diff options
| author | Irbe Krumina <irbe@tailscale.com> | 2023-12-14 13:51:59 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-14 13:51:59 +0000 |
| commit | 1a08ea5990c30caef5ad2c207c7e9ff2a94e8859 (patch) | |
| tree | 71d77fbcf722834c033ba060a289aca9b4006edf /scripts | |
| parent | b62a3fc89535756de2aa05ee3f298ef563bdbd34 (diff) | |
| download | tailscale-1a08ea5990c30caef5ad2c207c7e9ff2a94e8859.tar.xz tailscale-1a08ea5990c30caef5ad2c207c7e9ff2a94e8859.zip | |
cmd/k8s-operator: operator can create subnetrouter (#9505)
* k8s-operator,cmd/k8s-operator,Makefile,scripts,.github/workflows: add Connector kube CRD.
Connector CRD allows users to configure the Tailscale Kubernetes operator
to deploy a subnet router to expose cluster CIDRs or
other CIDRs available from within the cluster
to their tailnet.
Also adds various CRD related machinery to
generate CRD YAML, deep copy implementations etc.
Engineers will now have to run
'make kube-generate-all` after changing kube files
to ensure that all generated files are up to date.
* cmd/k8s-operator,k8s-operator: reconcile Connector resources
Reconcile Connector resources, create/delete subnetrouter resources in response to changes to Connector(s).
Connector reconciler will not be started unless
ENABLE_CONNECTOR env var is set to true.
This means that users who don't want to use the alpha
Connector custom resource don't have to install the Connector
CRD to their cluster.
For users who do want to use it the flow is:
- install the CRD
- install the operator (via Helm chart or using static manifests).
For Helm users set .values.enableConnector to true, for static
manifest users, set ENABLE_CONNECTOR to true in the static manifest.
Updates tailscale/tailscale#502
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/check_license_headers.sh | 12 | ||||
| -rwxr-xr-x | scripts/kube-deepcopy.sh | 11 |
2 files changed, 20 insertions, 3 deletions
diff --git a/scripts/check_license_headers.sh b/scripts/check_license_headers.sh index bbb128e17..aedb83fd5 100755 --- a/scripts/check_license_headers.sh +++ b/scripts/check_license_headers.sh @@ -52,15 +52,21 @@ for file in $(find $1 \( -name '*.go' -or -name '*.tsx' -or -name '*.ts' -not -n $1/util/winutil/testdata/testrestartableprocesses/main.go) # Subprocess test harness code ;; + *$1/k8s-operator/apis/v1alpha1/zz_generated.deepcopy.go) + # Generated kube deepcopy funcs file starts with a Go build tag + an empty line + header="$(head -5 $file | tail -n+3 )" + ;; *) - header="$(head -2 $file)" + header="$(head -2 $file)" + ;; + esac + if [ ! -z "$header" ]; then if ! check_file "$header"; then fail=1 echo "${file#$1/} doesn't have the right copyright header:" echo "$header" | sed -e 's/^/ /g' fi - ;; - esac + fi done if [ $fail -ne 0 ]; then diff --git a/scripts/kube-deepcopy.sh b/scripts/kube-deepcopy.sh new file mode 100755 index 000000000..6e6330ee3 --- /dev/null +++ b/scripts/kube-deepcopy.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env sh + +set -eu + +./tool/go run sigs.k8s.io/controller-tools/cmd/controller-gen object:headerFile=./header.txt paths=./k8s-operator/apis/... + +# At the moment controller-gen does not support adding custom tags to generated +# files. We want to exclude all kube-related code from plan9 builds because some +# apimachinery libraries refer to syscalls that are not available for plan9 +# https://github.com/kubernetes/apimachinery/blob/v0.28.2/pkg/util/net/util.go#L42-L63 +sed -i "1 s|$| \&\& \!plan9|" k8s-operator/apis/v1alpha1/zz_generated.deepcopy.go |