diff --git a/.github/workflows/container-registry-ghcr.yaml b/.github/workflows/container-registry-ghcr.yaml
index 1766952..af48b48 100644
--- a/.github/workflows/container-registry-ghcr.yaml
+++ b/.github/workflows/container-registry-ghcr.yaml
@@ -30,7 +30,7 @@ jobs:
username: ${{ github.actor }}
- name: Extract metadata (tags, labels) for Docker
id: meta
- uses: docker/metadata-action@v5
+ uses: docker/metadata-action@v6
with:
images: ghcr.io/${{ github.repository }}
tags: |
@@ -45,7 +45,7 @@ jobs:
# https://github.com/docker/metadata-action#typesha
type=sha,format=long
- name: Set up QEMU
- uses: docker/setup-qemu-action@v3
+ uses: docker/setup-qemu-action@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4
- name: Build and push Docker image
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 45cc23c..d6fbd7d 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -31,13 +31,3 @@ repos:
entry: sh -c "gmake check || make check"
language: system
pass_filenames: false
- - id: helmify
- name: helmify
- entry: sh -c "gmake helmify || make helmify"
- language: system
- pass_filenames: false
- - id: go-build
- name: go build
- entry: sh -c "gmake build-all || make build-all"
- language: system
- pass_filenames: false
diff --git a/Makefile b/Makefile
index be909db..7f78a4b 100644
--- a/Makefile
+++ b/Makefile
@@ -125,7 +125,7 @@ check: FORCE static-check build/cover.html build-all
generate: install-controller-gen
@printf "\e[1;36m>> controller-gen\e[0m\n"
- @controller-gen crd rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
+ @controller-gen crd rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=charts/kvm-node-agent/crds
@controller-gen object:headerFile="hack/boilerplate.go.txt" paths="./..."
@controller-gen applyconfiguration paths="./..."
diff --git a/Makefile.maker.yaml b/Makefile.maker.yaml
index e9de797..74233bf 100644
--- a/Makefile.maker.yaml
+++ b/Makefile.maker.yaml
@@ -7,7 +7,7 @@ binaries:
controllerGen:
enabled: true
- crdOutputPath: config/crd/bases
+ crdOutputPath: charts/kvm-node-agent/crds
objectHeaderFile: hack/boilerplate.go.txt
rbacRoleName: manager-role
@@ -81,8 +81,4 @@ verbatim: |
.PHONY: install-crds
install-crds: generate ## Install CRDs into the K8s cluster specified in ~/.kube/config.
- kubectl kustomize config/crd | kubectl apply -f -
-
- .PHONY: helmify
- helmify:
- kubectl kustomize config/default | helmify -crd-dir charts/kvm-node-agent
+ kubectl apply -f config/crd/*.yaml
diff --git a/config/crd/bases/kvm.cloud.sap_migrations.yaml b/charts/kvm-node-agent/crds/kvm.cloud.sap_migrations.yaml
similarity index 100%
rename from config/crd/bases/kvm.cloud.sap_migrations.yaml
rename to charts/kvm-node-agent/crds/kvm.cloud.sap_migrations.yaml
diff --git a/charts/kvm-node-agent/crds/migration-crd.yaml b/charts/kvm-node-agent/crds/migration-crd.yaml
deleted file mode 100644
index 66eb2d7..0000000
--- a/charts/kvm-node-agent/crds/migration-crd.yaml
+++ /dev/null
@@ -1,156 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.19.0
- name: migrations.kvm.cloud.sap
-spec:
- group: kvm.cloud.sap
- names:
- kind: Migration
- listKind: MigrationList
- plural: migrations
- singular: migration
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .status.origin
- name: Origin
- type: string
- - jsonPath: .status.destination
- name: Destination
- type: string
- - jsonPath: .status.type
- name: Type
- type: string
- - jsonPath: .status.operation
- name: Operation
- type: string
- - jsonPath: .status.started
- name: Started
- type: date
- - jsonPath: .status.timeElapsed
- name: Elapsed
- type: string
- - jsonPath: .status.dataTotal
- name: Data Total
- type: string
- - jsonPath: .status.dataProcessed
- name: Data Processed
- type: string
- - jsonPath: .status.dataRemaining
- name: Data Remaining
- type: string
- - jsonPath: .status.memBps
- name: Memory TX
- type: string
- - jsonPath: .status.memDirtyRate
- name: Memory Dirty Rate
- type: string
- - jsonPath: .status.memIteration
- name: Memory Iteration
- type: string
- name: v1alpha1
- schema:
- openAPIV3Schema:
- description: Migration is the Schema for the migrations API.
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: MigrationSpec defines the desired state of Migration.
- type: object
- status:
- description: MigrationStatus defines the observed state of Migration.
- properties:
- autoConvergeThrottle:
- type: string
- dataProcessed:
- type: string
- dataRemaining:
- type: string
- dataTotal:
- type: string
- destination:
- type: string
- diskBps:
- type: string
- diskProcessed:
- type: string
- diskRemaining:
- type: string
- diskTotal:
- type: string
- downtime:
- type: string
- errMsg:
- type: string
- memBps:
- type: string
- memConstant:
- format: int64
- type: integer
- memDirtyRate:
- type: string
- memIteration:
- format: int64
- type: integer
- memNormal:
- format: int64
- type: integer
- memNormalBytes:
- type: string
- memPageSize:
- type: string
- memPostcopyRequests:
- format: int64
- type: integer
- memProcessed:
- type: string
- memRemaining:
- type: string
- memTotal:
- type: string
- operation:
- type: string
- origin:
- type: string
- setupTime:
- type: string
- started:
- format: date-time
- type: string
- timeElapsed:
- type: string
- timeRemaining:
- type: string
- type:
- type: string
- required:
- - started
- type: object
- required:
- - metadata
- - spec
- - status
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-
diff --git a/charts/kvm-node-agent/values.yaml b/charts/kvm-node-agent/values.yaml
index 4c7a130..312cf03 100644
--- a/charts/kvm-node-agent/values.yaml
+++ b/charts/kvm-node-agent/values.yaml
@@ -20,7 +20,6 @@ controllerManager:
pkiPath: /pki
image:
repository: ghcr.io/cobaltcore-dev/kvm-node-agent
- tag: latest
resources:
limits:
cpu: 500m
diff --git a/config/crd/bases/kvm.cloud.sap_hypervisors.yaml b/config/crd/bases/kvm.cloud.sap_hypervisors.yaml
deleted file mode 100644
index b479fc6..0000000
--- a/config/crd/bases/kvm.cloud.sap_hypervisors.yaml
+++ /dev/null
@@ -1,621 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.19.0
- name: hypervisors.kvm.cloud.sap
-spec:
- group: kvm.cloud.sap
- names:
- kind: Hypervisor
- listKind: HypervisorList
- plural: hypervisors
- shortNames:
- - hv
- singular: hypervisor
- scope: Cluster
- versions:
- - additionalPrinterColumns:
- - jsonPath: .metadata.labels.topology\.kubernetes\.io/zone
- name: Zone
- priority: 2
- type: string
- - jsonPath: .metadata.labels.kubernetes\.metal\.cloud\.sap/bb
- name: Building Block
- priority: 2
- type: string
- - jsonPath: .metadata.labels.worker\.garden\.sapcloud\.io/group
- name: Group
- priority: 2
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].status
- name: Ready
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].reason
- name: State
- type: string
- - jsonPath: .status.conditions[?(@.type=="Tainted")].message
- name: Taint
- type: string
- - jsonPath: .spec.lifecycleEnabled
- name: Lifecycle
- type: boolean
- - jsonPath: .spec.highAvailability
- name: High Availability
- type: boolean
- - jsonPath: .spec.skipTests
- name: Skip Tests
- type: boolean
- - jsonPath: .status.operatingSystem.prettyVersion
- name: Version
- type: string
- - jsonPath: .status.internalIp
- name: IP
- type: string
- - jsonPath: .status.numInstances
- name: Instances
- type: integer
- - jsonPath: .status.operatingSystem.hardwareModel
- name: Hardware
- priority: 2
- type: string
- - jsonPath: .status.operatingSystem.kernelRelease
- name: Kernel
- priority: 2
- type: string
- - jsonPath: .status.conditions[?(@.type=="Onboarding")].reason
- name: Onboarding
- priority: 3
- type: string
- - jsonPath: .status.serviceId
- name: Service ID
- priority: 3
- type: string
- - jsonPath: .status.hypervisorId
- name: Hypervisor ID
- priority: 3
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: Hypervisor is the Schema for the hypervisors API
- properties:
- apiVersion:
- description: |-
- APIVersion defines the versioned schema of this representation of an object.
- Servers should convert recognized schemas to the latest internal value, and
- may reject unrecognized values.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- type: string
- kind:
- description: |-
- Kind is a string value representing the REST resource this object represents.
- Servers may infer this from the endpoint the client submits requests to.
- Cannot be updated.
- In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- type: string
- metadata:
- type: object
- spec:
- description: HypervisorSpec defines the desired state of Hypervisor
- properties:
- aggregates:
- default: []
- description: Aggregates are used to apply aggregates to the hypervisor.
- items:
- type: string
- type: array
- allowedProjects:
- default: []
- description: |-
- AllowedProjects defines which openstack projects are allowed to schedule
- instances on this hypervisor. The values of this list should be project
- uuids. If left empty, all projects are allowed.
- items:
- type: string
- type: array
- createCertManagerCertificate:
- default: false
- description: |-
- Require to issue a certificate from cert-manager for the hypervisor, to be used for
- secure communication with the libvirt API.
- type: boolean
- customTraits:
- default: []
- description: CustomTraits are used to apply custom traits to the hypervisor.
- items:
- type: string
- type: array
- evacuateOnReboot:
- default: true
- description: EvacuateOnReboot request an evacuation of all instances
- before reboot.
- type: boolean
- highAvailability:
- default: true
- description: HighAvailability is used to enable the high availability
- handling of the hypervisor.
- type: boolean
- installCertificate:
- default: true
- description: InstallCertificate is used to enable the installations
- of the certificates via kvm-node-agent.
- type: boolean
- lifecycleEnabled:
- default: true
- description: LifecycleEnabled enables the lifecycle management of
- the hypervisor via hypervisor-operator.
- type: boolean
- maintenance:
- description: Maintenance indicates whether the hypervisor is in maintenance
- mode.
- enum:
- - ""
- - manual
- - auto
- - ha
- - termination
- type: string
- maintenanceReason:
- description: MaintenanceReason provides the reason for manual maintenance
- mode.
- type: string
- overcommit:
- additionalProperties:
- type: number
- description: |-
- Overcommit specifies the desired overcommit ratio by resource type.
-
- If no overcommit is specified for a resource type, the default overcommit
- ratio of 1.0 should be applied, i.e. the effective capacity is the same
- as the actual capacity.
-
- If the overcommit ratio results in a fractional effective capacity,
- the effective capacity is expected to be rounded down. This allows
- gradually adjusting the hypervisor capacity.
-
- It is validated that all overcommit ratios are greater than or equal to
- 1.0, if specified. For this we don't need extra validating webhooks.
- See: https://kubernetes.io/blog/2022/09/23/crd-validation-rules-beta/#crd-transition-rules
- type: object
- x-kubernetes-validations:
- - message: overcommit ratios must be >= 1.0
- rule: self.all(k, self[k] >= 1.0)
- reboot:
- default: false
- description: Reboot request an reboot after successful installation
- of an upgrade.
- type: boolean
- skipTests:
- default: false
- description: SkipTests skips the tests during the onboarding process.
- type: boolean
- version:
- description: OperatingSystemVersion represents the desired operating
- system version.
- type: string
- required:
- - aggregates
- - allowedProjects
- - createCertManagerCertificate
- - customTraits
- - evacuateOnReboot
- - highAvailability
- - installCertificate
- - lifecycleEnabled
- - reboot
- - skipTests
- type: object
- x-kubernetes-validations:
- - message: spec is immutable when maintenance is 'termination'; can only
- change maintenance to 'ha'
- rule: '!has(oldSelf.maintenance) || oldSelf.maintenance != ''termination''
- || self.maintenance == ''ha'' || self == oldSelf'
- - message: maintenanceReason must be non-empty when maintenance is 'manual'
- rule: '!has(self.maintenance) || self.maintenance != ''manual'' || (has(self.maintenanceReason)
- && self.maintenanceReason.size() > 0)'
- status:
- description: HypervisorStatus defines the observed state of Hypervisor
- properties:
- aggregates:
- description: Aggregates are the applied aggregates of the hypervisor
- with their names and UUIDs.
- items:
- description: Aggregate represents an OpenStack aggregate with its
- name and UUID.
- properties:
- name:
- description: Name is the name of the aggregate.
- type: string
- uuid:
- description: UUID is the unique identifier of the aggregate.
- type: string
- required:
- - name
- - uuid
- type: object
- type: array
- allocation:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: Auto-discovered resource allocation of all hosted VMs.
- type: object
- capabilities:
- description: Auto-discovered capabilities as reported by libvirt.
- properties:
- cpuArch:
- default: unknown
- description: The hosts CPU architecture (not the guests).
- type: string
- cpus:
- anyOf:
- - type: integer
- - type: string
- description: Total host cpus available as a sum of cpus over all
- numa cells.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- memory:
- anyOf:
- - type: integer
- - type: string
- description: Total host memory available as a sum of memory over
- all numa cells.
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- type: object
- capacity:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Auto-discovered capacity of the hypervisor.
-
- Note that this capacity does not include the applied overcommit ratios,
- and represents the actual capacity of the hypervisor. Use the
- effective capacity field to get the capacity considering the applied
- overcommit ratios.
- type: object
- cells:
- description: Auto-discovered cells on this hypervisor.
- items:
- description: Cell represents a NUMA cell on the hypervisor.
- properties:
- allocation:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: Auto-discovered resource allocation of all hosted
- VMs in this cell.
- type: object
- capacity:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Auto-discovered capacity of this cell.
-
- Note that this capacity does not include the applied overcommit ratios,
- and represents the actual capacity of the cell. Use the effective capacity
- field to get the capacity considering the applied overcommit ratios.
- type: object
- cellID:
- description: Cell ID.
- format: int64
- type: integer
- effectiveCapacity:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Auto-discovered capacity of this cell, considering the
- applied overcommit ratios.
-
- In case no overcommit ratio is specified for a resource type, the default
- overcommit ratio of 1 should be applied, meaning the effective capacity
- is the same as the actual capacity.
-
- If the overcommit ratio results in a fractional effective capacity, the
- effective capacity is expected to be rounded down.
- type: object
- required:
- - cellID
- type: object
- type: array
- conditions:
- description: Represents the Hypervisor node conditions.
- items:
- description: Condition contains details for one aspect of the current
- state of this API Resource.
- properties:
- lastTransitionTime:
- description: |-
- lastTransitionTime is the last time the condition transitioned from one status to another.
- This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: |-
- message is a human readable message indicating details about the transition.
- This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: |-
- observedGeneration represents the .metadata.generation that the condition was set based upon.
- For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
- with respect to the current state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: |-
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
- Producers of specific condition types may define expected values and meanings for this field,
- and whether the values are considered a guaranteed API.
- The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- domainCapabilities:
- description: |-
- Auto-discovered domain capabilities relevant to check if a VM
- can be scheduled on the hypervisor.
- properties:
- arch:
- default: unknown
- description: The available domain cpu architecture.
- type: string
- hypervisorType:
- default: unknown
- description: The supported type of virtualization for domains,
- such as "ch".
- type: string
- supportedCpuModes:
- default: []
- description: |-
- Supported cpu modes for domains.
-
- The format of this list is cpu mode, and if specified, a specific
- submode. For example, the take the following xml domain cpu definition:
-
-
-
-
-
- The corresponding entries in this list would be "host-passthrough" and
- "host-passthrough/migratable".
- items:
- type: string
- type: array
- supportedDevices:
- default: []
- description: |-
- Supported devices for domains.
-
- The format of this list is the device type, and if specified, a specific
- model. For example, the take the following xml domain device definition:
-
-
-
- The corresponding entries in this list would be "video" and "video/nvidia".
- items:
- type: string
- type: array
- supportedFeatures:
- default: []
- description: |-
- Supported features for domains, such as "sev" or "sgx".
-
- This is a flat list of supported features, meaning the following xml:
-
-
-
-
-
-
- Would correspond to the entries "sev" and "sgx" in this list.
- items:
- type: string
- type: array
- type: object
- effectiveCapacity:
- additionalProperties:
- anyOf:
- - type: integer
- - type: string
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
- x-kubernetes-int-or-string: true
- description: |-
- Auto-discovered capacity of the hypervisor, considering the
- applied overcommit ratios.
-
- In case no overcommit ratio is specified for a resource type, the default
- overcommit ratio of 1 should be applied, meaning the effective capacity
- is the same as the actual capacity.
-
- If the overcommit ratio results in a fractional effective capacity, the
- effective capacity is expected to be rounded down.
- type: object
- evicted:
- description: Evicted indicates whether the hypervisor is evicted.
- (no instances left with active maintenance mode)
- type: boolean
- hypervisorId:
- description: HypervisorID is the unique identifier of the hypervisor
- in OpenStack.
- type: string
- hypervisorVersion:
- default: unknown
- description: Represents the Hypervisor version
- type: string
- instances:
- description: Represents the Hypervisor hosted Virtual Machines
- items:
- properties:
- active:
- description: Represents the instance state.
- type: boolean
- id:
- description: Represents the instance ID (uuidv4).
- type: string
- name:
- description: Represents the instance name.
- type: string
- required:
- - active
- - id
- - name
- type: object
- type: array
- internalIp:
- description: InternalIP is the internal IP address of the hypervisor.
- type: string
- libVirtVersion:
- default: unknown
- description: Represents the LibVirt version.
- type: string
- numInstances:
- default: 0
- description: Represent the num of instances
- type: integer
- operatingSystem:
- description: Represents the Operating System status.
- properties:
- firmwareDate:
- description: FirmwareDate
- format: date-time
- type: string
- firmwareVendor:
- description: FirmwareVendor
- type: string
- firmwareVersion:
- description: FirmwareVersion
- type: string
- gardenLinuxCommitID:
- description: Represents the Garden Linux build commit id
- type: string
- gardenLinuxFeatures:
- description: Represents the Garden Linux Feature Set
- items:
- type: string
- type: array
- hardwareModel:
- description: HardwareModel
- type: string
- hardwareSerial:
- description: HardwareSerial
- type: string
- hardwareVendor:
- description: HardwareVendor
- type: string
- kernelCommandLine:
- description: KernelCommandLine contains the raw kernel boot parameters
- from /proc/cmdline.
- type: string
- kernelName:
- description: KernelName
- type: string
- kernelRelease:
- description: KernelRelease
- type: string
- kernelVersion:
- description: KernelVersion
- type: string
- prettyVersion:
- description: PrettyVersion
- type: string
- variantID:
- description: Identifying a specific variant or edition of the
- operating system
- type: string
- version:
- description: Represents the Operating System version.
- type: string
- type: object
- serviceId:
- description: ServiceID is the unique identifier of the compute service
- in OpenStack.
- type: string
- specHash:
- type: string
- traits:
- description: Traits are the applied traits of the hypervisor.
- items:
- type: string
- type: array
- updateStatus:
- description: Represents the Hypervisor update status.
- properties:
- inProgress:
- default: false
- description: Represents a running Operating System update.
- type: boolean
- installed:
- default: unknown
- description: Represents the Operating System installed update
- version.
- type: string
- retry:
- default: 3
- description: Represents the number of retries.
- type: integer
- required:
- - inProgress
- - retry
- type: object
- required:
- - numInstances
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml
deleted file mode 100644
index fe82363..0000000
--- a/config/crd/kustomization.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-# This kustomization.yaml is not intended to be run by itself,
-# since it depends on service name and namespace that are out of this kustomize package.
-# It should be run by config/default
-resources:
-- bases/kvm.cloud.sap_hypervisors.yaml
-- bases/kvm.cloud.sap_migrations.yaml
-# +kubebuilder:scaffold:crdkustomizeresource
-
-patches:
-# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
-# patches here are for enabling the conversion webhook for each CRD
-# +kubebuilder:scaffold:crdkustomizewebhookpatch
-
-# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
-# patches here are for enabling the CA injection for each CRD
-#- path: patches/cainjection_in_hypervisors.yaml
-# +kubebuilder:scaffold:crdkustomizecainjectionpatch
-
-# [WEBHOOK] To enable webhook, uncomment the following section
-# the following config is for teaching kustomize how to do kustomization for CRDs.
-
-#configurations:
-#- kustomizeconfig.yaml
diff --git a/config/crd/kustomizeconfig.yaml b/config/crd/kustomizeconfig.yaml
deleted file mode 100644
index ec5c150..0000000
--- a/config/crd/kustomizeconfig.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-# This file is for teaching kustomize how to substitute name and namespace reference in CRD
-nameReference:
-- kind: Service
- version: v1
- fieldSpecs:
- - kind: CustomResourceDefinition
- version: v1
- group: apiextensions.k8s.io
- path: spec/conversion/webhook/clientConfig/service/name
-
-namespace:
-- kind: CustomResourceDefinition
- version: v1
- group: apiextensions.k8s.io
- path: spec/conversion/webhook/clientConfig/service/namespace
- create: false
-
-varReference:
-- path: metadata/annotations
diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml
deleted file mode 100644
index 08e7e55..0000000
--- a/config/default/kustomization.yaml
+++ /dev/null
@@ -1,146 +0,0 @@
-# Adds namespace to all resources.
-namespace: monsoon3
-
-# Value of this field is prepended to the
-# names of all resources, e.g. a deployment named
-# "wordpress" becomes "alices-wordpress".
-# Note that it should also match with the prefix (text before '-') of the namespace
-# field above.
-namePrefix: kvm-node-agent-
-
-# Labels to add to all resources and selectors.
-#labels:
-#- includeSelectors: true
-# pairs:
-# someName: someValue
-
-resources:
-- ../crd
-- ../rbac
-- ../manager
-# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
-# crd/kustomization.yaml
-#- ../webhook
-# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
-#- ../certmanager
-# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
-#- ../prometheus
-# [METRICS] Expose the controller manager metrics service.
-- metrics_service.yaml
-
-# Uncomment the patches line if you enable Metrics, and/or are using webhooks and cert-manager
-patches:
-# [METRICS] The following patch will enable the metrics endpoint using HTTPS and the port :8443.
-# More info: https://book.kubebuilder.io/reference/metrics
-- path: manager_metrics_patch.yaml
- target:
- kind: Deployment
-
-# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
-# crd/kustomization.yaml
-#- path: manager_webhook_patch.yaml
-
-# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
-# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
-# 'CERTMANAGER' needs to be enabled to use ca injection
-#- path: webhookcainjection_patch.yaml
-
-# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
-# Uncomment the following replacements to add the cert-manager CA injection annotations
-#replacements:
-# - source: # Add cert-manager annotation to ValidatingWebhookConfiguration, MutatingWebhookConfiguration and CRDs
-# kind: Certificate
-# group: cert-manager.io
-# version: v1
-# name: serving-cert # this name should match the one in certificate.yaml
-# fieldPath: .metadata.namespace # namespace of the certificate CR
-# targets:
-# - select:
-# kind: ValidatingWebhookConfiguration
-# fieldPaths:
-# - .metadata.annotations.[cert-manager.io/inject-ca-from]
-# options:
-# delimiter: '/'
-# index: 0
-# create: true
-# - select:
-# kind: MutatingWebhookConfiguration
-# fieldPaths:
-# - .metadata.annotations.[cert-manager.io/inject-ca-from]
-# options:
-# delimiter: '/'
-# index: 0
-# create: true
-# - select:
-# kind: CustomResourceDefinition
-# fieldPaths:
-# - .metadata.annotations.[cert-manager.io/inject-ca-from]
-# options:
-# delimiter: '/'
-# index: 0
-# create: true
-# - source:
-# kind: Certificate
-# group: cert-manager.io
-# version: v1
-# name: serving-cert # this name should match the one in certificate.yaml
-# fieldPath: .metadata.name
-# targets:
-# - select:
-# kind: ValidatingWebhookConfiguration
-# fieldPaths:
-# - .metadata.annotations.[cert-manager.io/inject-ca-from]
-# options:
-# delimiter: '/'
-# index: 1
-# create: true
-# - select:
-# kind: MutatingWebhookConfiguration
-# fieldPaths:
-# - .metadata.annotations.[cert-manager.io/inject-ca-from]
-# options:
-# delimiter: '/'
-# index: 1
-# create: true
-# - select:
-# kind: CustomResourceDefinition
-# fieldPaths:
-# - .metadata.annotations.[cert-manager.io/inject-ca-from]
-# options:
-# delimiter: '/'
-# index: 1
-# create: true
-# - source: # Add cert-manager annotation to the webhook Service
-# kind: Service
-# version: v1
-# name: webhook-service
-# fieldPath: .metadata.name # namespace of the service
-# targets:
-# - select:
-# kind: Certificate
-# group: cert-manager.io
-# version: v1
-# fieldPaths:
-# - .spec.dnsNames.0
-# - .spec.dnsNames.1
-# options:
-# delimiter: '.'
-# index: 0
-# create: true
-# - source:
-# kind: Service
-# version: v1
-# name: webhook-service
-# fieldPath: .metadata.namespace # namespace of the service
-# targets:
-# - select:
-# kind: Certificate
-# group: cert-manager.io
-# version: v1
-# fieldPaths:
-# - .spec.dnsNames.0
-# - .spec.dnsNames.1
-# options:
-# delimiter: '.'
-# index: 1
-# create: true
diff --git a/config/default/manager_metrics_patch.yaml b/config/default/manager_metrics_patch.yaml
deleted file mode 100644
index 2aaef65..0000000
--- a/config/default/manager_metrics_patch.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-# This patch adds the args to allow exposing the metrics endpoint using HTTPS
-- op: add
- path: /spec/template/spec/containers/0/args/0
- value: --metrics-bind-address=:8443
diff --git a/config/default/metrics_service.yaml b/config/default/metrics_service.yaml
deleted file mode 100644
index 416738e..0000000
--- a/config/default/metrics_service.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- control-plane: controller-manager
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: controller-manager-metrics-service
- namespace: system
-spec:
- ports:
- - name: https
- port: 8443
- protocol: TCP
- targetPort: 8443
- selector:
- control-plane: controller-manager
diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml
deleted file mode 100644
index 1d19c67..0000000
--- a/config/manager/kustomization.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-resources:
-- manager.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-images:
-- name: controller
- newName: ghcr.io/cobaltcore-dev/kvm-node-agent
- newTag: latest
-patches:
-- path: manager_node_selector_patch.yaml
- target:
- kind: DaemonSet
-- patch: |-
- - op: add
- path: "/spec/template/spec/containers/0/env/-"
- value:
- name: NODE_LABEL
- valueFrom:
- fieldRef:
- fieldPath: "{{ .Values.controllerManager.manager.env.nodeLabelFieldPath }}"
- - op: add
- path: "/spec/template/spec/tolerations"
- value:
- - key: "node.gardener.cloud/critical-components-not-ready"
- operator: "Exists"
- effect: "NoSchedule"
- target:
- kind: DaemonSet
- name: controller-manager
- namespace: system
diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
deleted file mode 100644
index 6d86e03..0000000
--- a/config/manager/manager.yaml
+++ /dev/null
@@ -1,160 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- labels:
- control-plane: controller-manager
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: system
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: controller-manager
- namespace: system
- labels:
- control-plane: controller-manager
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
-spec:
- updateStrategy:
- type: RollingUpdate
- rollingUpdate:
- maxUnavailable: 0
- maxSurge: 1
- selector:
- matchLabels:
- control-plane: controller-manager
- template:
- metadata:
- annotations:
- kubectl.kubernetes.io/default-container: manager
- labels:
- control-plane: controller-manager
- spec:
- # TODO(user): Uncomment the following code to configure the nodeAffinity expression
- # according to the platforms which are supported by your solution.
- # It is considered best practice to support multiple architectures. You can
- # build your manager image using the makefile target docker-buildx.
- # affinity:
- # nodeAffinity:
- # requiredDuringSchedulingIgnoredDuringExecution:
- # nodeSelectorTerms:
- # - matchExpressions:
- # - key: kubernetes.io/arch
- # operator: In
- # values:
- # - amd64
- # - arm64
- # - ppc64le
- # - s390x
- # - key: kubernetes.io/os
- # operator: In
- # values:
- # - linux
- securityContext:
- # runAsNonRoot: true
- supplementalGroups:
- - 108 # libvirt group
- initContainers:
- - name: create-pki-dirs
- securityContext:
- runAsUser: 0
- image: busybox:1.37
- command: ['sh', '-c', 'cd /host && for i in etc/pki/CA etc/pki/libvirt etc/pki/qemu var/lib/libvirt/ch/pki; do if [ -L ${i} ]; then rm ${i}; fi; done && mkdir -p etc/pki/CA etc/pki/libvirt etc/pki/qemu var/lib/libvirt/ch/pki && chown 42438:42438 etc/pki/CA etc/pki/libvirt etc/pki/qemu var/lib/libvirt/ch/pki && chmod 0755 etc/pki/CA etc/pki/libvirt etc/pki/qemu var/lib/libvirt/ch/pki']
- volumeMounts:
- - mountPath: /host
- name: host
- containers:
- - args:
- - --health-probe-bind-address=:8081
- env:
- - name: HOSTNAME
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
- - name: PKI_PATH
- value: /pki
- - name: HOST_IP_ADDRESS
- valueFrom:
- fieldRef:
- fieldPath: status.hostIP
- - name: ISSUER_NAME
- value: kvm-node-agent-ca-issuer
- - name: DISABLE_CREATE_CERT_MANAGER_CERTIFICATE
- value: "true"
- - name: LIBVIRT_DEFAULT_URI
- value: "ch:///system"
- image: controller:latest
- name: manager
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - "ALL"
- livenessProbe:
- httpGet:
- path: /healthz
- port: 8081
- initialDelaySeconds: 15
- periodSeconds: 20
- readinessProbe:
- httpGet:
- path: /readyz
- port: 8081
- initialDelaySeconds: 5
- periodSeconds: 10
- # TODO(user): Configure the resources accordingly based on the project requirements.
- # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- resources:
- limits:
- cpu: 500m
- memory: 128Mi
- requests:
- cpu: 10m
- memory: 64Mi
- volumeMounts:
- - mountPath: /run/libvirt
- name: run-libvirt
- readOnly: true
- - mountPath: /var/run/dbus/system_bus_socket
- name: systemd-sock
- readOnly: true
- - mountPath: /pki/CA
- name: pki-ca
- - mountPath: /pki/libvirt
- name: pki-libvirt
- - mountPath: /pki/qemu
- name: pki-qemu
- - mountPath: /pki/ch
- name: pki-ch
- serviceAccountName: controller-manager
- terminationGracePeriodSeconds: 10
- volumes:
- - name: run-libvirt
- hostPath:
- path: /run/libvirt
- type: Directory
- - name: systemd-sock
- hostPath:
- path: /run/dbus/system_bus_socket
- type: Socket
- - name: pki-ca
- hostPath:
- path: /etc/pki/CA
- type: DirectoryOrCreate
- - name: pki-libvirt
- hostPath:
- path: /etc/pki/libvirt
- type: DirectoryOrCreate
- - name: pki-qemu
- hostPath:
- path: /etc/pki/qemu
- type: DirectoryOrCreate
- - name: pki-ch
- hostPath:
- path: /var/lib/libvirt/ch/pki
- type: DirectoryOrCreate
- - name: host
- hostPath:
- path: /
diff --git a/config/manager/manager_node_selector_patch.yaml b/config/manager/manager_node_selector_patch.yaml
deleted file mode 100644
index 3d7b8a8..0000000
--- a/config/manager/manager_node_selector_patch.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: controller-manager
- namespace: system
-spec:
- template:
- spec:
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: nova.openstack.cloud.sap/virt-driver
- operator: Exists
diff --git a/config/prometheus/kustomization.yaml b/config/prometheus/kustomization.yaml
deleted file mode 100644
index ed13716..0000000
--- a/config/prometheus/kustomization.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-resources:
-- monitor.yaml
diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml
deleted file mode 100644
index b5e761f..0000000
--- a/config/prometheus/monitor.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-# Prometheus Monitor Service (Metrics)
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- labels:
- control-plane: controller-manager
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: controller-manager-metrics-monitor
- namespace: system
-spec:
- endpoints:
- - path: /metrics
- port: https # Ensure this is the name of the port that exposes HTTPS metrics
- scheme: https
- bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
- tlsConfig:
- # TODO(user): The option insecureSkipVerify: true is not recommended for production since it disables
- # certificate verification. This poses a significant security risk by making the system vulnerable to
- # man-in-the-middle attacks, where an attacker could intercept and manipulate the communication between
- # Prometheus and the monitored services. This could lead to unauthorized access to sensitive metrics data,
- # compromising the integrity and confidentiality of the information.
- # Please use the following options for secure configurations:
- # caFile: /etc/metrics-certs/ca.crt
- # certFile: /etc/metrics-certs/tls.crt
- # keyFile: /etc/metrics-certs/tls.key
- insecureSkipVerify: true
- selector:
- matchLabels:
- control-plane: controller-manager
diff --git a/config/rbac/hypervisor_editor_role.yaml b/config/rbac/hypervisor_editor_role.yaml
deleted file mode 100644
index 4aaf78f..0000000
--- a/config/rbac/hypervisor_editor_role.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-# permissions for end users to edit hypervisors.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: hypervisor-editor-role
-rules:
-- apiGroups:
- - kvm.cloud.sap
- resources:
- - hypervisors
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - kvm.cloud.sap
- resources:
- - hypervisors/status
- verbs:
- - get
diff --git a/config/rbac/hypervisor_viewer_role.yaml b/config/rbac/hypervisor_viewer_role.yaml
deleted file mode 100644
index b433593..0000000
--- a/config/rbac/hypervisor_viewer_role.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-# permissions for end users to view hypervisors.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: hypervisor-viewer-role
-rules:
-- apiGroups:
- - kvm.cloud.sap
- resources:
- - hypervisors
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - kvm.cloud.sap
- resources:
- - hypervisors/status
- verbs:
- - get
diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml
deleted file mode 100644
index e733439..0000000
--- a/config/rbac/kustomization.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-resources:
-# All RBAC will be applied under this service account in
-# the deployment namespace. You may comment out this resource
-# if your manager will use a service account that exists at
-# runtime. Be sure to update RoleBinding and ClusterRoleBinding
-# subjects if changing service account names.
-- service_account.yaml
-- role.yaml
-- role_binding.yaml
-- leader_election_role.yaml
-- leader_election_role_binding.yaml
-# The following RBAC configurations are used to protect
-# the metrics endpoint with authn/authz. These configurations
-# ensure that only authorized users and service accounts
-# can access the metrics endpoint. Comment the following
-# permissions if you want to disable this protection.
-# More info: https://book.kubebuilder.io/reference/metrics.html
-- metrics_auth_role.yaml
-- metrics_auth_role_binding.yaml
-- metrics_reader_role.yaml
-# For each CRD, "Editor" and "Viewer" roles are scaffolded by
-# default, aiding admins in cluster management. Those roles are
-# not used by the Project itself. You can comment the following lines
-# if you do not want those helpers be installed with your Project.
-- migration_editor_role.yaml
-- migration_viewer_role.yaml
-- hypervisor_editor_role.yaml
-- hypervisor_viewer_role.yaml
diff --git a/config/rbac/leader_election_role.yaml b/config/rbac/leader_election_role.yaml
deleted file mode 100644
index 91347c7..0000000
--- a/config/rbac/leader_election_role.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-# permissions to do leader election.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: leader-election-role
-rules:
-- apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
- - delete
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
- - delete
-- apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - patch
diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml
deleted file mode 100644
index 06c9d69..0000000
--- a/config/rbac/leader_election_role_binding.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: leader-election-rolebinding
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: leader-election-role
-subjects:
-- kind: ServiceAccount
- name: controller-manager
- namespace: system
diff --git a/config/rbac/metrics_auth_role.yaml b/config/rbac/metrics_auth_role.yaml
deleted file mode 100644
index 32d2e4e..0000000
--- a/config/rbac/metrics_auth_role.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: metrics-auth-role
-rules:
-- apiGroups:
- - authentication.k8s.io
- resources:
- - tokenreviews
- verbs:
- - create
-- apiGroups:
- - authorization.k8s.io
- resources:
- - subjectaccessreviews
- verbs:
- - create
diff --git a/config/rbac/metrics_auth_role_binding.yaml b/config/rbac/metrics_auth_role_binding.yaml
deleted file mode 100644
index e775d67..0000000
--- a/config/rbac/metrics_auth_role_binding.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: metrics-auth-rolebinding
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: metrics-auth-role
-subjects:
-- kind: ServiceAccount
- name: controller-manager
- namespace: system
diff --git a/config/rbac/metrics_reader_role.yaml b/config/rbac/metrics_reader_role.yaml
deleted file mode 100644
index 51a75db..0000000
--- a/config/rbac/metrics_reader_role.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: metrics-reader
-rules:
-- nonResourceURLs:
- - "/metrics"
- verbs:
- - get
diff --git a/config/rbac/migration_editor_role.yaml b/config/rbac/migration_editor_role.yaml
deleted file mode 100644
index 3f2fde0..0000000
--- a/config/rbac/migration_editor_role.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-# permissions for end users to edit migrations.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: migration-editor-role
-rules:
-- apiGroups:
- - kvm.cloud.sap
- resources:
- - migrations
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - kvm.cloud.sap
- resources:
- - migrations/status
- verbs:
- - get
diff --git a/config/rbac/migration_viewer_role.yaml b/config/rbac/migration_viewer_role.yaml
deleted file mode 100644
index 8d08fca..0000000
--- a/config/rbac/migration_viewer_role.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-# permissions for end users to view migrations.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: migration-viewer-role
-rules:
-- apiGroups:
- - kvm.cloud.sap
- resources:
- - migrations
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - kvm.cloud.sap
- resources:
- - migrations/status
- verbs:
- - get
diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml
deleted file mode 100644
index 53000a1..0000000
--- a/config/rbac/role_binding.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: manager-rolebinding
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: manager-role
-subjects:
-- kind: ServiceAccount
- name: controller-manager
- namespace: system
diff --git a/config/rbac/service_account.yaml b/config/rbac/service_account.yaml
deleted file mode 100644
index 263242b..0000000
--- a/config/rbac/service_account.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: controller-manager
- namespace: system
diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml
deleted file mode 100644
index 67794b6..0000000
--- a/config/samples/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
-## Append samples of your project ##
-resources:
-- kvm_v1_hypervisor.yaml
-- kvm_v1_migration.yaml
-# +kubebuilder:scaffold:manifestskustomizesamples
diff --git a/config/samples/kvm_v1alpha1_hypervisor.yaml b/config/samples/kvm_v1alpha1_hypervisor.yaml
deleted file mode 100644
index 6aac261..0000000
--- a/config/samples/kvm_v1alpha1_hypervisor.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: kvm.cloud.sap/v1
-kind: Hypervisor
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: hypervisor-sample
-spec:
- # TODO(user): Add fields here
diff --git a/config/samples/kvm_v1alpha1_migration.yaml b/config/samples/kvm_v1alpha1_migration.yaml
deleted file mode 100644
index 778d98b..0000000
--- a/config/samples/kvm_v1alpha1_migration.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: kvm.cloud.sap/v1
-kind: Migration
-metadata:
- labels:
- app.kubernetes.io/name: kvm-node-agent
- app.kubernetes.io/managed-by: kustomize
- name: migration-sample
-spec:
- # TODO(user): Add fields here
diff --git a/go.sum b/go.sum
index 2d8a494..ed21fca 100644
--- a/go.sum
+++ b/go.sum
@@ -14,8 +14,6 @@ github.com/cert-manager/cert-manager v1.19.4 h1:7lOkSYj+nJNjgGFfAznQzPpOfWX+1Kgz
github.com/cert-manager/cert-manager v1.19.4/go.mod h1:9uBnn3IK9NxjjuXmQDYhwOwFUU5BtGVB1g/voPvvcVw=
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/cobaltcore-dev/openstack-hypervisor-operator v0.0.0-20260309144200-9c8ed613a94c h1:KylfcJikSMWNJnuNfG1Od6fNUw4kQTjseP7khmwVlrM=
-github.com/cobaltcore-dev/openstack-hypervisor-operator v0.0.0-20260309144200-9c8ed613a94c/go.mod h1:b0KmJdxvRI8UXlGe8cRm5BD8Tm2WhF7zSKMSIRGyVL4=
github.com/cobaltcore-dev/openstack-hypervisor-operator v0.0.0-20260313120621-e3699e2ccab9 h1:fIQCfP6HTOMu9XqcRLUYeUCK2mPWcOkSqYVF9HUhQyE=
github.com/cobaltcore-dev/openstack-hypervisor-operator v0.0.0-20260313120621-e3699e2ccab9/go.mod h1:b0KmJdxvRI8UXlGe8cRm5BD8Tm2WhF7zSKMSIRGyVL4=
github.com/coreos/go-systemd/v22 v22.7.0 h1:LAEzFkke61DFROc7zNLX/WA2i5J8gYqe0rSj9KI28KA=
diff --git a/internal/controller/suite_test.go b/internal/controller/suite_test.go
index 372d3ab..d12d5bf 100644
--- a/internal/controller/suite_test.go
+++ b/internal/controller/suite_test.go
@@ -25,7 +25,6 @@ import (
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
-
"k8s.io/client-go/kubernetes/scheme"
"k8s.io/client-go/rest"
"sigs.k8s.io/controller-runtime/pkg/client"
@@ -55,7 +54,7 @@ var _ = BeforeSuite(func() {
By("bootstrapping test environment")
testEnv = &envtest.Environment{
- CRDDirectoryPaths: []string{filepath.Join("..", "..", "config", "crd", "bases")},
+ CRDDirectoryPaths: []string{filepath.Join("..", "..", "charts", "kvm-node-agent", "crds")},
ErrorIfCRDPathMissing: true,
// The BinaryAssetsDirectory is only required if you want to run the tests directly
diff --git a/internal/evacuation/suite_test.go b/internal/evacuation/suite_test.go
index d61bb66..b5a97bf 100644
--- a/internal/evacuation/suite_test.go
+++ b/internal/evacuation/suite_test.go
@@ -54,7 +54,7 @@ var _ = BeforeSuite(func() {
By("bootstrapping test environment")
testEnv = &envtest.Environment{
- CRDDirectoryPaths: []string{filepath.Join("..", "..", "config", "crd", "bases")},
+ CRDDirectoryPaths: []string{filepath.Join("..", "..", "charts", "kvm-node-agent", "crds")},
ErrorIfCRDPathMissing: true,
// The BinaryAssetsDirectory is only required if you want to run the tests directly