Remove host network (#205)

* allow to use hostNetwork pods
* regenerate code and manifests
* move hostNetwork under spec->network
* test adding weight of 100 (assuming each of pod affinity and anti affinity add to 100

Also add documentation to custom-resource-definition.md and
move pode affinity generation into own function. Update associated
python sdk and add test. I am too afraid to run this with hostNetwork
on my local machine.

Co-authored-by: Antonio Ojea <[email protected]>

Author: vsoch

controllers/flux/job.go

@@ -71,46 +71,7 @@ func NewMiniClusterJob(cluster *api.MiniCluster) (*batchv1.Job, error) {
 					ImagePullSecrets:      getImagePullSecrets(cluster),
 					ServiceAccountName:    cluster.Spec.Pod.ServiceAccountName,
 					NodeSelector:          cluster.Spec.Pod.NodeSelector,
-					Affinity: &corev1.Affinity{
-						// Prefer to schedule pods on the same zone
-						PodAffinity: &corev1.PodAffinity{
-							PreferredDuringSchedulingIgnoredDuringExecution: []corev1.WeightedPodAffinityTerm{
-								{
-									PodAffinityTerm: corev1.PodAffinityTerm{
-										LabelSelector: &metav1.LabelSelector{
-											MatchExpressions: []metav1.LabelSelectorRequirement{
-												{
-													Key:      podLabelAppName, // added in getPodLabels
-													Operator: metav1.LabelSelectorOpIn,
-													Values:   []string{cluster.Name},
-												},
-											},
-										},
-										TopologyKey: "topology.kubernetes.io/zone",
-									},
-								},
-							},
-						},
-						// Prefer to schedule pods on different nodes
-						PodAntiAffinity: &corev1.PodAntiAffinity{
-							PreferredDuringSchedulingIgnoredDuringExecution: []corev1.WeightedPodAffinityTerm{
-								{
-									PodAffinityTerm: corev1.PodAffinityTerm{
-										LabelSelector: &metav1.LabelSelector{
-											MatchExpressions: []metav1.LabelSelectorRequirement{
-												{
-													Key:      podLabelAppName, // added in getPodLabels
-													Operator: metav1.LabelSelectorOpIn,
-													Values:   []string{cluster.Name},
-												},
-											},
-										},
-										TopologyKey: "kubernetes.io/hostname",
-									},
-								},
-							},
-						},
-					},
+					Affinity:              getAffinity(cluster),
 				},
 			},
 		},
@@ -137,6 +98,54 @@ func NewMiniClusterJob(cluster *api.MiniCluster) (*batchv1.Job, error) {
 	return job, err
 }
 
+// getAffinity returns to pod affinity to ensure 1 address / node
+func getAffinity(cluster *api.MiniCluster) *corev1.Affinity {
+	return &corev1.Affinity{
+		// Prefer to schedule pods on the same zone
+		PodAffinity: &corev1.PodAffinity{
+			PreferredDuringSchedulingIgnoredDuringExecution: []corev1.WeightedPodAffinityTerm{
+				{
+					Weight: 100,
+					PodAffinityTerm: corev1.PodAffinityTerm{
+						LabelSelector: &metav1.LabelSelector{
+							MatchExpressions: []metav1.LabelSelectorRequirement{
+								{
+									// added in getPodLabels
+									Key:      podLabelAppName,
+									Operator: metav1.LabelSelectorOpIn,
+									Values:   []string{cluster.Name},
+								},
+							},
+						},
+						TopologyKey: "topology.kubernetes.io/zone",
+					},
+				},
+			},
+		},
+		// Prefer to schedule pods on different nodes
+		PodAntiAffinity: &corev1.PodAntiAffinity{
+			PreferredDuringSchedulingIgnoredDuringExecution: []corev1.WeightedPodAffinityTerm{
+				{
+					Weight: 100,
+					PodAffinityTerm: corev1.PodAffinityTerm{
+						LabelSelector: &metav1.LabelSelector{
+							MatchExpressions: []metav1.LabelSelectorRequirement{
+								{
+									// added in getPodLabels
+									Key:      podLabelAppName,
+									Operator: metav1.LabelSelectorOpIn,
+									Values:   []string{cluster.Name},
+								},
+							},
+						},
+						TopologyKey: "kubernetes.io/hostname",
+					},
+				},
+			},
+		},
+	}
+}
+
 // getImagePullSecrets returns a list of secret object references for each container.
 func getImagePullSecrets(cluster *api.MiniCluster) []corev1.LocalObjectReference {
 	pullSecrets := []corev1.LocalObjectReference{}

docs/getting_started/custom-resource-definition.md

@@ -287,6 +287,19 @@ If you want to disable this cleanup:
 If you are streaming the logs with `kubectl logs` the steam would stop when the broker pod is completed,
 so typically you will get the logs as long as you are streaming when the job starts running.
 
+### network
+
+The network section exposes networking options for the Flux MiniCluster.
+
+#### headlessName
+
+Change the default headless service name (defaults to `flux-service`).
+
+```yaml
+network:
+  headlessName: my-network
+```
+
 ### flux
 
 Settings under the Flux directive typically refer to flux options, e.g., for the broker or similar.

examples/tests/hello-world/00-hello-world.yaml

@@ -14,6 +14,7 @@ and **Merged pull requests**. Critical items to know are:
 The versions coincide with releases on pip. Only major versions will be released as tags on Github.
 
 ## [0.0.x](https://github.com/flux-framework/flux-operator/tree/main/sdk/python/v2alpha1) (0.0.x)
+ - support for pod affinity/anti-affinity (0.1.1)
  - first release alongside flux operator (0.1.0)
  - support for bursting and curve cert as a secret (0.0.31)
  - support for simple bursting (0.0.3)