg/apis + }, + // v1beta1 resources { GroupVersion: schema.GroupVersion{Group: "karpenter.sh", Version: "v1beta1"}, @@ -140,6 +172,14 @@ func (c *KarpenterCollector) Start(ctx context.Context) error { Resource: "ec2nodeclasses", Kind: "EC2NodeClass", }, + { + GroupVersion: schema.GroupVersion{Group: "karpenter.azure.com", Version: "v1beta1"}, + Resource: "aksnodeclasses", + Kind: "AKSNodeClass", + // https://github.com/Azure/karpenter-provider-azure/blob/main/pkg/apis/crds/karpenter.azure.com_aksnodeclasses.yaml + // https://github.com/Azure/karpenter-provider-azure/tree/main/pkg/apis + }, + // v1 resources { GroupVersion: schema.GroupVersion{Group: "karpenter.sh", Version: "v1"}, @@ -586,6 +626,18 @@ func (c *KarpenterCollector) extractCommonFields(obj *unstructured.Unstructured) result["finalizers"] = finalizers } + // if status exists, pick it up + status, found, _ := unstructured.NestedMap(obj.Object, "status") + if found { + result["status"] = status + } + + // if spec exists, pick it up + spec, found, _ := unstructured.NestedMap(obj.Object, "spec") + if found { + result["spec"] = spec + } + return result } @@ -765,6 +817,7 @@ func (c *KarpenterCollector) determineKarpenterResourceType(obj *unstructured.Un apiVersion := obj.GetAPIVersion() switch { + // old stuff case kind == "Provisioner" && strings.Contains(apiVersion, "karpenter.sh/v1alpha5"): return KarpenterResource{ GroupVersion: schema.GroupVersion{Group: "karpenter.sh", Version: "v1alpha5"}, @@ -777,23 +830,31 @@ func (c *KarpenterCollector) determineKarpenterResourceType(obj *unstructured.Un Resource: "machines", Kind: "Machine", }, nil - case kind == "AWSNodeTemplate" && strings.Contains(apiVersion, "karpenter.k8s.aws/v1alpha1"): - return KarpenterResource{ - GroupVersion: schema.GroupVersion{Group: "karpenter.k8s.aws", Version: "v1alpha1"}, - Resource: "awsnodetemplates", - Kind: "AWSNodeTemplate", - }, nil + + // default types case kind == "NodeClaim" && strings.Contains(apiVersion, "karpenter.sh/v1alpha5"): return KarpenterResource{ GroupVersion: schema.GroupVersion{Group: "karpenter.sh", Version: "v1alpha5"}, Resource: "nodeclaims", Kind: "NodeClaim", }, nil - case kind == "EC2NodeClass" && strings.Contains(apiVersion, "karpenter.k8s.aws/v1beta1"): + case kind == "NodeClaim" && strings.Contains(apiVersion, "karpenter.sh/v1"): return KarpenterResource{ - GroupVersion: schema.GroupVersion{Group: "karpenter.k8s.aws", Version: "v1beta1"}, - Resource: "ec2nodeclasses", - Kind: "EC2NodeClass", + GroupVersion: schema.GroupVersion{Group: "karpenter.sh", Version: "v1"}, + Resource: "nodeclaims", + Kind: "NodeClaim", + }, nil + case kind == "NodeOverlay" && strings.Contains(apiVersion, "karpenter.sh/v1alpha1"): + return KarpenterResource{ + GroupVersion: schema.GroupVersion{Group: "karpenter.sh", Version: "v1alpha1"}, + Resource: "nodeoverlays", + Kind: "NodeOverlay", + }, nil + case kind == "NodePool" && strings.Contains(apiVersion, "karpenter.sh/v1beta1"): + return KarpenterResource{ + GroupVersion: schema.GroupVersion{Group: "karpenter.sh", Version: "v1beta1"}, + Resource: "nodepools", + Kind: "NodePool", }, nil case kind == "NodePool" && strings.Contains(apiVersion, "karpenter.sh/v1"): return KarpenterResource{ @@ -801,11 +862,19 @@ func (c *KarpenterCollector) determineKarpenterResourceType(obj *unstructured.Un Resource: "nodepools", Kind: "NodePool", }, nil - case kind == "NodeClaim" && strings.Contains(apiVersion, "karpenter.sh/v1"): + + // aws specific + case kind == "AWSNodeTemplate" && strings.Contains(apiVersion, "karpenter.k8s.aws/v1alpha1"): return KarpenterResource{ - GroupVersion: schema.GroupVersion{Group: "karpenter.sh", Version: "v1"}, - Resource: "nodeclaims", - Kind: "NodeClaim", + GroupVersion: schema.GroupVersion{Group: "karpenter.k8s.aws", Version: "v1alpha1"}, + Resource: "awsnodetemplates", + Kind: "AWSNodeTemplate", + }, nil + case kind == "EC2NodeClass" && strings.Contains(apiVersion, "karpenter.k8s.aws/v1beta1"): + return KarpenterResource{ + GroupVersion: schema.GroupVersion{Group: "karpenter.k8s.aws", Version: "v1beta1"}, + Resource: "ec2nodeclasses", + Kind: "EC2NodeClass", }, nil case kind == "EC2NodeClass" && strings.Contains(apiVersion, "karpenter.k8s.aws/v1"): return KarpenterResource{ @@ -813,6 +882,31 @@ func (c *KarpenterCollector) determineKarpenterResourceType(obj *unstructured.Un Resource: "ec2nodeclasses", Kind: "EC2NodeClass", }, nil + + // azure specific + case kind == "AKSNodeClass" && strings.Contains(apiVersion, "karpenter.azure.com/v1alpha2"): + return KarpenterResource{ + GroupVersion: schema.GroupVersion{Group: "karpenter.azure.com", Version: "v1alpha2"}, + Resource: "aksnodeclasses", + Kind: "AKSNodeClass", + }, nil + + // oracle specific + case kind == "OciNodeClass" && strings.Contains(apiVersion, "karpenter.k8s.oracle/v1alpha1"): + return KarpenterResource{ + GroupVersion: schema.GroupVersion{Group: "karpenter.k8s.oracle", Version: "v1alpha1"}, + Resource: "ocinodeclasses", + Kind: "OciNodeClass", + }, nil + + // gcp specific + case kind == "GCENodeClass" && strings.Contains(apiVersion, "karpenter.k8s.gcp/v1alpha1"): + return KarpenterResource{ + GroupVersion: schema.GroupVersion{Group: "karpenter.k8s.gcp", Version: "v1alpha1"}, + Resource: "gcenodeclasses", + Kind: "GCENodeClass", + }, nil + default: return KarpenterResource{}, fmt.Errorf("unsupported Karpenter resource: kind=%s, apiVersion=%s", kind, apiVersion) } diff --git a/internal/controller/collectionpolicy_controller.go b/internal/controller/collectionpolicy_controller.go index d6c5adc1..3ecd1fe0 100644 --- a/internal/controller/collectionpolicy_controller.go +++ b/internal/controller/collectionpolicy_controller.go @@ -209,8 +209,12 @@ type PolicyConfig struct { //+kubebuilder:rbac:groups=karpenter.sh,resources=machines,verbs=get;list;watch //+kubebuilder:rbac:groups=karpenter.sh,resources=nodepools,verbs=get;list;watch //+kubebuilder:rbac:groups=karpenter.sh,resources=nodeclaims,verbs=get;list;watch +//+kubebuilder:rbac:groups=karpenter.sh,resources=nodeoverlays,verbs=get;list;watch //+kubebuilder:rbac:groups=karpenter.k8s.aws,resources=awsnodetemplates,verbs=get;list;watch //+kubebuilder:rbac:groups=karpenter.k8s.aws,resources=ec2nodeclasses,verbs=get;list;watch +//+kubebuilder:rbac:groups=karpenter.azure.com,resources=aksnodeclasses,verbs=get;list;watch +//+kubebuilder:rbac:groups=karpenter.k8s.oracle,resources=ocinodeclasses,verbs=get;list;watch +//+kubebuilder:rbac:groups=karpenter.k8s.gcp,resources=gcenodeclasses,verbs=get;list;watch // CRD API Group resources //+kubebuilder:rbac:groups=apiextensions.k8s.io,resources=customresourcedefinitions,verbs=get;list;watch