TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-04-21 14:11:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmd/k8s-operator: remove configuration knob for Connector (#10791)

Browse Source 
The configuration knob (that defaulted to Connector being disabled)
was added largely because the Connector CRD had to be installed in a separate step.
Now when the CRD has been added to both chart and static manifest, we can have it on by default.

Updates tailscale/tailscale#10878

Signed-off-by: Irbe Krumina <irbe@tailscale.com>
This commit is contained in:
Irbe Krumina 2024-01-11 20:03:53 +00:00 committed by GitHub
parent 469af614b0
commit 5cc1bfe82d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 17 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/k8s-operator/deploy/chart/templates/deployment.yaml
View File

@ -59,8 +59,6 @@ spec:
valueFrom: valueFrom:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: ENABLE_CONNECTOR
value: "{{ .Values.enableConnector }}"
- name: CLIENT_ID_FILE - name: CLIENT_ID_FILE
value: /oauth/client_id value: /oauth/client_id
- name: CLIENT_SECRET_FILE - name: CLIENT_SECRET_FILE

4
cmd/k8s-operator/deploy/chart/values.yaml
View File

@ -8,10 +8,6 @@ oauth: {}
# clientId: "" # clientId: ""
# clientSecret: "" # clientSecret: ""
# enableConnector determines whether the operator should reconcile
# connector.tailscale.com custom resources.
enableConnector: "false"
# installCRDs determines whether tailscale.com CRDs should be installed as part # installCRDs determines whether tailscale.com CRDs should be installed as part
# of chart installation. We do not use Helm's CRD installation mechanism as that # of chart installation. We do not use Helm's CRD installation mechanism as that
# does not allow for upgrading CRDs. # does not allow for upgrading CRDs.

2
cmd/k8s-operator/deploy/manifests/operator.yaml
View File

@ -286,8 +286,6 @@ spec:
valueFrom: valueFrom:
fieldRef: fieldRef:
fieldPath: metadata.namespace fieldPath: metadata.namespace
- name: ENABLE_CONNECTOR
value: "false"
- name: CLIENT_ID_FILE - name: CLIENT_ID_FILE
value: /oauth/client_id value: /oauth/client_id
- name: CLIENT_SECRET_FILE - name: CLIENT_SECRET_FILE

13
cmd/k8s-operator/operator.go
View File

@ -62,7 +62,6 @@ func main() {
priorityClassName = defaultEnv("PROXY_PRIORITY_CLASS_NAME", "") priorityClassName = defaultEnv("PROXY_PRIORITY_CLASS_NAME", "")
tags = defaultEnv("PROXY_TAGS", "tag:k8s") tags = defaultEnv("PROXY_TAGS", "tag:k8s")
tsFirewallMode = defaultEnv("PROXY_FIREWALL_MODE", "") tsFirewallMode = defaultEnv("PROXY_FIREWALL_MODE", "")
tsEnableConnector = defaultBool("ENABLE_CONNECTOR", false)
) )
var opts []kzap.Opts var opts []kzap.Opts
@ -93,7 +92,7 @@ func main() {
maybeLaunchAPIServerProxy(zlog, restConfig, s, mode) maybeLaunchAPIServerProxy(zlog, restConfig, s, mode)
// TODO (irbekrm): gather the reconciler options into an opts struct // TODO (irbekrm): gather the reconciler options into an opts struct
// rather than passing a million of them in one by one. // rather than passing a million of them in one by one.
runReconcilers(zlog, s, tsNamespace, restConfig, tsClient, image, priorityClassName, tags, tsFirewallMode, tsEnableConnector) runReconcilers(zlog, s, tsNamespace, restConfig, tsClient, image, priorityClassName, tags, tsFirewallMode)
} }
// initTSNet initializes the tsnet.Server and logs in to Tailscale. It uses the // initTSNet initializes the tsnet.Server and logs in to Tailscale. It uses the
@ -201,7 +200,7 @@ waitOnline:
// runReconcilers starts the controller-runtime manager and registers the // runReconcilers starts the controller-runtime manager and registers the
// ServiceReconciler. It blocks forever. // ServiceReconciler. It blocks forever.
func runReconcilers(zlog *zap.SugaredLogger, s *tsnet.Server, tsNamespace string, restConfig *rest.Config, tsClient *tailscale.Client, image, priorityClassName, tags, tsFirewallMode string, enableConnector bool) { func runReconcilers(zlog *zap.SugaredLogger, s *tsnet.Server, tsNamespace string, restConfig *rest.Config, tsClient *tailscale.Client, image, priorityClassName, tags, tsFirewallMode string) {
var ( var (
isDefaultLoadBalancer = defaultBool("OPERATOR_DEFAULT_LOAD_BALANCER", false) isDefaultLoadBalancer = defaultBool("OPERATOR_DEFAULT_LOAD_BALANCER", false)
) )
@ -222,9 +221,7 @@ func runReconcilers(zlog *zap.SugaredLogger, s *tsnet.Server, tsNamespace string
&appsv1.StatefulSet{}: nsFilter, &appsv1.StatefulSet{}: nsFilter,
}, },
}, },
} Scheme: tsapi.GlobalScheme,
if enableConnector {
mgrOpts.Scheme = tsapi.GlobalScheme
} }
mgr, err := manager.New(restConfig, mgrOpts) mgr, err := manager.New(restConfig, mgrOpts)
if err != nil { if err != nil {
@ -278,8 +275,7 @@ func runReconcilers(zlog *zap.SugaredLogger, s *tsnet.Server, tsNamespace string
startlog.Fatalf("could not create controller: %v", err) startlog.Fatalf("could not create controller: %v", err)
} }
if enableConnector { connectorFilter := handler.EnqueueRequestsFromMapFunc(managedResourceHandlerForType("connector"))
connectorFilter := handler.EnqueueRequestsFromMapFunc(managedResourceHandlerForType("subnetrouter"))
err = builder.ControllerManagedBy(mgr). err = builder.ControllerManagedBy(mgr).
For(&tsapi.Connector{}). For(&tsapi.Connector{}).
Watches(&appsv1.StatefulSet{}, connectorFilter). Watches(&appsv1.StatefulSet{}, connectorFilter).
@ -294,7 +290,6 @@ func runReconcilers(zlog *zap.SugaredLogger, s *tsnet.Server, tsNamespace string
if err != nil { if err != nil {
startlog.Fatal("could not create connector reconciler: %v", err) startlog.Fatal("could not create connector reconciler: %v", err)
} }
}
startlog.Infof("Startup complete, operator running, version: %s", version.Long()) startlog.Infof("Startup complete, operator running, version: %s", version.Long())
if err := mgr.Start(signals.SetupSignalHandler()); err != nil { if err := mgr.Start(signals.SetupSignalHandler()); err != nil {
startlog.Fatalf("could not start manager: %v", err) startlog.Fatalf("could not start manager: %v", err)