diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index 5b3e7a5fd7..220ac52fd2 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -6,7 +6,6 @@ on: branches: - master - release - - ipam repository_dispatch: types: - test-command @@ -38,11 +37,11 @@ jobs: echo "pr-number=${{ github.event.client_payload.github.payload.issue.number }}" >> $GITHUB_OUTPUT elif [ "${{ steps.get_version.outputs.VERSION }}" != "" ]; then echo "master=false" >> $GITHUB_OUTPUT - echo "architectures=linux/amd64,linux/arm64,linux/arm/v7" >> $GITHUB_OUTPUT + echo "architectures=linux/amd64,linux/arm64" >> $GITHUB_OUTPUT echo "commit-ref=${{ steps.get_version.outputs.VERSION }}" >> $GITHUB_OUTPUT elif [ "${{ github.ref_name }}" == "master" ]; then echo "master=true" >> $GITHUB_OUTPUT - echo "architectures=linux/amd64,linux/arm64,linux/arm/v7" >> $GITHUB_OUTPUT + echo "architectures=linux/amd64,linux/arm64" >> $GITHUB_OUTPUT echo "commit-ref=${{ github.sha }}" >> $GITHUB_OUTPUT else echo "master=false" >> $GITHUB_OUTPUT @@ -277,7 +276,7 @@ jobs: id: last-release with: repository: ${{ github.repository }} - excludes: prerelease, draft + excludes: draft - name: Configure Git run: | @@ -312,16 +311,15 @@ jobs: with: path: ./liqoctl/ - # we need to upload only helm artifacts first, to make the index updater to work + # we need to upload only helm artifacts first, to make the index updater to work - uses: ncipollo/release-action@v1 with: artifacts: ".cr-release-packages/*" generateReleaseNotes: true - token: ${{ secrets.CI_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} allowUpdates: true tag: ${{ needs.configure.outputs.commit-ref }} name: ${{ needs.configure.outputs.commit-ref }} - prerelease: ${{ steps.semver_parser.outputs.prerelease != '' }} - name: Update Helm index run: | @@ -341,11 +339,7 @@ jobs: - uses: ncipollo/release-action@v1 with: artifacts: "./liqoctl/**/*" - token: ${{ secrets.CI_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} allowUpdates: true tag: ${{ needs.configure.outputs.commit-ref }} name: ${{ needs.configure.outputs.commit-ref }} - prerelease: ${{ steps.semver_parser.outputs.prerelease != '' }} - - - name: Update new version in krew-index - uses: rajatjindal/krew-release-bot@v0.0.47 diff --git a/.krew.yaml b/.krew.yaml index fe9d8fc8ee..15617944ec 100644 --- a/.krew.yaml +++ b/.krew.yaml @@ -4,7 +4,7 @@ metadata: name: liqo spec: version: {{ .TagName }} - homepage: https://github.com/liqotech/liqo + homepage: https://github.com/castai/liqo shortDescription: Install and manage Liqo on your clusters description: | Liqo is a platform to enable dynamic and decentralized resource sharing across @@ -20,29 +20,29 @@ spec: matchLabels: os: darwin arch: amd64 - {{addURIAndSha "https://github.com/liqotech/liqo/releases/download/{{ .TagName }}/liqoctl-darwin-amd64.tar.gz" .TagName }} + {{addURIAndSha "https://github.com/castai/liqo/releases/download/{{ .TagName }}/liqoctl-darwin-amd64.tar.gz" .TagName }} bin: liqoctl - selector: matchLabels: os: darwin arch: arm64 - {{addURIAndSha "https://github.com/liqotech/liqo/releases/download/{{ .TagName }}/liqoctl-darwin-arm64.tar.gz" .TagName }} + {{addURIAndSha "https://github.com/castai/liqo/releases/download/{{ .TagName }}/liqoctl-darwin-arm64.tar.gz" .TagName }} bin: liqoctl - selector: matchLabels: os: linux arch: amd64 - {{addURIAndSha "https://github.com/liqotech/liqo/releases/download/{{ .TagName }}/liqoctl-linux-amd64.tar.gz" .TagName }} + {{addURIAndSha "https://github.com/castai/liqo/releases/download/{{ .TagName }}/liqoctl-linux-amd64.tar.gz" .TagName }} bin: liqoctl - selector: matchLabels: os: linux arch: arm64 - {{addURIAndSha "https://github.com/liqotech/liqo/releases/download/{{ .TagName }}/liqoctl-linux-arm64.tar.gz" .TagName }} + {{addURIAndSha "https://github.com/castai/liqo/releases/download/{{ .TagName }}/liqoctl-linux-arm64.tar.gz" .TagName }} bin: liqoctl - selector: matchLabels: os: windows arch: amd64 - {{addURIAndSha "https://github.com/liqotech/liqo/releases/download/{{ .TagName }}/liqoctl-windows-amd64.tar.gz" .TagName }} + {{addURIAndSha "https://github.com/castai/liqo/releases/download/{{ .TagName }}/liqoctl-windows-amd64.tar.gz" .TagName }} bin: liqoctl diff --git a/cmd/virtual-kubelet/root/root.go b/cmd/virtual-kubelet/root/root.go index 03600147c1..39579ce7ca 100644 --- a/cmd/virtual-kubelet/root/root.go +++ b/cmd/virtual-kubelet/root/root.go @@ -293,27 +293,50 @@ func runRootCommand(ctx context.Context, c *Opts) error { func(ctx context.Context, _ error) error { klog.Info("node setting up") newNode := nodeProvider.GetNode().DeepCopy() + + klog.Infof("Restart check") + if newNode == nil || newNode.Name == "" { + klog.Errorf("Restartining the pod") + if newNode == nil { + klog.Errorf("newNode is nil") + } + if newNode.Name == "" { + klog.Errorf("newNode.Name is empty") + } + klog.Flush() // Force flush before exit + os.Exit(1) + } + newNode.ResourceVersion = "" if nodeProvider.IsTerminating() { // this avoids the re-creation of terminated nodes - klog.V(4).Info("skipping: node is in terminating phase") + klog.Info("skipping: node is in terminating phase") return nil } + klog.Infof("attempting to get node: %s", newNode.Name) oldNode, newErr := localClient.CoreV1().Nodes().Get(ctx, newNode.Name, metav1.GetOptions{}) if newErr != nil { if !k8serrors.IsNotFound(newErr) { klog.Error(newErr, "node error") return newErr } + klog.Info("node not found, creating new node") _, newErr = localClient.CoreV1().Nodes().Create(ctx, newNode, metav1.CreateOptions{}) - klog.Info("new node created") + if newErr == nil { + klog.Info("new node created") + } else { + klog.Errorf("failed to create node: %v", newErr) + } } else { + klog.Info("node exists, updating status") oldNode.Status = newNode.Status _, newErr = localClient.CoreV1().Nodes().UpdateStatus(ctx, oldNode, metav1.UpdateOptions{}) - if newErr != nil { + if newErr == nil { klog.Info("node updated") + } else { + klog.Errorf("failed to update node: %v", newErr) } } diff --git a/deployments/liqo/README.md b/deployments/liqo/README.md index 96c64d0012..936b1bed7d 100644 --- a/deployments/liqo/README.md +++ b/deployments/liqo/README.md @@ -20,7 +20,7 @@ | controllerManager.config.defaultLimitsEnforcement | string | `"None"` | Defines how strict is the enforcement of the quota offered by the remote cluster. enableResourceEnforcement must be enabled to use this feature. Possible values are: None, Soft, Hard. None: the offloaded pods might not have the resource `requests` or `limits`. Soft: it forces the offloaded pods to have `requests` set. If the pods go over the requests, the total used resources might go over the quota. Hard: it forces the offloaded pods to have `limits` and `requests` set, with `requests` == `limits`. This is the safest mode as the consumer cluster cannot go over the quota. | | controllerManager.config.enableNodeFailureController | bool | `false` | Ensure offloaded pods running on a failed node are evicted and rescheduled on a healthy node, preventing them to remain in a terminating state indefinitely. This feature can be useful in case of remote node failure to guarantee better service continuity and to have the expected pods workload on the remote cluster. However, enabling this feature could produce zombies in the worker node, in case the node returns Ready again without a restart. | | controllerManager.config.enableResourceEnforcement | bool | `true` | It enforces offerer-side that offloaded pods do not exceed offered resources (based on container limits). This feature is suggested to be enabled when consumer-side enforcement is not sufficient. It makes sure that the sum of the requests of the offloaded pods never exceeds the quota offered by the remote cluster. The quota can be still exceeded if no limits and requests are defined in the offloaded pods or if the limits are larger than the requests. For a stricter enforcement, the defaultLimitsEnforcement can be set to Hard. | -| controllerManager.image.name | string | `"ghcr.io/liqotech/liqo-controller-manager"` | Image repository for the controller-manager pod. | +| controllerManager.image.name | string | `"ghcr.io/castai/liqo-controller-manager"` | Image repository for the controller-manager pod. | | controllerManager.image.version | string | `""` | Custom version for the controller-manager image. If not specified, the global tag is used. | | controllerManager.metrics.service | object | `{"annotations":{},"labels":{}}` | Service used to expose metrics. | | controllerManager.metrics.service.annotations | object | `{}` | Annotations for the metrics service. | @@ -35,7 +35,7 @@ | controllerManager.pod.priorityClassName | string | `""` | PriorityClassName (https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#pod-priority) for the controller-manager pod. | | controllerManager.pod.resources | object | `{"limits":{},"requests":{}}` | Resource requests and limits (https://kubernetes.io/docs/user-guide/compute-resources/) for the controller-manager pod. | | controllerManager.replicas | int | `1` | The number of controller-manager instances to run, which can be increased for active/passive high availability. | -| crdReplicator.image.name | string | `"ghcr.io/liqotech/crd-replicator"` | Image repository for the crdReplicator pod. | +| crdReplicator.image.name | string | `"ghcr.io/castai/crd-replicator"` | Image repository for the crdReplicator pod. | | crdReplicator.image.version | string | `""` | Custom version for the crdReplicator image. If not specified, the global tag is used. | | crdReplicator.metrics.podMonitor.enabled | bool | `false` | Enable/Disable the creation of a Prometheus podmonitor. Turn on this flag when the Prometheus Operator runs in your cluster | | crdReplicator.metrics.podMonitor.interval | string | `""` | Setup pod monitor requests interval. If empty, Prometheus uses the global scrape interval (https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint). | @@ -54,7 +54,7 @@ | ipam.external.url | string | `""` | The URL of the external IPAM. | | ipam.externalCIDR | string | `"10.70.0.0/16"` | The subnet used for the external CIDR. | | ipam.internal.graphviz | bool | `false` | Enable/Disable the generation of graphviz files inside the ipam. This feature is useful to visualize the status of the ipam. The graphviz files are stored in the /graphviz directory of the ipam pod (a file for each network pool). You can access them using "kubectl cp". | -| ipam.internal.image.name | string | `"ghcr.io/liqotech/ipam"` | Image repository for the IPAM pod. | +| ipam.internal.image.name | string | `"ghcr.io/castai/ipam"` | Image repository for the IPAM pod. | | ipam.internal.image.version | string | `""` | Custom version for the IPAM image. If not specified, the global tag is used. | | ipam.internal.pod.annotations | object | `{}` | Annotations for the IPAM pod. | | ipam.internal.pod.extraArgs | list | `[]` | Extra arguments for the IPAM pod. | @@ -71,9 +71,9 @@ | ipam.serviceCIDR | string | `""` | The subnet used by the services in you cluster, in CIDR notation (e.g., 172.16.0.0/16). | | metricAgent.config.timeout | object | `{"read":"30s","write":"30s"}` | Set the timeout for the metrics server. | | metricAgent.enabled | bool | `true` | Enable/Disable the virtual kubelet metric agent. This component aggregates all the kubelet-related metrics (e.g., CPU, RAM, etc) collected on the nodes that are used by a remote cluster peered with you, then exporting the resulting values as a property of the virtual kubelet running on the remote cluster. | -| metricAgent.image.name | string | `"ghcr.io/liqotech/metric-agent"` | Image repository for the metricAgent pod. | +| metricAgent.image.name | string | `"ghcr.io/castai/metric-agent"` | Image repository for the metricAgent pod. | | metricAgent.image.version | string | `""` | Custom version for the metricAgent image. If not specified, the global tag is used. | -| metricAgent.initContainer.image.name | string | `"ghcr.io/liqotech/cert-creator"` | Image repository for the init container of the metricAgent pod. | +| metricAgent.initContainer.image.name | string | `"ghcr.io/castai/cert-creator"` | Image repository for the init container of the metricAgent pod. | | metricAgent.initContainer.image.version | string | `""` | Custom version for the init container image of the metricAgent pod. If not specified, the global tag is used. | | metricAgent.pod.annotations | object | `{}` | Annotations for the metricAgent pod. | | metricAgent.pod.extraArgs | list | `[]` | Extra arguments for the metricAgent pod. | @@ -90,7 +90,7 @@ | networking.fabric.config.healthProbeBindAddressPort | string | `"8081"` | Set the port where the fabric pod will expose the health probe. To disable the health probe, set the port to 0. | | networking.fabric.config.metricsAddressPort | string | `"8082"` | Set the port where the fabric pod will expose the metrics. To disable the metrics, set the port to 0. | | networking.fabric.config.nftablesMonitor | bool | `false` | Enable/Disable the nftables monitor for the fabric pod. It means that the fabric pod will monitor the nftables rules and will restore them in case of changes. In some cases (like K3S), this monitor can cause a huge amount of CPU usage. If you are experiencing high CPU usage, you can disable this feature. | -| networking.fabric.image.name | string | `"ghcr.io/liqotech/fabric"` | Image repository for the fabric pod. | +| networking.fabric.image.name | string | `"ghcr.io/castai/fabric"` | Image repository for the fabric pod. | | networking.fabric.image.version | string | `""` | Custom version for the fabric image. If not specified, the global tag is used. | | networking.fabric.pod.annotations | object | `{}` | Annotations for the fabric pod. | | networking.fabric.pod.extraArgs | list | `[]` | Extra arguments for the fabric pod. | @@ -98,12 +98,12 @@ | networking.fabric.pod.priorityClassName | string | `""` | PriorityClassName (https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#pod-priority) for the fabric pod. | | networking.fabric.pod.resources | object | `{"limits":{},"requests":{}}` | Resource requests and limits (https://kubernetes.io/docs/user-guide/compute-resources/) for the fabric pod. | | networking.fabric.tolerations | list | `[]` | Extra tolerations for the fabric daemonset. | -| networking.gatewayTemplates | object | `{"container":{"gateway":{"image":{"name":"ghcr.io/liqotech/gateway","version":""}},"geneve":{"image":{"name":"ghcr.io/liqotech/gateway/geneve","version":""}},"wireguard":{"image":{"name":"ghcr.io/liqotech/gateway/wireguard","version":""}}},"ping":{"interval":"2s","lossThreshold":5,"updateStatusInterval":"10s"},"replicas":1,"server":{"service":{"allocateLoadBalancerNodePorts":"","annotations":{}}},"wireguard":{"implementation":"kernel"}}` | Set the options for the default gateway (server/client) templates. The default templates use a WireGuard implementation to connect the gateway of the clusters. These options are used to configure only the default templates and should not be considered if a custom template is used. | -| networking.gatewayTemplates.container.gateway.image.name | string | `"ghcr.io/liqotech/gateway"` | Image repository for the gateway container. | +| networking.gatewayTemplates | object | `{"container":{"gateway":{"image":{"name":"ghcr.io/castai/gateway","version":""}},"geneve":{"image":{"name":"ghcr.io/castai/gateway/geneve","version":""}},"wireguard":{"image":{"name":"ghcr.io/castai/gateway/wireguard","version":""}}},"ping":{"interval":"2s","lossThreshold":5,"updateStatusInterval":"10s"},"replicas":1,"server":{"service":{"allocateLoadBalancerNodePorts":"","annotations":{}}},"wireguard":{"implementation":"kernel"}}` | Set the options for the default gateway (server/client) templates. The default templates use a WireGuard implementation to connect the gateway of the clusters. These options are used to configure only the default templates and should not be considered if a custom template is used. | +| networking.gatewayTemplates.container.gateway.image.name | string | `"ghcr.io/castai/gateway"` | Image repository for the gateway container. | | networking.gatewayTemplates.container.gateway.image.version | string | `""` | Custom version for the gateway image. If not specified, the global tag is used. | -| networking.gatewayTemplates.container.geneve.image.name | string | `"ghcr.io/liqotech/gateway/geneve"` | Image repository for the geneve container. | +| networking.gatewayTemplates.container.geneve.image.name | string | `"ghcr.io/castai/gateway/geneve"` | Image repository for the geneve container. | | networking.gatewayTemplates.container.geneve.image.version | string | `""` | Custom version for the geneve image. If not specified, the global tag is used. | -| networking.gatewayTemplates.container.wireguard.image.name | string | `"ghcr.io/liqotech/gateway/wireguard"` | Image repository for the wireguard container. | +| networking.gatewayTemplates.container.wireguard.image.name | string | `"ghcr.io/castai/gateway/wireguard"` | Image repository for the wireguard container. | | networking.gatewayTemplates.container.wireguard.image.version | string | `""` | Custom version for the wireguard image. If not specified, the global tag is used. | | networking.gatewayTemplates.ping | object | `{"interval":"2s","lossThreshold":5,"updateStatusInterval":"10s"}` | Set the options to configure the gateway ping used to check connection | | networking.gatewayTemplates.ping.interval | string | `"2s"` | Set the interval between two consecutive pings | @@ -147,15 +147,15 @@ | offloading.runtimeClass.handler | string | `"liqo"` | Handler for the runtime class. | | offloading.runtimeClass.labels | object | `{}` | Labels for the runtime class. | | offloading.runtimeClass.name | string | `"liqo"` | Name of the runtime class to use for offloading. | -| offloading.runtimeClass.nodeSelector | object | `{"enabled":true,"labels":{"liqo.io/type":"virtual-node"}}` | Node selector for the runtime class. | -| offloading.runtimeClass.nodeSelector.labels | object | `{"liqo.io/type":"virtual-node"}` | Labels for the node selector. | -| offloading.runtimeClass.tolerations | object | `{"enabled":true,"tolerations":[{"effect":"NoExecute","key":"virtual-node.liqo.io/not-allowed","operator":"Exists"}]}` | Tolerations for the runtime class. | -| offloading.runtimeClass.tolerations.tolerations | list | `[{"effect":"NoExecute","key":"virtual-node.liqo.io/not-allowed","operator":"Exists"}]` | Tolerations for the tolerations. | +| offloading.runtimeClass.nodeSelector | object | `{"enabled":true,"labels":{"omni.cast.ai/type":"virtual-node"}}` | Node selector for the runtime class. | +| offloading.runtimeClass.nodeSelector.labels | object | `{"omni.cast.ai/type":"virtual-node"}` | Labels for the node selector. | +| offloading.runtimeClass.tolerations | object | `{"enabled":true,"tolerations":[{"effect":"NoExecute","key":"virtual-node.omni.cast.ai/not-allowed","operator":"Exists"}]}` | Tolerations for the runtime class. | +| offloading.runtimeClass.tolerations.tolerations | list | `[{"effect":"NoExecute","key":"virtual-node.omni.cast.ai/not-allowed","operator":"Exists"}]` | Tolerations for the tolerations. | | openshiftConfig.enabled | bool | `false` | Enable/Disable the OpenShift support, enabling Openshift-specific resources, and setting the pod security contexts in a way that is compatible with Openshift. | | openshiftConfig.virtualKubeletSCCs | list | `["anyuid","privileged"]` | Security context configurations granted to the virtual kubelet in the local cluster. The configuration of one or more SCCs for the virtual kubelet is not strictly required, and privileges can be reduced in production environments. Still, the default configuration (i.e., anyuid) is suggested to prevent problems (i.e., the virtual kubelet fails to add the appropriate labels) when attempting to offload pods not managed by higher-level abstractions (e.g., Deployments), and not associated with a properly privileged service account. Indeed, "anyuid" is the SCC automatically associated with pods created by cluster administrators. Any pod granted a more privileged SCC and not linked to an adequately privileged service account will fail to be offloaded. | | proxy.config.listeningPort | int | `8118` | Port used by the proxy pod. | | proxy.enabled | bool | `true` | Enable/Disable the proxy pod. This pod is mandatory to allow in-band peering and to connect to the consumer k8s api server from a remotly offloaded pod. | -| proxy.image.name | string | `"ghcr.io/liqotech/proxy"` | Image repository for the proxy pod. | +| proxy.image.name | string | `"ghcr.io/castai/proxy"` | Image repository for the proxy pod. | | proxy.image.version | string | `""` | Custom version for the proxy image. If not specified, the global tag is used. | | proxy.pod.annotations | object | `{}` | Annotations for the proxy pod. | | proxy.pod.extraArgs | list | `[]` | Extra arguments for the proxy pod. | @@ -174,13 +174,13 @@ | tag | string | `""` | Images' tag to select a development version of liqo instead of a release | | telemetry.config.schedule | string | `""` | Set the schedule of the telemetry collector CronJob. Consider setting this value on ArgoCD deployments to avoid randomization. | | telemetry.enabled | bool | `true` | Enable/Disable the telemetry collector. | -| telemetry.image.name | string | `"ghcr.io/liqotech/telemetry"` | Image repository for the telemetry pod. | +| telemetry.image.name | string | `"ghcr.io/castai/telemetry"` | Image repository for the telemetry pod. | | telemetry.image.version | string | `""` | Custom version for the telemetry image. If not specified, the global tag is used. | | telemetry.pod.annotations | object | `{}` | Annotations for the telemetry pod. | | telemetry.pod.extraArgs | list | `[]` | Extra arguments for the telemetry pod. | | telemetry.pod.labels | object | `{}` | Labels for the telemetry pod. | | telemetry.pod.resources | object | `{"limits":{},"requests":{}}` | Resource requests and limits (https://kubernetes.io/docs/user-guide/compute-resources/) for the telemetry pod. | -| uninstaller.image.name | string | `"ghcr.io/liqotech/uninstaller"` | Image repository for the uninstaller pod. | +| uninstaller.image.name | string | `"ghcr.io/castai/uninstaller"` | Image repository for the uninstaller pod. | | uninstaller.image.version | string | `""` | Custom version for the uninstaller image. If not specified, the global tag is used. | | uninstaller.pod.annotations | object | `{}` | Annotations for the uninstaller pod. | | uninstaller.pod.extraArgs | list | `[]` | Extra arguments for the uninstaller pod. | @@ -190,7 +190,7 @@ | virtualKubelet.extra.args | list | `[]` | Extra arguments virtual kubelet pod. | | virtualKubelet.extra.labels | object | `{}` | Labels for the virtual kubelet pod. | | virtualKubelet.extra.resources | object | `{"limits":{},"requests":{}}` | Resource requests and limits (https://kubernetes.io/docs/user-guide/compute-resources/) for the virtual kubelet pod. | -| virtualKubelet.image.name | string | `"ghcr.io/liqotech/virtual-kubelet"` | Image repository for the virtual kubelet pod. | +| virtualKubelet.image.name | string | `"ghcr.io/castai/virtual-kubelet"` | Image repository for the virtual kubelet pod. | | virtualKubelet.image.version | string | `""` | Custom version for the virtual kubelet image. If not specified, the global tag is used. | | virtualKubelet.metrics.podMonitor.interval | string | `""` | Setup pod monitor requests interval. If empty, Prometheus uses the global scrape interval (https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#endpoint). | | virtualKubelet.metrics.podMonitor.labels | object | `{}` | Labels for the virtualkubelet podmonitor. | @@ -200,7 +200,7 @@ | virtualKubelet.virtualNode.extra.annotations | object | `{}` | Extra annotations for the virtual node. | | virtualKubelet.virtualNode.extra.labels | object | `{}` | Extra labels for the virtual node. | | webhook.failurePolicy | string | `"Fail"` | Webhook failure policy, either Ignore or Fail. | -| webhook.image.name | string | `"ghcr.io/liqotech/webhook"` | Image repository for the webhook pod. | +| webhook.image.name | string | `"ghcr.io/castai/webhook"` | Image repository for the webhook pod. | | webhook.image.version | string | `""` | Custom version for the webhook image. If not specified, the global tag is used. | | webhook.metrics.service | object | `{"annotations":{},"labels":{}}` | Service used to expose metrics. | | webhook.metrics.service.annotations | object | `{}` | Annotations for the metrics service. | diff --git a/deployments/liqo/templates/_helpers.tpl b/deployments/liqo/templates/_helpers.tpl index f4e2caf465..6ee970d4f0 100644 --- a/deployments/liqo/templates/_helpers.tpl +++ b/deployments/liqo/templates/_helpers.tpl @@ -250,3 +250,31 @@ imagePullSecrets: {{- toYaml .Values.imagePullSecrets | nindent 0 }} {{- end -}} {{- end -}} + +{{/* +Get value from ConfigMap with fallback to chart values +*/}} +{{- define "liqo.getValue" -}} +{{- $key := .key -}} +{{- $default := .default -}} +{{- $context := .context -}} + +{{- if and $context.Values.valuesConfigMap.enabled $context.Values.valuesConfigMap.name -}} +{{- $namespace := $context.Values.valuesConfigMap.namespace | default $context.Release.Namespace -}} +{{- $configMap := lookup "v1" "ConfigMap" $namespace $context.Values.valuesConfigMap.name -}} +{{- if $configMap -}} +{{- $valuesYaml := index $configMap.data $context.Values.valuesConfigMap.key -}} +{{- if $valuesYaml -}} +{{- $configMapValues := fromYaml $valuesYaml -}} +{{- $value := dig (splitList "." $key) $default $configMapValues -}} +{{- $value -}} +{{- else -}} +{{- $default -}} +{{- end -}} +{{- else -}} +{{- $default -}} +{{- end -}} +{{- else -}} +{{- $default -}} +{{- end -}} +{{- end }} diff --git a/deployments/liqo/templates/liqo-controller-manager-deployment.yaml b/deployments/liqo/templates/liqo-controller-manager-deployment.yaml index c0c34c9dac..690fd98c89 100644 --- a/deployments/liqo/templates/liqo-controller-manager-deployment.yaml +++ b/deployments/liqo/templates/liqo-controller-manager-deployment.yaml @@ -77,7 +77,7 @@ spec: - --aws-cluster-name={{ .Values.authentication.awsConfig.clusterName }} {{- end }} {{- if .Values.apiServer.address }} - - --api-server-address-override={{ .Values.apiServer.address }} + - --api-server-address-override={{ include "liqo.getValue" (dict "key" "apiServer.address" "default" .Values.apiServer.address "context" .) | quote }} {{- end }} {{- if .Values.apiServer.ca }} - --ca-override={{ .Values.apiServer.ca }} diff --git a/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml b/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml index 2184585613..21976c57c3 100644 --- a/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml +++ b/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml @@ -213,8 +213,7 @@ spec: add: - NET_ADMIN - NET_RAW - # Uncomment to set a priorityClassName - # priorityClassName: "" + priorityClassName: "system-cluster-critical" volumes: - name: wireguard-config secret: diff --git a/deployments/liqo/values.yaml b/deployments/liqo/values.yaml index ab72610934..bc76de8450 100644 --- a/deployments/liqo/values.yaml +++ b/deployments/liqo/values.yaml @@ -78,19 +78,19 @@ networking: gateway: image: # -- Image repository for the gateway container. - name: "ghcr.io/liqotech/gateway" + name: "ghcr.io/castai/gateway" # -- Custom version for the gateway image. If not specified, the global tag is used. version: "" wireguard: image: # -- Image repository for the wireguard container. - name: "ghcr.io/liqotech/gateway/wireguard" + name: "ghcr.io/castai/gateway/wireguard" # -- Custom version for the wireguard image. If not specified, the global tag is used. version: "" geneve: image: # -- Image repository for the geneve container. - name: "ghcr.io/liqotech/gateway/geneve" + name: "ghcr.io/castai/gateway/geneve" # -- Custom version for the geneve image. If not specified, the global tag is used. version: "" fabric: @@ -109,7 +109,7 @@ networking: priorityClassName: "" image: # -- Image repository for the fabric pod. - name: "ghcr.io/liqotech/fabric" + name: "ghcr.io/castai/fabric" # -- Custom version for the fabric image. If not specified, the global tag is used. version: "" # -- Extra tolerations for the fabric daemonset. @@ -205,13 +205,13 @@ offloading: enabled: true # -- Labels for the node selector. labels: - liqo.io/type: virtual-node + omni.cast.ai/type: virtual-node # -- Tolerations for the runtime class. tolerations: enabled: true # -- Tolerations for the tolerations. tolerations: - - key: virtual-node.liqo.io/not-allowed + - key: virtual-node.omni.cast.ai/not-allowed operator: Exists effect: NoExecute reflection: @@ -329,7 +329,7 @@ controllerManager: priorityClassName: "" image: # -- Image repository for the controller-manager pod. - name: "ghcr.io/liqotech/liqo-controller-manager" + name: "ghcr.io/castai/liqo-controller-manager" # -- Custom version for the controller-manager image. If not specified, the global tag is used. version: "" config: @@ -388,7 +388,7 @@ webhook: priorityClassName: "" image: # -- Image repository for the webhook pod. - name: "ghcr.io/liqotech/webhook" + name: "ghcr.io/castai/webhook" # -- Custom version for the webhook image. If not specified, the global tag is used. version: "" metrics: @@ -427,7 +427,7 @@ ipam: internal: image: # -- Image repository for the IPAM pod. - name: "ghcr.io/liqotech/ipam" + name: "ghcr.io/castai/ipam" # -- Custom version for the IPAM image. If not specified, the global tag is used. version: "" # -- The number of IPAM instances to run, which can be increased for active/passive high availability. @@ -507,7 +507,7 @@ crdReplicator: labels: {} image: # -- Image repository for the crdReplicator pod. - name: "ghcr.io/liqotech/crd-replicator" + name: "ghcr.io/castai/crd-replicator" # -- Custom version for the crdReplicator image. If not specified, the global tag is used. version: "" @@ -546,13 +546,13 @@ metricAgent: priorityClassName: "" image: # -- Image repository for the metricAgent pod. - name: "ghcr.io/liqotech/metric-agent" + name: "ghcr.io/castai/metric-agent" # -- Custom version for the metricAgent image. If not specified, the global tag is used. version: "" initContainer: image: # --Image repository for the init container of the metricAgent pod. - name: "ghcr.io/liqotech/cert-creator" + name: "ghcr.io/castai/cert-creator" # -- Custom version for the init container image of the metricAgent pod. If not specified, the global tag is used. version: "" @@ -572,7 +572,7 @@ telemetry: requests: {} image: # -- Image repository for the telemetry pod. - name: "ghcr.io/liqotech/telemetry" + name: "ghcr.io/castai/telemetry" # -- Custom version for the telemetry image. If not specified, the global tag is used. version: "" config: @@ -585,7 +585,7 @@ virtualKubelet: replicas: 1 image: # -- Image repository for the virtual kubelet pod. - name: "ghcr.io/liqotech/virtual-kubelet" + name: "ghcr.io/castai/virtual-kubelet" # -- Custom version for the virtual kubelet image. If not specified, the global tag is used. version: "" # Additional values that are added to virtual kubelet deployments and pods. @@ -633,7 +633,7 @@ uninstaller: requests: {} image: # -- Image repository for the uninstaller pod. - name: "ghcr.io/liqotech/uninstaller" + name: "ghcr.io/castai/uninstaller" # -- Custom version for the uninstaller image. If not specified, the global tag is used. version: "" @@ -659,7 +659,7 @@ proxy: priorityClassName: "" image: # -- Image repository for the proxy pod. - name: "ghcr.io/liqotech/proxy" + name: "ghcr.io/castai/proxy" # -- Custom version for the proxy image. If not specified, the global tag is used. version: "" service: diff --git a/examples/networking/wireguard-client-default.yaml b/examples/networking/wireguard-client-default.yaml index 1f21fd36bf..03dd748d38 100644 --- a/examples/networking/wireguard-client-default.yaml +++ b/examples/networking/wireguard-client-default.yaml @@ -47,7 +47,7 @@ spec: - --ping-loss-threshold=5 - --ping-interval=2s - --ping-update-status-interval=10s - image: ghcr.io/liqotech/gateway: + image: ghcr.io/castai/gateway: imagePullPolicy: IfNotPresent name: gateway securityContext: @@ -67,7 +67,7 @@ spec: - --endpoint-port={{ .Spec.Endpoint.Port }} - --metrics-address=:8082 - --health-probe-bind-address=:8083 - image: ghcr.io/liqotech/gateway/wireguard: + image: ghcr.io/castai/gateway/wireguard: imagePullPolicy: IfNotPresent name: wireguard securityContext: @@ -90,7 +90,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: ghcr.io/liqotech/gateway/geneve: + image: ghcr.io/castai/gateway/geneve: imagePullPolicy: IfNotPresent name: geneve securityContext: diff --git a/examples/networking/wireguard-client-high-availability.yaml b/examples/networking/wireguard-client-high-availability.yaml index 7d57068407..fb7cdf7ec6 100644 --- a/examples/networking/wireguard-client-high-availability.yaml +++ b/examples/networking/wireguard-client-high-availability.yaml @@ -55,7 +55,7 @@ spec: - --ping-loss-threshold=5 - --ping-interval=2s - --ping-update-status-interval=10s - image: ghcr.io/liqotech/gateway: + image: ghcr.io/castai/gateway: imagePullPolicy: IfNotPresent name: gateway securityContext: @@ -75,7 +75,7 @@ spec: - --endpoint-port={{ .Spec.Endpoint.Port }} - --metrics-address=:8082 - --health-probe-bind-address=:8083 - image: ghcr.io/liqotech/gateway/wireguard: + image: ghcr.io/castai/gateway/wireguard: imagePullPolicy: IfNotPresent name: wireguard securityContext: @@ -98,7 +98,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: ghcr.io/liqotech/gateway/geneve: + image: ghcr.io/castai/gateway/geneve: imagePullPolicy: IfNotPresent name: geneve securityContext: diff --git a/examples/networking/wireguard-client-pingdisabled.yaml b/examples/networking/wireguard-client-pingdisabled.yaml index 1d5c32255a..3f975afe57 100644 --- a/examples/networking/wireguard-client-pingdisabled.yaml +++ b/examples/networking/wireguard-client-pingdisabled.yaml @@ -44,7 +44,7 @@ spec: - --metrics-address=:8082 - --health-probe-bind-address=:8081 - --ping-enabled=false - image: ghcr.io/liqotech/gateway: + image: ghcr.io/castai/gateway: imagePullPolicy: IfNotPresent name: gateway securityContext: @@ -64,7 +64,7 @@ spec: - --endpoint-port={{ .Spec.Endpoint.Port }} - --metrics-address=:8082 - --health-probe-bind-address=:8083 - image: ghcr.io/liqotech/gateway/wireguard: + image: ghcr.io/castai/gateway/wireguard: imagePullPolicy: IfNotPresent name: wireguard securityContext: @@ -87,7 +87,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: ghcr.io/liqotech/gateway/geneve: + image: ghcr.io/castai/gateway/geneve: imagePullPolicy: IfNotPresent name: geneve securityContext: diff --git a/examples/networking/wireguard-client-selector.yaml b/examples/networking/wireguard-client-selector.yaml index f6584a4c89..2928070270 100644 --- a/examples/networking/wireguard-client-selector.yaml +++ b/examples/networking/wireguard-client-selector.yaml @@ -56,7 +56,7 @@ spec: - --ping-loss-threshold=5 - --ping-interval=2s - --ping-update-status-interval=10s - image: ghcr.io/liqotech/gateway: + image: ghcr.io/castai/gateway: imagePullPolicy: IfNotPresent name: gateway securityContext: @@ -76,7 +76,7 @@ spec: - --endpoint-port={{ .Spec.Endpoint.Port }} - --metrics-address=:8082 - --health-probe-bind-address=:8083 - image: ghcr.io/liqotech/gateway/wireguard: + image: ghcr.io/castai/gateway/wireguard: imagePullPolicy: IfNotPresent name: wireguard securityContext: @@ -99,7 +99,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: ghcr.io/liqotech/gateway/geneve: + image: ghcr.io/castai/gateway/geneve: imagePullPolicy: IfNotPresent name: geneve securityContext: diff --git a/examples/networking/wireguard-server-default.yaml b/examples/networking/wireguard-server-default.yaml index d20005abf8..cb00008c4a 100644 --- a/examples/networking/wireguard-server-default.yaml +++ b/examples/networking/wireguard-server-default.yaml @@ -47,7 +47,7 @@ spec: - --ping-loss-threshold=5 - --ping-interval=2s - --ping-update-status-interval=10s - image: ghcr.io/liqotech/gateway: + image: ghcr.io/castai/gateway: imagePullPolicy: IfNotPresent name: gateway securityContext: @@ -66,7 +66,7 @@ spec: - --listen-port={{ .Spec.Endpoint.Port }} - --metrics-address=:8082 - --health-probe-bind-address=:8083 - image: ghcr.io/liqotech/gateway/wireguard: + image: ghcr.io/castai/gateway/wireguard: imagePullPolicy: IfNotPresent name: wireguard securityContext: @@ -89,7 +89,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: ghcr.io/liqotech/gateway/geneve: + image: ghcr.io/castai/gateway/geneve: imagePullPolicy: IfNotPresent name: geneve securityContext: diff --git a/examples/networking/wireguard-server-high-availability.yaml b/examples/networking/wireguard-server-high-availability.yaml index 40eb5ae8d7..8d0e2b4bdd 100644 --- a/examples/networking/wireguard-server-high-availability.yaml +++ b/examples/networking/wireguard-server-high-availability.yaml @@ -55,7 +55,7 @@ spec: - --ping-loss-threshold=5 - --ping-interval=2s - --ping-update-status-interval=10s - image: ghcr.io/liqotech/gateway: + image: ghcr.io/castai/gateway: imagePullPolicy: IfNotPresent name: gateway securityContext: @@ -74,7 +74,7 @@ spec: - --listen-port={{ .Spec.Endpoint.Port }} - --metrics-address=:8082 - --health-probe-bind-address=:8083 - image: ghcr.io/liqotech/gateway/wireguard: + image: ghcr.io/castai/gateway/wireguard: imagePullPolicy: IfNotPresent name: wireguard securityContext: @@ -97,7 +97,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: ghcr.io/liqotech/gateway/geneve: + image: ghcr.io/castai/gateway/geneve: imagePullPolicy: IfNotPresent name: geneve securityContext: diff --git a/examples/networking/wireguard-server-overridetargetport.yaml b/examples/networking/wireguard-server-overridetargetport.yaml index 0d5b921316..29af3d9c24 100644 --- a/examples/networking/wireguard-server-overridetargetport.yaml +++ b/examples/networking/wireguard-server-overridetargetport.yaml @@ -47,7 +47,7 @@ spec: - --ping-loss-threshold=5 - --ping-interval=2s - --ping-update-status-interval=10s - image: ghcr.io/liqotech/gateway: + image: ghcr.io/castai/gateway: imagePullPolicy: IfNotPresent name: gateway securityContext: @@ -66,7 +66,7 @@ spec: - --listen-port=30000 - --metrics-address=:8082 - --health-probe-bind-address=:8083 - image: ghcr.io/liqotech/gateway/wireguard: + image: ghcr.io/castai/gateway/wireguard: imagePullPolicy: IfNotPresent name: wireguard securityContext: @@ -89,7 +89,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: ghcr.io/liqotech/gateway/geneve: + image: ghcr.io/castai/gateway/geneve: imagePullPolicy: IfNotPresent name: geneve securityContext: diff --git a/examples/networking/wireguard-server-pingdisabled.yaml b/examples/networking/wireguard-server-pingdisabled.yaml index 9097a91272..426a626a59 100644 --- a/examples/networking/wireguard-server-pingdisabled.yaml +++ b/examples/networking/wireguard-server-pingdisabled.yaml @@ -44,7 +44,7 @@ spec: - --metrics-address=:8082 - --health-probe-bind-address=:8081 - --ping-enabled=false - image: ghcr.io/liqotech/gateway: + image: ghcr.io/castai/gateway: imagePullPolicy: IfNotPresent name: gateway securityContext: @@ -63,7 +63,7 @@ spec: - --listen-port={{ .Spec.Endpoint.Port }} - --metrics-address=:8082 - --health-probe-bind-address=:8083 - image: ghcr.io/liqotech/gateway/wireguard: + image: ghcr.io/castai/gateway/wireguard: imagePullPolicy: IfNotPresent name: wireguard securityContext: @@ -86,7 +86,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: ghcr.io/liqotech/gateway/geneve: + image: ghcr.io/castai/gateway/geneve: imagePullPolicy: IfNotPresent name: geneve securityContext: diff --git a/examples/networking/wireguard-server-selector.yaml b/examples/networking/wireguard-server-selector.yaml index ad59a06c03..0acf84b51b 100644 --- a/examples/networking/wireguard-server-selector.yaml +++ b/examples/networking/wireguard-server-selector.yaml @@ -56,7 +56,7 @@ spec: - --ping-loss-threshold=5 - --ping-interval=2s - --ping-update-status-interval=10s - image: ghcr.io/liqotech/gateway: + image: ghcr.io/castai/gateway: imagePullPolicy: IfNotPresent name: gateway securityContext: @@ -75,7 +75,7 @@ spec: - --listen-port={{ .Spec.Endpoint.Port }} - --metrics-address=:8082 - --health-probe-bind-address=:8083 - image: ghcr.io/liqotech/gateway/wireguard: + image: ghcr.io/castai/gateway/wireguard: imagePullPolicy: IfNotPresent name: wireguard securityContext: @@ -98,7 +98,7 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - image: ghcr.io/liqotech/gateway/geneve: + image: ghcr.io/castai/gateway/geneve: imagePullPolicy: IfNotPresent name: geneve securityContext: diff --git a/pkg/consts/webhook.go b/pkg/consts/webhook.go index 4182ebb67d..6780e6d43d 100644 --- a/pkg/consts/webhook.go +++ b/pkg/consts/webhook.go @@ -17,7 +17,7 @@ package consts const ( // VirtualNodeTolerationKey all Pods that have to be scheduled on virtual nodes must have this toleration // to Liqo taint. - VirtualNodeTolerationKey = "virtual-node.liqo.io/not-allowed" + VirtualNodeTolerationKey = "virtual-node.omni.cast.ai/not-allowed" // WebHookLabel used to mark the resouces related to the Liqo webhooks. WebHookLabel = "liqo.io/webhook" diff --git a/pkg/gateway/fabric/geneve/internalfabric.go b/pkg/gateway/fabric/geneve/internalfabric.go index 08717b9ed1..dc78376113 100644 --- a/pkg/gateway/fabric/geneve/internalfabric.go +++ b/pkg/gateway/fabric/geneve/internalfabric.go @@ -37,6 +37,10 @@ func getInternalFabric(ctx context.Context, cl client.Client, gatewayName, remot return nil, fmt.Errorf("unable to get the internal fabric %q: %w", remoteID, err) } + if err == nil { + return internalFabric, nil + } + err = cl.Get(ctx, client.ObjectKey{ Name: gatewayName, Namespace: ns, diff --git a/pkg/tenantNamespace/const.go b/pkg/tenantNamespace/const.go index d0a724cf39..7b0c8f5c79 100644 --- a/pkg/tenantNamespace/const.go +++ b/pkg/tenantNamespace/const.go @@ -16,7 +16,7 @@ package tenantnamespace const ( // NamePrefix is the prefix of all tenant namespace names. - NamePrefix = "liqo-tenant" + NamePrefix = "omni" roleBindingRoot = "liqo-binding" ) diff --git a/pkg/utils/cluster_info.go b/pkg/utils/cluster_info.go index 50e5beb61c..81d13e1530 100644 --- a/pkg/utils/cluster_info.go +++ b/pkg/utils/cluster_info.go @@ -18,6 +18,7 @@ import ( "context" "fmt" "os" + "time" corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" @@ -110,5 +111,8 @@ func GetRestConfig(configPath string) (config *rest.Config, err error) { // Set to in-cluster config. config, err = rest.InClusterConfig() } + + config.Timeout = 10 * time.Second + return config, err } diff --git a/pkg/virtualKubelet/liqoNodeProvider/nodeProvider.go b/pkg/virtualKubelet/liqoNodeProvider/nodeProvider.go index 6f2adf3e9a..e3e9796d13 100644 --- a/pkg/virtualKubelet/liqoNodeProvider/nodeProvider.go +++ b/pkg/virtualKubelet/liqoNodeProvider/nodeProvider.go @@ -100,8 +100,10 @@ func (p *LiqoNodeProvider) NotifyNodeStatus(_ context.Context, f func(*corev1.No // IsTerminating indicates if the node is in terminating (and in the draining phase). func (p *LiqoNodeProvider) IsTerminating() bool { + klog.Infof("Trying to check if the node is terminating") p.updateMutex.Lock() defer p.updateMutex.Unlock() + klog.Infof("Node is terminating: %v", p.terminating) return p.terminating }