diff --git a/Makefile b/Makefile index 495fa190da..67461ae2b0 100644 --- a/Makefile +++ b/Makefile @@ -78,8 +78,8 @@ endif GINKGO_FOCUS ?= GINKGO_SKIP ?= GINKGO_TIMEOUT ?= 2h -E2E_CONF_FILE ?= "$(abspath test/e2e/config/vsphere-dev.yaml)" -INTEGRATION_CONF_FILE ?= "$(abspath test/integration/integration-dev.yaml)" +E2E_CONF_FILE ?= $(abspath test/e2e/config/vsphere-dev.yaml) +INTEGRATION_CONF_FILE ?= $(abspath test/integration/integration-dev.yaml) E2E_TEMPLATE_DIR := $(abspath test/e2e/data/infrastructure-vsphere/) SKIP_RESOURCE_CLEANUP ?= false USE_EXISTING_CLUSTER ?= false diff --git a/packaging/flavorgen/flavors/patches.go b/packaging/flavorgen/flavors/patches.go index 16695a1238..04669d7966 100644 --- a/packaging/flavorgen/flavors/patches.go +++ b/packaging/flavorgen/flavors/patches.go @@ -188,6 +188,8 @@ func kubeVipEnabledPatch() clusterv1.ClusterClassPatch { Op: "add", Path: "/spec/template/spec/kubeadmConfigSpec/files/-", ValueFrom: &clusterv1.JSONPatchValue{ + // This patch ensures that the ControlPlaneIP which is set as variable `controlPlaneIPAddr` is also set + // in the kube-vip static pod manifest. Template: pointer.String(`owner: root:root path: "/etc/kubernetes/manifests/kube-vip.yaml" content: {{ printf "%q" (regexReplaceAll "(name: address\n +value:).*" .kubeVipPodManifest (printf "$1 %s" .controlPlaneIpAddr)) }}`), diff --git a/test/e2e/clusterctl_upgrade_test.go b/test/e2e/clusterctl_upgrade_test.go index 1e588ae866..61351895ed 100644 --- a/test/e2e/clusterctl_upgrade_test.go +++ b/test/e2e/clusterctl_upgrade_test.go @@ -17,21 +17,18 @@ limitations under the License. package e2e import ( - "context" - . "github.com/onsi/ginkgo/v2" capi_e2e "sigs.k8s.io/cluster-api/test/e2e" ) var _ = Describe("When testing clusterctl upgrades using ClusterClass (CAPV 1.8=>current, CAPI 1.5=>1.6) [ClusterClass]", func() { - capi_e2e.ClusterctlUpgradeSpec(context.TODO(), func() capi_e2e.ClusterctlUpgradeSpecInput { + capi_e2e.ClusterctlUpgradeSpec(ctx, func() capi_e2e.ClusterctlUpgradeSpecInput { return capi_e2e.ClusterctlUpgradeSpecInput{ E2EConfig: e2eConfig, ClusterctlConfigPath: clusterctlConfigPath, BootstrapClusterProxy: bootstrapClusterProxy, ArtifactFolder: artifactFolder, SkipCleanup: skipCleanup, - InitWithProvidersContract: "v1beta1", MgmtFlavor: "remote-management", InitWithBinary: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.5.4/clusterctl-{OS}-{ARCH}", InitWithCoreProvider: "cluster-api:v1.5.4", @@ -39,22 +36,23 @@ var _ = Describe("When testing clusterctl upgrades using ClusterClass (CAPV 1.8= InitWithControlPlaneProviders: []string{"kubeadm:v1.5.4"}, InitWithInfrastructureProviders: []string{"vsphere:v1.8.4"}, InitWithRuntimeExtensionProviders: []string{}, - InitWithKubernetesVersion: "v1.28.0", - WorkloadKubernetesVersion: "v1.28.0", - WorkloadFlavor: "workload", + // InitWithKubernetesVersion should be the highest kubernetes version supported by the init Cluster API version. + // This is to guarantee that both, the old and new CAPI version, support the defined version. + InitWithKubernetesVersion: "v1.28.0", + WorkloadKubernetesVersion: "v1.28.0", + WorkloadFlavor: "workload", } }) }) var _ = Describe("When testing clusterctl upgrades using ClusterClass (CAPV 1.7=>current, CAPI 1.4=>1.6) [ClusterClass]", func() { - capi_e2e.ClusterctlUpgradeSpec(context.TODO(), func() capi_e2e.ClusterctlUpgradeSpecInput { + capi_e2e.ClusterctlUpgradeSpec(ctx, func() capi_e2e.ClusterctlUpgradeSpecInput { return capi_e2e.ClusterctlUpgradeSpecInput{ E2EConfig: e2eConfig, ClusterctlConfigPath: clusterctlConfigPath, BootstrapClusterProxy: bootstrapClusterProxy, ArtifactFolder: artifactFolder, SkipCleanup: skipCleanup, - InitWithProvidersContract: "v1beta1", MgmtFlavor: "remote-management", InitWithBinary: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.4.9/clusterctl-{OS}-{ARCH}", InitWithCoreProvider: "cluster-api:v1.4.9", @@ -62,9 +60,11 @@ var _ = Describe("When testing clusterctl upgrades using ClusterClass (CAPV 1.7= InitWithControlPlaneProviders: []string{"kubeadm:v1.4.9"}, InitWithInfrastructureProviders: []string{"vsphere:v1.7.4"}, InitWithRuntimeExtensionProviders: []string{}, - InitWithKubernetesVersion: "v1.27.3", - WorkloadKubernetesVersion: "v1.27.3", - WorkloadFlavor: "workload", + // InitWithKubernetesVersion should be the highest kubernetes version supported by the init Cluster API version. + // This is to guarantee that both, the old and new CAPI version, support the defined version. + InitWithKubernetesVersion: "v1.27.3", + WorkloadKubernetesVersion: "v1.27.3", + WorkloadFlavor: "workload", } }) }) diff --git a/test/e2e/config/vsphere-ci.yaml b/test/e2e/config/vsphere-ci.yaml index 4d6a37b303..42eb5e86cd 100644 --- a/test/e2e/config/vsphere-ci.yaml +++ b/test/e2e/config/vsphere-ci.yaml @@ -44,7 +44,7 @@ providers: type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" @@ -54,7 +54,7 @@ providers: type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.7/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" @@ -78,7 +78,7 @@ providers: type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" @@ -88,7 +88,7 @@ providers: type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" @@ -112,7 +112,7 @@ providers: type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" @@ -122,7 +122,7 @@ providers: type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" diff --git a/test/e2e/config/vsphere-dev.yaml b/test/e2e/config/vsphere-dev.yaml index dbc5caa752..3a520336ce 100644 --- a/test/e2e/config/vsphere-dev.yaml +++ b/test/e2e/config/vsphere-dev.yaml @@ -47,17 +47,17 @@ providers: type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" - - name: v1.4. + - name: v1.4.9 # Use manifest from source files - value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.4./core-components.yaml" + value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.4.9/core-components.yaml" type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.7/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" @@ -81,17 +81,17 @@ providers: type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" - - name: v1.4. + - name: v1.4.9 # Use manifest from source files - value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.4./bootstrap-components.yaml" + value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.4.9/bootstrap-components.yaml" type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" @@ -115,17 +115,17 @@ providers: type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" - - name: v1.4. + - name: v1.4.9 # Use manifest from source files - value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.4./control-plane-components.yaml" + value: "https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.4.9/control-plane-components.yaml" type: "url" contract: v1beta1 files: - - sourcePath: "../data/shared/main/v1beta1/metadata.yaml" + - sourcePath: "../data/shared/v1.8/v1beta1/metadata.yaml" replacements: - old: "imagePullPolicy: Always" new: "imagePullPolicy: IfNotPresent" diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-template-topology.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-template-topology.yaml deleted file mode 100644 index 078653a4be..0000000000 --- a/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-template-topology.yaml +++ /dev/null @@ -1,835 +0,0 @@ ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: Cluster -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - topology: - class: '${CLUSTER_CLASS_NAME}' - controlPlane: - replicas: ${CONTROL_PLANE_MACHINE_COUNT} - variables: - - name: sshKey - value: '${VSPHERE_SSH_AUTHORIZED_KEY}' - - name: infraServer - value: - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' - url: '${VSPHERE_SERVER}' - - name: kubeVipPodManifest - value: | - apiVersion: v1 - kind: Pod - metadata: - name: kube-vip - namespace: kube-system - spec: - containers: - - args: - - manager - env: - - name: cp_enable - value: "true" - - name: vip_interface - value: ${VIP_NETWORK_INTERFACE=""} - - name: address - value: ${CONTROL_PLANE_ENDPOINT_IP} - - name: port - value: "6443" - - name: vip_arp - value: "true" - - name: vip_leaderelection - value: "true" - - name: vip_leaseduration - value: "15" - - name: vip_renewdeadline - value: "10" - - name: vip_retryperiod - value: "2" - image: ghcr.io/kube-vip/kube-vip:v0.5.11 - imagePullPolicy: IfNotPresent - name: kube-vip - resources: {} - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - volumeMounts: - - mountPath: /etc/kubernetes/admin.conf - name: kubeconfig - hostAliases: - - hostnames: - - kubernetes - ip: 127.0.0.1 - hostNetwork: true - volumes: - - hostPath: - path: /etc/kubernetes/admin.conf - type: FileOrCreate - name: kubeconfig - - name: controlPlaneIpAddr - value: ${CONTROL_PLANE_ENDPOINT_IP} - - name: credsSecretName - value: '${CLUSTER_NAME}' - version: '${KUBERNETES_VERSION}' - workers: - machineDeployments: - - class: ${CLUSTER_CLASS_NAME}-worker - metadata: {} - name: md-0 - replicas: ${WORKER_MACHINE_COUNT} ---- -apiVersion: v1 -kind: Secret -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -stringData: - password: ${VSPHERE_PASSWORD} - username: ${VSPHERE_USERNAME} ---- -apiVersion: addons.cluster.x-k8s.io/v1beta1 -kind: ClusterResourceSet -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: ${CLUSTER_NAME}-crs-0 - namespace: '${NAMESPACE}' -spec: - clusterSelector: - matchLabels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - resources: - - kind: Secret - name: vsphere-csi-controller - - kind: ConfigMap - name: vsphere-csi-controller-role - - kind: ConfigMap - name: vsphere-csi-controller-binding - - kind: Secret - name: csi-vsphere-config - - kind: ConfigMap - name: csi.vsphere.vmware.com - - kind: ConfigMap - name: vsphere-csi-node - - kind: ConfigMap - name: vsphere-csi-controller - - kind: Secret - name: cloud-controller-manager - - kind: Secret - name: cloud-provider-vsphere-credentials - - kind: ConfigMap - name: cpi-manifests ---- -apiVersion: v1 -kind: Secret -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: vsphere-csi-controller - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - name: vsphere-csi-controller-role - rules: - - apiGroups: - - storage.k8s.io - resources: - - csidrivers - verbs: - - create - - delete - - apiGroups: - - "" - resources: - - nodes - - pods - - secrets - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - create - - delete - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments/status - verbs: - - patch - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - update - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - - csinodes - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - list - - watch - - create - - update - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - delete - - update - - create - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - get - - list - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshotcontents - verbs: - - get - - list -kind: ConfigMap -metadata: - name: vsphere-csi-controller-role - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: vsphere-csi-controller-binding - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: vsphere-csi-controller-role - subjects: - - kind: ServiceAccount - name: vsphere-csi-controller - namespace: kube-system -kind: ConfigMap -metadata: - name: vsphere-csi-controller-binding - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: csi-vsphere-config - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - name: csi-vsphere-config - namespace: kube-system - stringData: - csi-vsphere.conf: |+ - [Global] - thumbprint = "${VSPHERE_TLS_THUMBPRINT}" - cluster-id = "${NAMESPACE}/${CLUSTER_NAME}" - - [VirtualCenter "${VSPHERE_SERVER}"] - user = "${VSPHERE_USERNAME}" - password = "${VSPHERE_PASSWORD}" - datacenters = "${VSPHERE_DATACENTER}" - - [Network] - public-network = "${VSPHERE_NETWORK}" - - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: storage.k8s.io/v1 - kind: CSIDriver - metadata: - name: csi.vsphere.vmware.com - spec: - attachRequired: true -kind: ConfigMap -metadata: - name: csi.vsphere.vmware.com - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: DaemonSet - metadata: - name: vsphere-csi-node - namespace: kube-system - spec: - selector: - matchLabels: - app: vsphere-csi-node - template: - metadata: - labels: - app: vsphere-csi-node - role: vsphere-csi - spec: - containers: - - args: - - --v=5 - - --csi-address=$(ADDRESS) - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock - image: quay.io/k8scsi/csi-node-driver-registrar:v2.0.1 - lifecycle: - preStop: - exec: - command: - - /bin/sh - - -c - - rm -rf /registration/csi.vsphere.vmware.com-reg.sock /csi/csi.sock - name: node-driver-registrar - resources: {} - securityContext: - privileged: true - volumeMounts: - - mountPath: /csi - name: plugin-dir - - mountPath: /registration - name: registration-dir - - env: - - name: CSI_ENDPOINT - value: unix:///csi/csi.sock - - name: X_CSI_MODE - value: node - - name: X_CSI_SPEC_REQ_VALIDATION - value: "false" - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-node - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: true - capabilities: - add: - - SYS_ADMIN - privileged: true - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - - mountPath: /csi - name: plugin-dir - - mountPath: /var/lib/kubelet - mountPropagation: Bidirectional - name: pods-mount-dir - - mountPath: /dev - name: device-dir - - args: - - --csi-address=/csi/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /csi - name: plugin-dir - dnsPolicy: Default - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - hostPath: - path: /var/lib/kubelet/plugins_registry - type: Directory - name: registration-dir - - hostPath: - path: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/ - type: DirectoryOrCreate - name: plugin-dir - - hostPath: - path: /var/lib/kubelet - type: Directory - name: pods-mount-dir - - hostPath: - path: /dev - name: device-dir - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: vsphere-csi-node - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: Deployment - metadata: - name: vsphere-csi-controller - namespace: kube-system - spec: - replicas: 1 - selector: - matchLabels: - app: vsphere-csi-controller - template: - metadata: - labels: - app: vsphere-csi-controller - role: vsphere-csi - spec: - containers: - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-attacher:v3.0.0 - name: csi-attacher - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: X_CSI_MODE - value: controller - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-controller - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --csi-address=$(ADDRESS) - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --leader-election - env: - - name: X_CSI_FULL_SYNC_INTERVAL_MINUTES - value: "30" - - name: LOGGER_LEVEL - value: PRODUCTION - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.1.0 - name: vsphere-syncer - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - - --default-fstype=ext4 - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-provisioner:v2.0.0 - name: csi-provisioner - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - dnsPolicy: Default - serviceAccountName: vsphere-csi-controller - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - emptyDir: {} - name: socket-dir -kind: ConfigMap -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloud-controller-manager - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: service-account - name: cloud-controller-manager - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloud-provider-vsphere-credentials - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: secret - name: cloud-provider-vsphere-credentials - namespace: kube-system - stringData: - ${VSPHERE_SERVER}.password: ${VSPHERE_PASSWORD} - ${VSPHERE_SERVER}.username: ${VSPHERE_USERNAME} - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: role - name: system:cloud-controller-manager - rules: - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - update - - apiGroups: - - "" - resources: - - nodes - verbs: - - '*' - - apiGroups: - - "" - resources: - - nodes/status - verbs: - - patch - - apiGroups: - - "" - resources: - - services - verbs: - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - services/status - verbs: - - patch - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - endpoints - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - update - - create - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: cluster-role-binding - name: system:cloud-controller-manager - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:cloud-controller-manager - subjects: - - kind: ServiceAccount - name: cloud-controller-manager - namespace: kube-system - - kind: User - name: cloud-controller-manager - --- - apiVersion: v1 - data: - vsphere.conf: | - global: - port: 443 - secretName: cloud-provider-vsphere-credentials - secretNamespace: kube-system - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' - vcenter: - ${VSPHERE_SERVER}: - datacenters: - - '${VSPHERE_DATACENTER}' - server: '${VSPHERE_SERVER}' - kind: ConfigMap - metadata: - name: vsphere-cloud-config - namespace: kube-system - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: role-binding - name: servicecatalog.k8s.io:apiserver-authentication-reader - namespace: kube-system - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: extension-apiserver-authentication-reader - subjects: - - kind: ServiceAccount - name: cloud-controller-manager - namespace: kube-system - - kind: User - name: cloud-controller-manager - --- - apiVersion: apps/v1 - kind: DaemonSet - metadata: - labels: - component: cloud-controller-manager - tier: control-plane - name: vsphere-cloud-controller-manager - namespace: kube-system - spec: - selector: - matchLabels: - name: vsphere-cloud-controller-manager - template: - metadata: - labels: - component: cloud-controller-manager - name: vsphere-cloud-controller-manager - tier: control-plane - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists - containers: - - args: - - --v=2 - - --cloud-provider=vsphere - - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} - name: vsphere-cloud-controller-manager - resources: - requests: - cpu: 200m - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - hostNetwork: true - priorityClassName: system-node-critical - securityContext: - runAsUser: 1001 - serviceAccountName: cloud-controller-manager - tolerations: - - effect: NoSchedule - key: node.cloudprovider.kubernetes.io/uninitialized - value: "true" - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - - effect: NoSchedule - key: node.kubernetes.io/not-ready - operator: Exists - volumes: - - configMap: - name: vsphere-cloud-config - name: vsphere-config-volume - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: cpi-manifests - namespace: '${NAMESPACE}' diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster.yaml deleted file mode 100644 index 0048c12797..0000000000 --- a/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster.yaml +++ /dev/null @@ -1,996 +0,0 @@ ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: Cluster -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - clusterNetwork: - pods: - cidrBlocks: - - 192.168.0.0/16 - controlPlaneRef: - apiVersion: controlplane.cluster.x-k8s.io/v1beta1 - kind: KubeadmControlPlane - name: '${CLUSTER_NAME}' - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: VSphereCluster - name: '${CLUSTER_NAME}' ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: VSphereCluster -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - controlPlaneEndpoint: - host: ${CONTROL_PLANE_ENDPOINT_IP} - port: 6443 - identityRef: - kind: Secret - name: '${CLUSTER_NAME}' - server: '${VSPHERE_SERVER}' - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: VSphereMachineTemplate -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - template: - spec: - cloneMode: linkedClone - datacenter: '${VSPHERE_DATACENTER}' - datastore: '${VSPHERE_DATASTORE}' - diskGiB: 25 - folder: '${VSPHERE_FOLDER}' - memoryMiB: 8192 - network: - devices: - - dhcp4: true - networkName: '${VSPHERE_NETWORK}' - numCPUs: 2 - os: Linux - resourcePool: '${VSPHERE_RESOURCE_POOL}' - server: '${VSPHERE_SERVER}' - storagePolicyName: '${VSPHERE_STORAGE_POLICY}' - template: '${VSPHERE_TEMPLATE}' - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: VSphereMachineTemplate -metadata: - name: ${CLUSTER_NAME}-worker - namespace: '${NAMESPACE}' -spec: - template: - spec: - cloneMode: linkedClone - datacenter: '${VSPHERE_DATACENTER}' - datastore: '${VSPHERE_DATASTORE}' - diskGiB: 25 - folder: '${VSPHERE_FOLDER}' - memoryMiB: 8192 - network: - devices: - - dhcp4: true - networkName: '${VSPHERE_NETWORK}' - numCPUs: 2 - os: Linux - resourcePool: '${VSPHERE_RESOURCE_POOL}' - server: '${VSPHERE_SERVER}' - storagePolicyName: '${VSPHERE_STORAGE_POLICY}' - template: '${VSPHERE_TEMPLATE}' - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' ---- -apiVersion: controlplane.cluster.x-k8s.io/v1beta1 -kind: KubeadmControlPlane -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - kubeadmConfigSpec: - clusterConfiguration: - apiServer: - extraArgs: - cloud-provider: external - controllerManager: - extraArgs: - cloud-provider: external - files: - - content: | - apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: null - name: kube-vip - namespace: kube-system - spec: - containers: - - args: - - manager - env: - - name: cp_enable - value: "true" - - name: vip_interface - value: ${VIP_NETWORK_INTERFACE=""} - - name: address - value: ${CONTROL_PLANE_ENDPOINT_IP} - - name: port - value: "6443" - - name: vip_arp - value: "true" - - name: vip_leaderelection - value: "true" - - name: vip_leaseduration - value: "15" - - name: vip_renewdeadline - value: "10" - - name: vip_retryperiod - value: "2" - image: ghcr.io/kube-vip/kube-vip:v0.5.11 - imagePullPolicy: IfNotPresent - name: kube-vip - resources: {} - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - volumeMounts: - - mountPath: /etc/kubernetes/admin.conf - name: kubeconfig - hostAliases: - - hostnames: - - kubernetes - ip: 127.0.0.1 - hostNetwork: true - volumes: - - hostPath: - path: /etc/kubernetes/admin.conf - type: FileOrCreate - name: kubeconfig - status: {} - owner: root:root - path: /etc/kubernetes/manifests/kube-vip.yaml - initConfiguration: - nodeRegistration: - criSocket: /var/run/containerd/containerd.sock - kubeletExtraArgs: - cloud-provider: external - name: '{{ local_hostname }}' - joinConfiguration: - nodeRegistration: - criSocket: /var/run/containerd/containerd.sock - kubeletExtraArgs: - cloud-provider: external - name: '{{ local_hostname }}' - preKubeadmCommands: - - hostnamectl set-hostname "{{ ds.meta_data.hostname }}" - - echo "::1 ipv6-localhost ipv6-loopback localhost6 localhost6.localdomain6" - >/etc/hosts - - echo "127.0.0.1 {{ ds.meta_data.hostname }} {{ local_hostname }} localhost - localhost.localdomain localhost4 localhost4.localdomain4" >>/etc/hosts - users: - - name: capv - sshAuthorizedKeys: - - '${VSPHERE_SSH_AUTHORIZED_KEY}' - sudo: ALL=(ALL) NOPASSWD:ALL - machineTemplate: - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: VSphereMachineTemplate - name: '${CLUSTER_NAME}' - replicas: ${CONTROL_PLANE_MACHINE_COUNT} - version: '${KUBERNETES_VERSION}' ---- -apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 -kind: KubeadmConfigTemplate -metadata: - name: '${CLUSTER_NAME}-md-0' - namespace: '${NAMESPACE}' -spec: - template: - spec: - joinConfiguration: - nodeRegistration: - criSocket: /var/run/containerd/containerd.sock - kubeletExtraArgs: - cloud-provider: external - name: '{{ local_hostname }}' - preKubeadmCommands: - - hostnamectl set-hostname "{{ ds.meta_data.hostname }}" - - echo "::1 ipv6-localhost ipv6-loopback localhost6 localhost6.localdomain6" - >/etc/hosts - - echo "127.0.0.1 {{ ds.meta_data.hostname }} {{ local_hostname }} localhost - localhost.localdomain localhost4 localhost4.localdomain4" >>/etc/hosts - users: - - name: capv - sshAuthorizedKeys: - - '${VSPHERE_SSH_AUTHORIZED_KEY}' - sudo: ALL=(ALL) NOPASSWD:ALL ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: MachineDeployment -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: '${CLUSTER_NAME}-md-0' - namespace: '${NAMESPACE}' -spec: - clusterName: '${CLUSTER_NAME}' - replicas: ${WORKER_MACHINE_COUNT} - selector: - matchLabels: {} - template: - metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - spec: - bootstrap: - configRef: - apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 - kind: KubeadmConfigTemplate - name: '${CLUSTER_NAME}-md-0' - clusterName: '${CLUSTER_NAME}' - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: VSphereMachineTemplate - name: ${CLUSTER_NAME}-worker - version: '${KUBERNETES_VERSION}' ---- -apiVersion: addons.cluster.x-k8s.io/v1beta1 -kind: ClusterResourceSet -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: ${CLUSTER_NAME}-crs-0 - namespace: '${NAMESPACE}' -spec: - clusterSelector: - matchLabels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - resources: - - kind: Secret - name: vsphere-csi-controller - - kind: ConfigMap - name: vsphere-csi-controller-role - - kind: ConfigMap - name: vsphere-csi-controller-binding - - kind: Secret - name: csi-vsphere-config - - kind: ConfigMap - name: csi.vsphere.vmware.com - - kind: ConfigMap - name: vsphere-csi-node - - kind: ConfigMap - name: vsphere-csi-controller - - kind: Secret - name: cloud-controller-manager - - kind: Secret - name: cloud-provider-vsphere-credentials - - kind: ConfigMap - name: cpi-manifests ---- -apiVersion: v1 -kind: Secret -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -stringData: - password: ${VSPHERE_PASSWORD} - username: ${VSPHERE_USERNAME} ---- -apiVersion: v1 -kind: Secret -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: vsphere-csi-controller - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - name: vsphere-csi-controller-role - rules: - - apiGroups: - - storage.k8s.io - resources: - - csidrivers - verbs: - - create - - delete - - apiGroups: - - "" - resources: - - nodes - - pods - - secrets - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - create - - delete - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments/status - verbs: - - patch - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - update - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - - csinodes - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - list - - watch - - create - - update - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - delete - - update - - create - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - get - - list - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshotcontents - verbs: - - get - - list -kind: ConfigMap -metadata: - name: vsphere-csi-controller-role - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: vsphere-csi-controller-binding - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: vsphere-csi-controller-role - subjects: - - kind: ServiceAccount - name: vsphere-csi-controller - namespace: kube-system -kind: ConfigMap -metadata: - name: vsphere-csi-controller-binding - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: csi-vsphere-config - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - name: csi-vsphere-config - namespace: kube-system - stringData: - csi-vsphere.conf: |+ - [Global] - thumbprint = "${VSPHERE_TLS_THUMBPRINT}" - cluster-id = "${NAMESPACE}/${CLUSTER_NAME}" - - [VirtualCenter "${VSPHERE_SERVER}"] - user = "${VSPHERE_USERNAME}" - password = "${VSPHERE_PASSWORD}" - datacenters = "${VSPHERE_DATACENTER}" - - [Network] - public-network = "${VSPHERE_NETWORK}" - - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: storage.k8s.io/v1 - kind: CSIDriver - metadata: - name: csi.vsphere.vmware.com - spec: - attachRequired: true -kind: ConfigMap -metadata: - name: csi.vsphere.vmware.com - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: DaemonSet - metadata: - name: vsphere-csi-node - namespace: kube-system - spec: - selector: - matchLabels: - app: vsphere-csi-node - template: - metadata: - labels: - app: vsphere-csi-node - role: vsphere-csi - spec: - containers: - - args: - - --v=5 - - --csi-address=$(ADDRESS) - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock - image: quay.io/k8scsi/csi-node-driver-registrar:v2.0.1 - lifecycle: - preStop: - exec: - command: - - /bin/sh - - -c - - rm -rf /registration/csi.vsphere.vmware.com-reg.sock /csi/csi.sock - name: node-driver-registrar - resources: {} - securityContext: - privileged: true - volumeMounts: - - mountPath: /csi - name: plugin-dir - - mountPath: /registration - name: registration-dir - - env: - - name: CSI_ENDPOINT - value: unix:///csi/csi.sock - - name: X_CSI_MODE - value: node - - name: X_CSI_SPEC_REQ_VALIDATION - value: "false" - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-node - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: true - capabilities: - add: - - SYS_ADMIN - privileged: true - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - - mountPath: /csi - name: plugin-dir - - mountPath: /var/lib/kubelet - mountPropagation: Bidirectional - name: pods-mount-dir - - mountPath: /dev - name: device-dir - - args: - - --csi-address=/csi/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /csi - name: plugin-dir - dnsPolicy: Default - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - hostPath: - path: /var/lib/kubelet/plugins_registry - type: Directory - name: registration-dir - - hostPath: - path: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/ - type: DirectoryOrCreate - name: plugin-dir - - hostPath: - path: /var/lib/kubelet - type: Directory - name: pods-mount-dir - - hostPath: - path: /dev - name: device-dir - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: vsphere-csi-node - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: Deployment - metadata: - name: vsphere-csi-controller - namespace: kube-system - spec: - replicas: 1 - selector: - matchLabels: - app: vsphere-csi-controller - template: - metadata: - labels: - app: vsphere-csi-controller - role: vsphere-csi - spec: - containers: - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-attacher:v3.0.0 - name: csi-attacher - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: X_CSI_MODE - value: controller - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-controller - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --csi-address=$(ADDRESS) - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --leader-election - env: - - name: X_CSI_FULL_SYNC_INTERVAL_MINUTES - value: "30" - - name: LOGGER_LEVEL - value: PRODUCTION - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.1.0 - name: vsphere-syncer - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - - --default-fstype=ext4 - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-provisioner:v2.0.0 - name: csi-provisioner - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - dnsPolicy: Default - serviceAccountName: vsphere-csi-controller - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - emptyDir: {} - name: socket-dir -kind: ConfigMap -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloud-controller-manager - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: service-account - name: cloud-controller-manager - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloud-provider-vsphere-credentials - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: secret - name: cloud-provider-vsphere-credentials - namespace: kube-system - stringData: - ${VSPHERE_SERVER}.password: ${VSPHERE_PASSWORD} - ${VSPHERE_SERVER}.username: ${VSPHERE_USERNAME} - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: role - name: system:cloud-controller-manager - rules: - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - update - - apiGroups: - - "" - resources: - - nodes - verbs: - - '*' - - apiGroups: - - "" - resources: - - nodes/status - verbs: - - patch - - apiGroups: - - "" - resources: - - services - verbs: - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - services/status - verbs: - - patch - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - endpoints - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - update - - create - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: cluster-role-binding - name: system:cloud-controller-manager - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:cloud-controller-manager - subjects: - - kind: ServiceAccount - name: cloud-controller-manager - namespace: kube-system - - kind: User - name: cloud-controller-manager - --- - apiVersion: v1 - data: - vsphere.conf: | - global: - port: 443 - secretName: cloud-provider-vsphere-credentials - secretNamespace: kube-system - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' - vcenter: - ${VSPHERE_SERVER}: - datacenters: - - '${VSPHERE_DATACENTER}' - server: '${VSPHERE_SERVER}' - kind: ConfigMap - metadata: - name: vsphere-cloud-config - namespace: kube-system - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: role-binding - name: servicecatalog.k8s.io:apiserver-authentication-reader - namespace: kube-system - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: extension-apiserver-authentication-reader - subjects: - - kind: ServiceAccount - name: cloud-controller-manager - namespace: kube-system - - kind: User - name: cloud-controller-manager - --- - apiVersion: apps/v1 - kind: DaemonSet - metadata: - labels: - component: cloud-controller-manager - tier: control-plane - name: vsphere-cloud-controller-manager - namespace: kube-system - spec: - selector: - matchLabels: - name: vsphere-cloud-controller-manager - template: - metadata: - labels: - component: cloud-controller-manager - name: vsphere-cloud-controller-manager - tier: control-plane - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists - containers: - - args: - - --v=2 - - --cloud-provider=vsphere - - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} - name: vsphere-cloud-controller-manager - resources: - requests: - cpu: 200m - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - hostNetwork: true - priorityClassName: system-node-critical - securityContext: - runAsUser: 1001 - serviceAccountName: cloud-controller-manager - tolerations: - - effect: NoSchedule - key: node.cloudprovider.kubernetes.io/uninitialized - value: "true" - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - - effect: NoSchedule - key: node.kubernetes.io/not-ready - operator: Exists - volumes: - - configMap: - name: vsphere-cloud-config - name: vsphere-config-volume - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: cpi-manifests - namespace: '${NAMESPACE}' diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/clusterclass/kustomization.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/clusterclass/kustomization.yaml index 2f2fd513ce..820776eeaa 100644 --- a/test/e2e/data/infrastructure-vsphere/v1.7/clusterclass/kustomization.yaml +++ b/test/e2e/data/infrastructure-vsphere/v1.7/clusterclass/kustomization.yaml @@ -2,8 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./clusterclass-quick-start.yaml -# patchesStrategicMerge: -# - vsphere-template.yaml patches: - target: kind: ClusterClass diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-network-CIDR.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-network-CIDR.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-network-CIDR.yaml rename to test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-network-CIDR.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-resource-set-csi-insecure.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set-csi-insecure.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-resource-set-csi-insecure.yaml rename to test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set-csi-insecure.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-resource-set-label.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set-label.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-resource-set-label.yaml rename to test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set-label.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-resource-set.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.7/bases/cluster-resource-set.yaml rename to test/e2e/data/infrastructure-vsphere/v1.7/commons/cluster-resource-set.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/bases/remove-storage-policy.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/commons/remove-storage-policy.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.7/bases/remove-storage-policy.yaml rename to test/e2e/data/infrastructure-vsphere/v1.7/commons/remove-storage-policy.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.7/topology/kustomization.yaml b/test/e2e/data/infrastructure-vsphere/v1.7/topology/kustomization.yaml index 0324634755..cda508b384 100644 --- a/test/e2e/data/infrastructure-vsphere/v1.7/topology/kustomization.yaml +++ b/test/e2e/data/infrastructure-vsphere/v1.7/topology/kustomization.yaml @@ -1,9 +1,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ../bases/cluster-template-topology.yaml - - ../bases/cluster-resource-set.yaml + - ../base/cluster-template-topology.yaml + - ../commons/cluster-resource-set.yaml patchesStrategicMerge: - - ../bases/cluster-resource-set-label.yaml - - ../bases/cluster-network-CIDR.yaml - - ../bases/cluster-resource-set-csi-insecure.yaml + - ../commons/cluster-resource-set-label.yaml + - ../commons/cluster-network-CIDR.yaml + - ../commons/cluster-resource-set-csi-insecure.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-template-topology.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-template-topology.yaml deleted file mode 100644 index 078653a4be..0000000000 --- a/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-template-topology.yaml +++ /dev/null @@ -1,835 +0,0 @@ ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: Cluster -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - topology: - class: '${CLUSTER_CLASS_NAME}' - controlPlane: - replicas: ${CONTROL_PLANE_MACHINE_COUNT} - variables: - - name: sshKey - value: '${VSPHERE_SSH_AUTHORIZED_KEY}' - - name: infraServer - value: - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' - url: '${VSPHERE_SERVER}' - - name: kubeVipPodManifest - value: | - apiVersion: v1 - kind: Pod - metadata: - name: kube-vip - namespace: kube-system - spec: - containers: - - args: - - manager - env: - - name: cp_enable - value: "true" - - name: vip_interface - value: ${VIP_NETWORK_INTERFACE=""} - - name: address - value: ${CONTROL_PLANE_ENDPOINT_IP} - - name: port - value: "6443" - - name: vip_arp - value: "true" - - name: vip_leaderelection - value: "true" - - name: vip_leaseduration - value: "15" - - name: vip_renewdeadline - value: "10" - - name: vip_retryperiod - value: "2" - image: ghcr.io/kube-vip/kube-vip:v0.5.11 - imagePullPolicy: IfNotPresent - name: kube-vip - resources: {} - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - volumeMounts: - - mountPath: /etc/kubernetes/admin.conf - name: kubeconfig - hostAliases: - - hostnames: - - kubernetes - ip: 127.0.0.1 - hostNetwork: true - volumes: - - hostPath: - path: /etc/kubernetes/admin.conf - type: FileOrCreate - name: kubeconfig - - name: controlPlaneIpAddr - value: ${CONTROL_PLANE_ENDPOINT_IP} - - name: credsSecretName - value: '${CLUSTER_NAME}' - version: '${KUBERNETES_VERSION}' - workers: - machineDeployments: - - class: ${CLUSTER_CLASS_NAME}-worker - metadata: {} - name: md-0 - replicas: ${WORKER_MACHINE_COUNT} ---- -apiVersion: v1 -kind: Secret -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -stringData: - password: ${VSPHERE_PASSWORD} - username: ${VSPHERE_USERNAME} ---- -apiVersion: addons.cluster.x-k8s.io/v1beta1 -kind: ClusterResourceSet -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: ${CLUSTER_NAME}-crs-0 - namespace: '${NAMESPACE}' -spec: - clusterSelector: - matchLabels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - resources: - - kind: Secret - name: vsphere-csi-controller - - kind: ConfigMap - name: vsphere-csi-controller-role - - kind: ConfigMap - name: vsphere-csi-controller-binding - - kind: Secret - name: csi-vsphere-config - - kind: ConfigMap - name: csi.vsphere.vmware.com - - kind: ConfigMap - name: vsphere-csi-node - - kind: ConfigMap - name: vsphere-csi-controller - - kind: Secret - name: cloud-controller-manager - - kind: Secret - name: cloud-provider-vsphere-credentials - - kind: ConfigMap - name: cpi-manifests ---- -apiVersion: v1 -kind: Secret -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: vsphere-csi-controller - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - name: vsphere-csi-controller-role - rules: - - apiGroups: - - storage.k8s.io - resources: - - csidrivers - verbs: - - create - - delete - - apiGroups: - - "" - resources: - - nodes - - pods - - secrets - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - create - - delete - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments/status - verbs: - - patch - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - update - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - - csinodes - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - list - - watch - - create - - update - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - delete - - update - - create - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - get - - list - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshotcontents - verbs: - - get - - list -kind: ConfigMap -metadata: - name: vsphere-csi-controller-role - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: vsphere-csi-controller-binding - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: vsphere-csi-controller-role - subjects: - - kind: ServiceAccount - name: vsphere-csi-controller - namespace: kube-system -kind: ConfigMap -metadata: - name: vsphere-csi-controller-binding - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: csi-vsphere-config - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - name: csi-vsphere-config - namespace: kube-system - stringData: - csi-vsphere.conf: |+ - [Global] - thumbprint = "${VSPHERE_TLS_THUMBPRINT}" - cluster-id = "${NAMESPACE}/${CLUSTER_NAME}" - - [VirtualCenter "${VSPHERE_SERVER}"] - user = "${VSPHERE_USERNAME}" - password = "${VSPHERE_PASSWORD}" - datacenters = "${VSPHERE_DATACENTER}" - - [Network] - public-network = "${VSPHERE_NETWORK}" - - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: storage.k8s.io/v1 - kind: CSIDriver - metadata: - name: csi.vsphere.vmware.com - spec: - attachRequired: true -kind: ConfigMap -metadata: - name: csi.vsphere.vmware.com - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: DaemonSet - metadata: - name: vsphere-csi-node - namespace: kube-system - spec: - selector: - matchLabels: - app: vsphere-csi-node - template: - metadata: - labels: - app: vsphere-csi-node - role: vsphere-csi - spec: - containers: - - args: - - --v=5 - - --csi-address=$(ADDRESS) - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock - image: quay.io/k8scsi/csi-node-driver-registrar:v2.0.1 - lifecycle: - preStop: - exec: - command: - - /bin/sh - - -c - - rm -rf /registration/csi.vsphere.vmware.com-reg.sock /csi/csi.sock - name: node-driver-registrar - resources: {} - securityContext: - privileged: true - volumeMounts: - - mountPath: /csi - name: plugin-dir - - mountPath: /registration - name: registration-dir - - env: - - name: CSI_ENDPOINT - value: unix:///csi/csi.sock - - name: X_CSI_MODE - value: node - - name: X_CSI_SPEC_REQ_VALIDATION - value: "false" - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-node - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: true - capabilities: - add: - - SYS_ADMIN - privileged: true - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - - mountPath: /csi - name: plugin-dir - - mountPath: /var/lib/kubelet - mountPropagation: Bidirectional - name: pods-mount-dir - - mountPath: /dev - name: device-dir - - args: - - --csi-address=/csi/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /csi - name: plugin-dir - dnsPolicy: Default - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - hostPath: - path: /var/lib/kubelet/plugins_registry - type: Directory - name: registration-dir - - hostPath: - path: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/ - type: DirectoryOrCreate - name: plugin-dir - - hostPath: - path: /var/lib/kubelet - type: Directory - name: pods-mount-dir - - hostPath: - path: /dev - name: device-dir - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: vsphere-csi-node - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: Deployment - metadata: - name: vsphere-csi-controller - namespace: kube-system - spec: - replicas: 1 - selector: - matchLabels: - app: vsphere-csi-controller - template: - metadata: - labels: - app: vsphere-csi-controller - role: vsphere-csi - spec: - containers: - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-attacher:v3.0.0 - name: csi-attacher - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: X_CSI_MODE - value: controller - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-controller - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --csi-address=$(ADDRESS) - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --leader-election - env: - - name: X_CSI_FULL_SYNC_INTERVAL_MINUTES - value: "30" - - name: LOGGER_LEVEL - value: PRODUCTION - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.1.0 - name: vsphere-syncer - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - - --default-fstype=ext4 - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-provisioner:v2.0.0 - name: csi-provisioner - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - dnsPolicy: Default - serviceAccountName: vsphere-csi-controller - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - emptyDir: {} - name: socket-dir -kind: ConfigMap -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloud-controller-manager - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: service-account - name: cloud-controller-manager - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloud-provider-vsphere-credentials - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: secret - name: cloud-provider-vsphere-credentials - namespace: kube-system - stringData: - ${VSPHERE_SERVER}.password: ${VSPHERE_PASSWORD} - ${VSPHERE_SERVER}.username: ${VSPHERE_USERNAME} - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: role - name: system:cloud-controller-manager - rules: - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - update - - apiGroups: - - "" - resources: - - nodes - verbs: - - '*' - - apiGroups: - - "" - resources: - - nodes/status - verbs: - - patch - - apiGroups: - - "" - resources: - - services - verbs: - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - services/status - verbs: - - patch - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - endpoints - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - update - - create - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: cluster-role-binding - name: system:cloud-controller-manager - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:cloud-controller-manager - subjects: - - kind: ServiceAccount - name: cloud-controller-manager - namespace: kube-system - - kind: User - name: cloud-controller-manager - --- - apiVersion: v1 - data: - vsphere.conf: | - global: - port: 443 - secretName: cloud-provider-vsphere-credentials - secretNamespace: kube-system - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' - vcenter: - ${VSPHERE_SERVER}: - datacenters: - - '${VSPHERE_DATACENTER}' - server: '${VSPHERE_SERVER}' - kind: ConfigMap - metadata: - name: vsphere-cloud-config - namespace: kube-system - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: role-binding - name: servicecatalog.k8s.io:apiserver-authentication-reader - namespace: kube-system - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: extension-apiserver-authentication-reader - subjects: - - kind: ServiceAccount - name: cloud-controller-manager - namespace: kube-system - - kind: User - name: cloud-controller-manager - --- - apiVersion: apps/v1 - kind: DaemonSet - metadata: - labels: - component: cloud-controller-manager - tier: control-plane - name: vsphere-cloud-controller-manager - namespace: kube-system - spec: - selector: - matchLabels: - name: vsphere-cloud-controller-manager - template: - metadata: - labels: - component: cloud-controller-manager - name: vsphere-cloud-controller-manager - tier: control-plane - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists - containers: - - args: - - --v=2 - - --cloud-provider=vsphere - - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} - name: vsphere-cloud-controller-manager - resources: - requests: - cpu: 200m - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - hostNetwork: true - priorityClassName: system-node-critical - securityContext: - runAsUser: 1001 - serviceAccountName: cloud-controller-manager - tolerations: - - effect: NoSchedule - key: node.cloudprovider.kubernetes.io/uninitialized - value: "true" - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - - effect: NoSchedule - key: node.kubernetes.io/not-ready - operator: Exists - volumes: - - configMap: - name: vsphere-cloud-config - name: vsphere-config-volume - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: cpi-manifests - namespace: '${NAMESPACE}' diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster.yaml deleted file mode 100644 index bf66968818..0000000000 --- a/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster.yaml +++ /dev/null @@ -1,998 +0,0 @@ ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: Cluster -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - clusterNetwork: - pods: - cidrBlocks: - - 192.168.0.0/16 - controlPlaneRef: - apiVersion: controlplane.cluster.x-k8s.io/v1beta1 - kind: KubeadmControlPlane - name: '${CLUSTER_NAME}' - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: VSphereCluster - name: '${CLUSTER_NAME}' ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: VSphereCluster -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - controlPlaneEndpoint: - host: ${CONTROL_PLANE_ENDPOINT_IP} - port: 6443 - identityRef: - kind: Secret - name: '${CLUSTER_NAME}' - server: '${VSPHERE_SERVER}' - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: VSphereMachineTemplate -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - template: - spec: - cloneMode: linkedClone - datacenter: '${VSPHERE_DATACENTER}' - datastore: '${VSPHERE_DATASTORE}' - diskGiB: 25 - folder: '${VSPHERE_FOLDER}' - memoryMiB: 8192 - network: - devices: - - dhcp4: true - networkName: '${VSPHERE_NETWORK}' - numCPUs: 2 - os: Linux - powerOffMode: trySoft - resourcePool: '${VSPHERE_RESOURCE_POOL}' - server: '${VSPHERE_SERVER}' - storagePolicyName: '${VSPHERE_STORAGE_POLICY}' - template: '${VSPHERE_TEMPLATE}' - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: VSphereMachineTemplate -metadata: - name: ${CLUSTER_NAME}-worker - namespace: '${NAMESPACE}' -spec: - template: - spec: - cloneMode: linkedClone - datacenter: '${VSPHERE_DATACENTER}' - datastore: '${VSPHERE_DATASTORE}' - diskGiB: 25 - folder: '${VSPHERE_FOLDER}' - memoryMiB: 8192 - network: - devices: - - dhcp4: true - networkName: '${VSPHERE_NETWORK}' - numCPUs: 2 - os: Linux - powerOffMode: trySoft - resourcePool: '${VSPHERE_RESOURCE_POOL}' - server: '${VSPHERE_SERVER}' - storagePolicyName: '${VSPHERE_STORAGE_POLICY}' - template: '${VSPHERE_TEMPLATE}' - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' ---- -apiVersion: controlplane.cluster.x-k8s.io/v1beta1 -kind: KubeadmControlPlane -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -spec: - kubeadmConfigSpec: - clusterConfiguration: - apiServer: - extraArgs: - cloud-provider: external - controllerManager: - extraArgs: - cloud-provider: external - files: - - content: | - apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: null - name: kube-vip - namespace: kube-system - spec: - containers: - - args: - - manager - env: - - name: cp_enable - value: "true" - - name: vip_interface - value: ${VIP_NETWORK_INTERFACE:=""} - - name: address - value: ${CONTROL_PLANE_ENDPOINT_IP} - - name: port - value: "6443" - - name: vip_arp - value: "true" - - name: vip_leaderelection - value: "true" - - name: vip_leaseduration - value: "15" - - name: vip_renewdeadline - value: "10" - - name: vip_retryperiod - value: "2" - image: ghcr.io/kube-vip/kube-vip:v0.5.11 - imagePullPolicy: IfNotPresent - name: kube-vip - resources: {} - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - volumeMounts: - - mountPath: /etc/kubernetes/admin.conf - name: kubeconfig - hostAliases: - - hostnames: - - kubernetes - ip: 127.0.0.1 - hostNetwork: true - volumes: - - hostPath: - path: /etc/kubernetes/admin.conf - type: FileOrCreate - name: kubeconfig - status: {} - owner: root:root - path: /etc/kubernetes/manifests/kube-vip.yaml - initConfiguration: - nodeRegistration: - criSocket: /var/run/containerd/containerd.sock - kubeletExtraArgs: - cloud-provider: external - name: '{{ local_hostname }}' - joinConfiguration: - nodeRegistration: - criSocket: /var/run/containerd/containerd.sock - kubeletExtraArgs: - cloud-provider: external - name: '{{ local_hostname }}' - preKubeadmCommands: - - hostnamectl set-hostname "{{ ds.meta_data.hostname }}" - - echo "::1 ipv6-localhost ipv6-loopback localhost6 localhost6.localdomain6" - >/etc/hosts - - echo "127.0.0.1 {{ ds.meta_data.hostname }} {{ local_hostname }} localhost - localhost.localdomain localhost4 localhost4.localdomain4" >>/etc/hosts - users: - - name: capv - sshAuthorizedKeys: - - '${VSPHERE_SSH_AUTHORIZED_KEY}' - sudo: ALL=(ALL) NOPASSWD:ALL - machineTemplate: - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: VSphereMachineTemplate - name: '${CLUSTER_NAME}' - replicas: ${CONTROL_PLANE_MACHINE_COUNT} - version: '${KUBERNETES_VERSION}' ---- -apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 -kind: KubeadmConfigTemplate -metadata: - name: '${CLUSTER_NAME}-md-0' - namespace: '${NAMESPACE}' -spec: - template: - spec: - joinConfiguration: - nodeRegistration: - criSocket: /var/run/containerd/containerd.sock - kubeletExtraArgs: - cloud-provider: external - name: '{{ local_hostname }}' - preKubeadmCommands: - - hostnamectl set-hostname "{{ ds.meta_data.hostname }}" - - echo "::1 ipv6-localhost ipv6-loopback localhost6 localhost6.localdomain6" - >/etc/hosts - - echo "127.0.0.1 {{ ds.meta_data.hostname }} {{ local_hostname }} localhost - localhost.localdomain localhost4 localhost4.localdomain4" >>/etc/hosts - users: - - name: capv - sshAuthorizedKeys: - - '${VSPHERE_SSH_AUTHORIZED_KEY}' - sudo: ALL=(ALL) NOPASSWD:ALL ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: MachineDeployment -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: '${CLUSTER_NAME}-md-0' - namespace: '${NAMESPACE}' -spec: - clusterName: '${CLUSTER_NAME}' - replicas: ${WORKER_MACHINE_COUNT} - selector: - matchLabels: {} - template: - metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - spec: - bootstrap: - configRef: - apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 - kind: KubeadmConfigTemplate - name: '${CLUSTER_NAME}-md-0' - clusterName: '${CLUSTER_NAME}' - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: VSphereMachineTemplate - name: ${CLUSTER_NAME}-worker - version: '${KUBERNETES_VERSION}' ---- -apiVersion: addons.cluster.x-k8s.io/v1beta1 -kind: ClusterResourceSet -metadata: - labels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - name: ${CLUSTER_NAME}-crs-0 - namespace: '${NAMESPACE}' -spec: - clusterSelector: - matchLabels: - cluster.x-k8s.io/cluster-name: '${CLUSTER_NAME}' - resources: - - kind: Secret - name: vsphere-csi-controller - - kind: ConfigMap - name: vsphere-csi-controller-role - - kind: ConfigMap - name: vsphere-csi-controller-binding - - kind: Secret - name: csi-vsphere-config - - kind: ConfigMap - name: csi.vsphere.vmware.com - - kind: ConfigMap - name: vsphere-csi-node - - kind: ConfigMap - name: vsphere-csi-controller - - kind: Secret - name: cloud-controller-manager - - kind: Secret - name: cloud-provider-vsphere-credentials - - kind: ConfigMap - name: cpi-manifests ---- -apiVersion: v1 -kind: Secret -metadata: - name: '${CLUSTER_NAME}' - namespace: '${NAMESPACE}' -stringData: - password: ${VSPHERE_PASSWORD} - username: ${VSPHERE_USERNAME} ---- -apiVersion: v1 -kind: Secret -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: vsphere-csi-controller - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - name: vsphere-csi-controller-role - rules: - - apiGroups: - - storage.k8s.io - resources: - - csidrivers - verbs: - - create - - delete - - apiGroups: - - "" - resources: - - nodes - - pods - - secrets - - configmaps - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - create - - delete - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments - verbs: - - get - - list - - watch - - update - - patch - - apiGroups: - - storage.k8s.io - resources: - - volumeattachments/status - verbs: - - patch - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - update - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - - csinodes - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - list - - watch - - create - - update - - patch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - delete - - update - - create - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshots - verbs: - - get - - list - - apiGroups: - - snapshot.storage.k8s.io - resources: - - volumesnapshotcontents - verbs: - - get - - list -kind: ConfigMap -metadata: - name: vsphere-csi-controller-role - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: vsphere-csi-controller-binding - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: vsphere-csi-controller-role - subjects: - - kind: ServiceAccount - name: vsphere-csi-controller - namespace: kube-system -kind: ConfigMap -metadata: - name: vsphere-csi-controller-binding - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: csi-vsphere-config - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - name: csi-vsphere-config - namespace: kube-system - stringData: - csi-vsphere.conf: |+ - [Global] - thumbprint = "${VSPHERE_TLS_THUMBPRINT}" - cluster-id = "${NAMESPACE}/${CLUSTER_NAME}" - - [VirtualCenter "${VSPHERE_SERVER}"] - user = "${VSPHERE_USERNAME}" - password = "${VSPHERE_PASSWORD}" - datacenters = "${VSPHERE_DATACENTER}" - - [Network] - public-network = "${VSPHERE_NETWORK}" - - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - apiVersion: storage.k8s.io/v1 - kind: CSIDriver - metadata: - name: csi.vsphere.vmware.com - spec: - attachRequired: true -kind: ConfigMap -metadata: - name: csi.vsphere.vmware.com - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: DaemonSet - metadata: - name: vsphere-csi-node - namespace: kube-system - spec: - selector: - matchLabels: - app: vsphere-csi-node - template: - metadata: - labels: - app: vsphere-csi-node - role: vsphere-csi - spec: - containers: - - args: - - --v=5 - - --csi-address=$(ADDRESS) - - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH) - env: - - name: ADDRESS - value: /csi/csi.sock - - name: DRIVER_REG_SOCK_PATH - value: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/csi.sock - image: quay.io/k8scsi/csi-node-driver-registrar:v2.0.1 - lifecycle: - preStop: - exec: - command: - - /bin/sh - - -c - - rm -rf /registration/csi.vsphere.vmware.com-reg.sock /csi/csi.sock - name: node-driver-registrar - resources: {} - securityContext: - privileged: true - volumeMounts: - - mountPath: /csi - name: plugin-dir - - mountPath: /registration - name: registration-dir - - env: - - name: CSI_ENDPOINT - value: unix:///csi/csi.sock - - name: X_CSI_MODE - value: node - - name: X_CSI_SPEC_REQ_VALIDATION - value: "false" - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-node - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - securityContext: - allowPrivilegeEscalation: true - capabilities: - add: - - SYS_ADMIN - privileged: true - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - - mountPath: /csi - name: plugin-dir - - mountPath: /var/lib/kubelet - mountPropagation: Bidirectional - name: pods-mount-dir - - mountPath: /dev - name: device-dir - - args: - - --csi-address=/csi/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /csi - name: plugin-dir - dnsPolicy: Default - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - hostPath: - path: /var/lib/kubelet/plugins_registry - type: Directory - name: registration-dir - - hostPath: - path: /var/lib/kubelet/plugins/csi.vsphere.vmware.com/ - type: DirectoryOrCreate - name: plugin-dir - - hostPath: - path: /var/lib/kubelet - type: Directory - name: pods-mount-dir - - hostPath: - path: /dev - name: device-dir - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: vsphere-csi-node - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -data: - data: | - apiVersion: apps/v1 - kind: Deployment - metadata: - name: vsphere-csi-controller - namespace: kube-system - spec: - replicas: 1 - selector: - matchLabels: - app: vsphere-csi-controller - template: - metadata: - labels: - app: vsphere-csi-controller - role: vsphere-csi - spec: - containers: - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-attacher:v3.0.0 - name: csi-attacher - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - - env: - - name: CSI_ENDPOINT - value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock - - name: X_CSI_MODE - value: controller - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - - name: LOGGER_LEVEL - value: PRODUCTION - - name: X_CSI_LOG_LEVEL - value: INFO - image: gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz - port: healthz - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 3 - name: vsphere-csi-controller - ports: - - containerPort: 9808 - name: healthz - protocol: TCP - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --csi-address=$(ADDRESS) - env: - - name: ADDRESS - value: /var/lib/csi/sockets/pluginproxy/csi.sock - image: quay.io/k8scsi/livenessprobe:v2.1.0 - name: liveness-probe - resources: {} - volumeMounts: - - mountPath: /var/lib/csi/sockets/pluginproxy/ - name: socket-dir - - args: - - --leader-election - env: - - name: X_CSI_FULL_SYNC_INTERVAL_MINUTES - value: "30" - - name: LOGGER_LEVEL - value: PRODUCTION - - name: VSPHERE_CSI_CONFIG - value: /etc/cloud/csi-vsphere.conf - image: gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.1.0 - name: vsphere-syncer - resources: {} - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - - args: - - --v=4 - - --timeout=300s - - --csi-address=$(ADDRESS) - - --leader-election - - --default-fstype=ext4 - env: - - name: ADDRESS - value: /csi/csi.sock - image: quay.io/k8scsi/csi-provisioner:v2.0.0 - name: csi-provisioner - resources: {} - volumeMounts: - - mountPath: /csi - name: socket-dir - dnsPolicy: Default - serviceAccountName: vsphere-csi-controller - tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - volumes: - - name: vsphere-config-volume - secret: - secretName: csi-vsphere-config - - emptyDir: {} - name: socket-dir -kind: ConfigMap -metadata: - name: vsphere-csi-controller - namespace: '${NAMESPACE}' ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloud-controller-manager - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: ServiceAccount - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: service-account - name: cloud-controller-manager - namespace: kube-system -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -kind: Secret -metadata: - name: cloud-provider-vsphere-credentials - namespace: '${NAMESPACE}' -stringData: - data: | - apiVersion: v1 - kind: Secret - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: secret - name: cloud-provider-vsphere-credentials - namespace: kube-system - stringData: - ${VSPHERE_SERVER}.password: ${VSPHERE_PASSWORD} - ${VSPHERE_SERVER}.username: ${VSPHERE_USERNAME} - type: Opaque -type: addons.cluster.x-k8s.io/resource-set ---- -apiVersion: v1 -data: - data: | - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: role - name: system:cloud-controller-manager - rules: - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - update - - apiGroups: - - "" - resources: - - nodes - verbs: - - '*' - - apiGroups: - - "" - resources: - - nodes/status - verbs: - - patch - - apiGroups: - - "" - resources: - - services - verbs: - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - services/status - verbs: - - patch - - apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - endpoints - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - watch - - list - - update - - create - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: cluster-role-binding - name: system:cloud-controller-manager - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:cloud-controller-manager - subjects: - - kind: ServiceAccount - name: cloud-controller-manager - namespace: kube-system - - kind: User - name: cloud-controller-manager - --- - apiVersion: v1 - data: - vsphere.conf: | - global: - port: 443 - secretName: cloud-provider-vsphere-credentials - secretNamespace: kube-system - thumbprint: '${VSPHERE_TLS_THUMBPRINT}' - vcenter: - ${VSPHERE_SERVER}: - datacenters: - - '${VSPHERE_DATACENTER}' - server: '${VSPHERE_SERVER}' - kind: ConfigMap - metadata: - name: vsphere-cloud-config - namespace: kube-system - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - metadata: - labels: - component: cloud-controller-manager - vsphere-cpi-infra: role-binding - name: servicecatalog.k8s.io:apiserver-authentication-reader - namespace: kube-system - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: extension-apiserver-authentication-reader - subjects: - - kind: ServiceAccount - name: cloud-controller-manager - namespace: kube-system - - kind: User - name: cloud-controller-manager - --- - apiVersion: apps/v1 - kind: DaemonSet - metadata: - labels: - component: cloud-controller-manager - tier: control-plane - name: vsphere-cloud-controller-manager - namespace: kube-system - spec: - selector: - matchLabels: - name: vsphere-cloud-controller-manager - template: - metadata: - labels: - component: cloud-controller-manager - name: vsphere-cloud-controller-manager - tier: control-plane - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists - containers: - - args: - - --v=2 - - --cloud-provider=vsphere - - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} - name: vsphere-cloud-controller-manager - resources: - requests: - cpu: 200m - volumeMounts: - - mountPath: /etc/cloud - name: vsphere-config-volume - readOnly: true - hostNetwork: true - priorityClassName: system-node-critical - securityContext: - runAsUser: 1001 - serviceAccountName: cloud-controller-manager - tolerations: - - effect: NoSchedule - key: node.cloudprovider.kubernetes.io/uninitialized - value: "true" - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists - - effect: NoSchedule - key: node.kubernetes.io/not-ready - operator: Exists - volumes: - - configMap: - name: vsphere-cloud-config - name: vsphere-config-volume - updateStrategy: - type: RollingUpdate -kind: ConfigMap -metadata: - name: cpi-manifests - namespace: '${NAMESPACE}' diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/cluster-template/kustomization.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/cluster-template/kustomization.yaml deleted file mode 100644 index 2d0ccfd062..0000000000 --- a/test/e2e/data/infrastructure-vsphere/v1.8/cluster-template/kustomization.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ../bases/cluster.yaml - - ../bases/cluster-resource-set.yaml -patchesStrategicMerge: - - ../bases/cluster-resource-set-label.yaml - - ../bases/cluster-network-CIDR.yaml - - ../bases/cluster-resource-set-csi-insecure.yaml -patches: - - target: - kind: VSphereMachineTemplate - path: ../bases/remove-storage-policy.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/clusterclass/kustomization.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/clusterclass/kustomization.yaml index 2f2fd513ce..820776eeaa 100644 --- a/test/e2e/data/infrastructure-vsphere/v1.8/clusterclass/kustomization.yaml +++ b/test/e2e/data/infrastructure-vsphere/v1.8/clusterclass/kustomization.yaml @@ -2,8 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./clusterclass-quick-start.yaml -# patchesStrategicMerge: -# - vsphere-template.yaml patches: - target: kind: ClusterClass diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-network-CIDR.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/commons/cluster-network-CIDR.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-network-CIDR.yaml rename to test/e2e/data/infrastructure-vsphere/v1.8/commons/cluster-network-CIDR.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-resource-set-csi-insecure.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/commons/cluster-resource-set-csi-insecure.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-resource-set-csi-insecure.yaml rename to test/e2e/data/infrastructure-vsphere/v1.8/commons/cluster-resource-set-csi-insecure.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-resource-set-label.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/commons/cluster-resource-set-label.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-resource-set-label.yaml rename to test/e2e/data/infrastructure-vsphere/v1.8/commons/cluster-resource-set-label.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-resource-set.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/commons/cluster-resource-set.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.8/bases/cluster-resource-set.yaml rename to test/e2e/data/infrastructure-vsphere/v1.8/commons/cluster-resource-set.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/bases/remove-storage-policy.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/commons/remove-storage-policy.yaml similarity index 100% rename from test/e2e/data/infrastructure-vsphere/v1.8/bases/remove-storage-policy.yaml rename to test/e2e/data/infrastructure-vsphere/v1.8/commons/remove-storage-policy.yaml diff --git a/test/e2e/data/infrastructure-vsphere/v1.8/topology/kustomization.yaml b/test/e2e/data/infrastructure-vsphere/v1.8/topology/kustomization.yaml index 99667d78d5..de372e3513 100644 --- a/test/e2e/data/infrastructure-vsphere/v1.8/topology/kustomization.yaml +++ b/test/e2e/data/infrastructure-vsphere/v1.8/topology/kustomization.yaml @@ -1,13 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ../bases/cluster-template-topology.yaml - - ../bases/cluster-resource-set.yaml + - ../base/cluster-template-topology.yaml + - ../commons/cluster-resource-set.yaml patchesStrategicMerge: - - ../bases/cluster-resource-set-label.yaml - - ../bases/cluster-network-CIDR.yaml - - ../bases/cluster-resource-set-csi-insecure.yaml + - ../commons/cluster-resource-set-label.yaml + - ../commons/cluster-network-CIDR.yaml + - ../commons/cluster-resource-set-csi-insecure.yaml patches: - target: kind: VSphereMachineTemplate - path: ../bases/remove-storage-policy.yaml + path: ../commons/remove-storage-policy.yaml diff --git a/test/e2e/data/shared/v1.7/v1beta1/metadata.yaml b/test/e2e/data/shared/v1.7/v1beta1/metadata.yaml index d8e8461d1e..9db497c750 100644 --- a/test/e2e/data/shared/v1.7/v1beta1/metadata.yaml +++ b/test/e2e/data/shared/v1.7/v1beta1/metadata.yaml @@ -21,12 +21,4 @@ releaseSeries: - major: 1 minor: 0 contract: v1beta1 - - major: 0 - minor: 4 - contract: v1alpha4 - - major: 0 - minor: 3 - contract: v1alpha3 - - major: 0 - minor: 2 - contract: v1alpha2 + diff --git a/test/e2e/data/shared/v1.7/v1beta1_provider/metadata.yaml b/test/e2e/data/shared/v1.7/v1beta1_provider/metadata.yaml index 6edf676aba..ee5bed9c49 100644 --- a/test/e2e/data/shared/v1.7/v1beta1_provider/metadata.yaml +++ b/test/e2e/data/shared/v1.7/v1beta1_provider/metadata.yaml @@ -6,15 +6,6 @@ apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3 kind: Metadata releaseSeries: - - major: 0 - minor: 5 - contract: v1alpha2 - - major: 0 - minor: 7 - contract: v1alpha3 - - major: 0 - minor: 8 - contract: v1alpha4 - major: 1 minor: 7 contract: v1beta1 diff --git a/test/e2e/data/shared/v1.8/v1beta1/metadata.yaml b/test/e2e/data/shared/v1.8/v1beta1/metadata.yaml index b7332a13a4..ee985c1588 100644 --- a/test/e2e/data/shared/v1.8/v1beta1/metadata.yaml +++ b/test/e2e/data/shared/v1.8/v1beta1/metadata.yaml @@ -24,12 +24,3 @@ releaseSeries: - major: 1 minor: 0 contract: v1beta1 - - major: 0 - minor: 4 - contract: v1alpha4 - - major: 0 - minor: 3 - contract: v1alpha3 - - major: 0 - minor: 2 - contract: v1alpha2 diff --git a/test/e2e/data/shared/v1.8/v1beta1_provider/metadata.yaml b/test/e2e/data/shared/v1.8/v1beta1_provider/metadata.yaml index 2a1becb6c1..cdb9ec77c3 100644 --- a/test/e2e/data/shared/v1.8/v1beta1_provider/metadata.yaml +++ b/test/e2e/data/shared/v1.8/v1beta1_provider/metadata.yaml @@ -6,15 +6,6 @@ apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3 kind: Metadata releaseSeries: - - major: 0 - minor: 5 - contract: v1alpha2 - - major: 0 - minor: 7 - contract: v1alpha3 - - major: 0 - minor: 8 - contract: v1alpha4 - major: 1 minor: 7 contract: v1beta1