Onwards!

Signed-off-by: Joe Nathan Abellard <[email protected]>
karmada-io · Oct 23, 2024 · cf6a2b4 · cf6a2b4
1 parent 6c41295
commit cf6a2b4
Show file tree

Hide file tree

Showing 4 changed files with 80 additions and 19 deletions.
diff --git a/operator/pkg/constants/constants.go b/operator/pkg/constants/constants.go
@@ -77,10 +77,10 @@ const (
 	KarmadaAPIserverListenClientPort = 5443
 	// EtcdDataVolumeName defines the name to etcd data volume
 	EtcdDataVolumeName = "etcd-data"
-	// EtcClientCredentialsVolumeName defines the name of the volume for the etcd client credentials
-	EtcClientCredentialsVolumeName = "etcd-client" // #nosec G101
-	// EtcClientCredentialsMountPath defines the mount path for the etcd client credentials data
-	EtcClientCredentialsMountPath = "/etc/karmada/pki/etcd-client" // #nosec G101
+	// EtcdClientCredentialsVolumeName defines the name of the volume for the etcd client credentials
+	EtcdClientCredentialsVolumeName = "etcd-client-cert" // #nosec G101
+	// EtcdClientCredentialsMountPath defines the mount path for the etcd client credentials data
+	EtcdClientCredentialsMountPath = "/etc/karmada/pki/etcd-client" // #nosec G101
 	// CaCertDataKey defines the data key for a CA cert
 	CaCertDataKey = "ca.crt"
 	// TLSCertDataKey defines the data key for a TLS cert

diff --git a/operator/pkg/controller/karmada/planner_test.go b/operator/pkg/controller/karmada/planner_test.go
@@ -51,6 +51,13 @@ func TestNewPlannerFor(t *testing.T) {
 				ObjectMeta: metav1.ObjectMeta{
 					Name: name,
 				},
+				Spec: operatorv1alpha1.KarmadaSpec{
+					Components: &operatorv1alpha1.KarmadaComponents{
+						Etcd: &operatorv1alpha1.Etcd{
+							Local: &operatorv1alpha1.LocalEtcd{},
+						},
+					},
+				},
 			},
 			client:     fake.NewFakeClient(),
 			config:     &rest.Config{},
@@ -65,8 +72,16 @@ func TestNewPlannerFor(t *testing.T) {
 					DeletionTimestamp: &metav1.Time{
 						Time: time.Now().Add(-5 * time.Minute),
 					},
+
 					Finalizers: []string{ControllerFinalizerName},
 				},
+				Spec: operatorv1alpha1.KarmadaSpec{
+					Components: &operatorv1alpha1.KarmadaComponents{
+						Etcd: &operatorv1alpha1.Etcd{
+							Local: &operatorv1alpha1.LocalEtcd{},
+						},
+					},
+				},
 			},
 			client:     fake.NewFakeClient(),
 			config:     &rest.Config{},
@@ -107,6 +122,13 @@ func TestPreRunJob(t *testing.T) {
 					Name:      name,
 					Namespace: namespace,
 				},
+				Spec: operatorv1alpha1.KarmadaSpec{
+					Components: &operatorv1alpha1.KarmadaComponents{
+						Etcd: &operatorv1alpha1.Etcd{
+							Local: &operatorv1alpha1.LocalEtcd{},
+						},
+					},
+				},
 			},
 			config:  &rest.Config{},
 			action:  InitAction,
@@ -124,6 +146,13 @@ func TestPreRunJob(t *testing.T) {
 					},
 					Finalizers: []string{ControllerFinalizerName},
 				},
+				Spec: operatorv1alpha1.KarmadaSpec{
+					Components: &operatorv1alpha1.KarmadaComponents{
+						Etcd: &operatorv1alpha1.Etcd{
+							Local: &operatorv1alpha1.LocalEtcd{},
+						},
+					},
+				},
 			},
 			config:  &rest.Config{},
 			action:  DeInitAction,
@@ -137,6 +166,13 @@ func TestPreRunJob(t *testing.T) {
 					Name:      name,
 					Namespace: namespace,
 				},
+				Spec: operatorv1alpha1.KarmadaSpec{
+					Components: &operatorv1alpha1.KarmadaComponents{
+						Etcd: &operatorv1alpha1.Etcd{
+							Local: &operatorv1alpha1.LocalEtcd{},
+						},
+					},
+				},
 			},
 			config: &rest.Config{},
 			action: "UnknownAction",
@@ -197,7 +233,13 @@ func TestAfterRunJob(t *testing.T) {
 					Name:      name,
 					Namespace: namespace,
 				},
-				Spec: operatorv1alpha1.KarmadaSpec{},
+				Spec: operatorv1alpha1.KarmadaSpec{
+					Components: &operatorv1alpha1.KarmadaComponents{
+						Etcd: &operatorv1alpha1.Etcd{
+							Local: &operatorv1alpha1.LocalEtcd{},
+						},
+					},
+				},
 			},
 			config: &rest.Config{},
 			action: InitAction,
@@ -233,6 +275,13 @@ func TestAfterRunJob(t *testing.T) {
 					},
 					Finalizers: []string{ControllerFinalizerName},
 				},
+				Spec: operatorv1alpha1.KarmadaSpec{
+					Components: &operatorv1alpha1.KarmadaComponents{
+						Etcd: &operatorv1alpha1.Etcd{
+							Local: &operatorv1alpha1.LocalEtcd{},
+						},
+					},
+				},
 			},
 			config: &rest.Config{},
 			action: DeInitAction,
@@ -288,7 +337,13 @@ func TestRunJobErr(t *testing.T) {
 					Name:      name,
 					Namespace: namespace,
 				},
-				Spec: operatorv1alpha1.KarmadaSpec{},
+				Spec: operatorv1alpha1.KarmadaSpec{
+					Components: &operatorv1alpha1.KarmadaComponents{
+						Etcd: &operatorv1alpha1.Etcd{
+							Local: &operatorv1alpha1.LocalEtcd{},
+						},
+					},
+				},
 			},
 			config:  &rest.Config{},
 			jobErr:  errors.New("test error"),

diff --git a/operator/pkg/controlplane/apiserver/apiserver_test.go b/operator/pkg/controlplane/apiserver/apiserver_test.go
@@ -54,6 +54,9 @@ func TestEnsureKarmadaAPIServer(t *testing.T) {
 			ServiceSubnet: ptr.To(serviceSubnet),
 			ExtraArgs:     map[string]string{"cmd1": "arg1", "cmd2": "arg2"},
 		},
+		Etcd: &operatorv1alpha1.Etcd{
+			Local: &operatorv1alpha1.LocalEtcd{},
+		},
 	}
 
 	fakeClient := fakeclientset.NewSimpleClientset()
@@ -90,6 +93,9 @@ func TestEnsureKarmadaAggregatedAPIServer(t *testing.T) {
 			},
 			ExtraArgs: map[string]string{"cmd1": "arg1", "cmd2": "arg2"},
 		},
+		Etcd: &operatorv1alpha1.Etcd{
+			Local: &operatorv1alpha1.LocalEtcd{},
+		},
 	}
 
 	featureGates := map[string]bool{"FeatureA": true}

diff --git a/operator/pkg/controlplane/etcd/util.go b/operator/pkg/controlplane/etcd/util.go
@@ -32,25 +32,25 @@ import (
 // ConfigureClientCredentials configures etcd client credentials for Karmada core and aggregated API servers
 func ConfigureClientCredentials(apiServerDeployment *appsv1.Deployment, etcdCfg *operatorv1alpha1.Etcd, name, namespace string) error {
 	etcdClientServiceName := util.KarmadaEtcdClientName(name)
-	etcdCertSecretName := util.KarmadaCertSecretName(name)
+	etcdCertSecretName := util.EtcdCertSecretName(name)
 	if etcdCfg.External == nil {
 		etcdClientCredentialsArgs := []string{
-			fmt.Sprintf("--etcd-cafile=%s/%s.crt", constants.EtcClientCredentialsMountPath, constants.EtcdCaCertAndKeyName),
-			fmt.Sprintf("--etcd-certfile=%s/%s.crt", constants.EtcClientCredentialsMountPath, constants.EtcdClientCertAndKeyName),
-			fmt.Sprintf("--etcd-keyfile=%s/%s.key", constants.EtcClientCredentialsMountPath, constants.EtcdClientCertAndKeyName),
+			fmt.Sprintf("--etcd-cafile=%s/%s.crt", constants.EtcdClientCredentialsMountPath, constants.EtcdCaCertAndKeyName),
+			fmt.Sprintf("--etcd-certfile=%s/%s.crt", constants.EtcdClientCredentialsMountPath, constants.EtcdClientCertAndKeyName),
+			fmt.Sprintf("--etcd-keyfile=%s/%s.key", constants.EtcdClientCredentialsMountPath, constants.EtcdClientCertAndKeyName),
 			fmt.Sprintf("--etcd-servers=https://%s.%s.svc.cluster.local:%s", etcdClientServiceName, namespace, strconv.Itoa(constants.EtcdListenClientPort)),
 		}
 		apiServerDeployment.Spec.Template.Spec.Containers[0].Command = append(apiServerDeployment.Spec.Template.Spec.Containers[0].Command, etcdClientCredentialsArgs...)
 
 		etcdClientCredentialsVolumeMount := corev1.VolumeMount{
-			Name:      constants.EtcClientCredentialsVolumeName,
-			MountPath: constants.EtcClientCredentialsMountPath,
+			Name:      constants.EtcdClientCredentialsVolumeName,
+			MountPath: constants.EtcdClientCredentialsMountPath,
 			ReadOnly:  true,
 		}
 		apiServerDeployment.Spec.Template.Spec.Containers[0].VolumeMounts = append(apiServerDeployment.Spec.Template.Spec.Containers[0].VolumeMounts, etcdClientCredentialsVolumeMount)
 
 		etcdClientCredentialsVolume := corev1.Volume{
-			Name: constants.EtcClientCredentialsVolumeName,
+			Name: constants.EtcdClientCredentialsVolumeName,
 			VolumeSource: corev1.VolumeSource{
 				Secret: &corev1.SecretVolumeSource{
 					SecretName: etcdCertSecretName,
@@ -61,22 +61,22 @@ func ConfigureClientCredentials(apiServerDeployment *appsv1.Deployment, etcdCfg
 	} else {
 		etcdServers := strings.Join(etcdCfg.External.Endpoints, ",")
 		etcdClientCredentialsArgs := []string{
-			fmt.Sprintf("--etcd-cafile=%s/%s", constants.EtcClientCredentialsMountPath, constants.CaCertDataKey),
-			fmt.Sprintf("--etcd-certfile=%s/%s", constants.EtcClientCredentialsMountPath, constants.TLSCertDataKey),
-			fmt.Sprintf("--etcd-keyfile=%s/%s", constants.EtcClientCredentialsMountPath, constants.TLSPrivateKeyDataKey),
+			fmt.Sprintf("--etcd-cafile=%s/%s", constants.EtcdClientCredentialsMountPath, constants.CaCertDataKey),
+			fmt.Sprintf("--etcd-certfile=%s/%s", constants.EtcdClientCredentialsMountPath, constants.TLSCertDataKey),
+			fmt.Sprintf("--etcd-keyfile=%s/%s", constants.EtcdClientCredentialsMountPath, constants.TLSPrivateKeyDataKey),
 			fmt.Sprintf("--etcd-servers=%s", etcdServers),
 		}
 		apiServerDeployment.Spec.Template.Spec.Containers[0].Command = append(apiServerDeployment.Spec.Template.Spec.Containers[0].Command, etcdClientCredentialsArgs...)
 
 		etcdClientCredentialsVolumeMount := corev1.VolumeMount{
-			Name:      constants.EtcClientCredentialsVolumeName,
-			MountPath: constants.EtcClientCredentialsMountPath,
+			Name:      constants.EtcdClientCredentialsVolumeName,
+			MountPath: constants.EtcdClientCredentialsMountPath,
 			ReadOnly:  true,
 		}
 		apiServerDeployment.Spec.Template.Spec.Containers[0].VolumeMounts = append(apiServerDeployment.Spec.Template.Spec.Containers[0].VolumeMounts, etcdClientCredentialsVolumeMount)
 
 		etcdClientCredentialsVolume := corev1.Volume{
-			Name: constants.EtcClientCredentialsVolumeName,
+			Name: constants.EtcdClientCredentialsVolumeName,
 			VolumeSource: corev1.VolumeSource{
 				Secret: &corev1.SecretVolumeSource{
 					SecretName: etcdCfg.External.SecretRef.Name,