apache · yadvr · Sep 20, 2019 · Nov 20, 2018 · Nov 20, 2018 · Nov 20, 2018
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,2 @@
+/cloudstack-ccm
+
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,10 @@
+FROM golang:1.12 as builder
+COPY . /go/src/github.com/apache/cloudstack-kubernetes-provider
+WORKDIR /go/src/github.com/apache/cloudstack-kubernetes-provider
+RUN  make clean && CGO_ENABLED=0 GOOS=linux make
+
+FROM alpine:latest
+RUN apk --no-cache add ca-certificates
+WORKDIR /root/
+COPY --from=builder /go/src/github.com/apache/cloudstack-kubernetes-provider .
+CMD ["./cloudstack-ccm", "--cloud-provider", "external-cloudstack"]
diff --git a/Makefile b/Makefile
@@ -0,0 +1,33 @@
+BUILD_DATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ')
+GIT_COMMIT=$(shell git rev-parse HEAD)
+GIT_COMMIT_SHORT=$(shell git rev-parse --short HEAD)
+GIT_TAG=$(shell git describe --abbrev=0 --tags 2>/dev/null || echo v0.0.0)
+GIT_IS_TAG=$(shell git describe --exact-match --abbrev=0 --tags 2>/dev/null || echo NOT_A_TAG)
+ifeq (${GIT_IS_TAG},NOT_A_TAG)
+GIT_VERSION?=$(patsubst v%,%,${GIT_TAG})-master+${GIT_COMMIT}
+else
+GIT_VERSION?=$(patsubst v%,%,${GIT_TAG})
+endif
+LDFLAGS="-X github.com/apache/cloudstack-kubernetes-provider/vendor/k8s.io/kubernetes/pkg/version.gitVersion=${GIT_VERSION} -X github.com/apache/cloudstack-kubernetes-provider/vendor/k8s.io/kubernetes/pkg/version.gitCommit=${GIT_COMMIT} -X github.com/apache/cloudstack-kubernetes-provider/vendor/k8s.io/kubernetes/pkg/version.buildDate=${BUILD_DATE}"
+export CGO_ENABLED=0
+export GO111MODULE=on
+
+CMD_SRC=\
+	cmd/cloudstack-ccm/main.go
+
+.PHONY: all clean docker
+
+all: cloudstack-ccm
+
+clean:
+	rm -f cloudstack-ccm
+
+cloudstack-ccm: ${CMD_SRC}
+	go build -mod vendor -ldflags ${LDFLAGS} -o $@ $^
+
+docker:
+	docker build . -t apache/cloudstack-kubernetes-provider:${GIT_COMMIT_SHORT}
+	docker tag apache/cloudstack-kubernetes-provider:${GIT_COMMIT_SHORT} apache/cloudstack-kubernetes-provider:latest
+ifneq (${GIT_IS_TAG},NOT_A_TAG)
+	docker tag apache/cloudstack-kubernetes-provider:${GIT_COMMIT_SHORT} apache/cloudstack-kubernetes-provider:${GIT_TAG}
+endif
diff --git a/NOTICE b/NOTICE
@@ -0,0 +1,28 @@
+Apache CloudStack Kubernetes Provider
+Copyright 2019 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+
+The vendor/ subdirectory contains external dependencies of the software,
+which may bear a different copyright and/or a different license.
+Plese refer to the LICENSE file in each project for the respective terms.
+
+
+The software is based on previous work, which bears the following license:
+
+Copyright 2016 The Kubernetes Authors.
+Copyright 2018 SWISS TXT AG
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/README.md b/README.md
@@ -1,10 +1,150 @@
 # CloudStack Kubernetes Provider
 
-Old provider in v1.15:
-https://github.com/kubernetes/kubernetes/tree/release-1.15/pkg/cloudprovider/providers/cloudstack
+[![](https://img.shields.io/github/release/apache/cloudstack-kubernetes-provider.svg?style=flat-square "Release")](https://github.com/apache/cloudstack-kubernetes-provider/releases)
+[![](https://img.shields.io/badge/license-Apache%202.0-blue.svg?style=flat-square "Apache 2.0 license")](/LICENSE-2.0)
+[![](https://img.shields.io/badge/language-Go-%235adaff.svg?style=flat-square "Go language")](https://golang.org)
+[![](https://img.shields.io/docker/build/apache/cloudstack-kubernetes-provider.svg?style=flat-square "Docker build status")](https://hub.docker.com/r/apache/cloudstack-kubernetes-provider/)
+
+A Cloud Controller Manager to facilitate Kubernetes deployments on Cloudstack.
+
+Based on the old Cloudstack provider in Kubernetes that will be removed soon.
 
 Refer:
-https://github.com/kubernetes/enhancements/issues/672
-https://github.com/kubernetes/enhancements/issues/88
-https://github.com/swisstxt/cloudstack-cloud-controller-manager
-https://github.com/tsuru/custom-cloudstack-ccm
+* https://github.com/kubernetes/kubernetes/tree/release-1.15/pkg/cloudprovider/providers/cloudstack
+* https://github.com/kubernetes/enhancements/issues/672
+* https://github.com/kubernetes/enhancements/issues/88
+
+## Deployment
+
+### Kubernetes
+
+Prebuilt containers are posted on [Docker Hub](https://hub.docker.com/r/apache/cloudstack-kubernetes-provider).
+
+The cloud controller is intended to be deployed as a daemon set, with on instance running on each node.
+
+To configure API access to your CloudStack management server, you need to create a secret containing a `cloudstack.ini`
+that is suitable for your environment.
+
+`cloudstack.ini` should look like this:
+```ini
+[Global]
+api-url = <CloudStack API URL>
+api-key = <CloudStack API Key>
+secret-key = <CloudStack API Secret>
+project-id = <CloudStack Project UUID (optional)>
+zone = <CloudStack Zone Name (optional)>
+ssl-no-verify = <Disable SSL certificate validation: true or false (optional)>
+```
+
+The access token needs to be able to fetch VM information and deploy load balancers in the project or domain where the nodes reside.
+
+To create the secret, use the following command:
+```bash
+kubectl create secret generic cloudstack-secret --from-file=cloudstack.ini
+```
+
+You can then use the provided example [deployment.yaml](/deployment.yaml) to deploy the controller:
+```bash
+kubectl apply -f deployment.yaml
+```
+
+### Protocols
+
+This CCM supports TCP, UDP and [TCP-Proxy](https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) LoadBalancer deployments.
+
+For UDP and Proxy Protocol support, CloudStack 4.6 or later is required.
+
+Since kube-proxy does not support the Proxy Protocol or UDP, you should connect this directly to pods, for example by deploying a DaemonSet and setting `hostNetwork: true`.
+The service running in the pod must support the protocol.
+
+See [service.yaml](/service.yaml) for an example Service deployment and part of a suitable configuration for an ingress controller.
+
+### Node Labels
+
+:warning: **The node name must match the host name, so the controller can fetch and assign metadata from CloudStack.**
+
+It is recommended to launch `kubelet` with the following parameter:
+
+```
+--register-with-taints=node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
+```
+
+This will treat the node as 'uninitialized' and cause the CCM to apply metadata labels from CloudStack automatically.
+
+Supported labels are:
+* kubernetes.io/hostname (= the instance name)
+* beta.kubernetes.io/instance-type (= the compute offering)
+* failure-domain.beta.kubernetes.io/zone (= the zone)
+* failure-domain.beta.kubernetes.io/region (also = the zone)
+
+It is also possible to trigger this process manually by issuing the following command:
+
+```
+kubectl taint nodes <my-node-without-labels> node.cloudprovider.kubernetes.io/uninitialized=true:NoSchedule
+```
+
+## Migration Guide
+
+There are several notable differences to the old Kubernetes CloudStack cloud provider that need to be taken into
+account when migrating from the old cloud provider to the standalone controller.
+
+### Load Balancer
+
+Load balancer rule names now include the protocol in addition to the LB name and service port.
+This was added to distinguish tcp, udp and tcp-proxy services operating on the same port.
+Without this change, it would not be possible to map a service that runs on both TCP and UDP port 8000, for example.
+
+:warning: **If you have existing rules, remove them before the migration, and add them back afterwards.**
+
+If you don't do this, you will end up with duplicate rules for the same service, which won't work.
+
+### Metadata
+
+Since the controller is now intended to be run inside a pod and not on the node, it will not be able to fetch metadata from the Virtual Router's DHCP server.
+
+Instead, it first obtains the name of the node from Kubernetes, then fetches information from the CloudStack API.
+
+## Development
+
+### Building
+
+Go 1.12 is required to build cloudstack-ccm.
+
+It is recommended to build with Go module support, but dependencies are also vendored.
+
+To build the controller with correct versioning, some build flags need to be passed.
+A Makefile is provided that sets these build flags to values obtained from git.
+
+```bash
+go get github.com/apache/cloudstack-kubernetes-provider
+cd ${GOPATH}/src/github.com/apache/cloudstack-kubernetes-provider
+make
+```
+
+To build the cloudstack-cloud-controller-manager container, please use the provided Dockerfile.
+The Makefile will also with that and properly tag the resulting container.
+
+```bash
+make docker
+```
+
+### Testing
+
+You need a local instance of the CloudStack Management Server or a 'real' one to connect to.
+The CCM supports the same cloudstack.ini configuration file format used by [the cs tool](https://github.com/exoscale/cs),
+so you can simply point it to that.
+
+```bash
+./cloudstack-ccm --cloud-provider external-cloudstack --cloud-config ~/.cloudstack.ini --master k8s-apiserver
+```
+
+Replace k8s-apiserver with the host name of your Kubernetes development clusters's API server.
+
+If you don't have a 'real' CloudStack installation, you can also launch a local [simulator instance](https://hub.docker.com/r/cloudstack/simulator) instead. This is very useful for dry-run testing.
+
+## Copyright
+
+Copyright 2019 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).