feat: kosmosctl adds support for deploying CoreDNS

Signed-off-by: wangyizhi1 <[email protected]>

pkg/kosmosctl/install/install.go

@@ -39,6 +39,9 @@ var installExample = templates.Examples(i18n.T(`
 
 		# Install clustertree module to Kosmos control plane, e.g: 
         kosmosctl install -m clustertree
+
+		# Install coredns module to Kosmos control plane, e.g: 
+        kosmosctl install -m coredns
 `))
 
 type CommandInstallOptions struct {
@@ -131,6 +134,12 @@ func (o *CommandInstallOptions) Validate() error {
 func (o *CommandInstallOptions) Run() error {
 	klog.Info("Kosmos starts installing.")
 	switch o.Module {
+	case "coredns":
+		err := o.runCoredns()
+		if err != nil {
+			return err
+		}
+		util.CheckInstall("coredns")
 	case "clusterlink":
 		err := o.runClusterlink()
 		if err != nil {
@@ -213,7 +222,7 @@ func (o *CommandInstallOptions) runClusterlink() error {
 	}
 	klog.Info("ClusterRoleBinding clusterlink-network-manager has been created.")
 
-	klog.Info("Attempting to create kosmos-clusterlink knode CRDs...")
+	klog.Info("Attempting to create clusterlink CRDs...")
 	crds := apiextensionsv1.CustomResourceDefinitionList{}
 	clusterlinkCluster, err := util.GenerateCustomResourceDefinition(manifest.ClusterlinkCluster, manifest.ClusterlinkReplace{
 		Namespace: o.Namespace,
@@ -375,3 +384,128 @@ func (o *CommandInstallOptions) runClustertree() error {
 
 	return nil
 }
+
+func (o *CommandInstallOptions) runCoredns() error {
+	klog.Info("Start creating kosmos-coredns...")
+	namespace := &corev1.Namespace{}
+	namespace.Name = o.Namespace
+	_, err := o.Client.CoreV1().Namespaces().Create(context.TODO(), namespace, metav1.CreateOptions{})
+	if err != nil {
+		if !apierrors.IsAlreadyExists(err) {
+			return fmt.Errorf("kosmosctl install coredns run error, namespace options failed: %v", err)
+		}
+	}
+	klog.Infof("Namespace %s has been created.", o.Namespace)
+
+	klog.Info("Start creating kosmos-coredns ServiceAccount...")
+	sa, err := util.GenerateServiceAccount(manifest.CorednsServiceAccount, manifest.ServiceAccountReplace{
+		Namespace: o.Namespace,
+	})
+	if err != nil {
+		return err
+	}
+	_, err = o.Client.CoreV1().ServiceAccounts(o.Namespace).Create(context.TODO(), sa, metav1.CreateOptions{})
+	if err != nil {
+		if !apierrors.IsAlreadyExists(err) {
+			return fmt.Errorf("kosmosctl install coredns run error, serviceaccount options failed: %v", err)
+		}
+	}
+	klog.Infof("ServiceAccount %s has been created.", sa.Name)
+
+	klog.Info("Start creating kosmos-coredns ClusterRole...")
+	cRole, err := util.GenerateClusterRole(manifest.CorednsClusterRole, nil)
+	if err != nil {
+		return err
+	}
+	_, err = o.Client.RbacV1().ClusterRoles().Create(context.TODO(), cRole, metav1.CreateOptions{})
+	if err != nil {
+		if !apierrors.IsAlreadyExists(err) {
+			return fmt.Errorf("kosmosctl install coredns run error, clusterrole options failed: %v", err)
+		}
+	}
+	klog.Infof("ClusterRole %s has been created.", cRole.Name)
+
+	klog.Info("Start creating kosmos-coredns ClusterRoleBinding...")
+	crb, err := util.GenerateClusterRoleBinding(manifest.CorednsClusterRoleBinding, manifest.ClusterRoleBindingReplace{
+		Namespace: o.Namespace,
+	})
+	if err != nil {
+		return err
+	}
+	_, err = o.Client.RbacV1().ClusterRoleBindings().Create(context.TODO(), crb, metav1.CreateOptions{})
+	if err != nil {
+		if !apierrors.IsAlreadyExists(err) {
+			return fmt.Errorf("kosmosctl install coredns run error, clusterrolebinding options failed: %v", err)
+		}
+	}
+	klog.Infof("ClusterRoleBinding %s has been created.", crb.Name)
+
+	klog.Info("Start creating kosmos-coredns configmaps...")
+	coreFile, err := util.GenerateConfigMap(manifest.CorednsCorefile, manifest.ConfigmapReplace{
+		Namespace: o.Namespace,
+	})
+	_, err = o.Client.CoreV1().ConfigMaps(o.Namespace).Create(context.TODO(), coreFile, metav1.CreateOptions{})
+	if err != nil {
+		if !apierrors.IsAlreadyExists(err) {
+			return fmt.Errorf("kosmosctl install coredns coreFile run error, configmap options failed: %v", err)
+		}
+	}
+	klog.Info("ConfigMap corefile has been created.")
+
+	customerHosts, err := util.GenerateConfigMap(manifest.CorednsCustomerHosts, manifest.ConfigmapReplace{
+		Namespace: o.Namespace,
+	})
+	_, err = o.Client.CoreV1().ConfigMaps(o.Namespace).Create(context.TODO(), customerHosts, metav1.CreateOptions{})
+	if err != nil {
+		if !apierrors.IsAlreadyExists(err) {
+			return fmt.Errorf("kosmosctl install coredns customerHosts run error, configmap options failed: %v", err)
+		}
+	}
+	klog.Info("ConfigMap customerHosts has been created.")
+
+	klog.Info("Attempting to create coredns CRDs, coredns reuses clusterlink's cluster CRD")
+	crd, err := util.GenerateCustomResourceDefinition(manifest.ClusterlinkCluster, manifest.ClusterlinkReplace{
+		Namespace: o.Namespace,
+	})
+	_, err = o.ExtensionsClient.ApiextensionsV1().CustomResourceDefinitions().Create(context.Background(), crd, metav1.CreateOptions{})
+	if err != nil {
+		if !apierrors.IsAlreadyExists(err) {
+			return fmt.Errorf("kosmosctl install coredns run error, crd options failed: %v", err)
+		}
+	}
+	klog.Infof("Create CRD %s successful.", crd.Name)
+
+	klog.Info("Start creating kosmos-coredns Deployment...")
+	deploy, err := util.GenerateDeployment(manifest.CorednsDeployment, manifest.DeploymentReplace{
+		Namespace:       o.Namespace,
+		ImageRepository: o.ImageRegistry,
+	})
+	if err != nil {
+		return err
+	}
+	_, err = o.Client.AppsV1().Deployments(o.Namespace).Create(context.Background(), deploy, metav1.CreateOptions{})
+	if err != nil {
+		if !apierrors.IsAlreadyExists(err) {
+			return fmt.Errorf("kosmosctl install coredns run error, deployment options failed: %v", err)
+		}
+	}
+	if err = util.WaitDeploymentReady(o.Client, deploy, o.WaitTime); err != nil {
+		return fmt.Errorf("kosmosctl install coredns run error, deployment options failed: %v", err)
+	} else {
+		klog.Info("Deployment coredns has been created.")
+	}
+
+	klog.Info("Attempting to create coredns service...")
+	svc, err := util.GenerateService(manifest.CorednsService, manifest.ServiceReplace{
+		Namespace: o.Namespace,
+	})
+	_, err = o.Client.CoreV1().Services(o.Namespace).Create(context.Background(), svc, metav1.CreateOptions{})
+	if err != nil {
+		if !apierrors.IsAlreadyExists(err) {
+			return fmt.Errorf("kosmosctl install coredns run error, service options failed: %v", err)
+		}
+	}
+	klog.Infof("Create service %s successful.", svc.Name)
+
+	return nil
+}

pkg/kosmosctl/manifest/manifest_clusterrolebindings.go

@@ -63,6 +63,21 @@ subjects:
     name: clustertree-knode-manager
     namespace: {{ .Namespace }}
 `
+
+	CorednsClusterRoleBinding = `
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: kosmos-coredns
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: kosmos-coredns
+subjects:
+  - kind: ServiceAccount
+    name: coredns
+    namespace: {{ .Namespace }}
+`
 )
 
 type ClusterRoleBindingReplace struct {

pkg/kosmosctl/manifest/manifest_clusterroles.go

@@ -41,7 +41,6 @@ rules:
 `
 
 	ClusterTreeKnodeManagerClusterRole = `
----
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
@@ -53,4 +52,17 @@ rules:
   - nonResourceURLs: ['*']
     verbs: ["get"]
 `
+
+	CorednsClusterRole = `
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: kosmos-coredns
+rules:
+  - apiGroups: ['*']
+    resources: ['*']
+    verbs: ["*"]
+  - nonResourceURLs: ['*']
+    verbs: ["get"]
+`
 )

pkg/kosmosctl/manifest/manifest_configmaps.go

@@ -0,0 +1,47 @@
+package manifest
+
+const (
+	CorednsCorefile = `
+apiVersion: v1
+data:
+  Corefile: |
+    .:53 {
+        errors
+        health {
+            lameduck 5s
+        }
+        ready
+        kubernetes kosmos.local cluster.local in-addr.arpa ip6.arpa {
+            pods insecure
+            ttl 30
+        }
+        hosts /etc/add-hosts/customer-hosts . {
+            fallthrough kosmos.local cluster.local in-addr.arpa ip6.arpa
+        }
+        prometheus :9153
+        cache 30
+        reload
+        loadbalance
+    }
+kind: ConfigMap
+metadata:
+  name: coredns
+  namespace: {{ .Namespace }}
+`
+
+	CorednsCustomerHosts = `
+apiVersion: v1
+data:
+  customer-hosts: |
+    #customer-hosts
+    #10.10.10.10 myhost1
+kind: ConfigMap
+metadata:
+  name: coredns-customer-hosts
+  namespace: {{ .Namespace }}
+`
+)
+
+type ConfigmapReplace struct {
+	Namespace string
+}

pkg/kosmosctl/manifest/manifest_deployments.go

@@ -140,6 +140,125 @@ spec:
                 path: config
             name: host-kubeconfig
           name: config-volume
+`
+
+	CorednsDeployment = `
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    kosmos.io/app: coredns
+  name: coredns
+  namespace: {{ .Namespace }}
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 2
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      kosmos.io/app: coredns
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        kosmos.io/app: coredns
+    spec:
+      containers:
+        - args:
+            - -conf
+            - /etc/coredns/Corefile
+          image: {{ .ImageRepository }}/coredns:latest
+          imagePullPolicy: IfNotPresent
+          livenessProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /health
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 60
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          name: coredns
+          ports:
+            - containerPort: 53
+              name: dns
+              protocol: UDP
+            - containerPort: 53
+              name: dns-tcp
+              protocol: TCP
+            - containerPort: 9153
+              name: metrics
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /ready
+              port: 8181
+              scheme: HTTP
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 1
+          resources:
+            limits:
+              cpu: 2000m
+              memory: 2560Mi
+            requests:
+              cpu: 1000m
+              memory: 1280Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              add:
+                - NET_BIND_SERVICE
+              drop:
+                - all
+            readOnlyRootFilesystem: true
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /etc/coredns
+              name: config-volume
+              readOnly: true
+            - mountPath: /etc/add-hosts
+              name: customer-hosts
+              readOnly: true
+      dnsPolicy: Default
+      priorityClassName: system-cluster-critical
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      serviceAccount: coredns
+      serviceAccountName: coredns
+      terminationGracePeriodSeconds: 30
+      affinity:
+        podAntiAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            - labelSelector:
+                matchLabels:
+                  kosmos.io/app: coredns
+              topologyKey: kubernetes.io/hostname
+      volumes:
+        - configMap:
+            defaultMode: 420
+            items:
+              - key: Corefile
+                path: Corefile
+            name: coredns
+          name: config-volume
+        - configMap:
+            defaultMode: 420
+            items:
+              - key: customer-hosts
+                path: customer-hosts
+            name: coredns-customer-hosts
+          name: customer-hosts
+
 `
 )
 

pkg/kosmosctl/manifest/manifest_serviceaccounts.go

@@ -32,6 +32,14 @@ metadata:
   name: clustertree-knode-manager
   namespace: {{ .Namespace }}
 `
+
+	CorednsServiceAccount = `
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: coredns
+  namespace: {{ .Namespace }}
+`
 )
 
 type ServiceAccountReplace struct {