Skip to content

Commit

Permalink
Backup implementation part 1
Browse files Browse the repository at this point in the history
* new component labels on most components
* wide range of new RBAC permission for the backup ctrl
* velero stack reconciliation
* adjusted backup user-facing roles
* added backup ctrl configuration in the hmc chart
* removed schema defaults in favor of mutation
  • Loading branch information
zerospiel committed Dec 27, 2024
1 parent 074f989 commit 3a9a38a
Show file tree
Hide file tree
Showing 70 changed files with 1,252 additions and 85 deletions.
2 changes: 1 addition & 1 deletion .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ issues:
path: (.*_test\.go|test\/|api\/?.*\/.*_types\.go) # ignore tests, and k8s API-specific files
linters:
- govet
- text: "max-public-structs: you have exceeded the maximum number of public struct declarations"
- text: "max-public-structs: you have exceeded the maximum number.*of public struct declarations"
linters:
- revive
path: api/ # the api/ pkgs have lots of structs
Expand Down
10 changes: 9 additions & 1 deletion api/v1alpha1/backup_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,19 @@
package v1alpha1

import (
velerov1 "github.com/vmware-tanzu/velero/pkg/apis/velero/v1"
velerov1 "github.com/zerospiel/velero/pkg/apis/velero/v1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

const (
// Name to label most of the HMC-related components.
// Mostly utilized by the backup feature.
GenericComponentLabelName = "hmc.mirantis.com/component"
// Component label value for the HMC-related components.
GenericComponentLabelValueHMC = "hmc"
)

// BackupSpec defines the desired state of Backup
type BackupSpec struct {
// Oneshot indicates whether the Backup should not be scheduled
Expand Down
6 changes: 1 addition & 5 deletions api/v1alpha1/management_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,20 +57,16 @@ type Core struct {

// ManagementBackup enables a feature to backup HMC objects into a cloud.
type ManagementBackup struct {
// +kubebuilder:default="0 */6 * * *"

// Schedule is a Cron expression defining when to run the scheduled Backup.
// Default value is to backup every 6 hours.
Schedule string `json:"schedule,omitempty"`

// +kubebuilder:default=false

// Flag to indicate whether the backup feature is enabled.
// If set to true, [Velero] platform will be installed.
// If set to false, creation or modification of Backups/Restores will be blocked.
//
// [Velero]: https://velero.io
Enabled bool `json:"enabled"`
Enabled bool `json:"enabled,omitempty"`
}

// Component represents HMC management component
Expand Down
2 changes: 1 addition & 1 deletion api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 13 additions & 1 deletion cmd/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,10 @@ import (
hcv2 "github.com/fluxcd/helm-controller/api/v2"
sourcev1 "github.com/fluxcd/source-controller/api/v1"
sveltosv1beta1 "github.com/projectsveltos/addon-controller/api/v1beta1"
velerov1api "github.com/zerospiel/velero/pkg/apis/velero/v1"
velerov2alpha1api "github.com/zerospiel/velero/pkg/apis/velero/v2alpha1"
apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
apiextv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1"
"k8s.io/apimachinery/pkg/runtime"
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/client-go/dynamic"
Expand Down Expand Up @@ -52,6 +56,15 @@ var (
func init() {
utilruntime.Must(clientgoscheme.AddToScheme(scheme))

// velero deps
utilruntime.Must(velerov1api.AddToScheme(scheme))
utilruntime.Must(velerov2alpha1api.AddToScheme(scheme))
utilruntime.Must(apiextv1.AddToScheme(scheme))
utilruntime.Must(apiextv1beta1.AddToScheme(scheme))
// WARN: if snapshot is to be used, then the following resources should also be added to the scheme
// snapshotv1api.AddToScheme(scheme) // snapshotv1api "github.com/kubernetes-csi/external-snapshotter/client/v7/apis/volumesnapshot/v1"
// velero deps

utilruntime.Must(hmcmirantiscomv1alpha1.AddToScheme(scheme))
utilruntime.Must(sourcev1.AddToScheme(scheme))
utilruntime.Must(hcv2.AddToScheme(scheme))
Expand Down Expand Up @@ -307,7 +320,6 @@ func main() {
// TODO (zerospiel): disabled until the #605
// if err = (&controller.BackupReconciler{
// Client: mgr.GetClient(),
// Scheme: mgr.GetScheme(),
// }).SetupWithManager(mgr); err != nil {
// setupLog.Error(err, "unable to create controller", "controller", "Backup")
// os.Exit(1)
Expand Down
2 changes: 2 additions & 0 deletions config/dev/aws-clusterdeployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ kind: ClusterDeployment
metadata:
name: aws-dev
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
spec:
template: aws-standalone-cp-0-0-4
credential: aws-cluster-identity-cred
Expand Down
6 changes: 6 additions & 0 deletions config/dev/aws-credentials.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ kind: AWSClusterStaticIdentity
metadata:
name: aws-cluster-identity
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
spec:
secretRef: aws-cluster-identity-secret
allowedNamespaces:
Expand All @@ -15,6 +17,8 @@ kind: Secret
metadata:
name: aws-cluster-identity-secret
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
type: Opaque
stringData:
AccessKeyID: ${AWS_ACCESS_KEY_ID}
Expand All @@ -26,6 +30,8 @@ kind: Credential
metadata:
name: aws-cluster-identity-cred
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
spec:
description: AWS credentials
identityRef:
Expand Down
2 changes: 2 additions & 0 deletions config/dev/azure-clusterdeployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ kind: ClusterDeployment
metadata:
name: azure-dev
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
spec:
template: azure-standalone-cp-0-0-4
credential: azure-cluster-identity-cred
Expand Down
5 changes: 5 additions & 0 deletions config/dev/azure-credentials.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ kind: AzureClusterIdentity
metadata:
labels:
clusterctl.cluster.x-k8s.io/move-hierarchy: "true"
hmc.mirantis.com/component: hmc
name: azure-cluster-identity
namespace: ${NAMESPACE}
spec:
Expand All @@ -20,6 +21,8 @@ kind: Secret
metadata:
name: azure-cluster-identity-secret
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
stringData:
clientSecret: "${AZURE_CLIENT_SECRET}"
type: Opaque
Expand All @@ -29,6 +32,8 @@ kind: Credential
metadata:
name: azure-cluster-identity-cred
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
spec:
description: Azure credentials
identityRef:
Expand Down
2 changes: 2 additions & 0 deletions config/dev/eks-clusterdeployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ kind: ClusterDeployment
metadata:
name: eks-dev
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
spec:
template: aws-eks-0-0-2
credential: "aws-cluster-identity-cred"
Expand Down
2 changes: 2 additions & 0 deletions config/dev/vsphere-clusterdeployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ kind: ClusterDeployment
metadata:
name: vsphere-dev
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
spec:
template: vsphere-standalone-cp-0-0-3
credential: vsphere-cluster-identity-cred
Expand Down
6 changes: 6 additions & 0 deletions config/dev/vsphere-credentials.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ kind: VSphereClusterIdentity
metadata:
name: vsphere-cluster-identity
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
spec:
secretName: vsphere-cluster-identity-secret
allowedNamespaces:
Expand All @@ -15,6 +17,8 @@ kind: Secret
metadata:
name: vsphere-cluster-identity-secret
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
stringData:
username: ${VSPHERE_USER}
password: ${VSPHERE_PASSWORD}
Expand All @@ -24,6 +28,8 @@ kind: Credential
metadata:
name: vsphere-cluster-identity-cred
namespace: ${NAMESPACE}
labels:
hmc.mirantis.com/component: hmc
spec:
description: vSphere credentials
identityRef:
Expand Down
24 changes: 15 additions & 9 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ require (
github.com/projectsveltos/libsveltos v0.44.0
github.com/segmentio/analytics-go v3.1.0+incompatible
github.com/stretchr/testify v1.10.0
github.com/vmware-tanzu/velero v1.15.0
github.com/zerospiel/velero v0.0.0-20241213181215-1eaa894d12b8
gopkg.in/yaml.v3 v3.0.1
helm.sh/helm/v3 v3.16.4
k8s.io/api v0.31.3
Expand All @@ -39,7 +39,7 @@ require (
require (
dario.cat/mergo v1.0.1 // indirect
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.7.0 // indirect
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
Expand Down Expand Up @@ -109,16 +109,20 @@ require (
github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-hclog v1.6.3 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-plugin v1.6.0 // indirect
github.com/hashicorp/yamux v0.1.1 // indirect
github.com/hexops/gotextdiff v1.0.3 // indirect
github.com/huandu/xstrings v1.5.0 // indirect
github.com/imdario/mergo v0.3.16 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/jmoiron/sqlx v1.4.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/klauspost/compress v1.17.10 // indirect
github.com/klauspost/compress v1.17.11 // indirect
github.com/klauspost/cpuid/v2 v2.2.8 // indirect
github.com/kubernetes-csi/external-snapshotter/client/v7 v7.0.0 // indirect
github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
github.com/lib/pq v1.10.9 // indirect
Expand All @@ -128,6 +132,7 @@ require (
github.com/mattn/go-isatty v0.0.20 // indirect
github.com/mattn/go-runewidth v0.0.16 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/go-testing-interface v1.0.0 // indirect
github.com/mitchellh/go-wordwrap v1.0.1 // indirect
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/moby/locker v1.0.1 // indirect
Expand All @@ -138,14 +143,15 @@ require (
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
github.com/oklog/run v1.0.0 // indirect
github.com/opencontainers/go-digest/blake3 v0.0.0-20240426182413-22b78e47854a // indirect
github.com/opencontainers/image-spec v1.1.0 // indirect
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/prometheus/client_golang v1.20.5 // indirect
github.com/prometheus/client_model v0.6.1 // indirect
github.com/prometheus/common v0.60.0 // indirect
github.com/prometheus/common v0.60.1 // indirect
github.com/prometheus/procfs v0.15.1 // indirect
github.com/rivo/uniseg v0.4.7 // indirect
github.com/rubenv/sql-migrate v1.7.0 // indirect
Expand All @@ -166,9 +172,9 @@ require (
github.com/yuin/gopher-lua v1.1.1 // indirect
github.com/zeebo/blake3 v0.2.4 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.55.0 // indirect
go.opentelemetry.io/otel v1.30.0 // indirect
go.opentelemetry.io/otel/metric v1.30.0 // indirect
go.opentelemetry.io/otel/trace v1.30.0 // indirect
go.opentelemetry.io/otel v1.32.0 // indirect
go.opentelemetry.io/otel/metric v1.32.0 // indirect
go.opentelemetry.io/otel/trace v1.32.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.27.0 // indirect
golang.org/x/crypto v0.31.0 // indirect
Expand All @@ -183,8 +189,8 @@ require (
golang.org/x/time v0.8.0 // indirect
golang.org/x/tools v0.28.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240924160255-9d4c2d233b61 // indirect
google.golang.org/grpc v1.67.1 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20241104194629-dd2ea8efbc28 // indirect
google.golang.org/grpc v1.68.0 // indirect
google.golang.org/protobuf v1.36.1 // indirect
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
Expand Down
Loading

0 comments on commit 3a9a38a

Please sign in to comment.