Skip to content

[SPLAT-594] vSphere: add zonal spec to infrastructure object #1199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
jcpowermac wants to merge 5 commits into from
Closed

[SPLAT-594] vSphere: add zonal spec to infrastructure object #1199

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
2285e5f
vSphere: add zonal spec to infrastructure
jcpowermac May 17, 2022
e033120
removal of hostgroup topology option
jcpowermac Aug 26, 2022
588bfcf
complete removal of hostgroup option; removed tag category option
jcpowermac Aug 29, 2022
353667b
make controlplane required
jcpowermac Aug 29, 2022
9ef3ea9
comment changes
jcpowermac Aug 29, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1,693 changes: 1,140 additions & 553 deletions config/v1/0000_10_config-operator_01_infrastructure.crd.yaml
View file
Open in desktop

Large diffs are not rendered by default.

24 changes: 24 additions & 0 deletions config/v1/0000_10_config-operator_01_infrastructure.crd.yaml-patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
- op: add
path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/vcenters/items/properties/server/anyOf
value:
- format: ipv4
- format: ipv6
- format: hostname
- op: add
path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/deploymentZones/items/properties/server/anyOf
value:
- format: ipv4
- format: ipv6
- format: hostname
- op: add
path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/nodeNetworking/properties/external/properties/excludeNetworkSubnetCidr/items/format
value: cidr
- op: add
path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/nodeNetworking/properties/external/properties/networkSubnetCidr/items/format
value: cidr
- op: add
path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/nodeNetworking/properties/internal/properties/excludeNetworkSubnetCidr/items/format
value: cidr
- op: add
path: /spec/versions/name=v1/schema/openAPIV3Schema/properties/spec/properties/platformSpec/properties/vsphere/properties/nodeNetworking/properties/internal/properties/networkSubnetCidr/items/format
value: cidr
Comment on lines +13 to +24
Copy link
Copy Markdown
Contributor

@JoelSpeed JoelSpeed Aug 9, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you only have one format, can this not be kubebuilder:validation:Format:=cidr?

Copy link
Copy Markdown
Contributor Author

@jcpowermac jcpowermac Aug 9, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For some reason kubebuilder adds the format not under items.
Unsure its a bug or a me problem.

224 changes: 222 additions & 2 deletions config/v1/types_infrastructure.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -600,9 +600,229 @@ type OvirtPlatformStatus struct {
NodeDNSIP string `json:"nodeDNSIP,omitempty"`
}

// VSpherePlatformFailureDomainSpec holds the region and zone failure domain and
// the vCenter topology of that failure domain.
type VSpherePlatformFailureDomainSpec struct {
// name defines the name of the VSpherePlatformFailureDomainSpec
// This name is arbitrary but will be used
// in VSpherePlatformDeploymentZone for association.
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
Name string `json:"name"`

// region defines the name of a region tag that will
// be attached to a vCenter datacenter
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=80
// +kubebuilder:validation:Required
Region string `json:"region"`

// zone defines the name of a zone tag that will
// be attached to a vCenter cluster
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=80
// +kubebuilder:validation:Required
Zone string `json:"zone"`

// Topology describes a given failure domain using vSphere constructs
// +kubebuilder:validation:Required
Topology VSpherePlatformTopology `json:"topology"`
}

// VSpherePlatformTopology holds the required and optional vCenter objects - datacenter,
// computeCluster, networks, datastore and resourcePool - to provision virtual machines.
type VSpherePlatformTopology struct {
// datacenter is the vCenter datacenter in which virtual machines will be located.
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=80
Datacenter string `json:"datacenter"`

// computeCluster is the vCenter cluster in which virtual machine will be located.
// This value is required to be a path.
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=2048
ComputeCluster string `json:"computeCluster,omitempty"`
Comment thread
jcpowermac marked this conversation as resolved.

// networks is the list of port group network names within this failure domain.
// Currently, we only support a single interface per RHCOS virtual machine.
Comment on lines +649 to +650
Copy link
Copy Markdown
Contributor

@JoelSpeed JoelSpeed Aug 9, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is an expected value here?

Copy link
Copy Markdown
Contributor Author

@jcpowermac jcpowermac Aug 9, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

port group name

@rvanderp3 @bostrt do you think this should be a path?

Copy link
Copy Markdown
Contributor

@rvanderp3 rvanderp3 Aug 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i don't think a path is required here. the network is looked up relative to the associated datacenter and cluster.

Copy link
Copy Markdown
Contributor

@JoelSpeed JoelSpeed Aug 24, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

An example of an expected value is useful for godocs

// The available networks (port groups) can be listed using
// govc ls 'network/*'
// +kubebuilder:validation:Required
// +kubebuilder:validation:MaxItems=1
// +kubebuilder:validation:MinItems=1
Networks []string `json:"networks,omitempty"`

// datastore is the name or inventory path of the datastore in which the
// virtual machine is created/located.
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=2048
Datastore string `json:"datastore,omitempty"`
Comment thread
jcpowermac marked this conversation as resolved.
}

// VSpherePlatformVCenterSpec stores the vCenter connection fields.
// This is used by the vSphere CCM.
type VSpherePlatformVCenterSpec struct {

// server is the fully-qualified domain name or the IP address of the vCenter server.
// +kubebuilder:validation:Required
// +kubebuilder:validation:MaxLength=255
Copy link
Copy Markdown
Contributor

@JoelSpeed JoelSpeed Jun 22, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is 255 characters enough for a FQDN? Can we add a regex for this per chance? Is this the common Kubernetes dns1123 style FQDN validation maybe?

Copy link
Copy Markdown
Contributor Author

@jcpowermac jcpowermac Jul 28, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is what I found when I googled previously:

vCenter runs on linux...

sso-user@vcs8e-vc [ ~ ]$ getconf HOST_NAME_MAX
64
sso-user@vcs8e-vc [ ~ ]$ cat /etc/hostname
vcs8e-vc.ocp2.dev.cluster.com
sso-user@vcs8e-vc [ ~ ]$ cat /etc/hostname | wc
      1       1      30
sso-user@vcs8e-vc [ ~ ]$

and I am not entirely sure VMware follows any RFCs on naming
openshift/installer#4708
openshift/installer#5367

vSphere vCenter naming limits
https://williamlam.com/2021/04/updated-character-limits-for-vsphere-objects.html

Copy link
Copy Markdown
Contributor Author

@jcpowermac jcpowermac Aug 4, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@JoelSpeed added Format for ipv4,ipv6,hostname similar to what the network team has done.

Tested using kcp trying to set server to 1.1.1.1.1111

# infrastructures.config.openshift.io "cluster" was not valid:
# * <nil>: Invalid value: "": "spec.platformSpec.vsphere.vcenters[0].server" must validate at least one schema (anyOf)
# * spec.platformSpec.vsphere.vcenters[0].server: Invalid value: "1.1.1.1111": spec.platformSpec.vsphere.vcenters[0].server in body must be of type ipv4: "1.1.1.1111"
#

Server string `json:"server"`

// port is the TCP port that will be used to communicate to
// the vCenter endpoint.
// When omitted, this means the user has no opinion and
// it is up to the platform to choose a sensible default,
// which is subject to change over time.
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=32767
Comment thread
jcpowermac marked this conversation as resolved.
// +optional
Port int32 `json:"port,omitempty"`

// The vCenter Datacenters in which the RHCOS
// vm guests are located. This field will
// be used by the Cloud Controller Manager.
// Each datacenter listed here should be used within
// a topology.
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinItems=1
Datacenters []string `json:"datacenters"`
}

// VSpherePlatformPlacementConstraint is the context information for VM placements within a failure domain
type VSpherePlatformPlacementConstraint struct {
// resourcePool is the absolute path of the resource pool where virtual machines will be
// created. The absolute path is of the form /<datacenter>/host/<cluster>/Resources/<resourcepool>.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=2048
// +kubebuilder:validation:Pattern=`^/.*?/host/.*?/Resources.*`
// +optional
ResourcePool string `json:"resourcePool,omitempty"`
Copy link
Copy Markdown
Member

@gnufied gnufied Aug 26, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So this was something that is not configurable before and now it is. Can the values here conflict with folder optional below? If unspecified - the system picks a default ?

Copy link
Copy Markdown
Contributor Author

@jcpowermac jcpowermac Aug 26, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ResourcePool is configurable
https://github.com/openshift/installer/blob/release-4.11/pkg/types/vsphere/platform.go#L42-L44


// folder is the name or inventory path of the folder in which the
// virtual machine is created/located.
Comment thread
jcpowermac marked this conversation as resolved.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=2048
// +optional
Folder string `json:"folder,omitempty"`
}

// VSpherePlatformDeploymentSuitable
// +kubebuilder:validation:Enum=Allowed;Disallowed
type VSpherePlatformDeploymentSuitable string

const (
// Allowed indicates that the Deployment Zone is suitable for
// control plane nodes.
Allowed VSpherePlatformDeploymentSuitable = "Allowed"

// Disallowed indicates that the Deployment Zone is not suitable for
// control plane nodes.
Disallowed VSpherePlatformDeploymentSuitable = "Disallowed"
)

// VSpherePlatformDeploymentZone holds the association between a
// vCenter, failure domain and the virtual machine placementConstraints
type VSpherePlatformDeploymentZone struct {
// name defines the VSpherePlatformDeploymentZoneSpec name.
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
// +kubebuilder:validation:Required
Name string `json:"name"`

// server is the fully-qualified domain name or the IP address of the vCenter server.
Comment thread
jcpowermac marked this conversation as resolved.
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=255
Server string `json:"server"`

// failureDomain is the name of the VSphereFailureDomain used for this VSphereDeploymentZone
// +kubebuilder:validation:Required
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=256
FailureDomain string `json:"failureDomain"`

// ControlPlane determines if this failure domain is suitable for use by control plane machines.
// There is three valid options: Allowed and Disallowed.
// +kubebuilder:validation:Required
ControlPlane VSpherePlatformDeploymentSuitable `json:"controlPlane"`

// PlacementConstraint encapsulates the placement constraints
// used within this deployment zone.
// +optional
PlacementConstraint VSpherePlatformPlacementConstraint `json:"placementConstraint"`
}

// VSpherePlatformNodeNetworkingSpec holds the network CIDR(s) and port group name for
// including and excluding IP ranges in the cloud provider.
// This would be used for example when multiple network adapters are attached to
// a guest to help determine which IP address the cloud config manager should use
// for the external and internal node networking.
type VSpherePlatformNodeNetworkingSpec struct {
// networkSubnetCidr IP address on VirtualMachine's network interfaces included in the fields' CIDRs
// that will be used in respective status.addresses fields.
// +optional
NetworkSubnetCIDR []string `json:"networkSubnetCidr,omitempty"`

// network VirtualMachine's VM Network names that will be used to when searching
// for status.addresses fields. Note that if internal.networkSubnetCIDR and
// external.networkSubnetCIDR are not set, then the vNIC associated to this network must
// only have a single IP address assigned to it.
// The available networks (port groups) can be listed using
// govc ls 'network/*'
// +optional
Network string `json:"network,omitempty"`

// excludeNetworkSubnetCidr IP addresses in subnet ranges will be excluded when selecting
// the IP address from the VirtualMachine's VM for use in the status.addresses fields.
// +optional
ExcludeNetworkSubnetCIDR []string `json:"excludeNetworkSubnetCidr,omitempty"`
}

// VSpherePlatformNodeNetworking holds the external and internal node networking spec.
type VSpherePlatformNodeNetworking struct {
// external represents the VSpherePlatformNodeNetworkingSpec of the node that is externally routable.
// +optional
External VSpherePlatformNodeNetworkingSpec `json:"external"`
// internal represents the VSpherePlatformNodeNetworkingSpec of the node that is routable only within the cluster.
// +optional
Internal VSpherePlatformNodeNetworkingSpec `json:"internal"`
}

// VSpherePlatformSpec holds the desired state of the vSphere infrastructure provider.
// This only includes fields that can be modified in the cluster.
type VSpherePlatformSpec struct{}
// In the future the cloud provider operator, storage operator and machine operator will
// use these fields for configuration.
type VSpherePlatformSpec struct {
// vcenters holds the connection details for services to communicate with vCenter.
Comment thread
jcpowermac marked this conversation as resolved.
// Currently, only a single vCenter is supported.
// +kubebuilder:validation:MaxItems=1
// +kubebuilder:validation:MinItems=0
// +optional
VCenters []VSpherePlatformVCenterSpec `json:"vcenters,omitempty"`

// deploymentZones holds the association between vcenter, failure domains
// and vcenter placement for virtual machines.
// +optional
DeploymentZones []VSpherePlatformDeploymentZone `json:"deploymentZones,omitempty"`

// failureDomains holds the VSpherePlatformFailureDomainSpec which contains
// the definition of region, zone and the vCenter topology.
// If this is omitted failure domains (regions and zones) will not be used.
// +optional
FailureDomains []VSpherePlatformFailureDomainSpec `json:"failureDomains,omitempty"`

// nodeNetworking holds the VSpherePlatformNodeNetworking which contains
// the definition of internal and external network constraints for
// assigning the node's networking.
// If this field is omitted, networking defaults to the legacy
// address selection behavior which is to only support a single address and
// return the first one found.
// +optional
NodeNetworking VSpherePlatformNodeNetworking `json:"nodeNetworking,omitempty"`
}

// VSpherePlatformStatus holds the current status of the vSphere infrastructure provider.
type VSpherePlatformStatus struct {
Expand Down
Loading