Support Kubernetes 1.35

Author: dud225

.github/workflows/ci.yaml

@@ -13,162 +13,105 @@ on:
 jobs:
   build:
     name: Build
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     steps:
-      - name: Checkout
-        uses: actions/checkout@v3
+      - uses: actions/checkout@v6
         with:
+          # needed for git describe --tags
           fetch-depth: 0
-      - name: Set up Go 1.20
-        id: go
-        uses: actions/setup-go@v2
-        with:
-          go-version: 1.20.4
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: crazy-max/ghaction-docker-buildx@v1
+      - uses: actions/setup-go@v6
         with:
-          buildx-version: latest
-          qemu-version: latest
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
+          go-version-file: 'go.mod'
+      - uses: docker/setup-buildx-action@v3
+      - uses: docker/login-action@v4
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Available platforms
-        run: echo ${{ steps.buildx.outputs.platforms }}
       - name: Build images
         run: |
           set -x
-          git fetch origin
           tag="$(git describe --tags)"
-          echo "building images..."
+
+          echo "Build controller image"
           go mod vendor
-          echo "docker build -t ghcr.io/kilnfi/carina:controller-${tag} . "
-          docker build -t "ghcr.io/kilnfi/carina:controller-${tag}" .
+          docker build \
+            --cache-from type=gha \
+            --cache-to type=gha,mode=max \
+            -t "ghcr.io/kilnfi/carina:controller-${tag}" .
+
+          echo "Build scheduler image"
           cd scheduler
           go mod vendor
-          echo "docker build -t ghcr.io/kilnfi/carina:scheduler-${tag} ."
-          docker build -t "ghcr.io/kilnfi/carina:scheduler-${tag}" .
+          docker build \
+            --cache-from type=gha \
+            --cache-to type=gha,mode=max \
+            -t "ghcr.io/kilnfi/carina:scheduler-${tag}" .
       # Interactive debug
-      #- name: Setup tmate session
-      #  uses: mxschmitt/action-tmate@v3
-      #  with:
-      #    detached: true
+      - name: Setup tmate session
+        uses: mxschmitt/action-tmate@v3
+        with:
+          detached: true
+      - name: Create KinD cluster
+        if: github.ref_name != 'main'
+        uses: helm/kind-action@v1.14.0
+        with:
+          cluster_name: kind
       - name: Test Kubernetes
-        if: github.ref != 'refs/heads/main'
+        if: github.ref_name != 'main'
         run: |
           set -x
-          exec 2>&1
-          git fetch origin
           tag="$(git describe --tags)"
+          kind load docker-image "ghcr.io/kilnfi/carina:controller-${tag}" "ghcr.io/kilnfi/carina:scheduler-${tag}"
 
-          # Cluster
-          curl -s -L -o k3s https://github.com/k3s-io/k3s/releases/download/v1.32.3%2Bk3s1/k3s
-          chmod +x k3s
-          sudo ./k3s server --disable coredns,servicelb,traefik,metrics-server --write-kubeconfig "$(pwd)/kubeconfig" --write-kubeconfig-mode 777 > k3s_log 2>&1 &
-          export KUBECONFIG="$(pwd)/kubeconfig"
-          # Wait init
-          while true; do ./k3s kubectl get deploy -n kube-system local-path-provisioner && break; sleep 5; done
-          docker save "ghcr.io/kilnfi/carina:scheduler-${tag}" "ghcr.io/kilnfi/carina:controller-${tag}" | sudo ./k3s ctr image import -
-
-          # Debug output
-          debug() {
-            set +e
-            ./k3s kubectl get po -A
-            ./k3s kubectl get pvc -A
-            ./k3s kubectl get nodestorageresource -A -o yaml
-            ./k3s kubectl logs -n carina --tail=200 -l app.kubernetes.io/instance=carina-csi-driver --all-containers=true
-            ./k3s kubectl get po -n carina -o yaml > carina_pods_log 2>&1
-            ./k3s kubectl logs -n carina --tail=10000 -l app.kubernetes.io/instance=carina-csi-driver --all-containers=true > carina_log 2>&1
-            #tail -200 k3s_log
-          }
-          trap debug EXIT
-
-          # Carina install
-          ./k3s kubectl create ns carina
-          sed -i -e 's/__TAG__/'"${tag}"'/' .github/kiln-values.yaml
-          helm upgrade --install -n carina carina-csi-driver charts/ -f .github/kiln-values.yaml
+          # Install carina without a device first — we need the carina-node
+          # daemonset running to create a fake block device inside it.
+          sed -i -e "s/__TAG__/${tag}/" .github/kiln-values.yaml
+          helm upgrade --install --create-namespace -n carina carina-csi-driver charts/ -f .github/kiln-values.yaml --wait --timeout=20m
 
-          # Wait deploy
-          ./k3s kubectl rollout status -n carina --watch --timeout=200s ds/csi-carina-node
-          ./k3s kubectl wait po -n carina -l app=csi-carina-node --for=condition=ready --timeout=200s
+          # Create a 12G loopback device inside carina-node to simulate a disk,
+          # then re-install with the device configured and initialize LVM on it.
+          kubectl wait pod -n carina -l app=csi-carina-node --for=condition=ready --timeout=120s
+          device="$(kubectl exec -t -n carina ds/csi-carina-node -c csi-carina-node -- \
+            sh -c 'truncate --size=12G /tmp/disk.device; losetup --show -f /tmp/disk.device')"
+          sed -i -e "s/__DEVICE__/${device#/dev/}/" .github/kiln-values.yaml
+          kubectl exec -t -n carina ds/csi-carina-node -c csi-carina-node -- \
+            sh -c "pvcreate ${device}"
+          helm upgrade --install -n carina carina-csi-driver charts/ -f .github/kiln-values.yaml --wait --timeout=200s
 
-          # Update device
-          device=$(./k3s kubectl exec -t -n carina ds/csi-carina-node -c csi-carina-node -- sh -c 'truncate --size=12G /tmp/disk.device; losetup --show -f /tmp/disk.device')
-          sed -i -e 's/__DEVICE__/'"${device#/dev/}"'/' .github/kiln-values.yaml
-          helm upgrade --install -n carina carina-csi-driver charts/ -f .github/kiln-values.yaml
-
-          # Refresh
-          sleep 60
-          ./k3s kubectl rollout restart -n carina deployment carina-csi-driver-carina-scheduler
-          ./k3s kubectl rollout restart -n carina deployment csi-carina-controller
-          ./k3s kubectl exec -t -n carina ds/csi-carina-node -c csi-carina-node -- sh -c 'pvcreate '"${device}"'; kill 1'
-
-          # Test
-          helm test -n carina carina-csi-driver
-          ./k3s kubectl wait -n carina --for=jsonpath='{.status.phase}'=Bound pvc/carina-vg-ssd-testpvc --timeout=500s
-          ./k3s kubectl wait -n carina --for=condition=ready po -l storageclass=carina-vg-ssd --timeout=500s
-
-
-          # Test filter logging
-          ./k3s kubectl taint nodes -l node-role.kubernetes.io/control-plane=true test=off:NoSchedule
-          ./k3s kubectl delete po -n carina -l storageclass=carina-vg-ssd
-          sleep 30
-          grep "Filter plugin unsuccessfull on node" < <(./k3s kubectl logs -n carina --tail=10000 -l app.kubernetes.io/instance=carina-csi-driver --all-containers=true)
-      - name: 'Upload Artifact'
-        uses: actions/upload-artifact@v4
+          # Run the helm test — creates a PVC and a pod that uses carina storage.
+          helm test -n carina carina-csi-driver --timeout=500s
+      - name: Waot
         if: always()
-        with:
-          name: k3s_log
-          path: k3s_log
-          retention-days: 5
-      - name: 'Upload Artifact'
-        uses: actions/upload-artifact@v4
-        if: always()
-        with:
-          name: carina_log
-          path: carina_log
-          retention-days: 5
-      - name: 'Upload Artifact'
-        uses: actions/upload-artifact@v4
-        if: always()
-        with:
-          name: carina_pods_log
-          path: carina_pods_log
-          retention-days: 5
+        run: sleep 20m
       - name: Push image
-        if: github.ref == 'refs/heads/main' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
+        if: github.ref_name == 'main' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
         run: |
           set -x
-          git fetch origin
           tag="$(git describe --tags)"
 
           docker push "ghcr.io/kilnfi/carina:controller-${tag}"
           docker push "ghcr.io/kilnfi/carina:scheduler-${tag}"
 
   helm:
     name: Helm chart
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v6
         with:
+          # needed for git describe --tags
           fetch-depth: 0
-      - name: Install Helm
-        uses: azure/setup-helm@v3
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v4
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Push chart
-        if: github.ref == 'refs/heads/main' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
+        if: github.ref_name == 'main' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
         run: |
           set -x
-          git fetch origin
           tag="$(git describe --tags)"
 
           sed -i -r "s/^(appV|v)ersion *:.*$/\1ersion: $tag/" charts/Chart.yaml

Dockerfile

@@ -1,7 +1,6 @@
 # Build the manager binary
-FROM registry.cn-hangzhou.aliyuncs.com/carina/golang:1.19.13 AS builder
+FROM golang:1.26 AS builder
 
-ENV GO111MODULE=on CGO_ENABLED=0 GOOS=linux GOPROXY=https://goproxy.cn,direct
 ENV WORKSPACE=/workspace/github.com/carina-io/carina
 ENV GOMODCACHE=$WORKSPACE/vendor
 
@@ -10,19 +9,15 @@ ADD . .
 
 # Build
 RUN echo Commit: `git log --pretty='%s%b%B' -n 1`
-RUN cd $WORKSPACE/cmd/carina-node && go build -ldflags="-X main.gitCommitID=`git rev-parse HEAD`" -gcflags '-N -l' -o /tmp/carina-node .
-RUN cd $WORKSPACE/cmd/carina-controller && go build -ldflags="-X main.gitCommitID=`git rev-parse HEAD`" -gcflags '-N -l' -o /tmp/carina-controller .
+RUN cd $WORKSPACE/cmd/carina-node && CGO_ENABLED=0 go build -ldflags="-X main.gitCommitID=`git rev-parse HEAD`" -gcflags '-N -l' -o /tmp/carina-node .
+RUN cd $WORKSPACE/cmd/carina-controller && CGO_ENABLED=0 go build -ldflags="-X main.gitCommitID=`git rev-parse HEAD`" -gcflags '-N -l' -o /tmp/carina-controller .
 
-FROM registry.cn-hangzhou.aliyuncs.com/carina/centos-lvm2:runtime-20220108
+FROM alpine:3.20
+
+RUN apk add --no-cache lvm2 device-mapper e2fsprogs xfsprogs util-linux parted
 
-# copy binary file
 COPY --from=builder /tmp/carina-node /usr/bin/
 COPY --from=builder /tmp/carina-controller /usr/bin/
 COPY --from=builder /workspace/github.com/carina-io/carina/debug/hack/config.json /etc/carina/
-RUN chmod +x /usr/bin/carina-node && chmod +x /usr/bin/carina-controller
-
-# Update time zone to Asia-Shanghai
-COPY --from=builder /workspace/github.com/carina-io/carina/Shanghai /etc/localtime
-RUN echo 'Asia/Shanghai' > /etc/timezone
 
-CMD ["echo carina-node carina-controller"]
+CMD ["echo", "carina-node", "carina-controller"]

cmd/carina-controller/run/run.go

@@ -41,6 +41,7 @@ import (
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
+	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 	// +kubebuilder:scaffold:imports
@@ -78,25 +79,24 @@ func subMain() error {
 	}
 	mgr, err := ctrl.NewManager(cfg, ctrl.Options{
 		Scheme:                  scheme,
-		MetricsBindAddress:      config.metricsAddr,
+		Metrics:                 metricsserver.Options{BindAddress: config.metricsAddr},
 		LeaderElection:          true,
 		LeaderElectionID:        carina.CSIPluginName + "-carina-controller",
 		LeaderElectionNamespace: configuration.RuntimeNamespace(),
-		WebhookServer: &webhook.Server{
+		WebhookServer: webhook.NewServer(webhook.Options{
 			Host:     hookHost,
 			Port:     hookPort,
 			CertDir:  config.certDir,
 			CertName: "cert",
 			KeyName:  "key",
-		},
+		}),
 	})
 	if err != nil {
 		return err
 	}
 
 	// register webhook handlers
-	// admission.NewDecoder never returns non-nil error
-	dec, _ := admission.NewDecoder(scheme)
+	dec := admission.NewDecoder(scheme)
 	wh := mgr.GetWebhookServer()
 	wh.Register("/pod/mutate", hook.PodMutator(mgr, dec))
 	//wh.Register("/pvc/mutate", hook.PVCMutator(mgr.GetClient(), dec))

cmd/carina-node/run/run.go

@@ -35,6 +35,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 	"sigs.k8s.io/controller-runtime/pkg/metrics"
+	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
 	"time"
 
 	carinav1 "github.com/carina-io/carina/api/v1"
@@ -70,11 +71,11 @@ func subMain() error {
 	ctrl.SetLogger(zap.New(zap.UseFlagOptions(&config.zapOpts)))
 
 	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
-		Scheme:             scheme,
-		MetricsBindAddress: config.metricsAddr,
-		NewCache: cache.BuilderWithOptions(cache.Options{
+		Scheme:  scheme,
+		Metrics: metricsserver.Options{BindAddress: config.metricsAddr},
+		Cache: cache.Options{
 			Scheme: scheme,
-			SelectorsByObject: cache.SelectorsByObject{
+			ByObject: map[client.Object]cache.ByObject{
 				&corev1.Node{}: {
 					Field: fields.SelectorFromSet(fields.Set{"metadata.name": nodeName}),
 				},
@@ -85,7 +86,7 @@ func subMain() error {
 					Field: fields.SelectorFromSet(fields.Set{"metadata.name": nodeName}),
 				},
 			},
-		}),
+		},
 		LeaderElection: false,
 	})
 	if err != nil {

controllers/node_controller.go

@@ -38,7 +38,6 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/event"
 	"sigs.k8s.io/controller-runtime/pkg/handler"
 	"sigs.k8s.io/controller-runtime/pkg/predicate"
-	"sigs.k8s.io/controller-runtime/pkg/source"
 )
 
 type nodeStatusType string
@@ -111,10 +110,10 @@ func (r *NodeReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewControllerManagedBy(mgr).
 		WithEventFilter(pred).
 		WithOptions(controller.Options{
-			RateLimiter: workqueue.NewItemFastSlowRateLimiter(10*time.Second, 60*time.Second, 5),
+			RateLimiter: workqueue.NewTypedItemFastSlowRateLimiter[ctrl.Request](10*time.Second, 60*time.Second, 5),
 		}).
 		For(&corev1.Node{}).
-		Watches(&source.Kind{Type: &corev1.Pod{}}, &handler.EnqueueRequestForObject{}).
+		Watches(&corev1.Pod{}, &handler.EnqueueRequestForObject{}).
 		Complete(r)
 }
 

controllers/pod_io_controller.go

@@ -124,7 +124,7 @@ func (r *PodIOReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewControllerManagedBy(mgr).
 		WithEventFilter(podFilter{r.nodeName}).
 		WithOptions(controller.Options{
-			RateLimiter:             workqueue.NewItemFastSlowRateLimiter(10*time.Second, 60*time.Second, 5),
+			RateLimiter:             workqueue.NewTypedItemFastSlowRateLimiter[ctrl.Request](10*time.Second, 60*time.Second, 5),
 			MaxConcurrentReconciles: 5,
 		}).
 		For(&corev1.Pod{}).