merge from https://github.com/chendave/kubeadm-operator

Dockerfile

@@ -1,12 +1,13 @@
 # Build the manager binary
-FROM docker.m.daocloud.io/golang:1.18.1 as builder
+FROM golang:1.12.5 as builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
 COPY go.mod go.mod
 COPY go.sum go.sum
 # cache deps before building and copying source so that we don't need to re-download as much
 # and so that source changes don't invalidate our downloaded layer
+RUN apt update && apt install ca-certificates libgnutls30 -y
 RUN go mod download
 
 # Copy the go source
@@ -22,21 +23,11 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager
 
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details
-# distroless cannot run `kubeadm upgrade apply` smoothly
-# FROM gcr.m.daocloud.io/distroless/static:nonroot
-FROM docker.m.daocloud.io/ubuntu
-RUN apt-get update -q -y && apt-get install -q -y curl systemd && apt clean all
-RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in ; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done);
-RUN rm -rf /lib/systemd/system/multi-user.target.wants/;
-RUN rm -rf /etc/systemd/system/.wants/;
-RUN rm -rf /lib/systemd/system/local-fs.target.wants/;
-RUN rm -rf /lib/systemd/system/sockets.target.wants/udev;
-RUN rm -rf /lib/systemd/system/sockets.target.wants/initctl;
-RUN rm -rf /lib/systemd/system/basic.target.wants/;
-RUN rm -rf /lib/systemd/system/anaconda.target.wants/*;
-
+# Use debian-base instead since unable to overwrite the file on the host with distroless
+#FROM gcr.io/distroless/static:nonroot
+FROM k8s.gcr.io/debian-base:v1.0.0
 WORKDIR /
 COPY --from=builder /workspace/manager .
-# USER nonroot:nonroot
+#USER nonroot:nonroot
 
 ENTRYPOINT ["/manager"]

Dockerfile.debug

@@ -0,0 +1,33 @@
+# Build the manager binary
+FROM golang:1.12.5 as builder
+
+WORKDIR /workspace
+# Copy the Go Modules manifests
+COPY go.mod go.mod
+COPY go.sum go.sum
+# cache deps before building and copying source so that we don't need to re-download as much
+# and so that source changes don't invalidate our downloaded layer
+RUN apt update && apt install ca-certificates libgnutls30 -y
+RUN go mod download
+
+# Copy the go source
+COPY main.go main.go
+COPY api/ api/
+COPY commands/ commands/
+COPY controllers/ controllers/
+COPY errors/ errors/
+COPY operations/ operations/
+
+# Build
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go
+
+# Use distroless as minimal base image to package the manager binary
+# Refer to https://github.com/GoogleContainerTools/distroless for more details
+# Use debian-base instead since unable to overwrite the file on the host with distroless
+#FROM gcr.io/distroless/python3-debian11:debug
+FROM k8s.gcr.io/debian-base:v1.0.0
+WORKDIR /
+COPY --from=builder /workspace/manager .
+#USER nonroot:nonroot
+
+ENTRYPOINT ["/manager"]

Makefile

@@ -1,8 +1,8 @@
 
 # Image URL to use all building/pushing image targets
-IMG ?= daocloud.io/daocloud/kubeadm-operator:v0.0.5-dev
+IMG ?= controller:latest
 # Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
-CRD_OPTIONS ?= "crd"
+#CRD_OPTIONS ?= "crd:trivialVersions=true"
 
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
@@ -32,15 +32,18 @@ install: manifests
 # Deploy controller in the configured Kubernetes cluster in ~/.kube/config
 deploy: manifests
 	cd config/manager && kustomize edit set image controller=${IMG}
-	kustomize build config/default | kubectl apply -f -
+	kustomize build config/default | kubectl create -f -
 
-undeploy: manifests
+debug: manifests
 	cd config/manager && kustomize edit set image controller=${IMG}
-	kustomize build config/default | kubectl delete -f -
+	kustomize build config/debug | kubectl create -f -
+
+baremetal:
+	go run manager --mode=manager --manager-pod=baremetal --manager-namespace=operator-system --agent-image=jungler/controller:latest --agent-metrics-rbac=false
 
 # Generate manifests e.g. CRD, RBAC etc.
 manifests: controller-gen
-	$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
+	$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases
 
 # Run go fmt against code
 fmt:
@@ -58,17 +61,19 @@ generate: controller-gen
 docker-build: test
 	docker build . -t ${IMG}
 
+docker-build-debug: test
+	docker build -f Dockerfile.debug . -t ${IMG}
+
 # Push the docker image
 docker-push:
 	docker push ${IMG}
 
-release: docker-build docker-push
-
 # find or download controller-gen
 # download controller-gen if necessary
 controller-gen:
 ifeq (, $(shell which controller-gen))
-	go install sigs.k8s.io/controller-tools/cmd/[email protected]
+	#go get sigs.k8s.io/controller-tools/cmd/[email protected]
+	go get sigs.k8s.io/controller-tools/cmd/[email protected]
 CONTROLLER_GEN=$(GOBIN)/controller-gen
 else
 CONTROLLER_GEN=$(shell which controller-gen)

README.md

@@ -3,68 +3,6 @@
 The kubeadm-operator is an experimental project, still WIP.
 Do not use in production.
 
-See [KEP](https://git.k8s.io/enhancements/keps/sig-cluster-lifecycle/kubeadm/2505-Kubeadm-operator) for more details.
+See [KEP](https://git.k8s.io/enhancements/keps/sig-cluster-lifecycle/kubeadm/20190916-kubeadm-operator.md) for more details.
 
-## Quick Start
-
-Configure kubeconfig for your cluster.
-
-```
-git clone [email protected]:pacoxu/kubeadm-operator.git
-cd kubeadm-operator
-make install
-make deploy
-```
-
-## Demo 
-
-After installation, a deploy named `operator-controller-manager` is running in namespace `operator-system`.
-```
-[root@daocloud ~]# kubectl get pod -n operator-system -o wide
-NAME                                          READY   STATUS    RESTARTS   AGE   IP               NODE       NOMINATED NODE   READINESS GATES
-operator-controller-manager-64c448f5b-p682x   2/2     Running   0          77m   172.32.230.197   daocloud   <none>           <none>
-```
-
-If you create a dry-run upgrade operation, there will be a runtimetaqskgroup with 
-
-```
-[root@daocloud ~]# cat up.yaml
-apiVersion: operator.kubeadm.x-k8s.io/v1alpha1
-kind: Operation
-metadata:
-  name: upgrade-1
-spec:
-  executionMode: DryRun
-  upgrade:
-    kubernetesVersion: v1.23.4
-
-[root@daocloud ~]# kubectl get runtimetaskgroup -w
-NAME                        PHASE     NODES   SUCCEEDED   FAILED
-upgrade-1-01-upgrade-cp-1   Running   1
-upgrade-1-01-upgrade-cp-1   Succeeded   1       1
-upgrade-1-02-upgrade-cp-n
-upgrade-1-02-upgrade-cp-n   Running
-upgrade-1-02-upgrade-cp-n   Succeeded
-upgrade-1-02-upgrade-w
-upgrade-1-02-upgrade-w      Running
-upgrade-1-02-upgrade-w      Succeeded
-upgrade-1-02-upgrade-w      Succeeded    
-```
-
-After the operation is done, the operation and task group are all `Succeeded`.
-
-```
-[root@daocloud ~]# kubectl get operations
-NAME        PHASE       GROUPS   SUCCEEDED   FAILED
-upgrade-1   Succeeded   3        3
-[root@daocloud ~]# kubectl get runtimetaskgroup
-NAME                        PHASE       NODES   SUCCEEDED   FAILED
-upgrade-1-01-upgrade-cp-1   Succeeded   1       1
-upgrade-1-02-upgrade-cp-n   Succeeded
-upgrade-1-02-upgrade-w      Succeeded
-[root@daocloud ~]# kubectl get runtimetask
-NAME                                 PHASE       STARTTIME   COMMAND   COMPLETIONTIME
-upgrade-1-01-upgrade-cp-1-daocloud   Succeeded   75m         3/3       75m
-
-
-```
+NOTE: original author is: fabriziopandini