✨ create default resources in code; block spoke delete until gone (#82)

* feat: create default resources in code; block spoke deletion until MC is gone

Signed-off-by: Artur Shad Nik <arturshadnik@gmail.com>

* chore: bump chart

Signed-off-by: Artur Shad Nik <arturshadnik@gmail.com>

---------

Signed-off-by: Artur Shad Nik <arturshadnik@gmail.com>

Author: arturshadnik

fleetconfig-controller/api/v1beta1/constants.go

@@ -222,3 +222,27 @@ const (
 	// BundleVersionDefault is the default OCM source version
 	BundleVersionDefault = "default"
 )
+
+// Topology resource names
+const (
+	// NamespaceManagedClusterSetGlobal is the namespace for the global managed cluster set
+	NamespaceManagedClusterSetGlobal = "managed-cluster-set-global"
+
+	// NamespaceManagedClusterSetDefault is the namespace for the default managed cluster set
+	NamespaceManagedClusterSetDefault = "managed-cluster-set-default"
+
+	// NamespaceManagedClusterSetSpokes is the namespace for the spokes managed cluster set
+	NamespaceManagedClusterSetSpokes = "managed-cluster-set-spokes"
+
+	// ManagedClusterSetGlobal is the name of the global managed cluster set
+	ManagedClusterSetGlobal = "global"
+
+	// ManagedClusterSetDefault is the name of the default managed cluster set
+	ManagedClusterSetDefault = "default"
+
+	// ManagedClusterSetSpokes is the name of the spokes managed cluster set
+	ManagedClusterSetSpokes = "spokes"
+
+	// PlacementSpokes is the name of the spokes placement
+	PlacementSpokes = "spokes"
+)

fleetconfig-controller/charts/fleetconfig-controller/README.md

@@ -143,9 +143,9 @@ Resource specifications for all klusterlet-managed containers.
 
 ### Topology Resources
 
-| Name                        | Description                                                                                                                                                                                                                                                                                                                                        | Value  |
-| --------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ |
-| `topologyResources.enabled` | Whether to create Namespaces and ManagedClusterSetBindings for the default ManagedClusterSets created when a FleetConfig is created with the DefaultClusterSet feature gate enabled. Additionally, a Namespace, ManagedClusterSet, and Placement are created for targeting all managed clusters that are not the hub running in hub-as-spoke mode. | `true` |
+| Name                        | Description                                                                                                                                                                                                                                                                                                                                | Value  |
+| --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------ |
+| `topologyResources.enabled` | Whether to create Namespaces and ManagedClusterSetBindings for the default ManagedClusterSets created when a Hub is created with the DefaultClusterSet feature gate enabled. Additionally, a Namespace, ManagedClusterSet, and Placement are created for targeting all managed clusters that are not the hub running in hub-as-spoke mode. | `true` |
 
 ### fleetconfig-controller parameters
 
@@ -158,7 +158,7 @@ Resource specifications for all klusterlet-managed containers.
 | `replicas`                                          | fleetconfig-controller replica count                                                                                                                                       | `1`                                                      |
 | `imageRegistry`                                     | Image registry                                                                                                                                                             | `""`                                                     |
 | `image.repository`                                  | Image repository                                                                                                                                                           | `quay.io/open-cluster-management/fleetconfig-controller` |
-| `image.tag`                                         | Image tag                                                                                                                                                                  | `v0.1.4`                                                 |
+| `image.tag`                                         | Image tag                                                                                                                                                                  | `v0.1.5`                                                 |
 | `image.pullPolicy`                                  | Image pull policy                                                                                                                                                          | `IfNotPresent`                                           |
 | `imagePullSecrets`                                  | Image pull secrets                                                                                                                                                         | `[]`                                                     |
 | `serviceAccount.annotations`                        | Annotations to add to the service account                                                                                                                                  | `{}`                                                     |

fleetconfig-controller/charts/fleetconfig-controller/templates/deployment.yaml

@@ -44,6 +44,7 @@ spec:
         - "--instance-type=unified"
         {{- end }}
         - "--enable-legacy-controllers={{ .Values.enableLegacyControllers | default false }}"
+        - "--enable-topology-resources={{ .Values.topologyResources.enabled | default true }}"
         command:
         - /manager
         env:

fleetconfig-controller/charts/fleetconfig-controller/templates/ocm/topology-resources.yaml

@@ -265,7 +265,7 @@ fleetConfig:
 
 ## @section Topology Resources
 
-## @param topologyResources.enabled Whether to create Namespaces and ManagedClusterSetBindings for the default ManagedClusterSets created when a FleetConfig is created with the DefaultClusterSet feature gate enabled. Additionally, a Namespace, ManagedClusterSet, and Placement are created for targeting all managed clusters that are not the hub running in hub-as-spoke mode.
+## @param topologyResources.enabled Whether to create Namespaces and ManagedClusterSetBindings for the default ManagedClusterSets created when a Hub is created with the DefaultClusterSet feature gate enabled. Additionally, a Namespace, ManagedClusterSet, and Placement are created for targeting all managed clusters that are not the hub running in hub-as-spoke mode.
 topologyResources:
   enabled: true
 
@@ -294,7 +294,7 @@ imageRegistry: ""
 ## @param image.pullPolicy Image pull policy
 image:
   repository: quay.io/open-cluster-management/fleetconfig-controller
-  tag: v0.1.4
+  tag: v0.1.5
   pullPolicy: IfNotPresent
 
 ## @param imagePullSecrets Image pull secrets

fleetconfig-controller/charts/fleetconfig-controller/values.yaml

@@ -36,6 +36,8 @@ import (
 	apiv1alpha1 "github.com/open-cluster-management-io/lab/fleetconfig-controller/api/v1alpha1"
 	apiv1beta1 "github.com/open-cluster-management-io/lab/fleetconfig-controller/api/v1beta1"
 	"github.com/open-cluster-management-io/lab/fleetconfig-controller/cmd/manager"
+	clusterv1beta1 "open-cluster-management.io/api/cluster/v1beta1"
+	clusterv1beta2 "open-cluster-management.io/api/cluster/v1beta2"
 	// +kubebuilder:scaffold:imports
 )
 
@@ -49,6 +51,8 @@ func init() {
 
 	utilruntime.Must(apiv1alpha1.AddToScheme(scheme))
 	utilruntime.Must(apiv1beta1.AddToScheme(scheme))
+	utilruntime.Must(clusterv1beta1.AddToScheme(scheme))
+	utilruntime.Must(clusterv1beta2.AddToScheme(scheme))
 	// +kubebuilder:scaffold:scheme
 }
 
@@ -70,6 +74,7 @@ func main() {
 	flag.IntVar(&mOpts.SpokeConcurrentReconciles, "spoke-concurrent-reconciles", apiv1beta1.SpokeDefaultMaxConcurrentReconciles, fmt.Sprintf("Maximum number of Spoke resources that may be reconciled in parallel. Defaults to %d.", apiv1beta1.SpokeDefaultMaxConcurrentReconciles))
 	flag.StringVar(&mOpts.InstanceType, "instance-type", apiv1beta1.InstanceTypeManager, fmt.Sprintf("The type of cluster that this controller instance is installed in. Defaults to %s", apiv1beta1.InstanceTypeManager))
 	flag.BoolVar(&mOpts.EnableLegacyControllers, "enable-legacy-controllers", false, "Enable legacy FleetConfig resource and controllers")
+	flag.BoolVar(&mOpts.EnableTopologyResources, "enable-topology-resources", true, "Enable automatic creation of topology resources (namespaces, cluster sets, bindings, and placements)")
 
 	zOpts := zap.Options{
 		Development: true,

fleetconfig-controller/cmd/main.go

@@ -3,6 +3,7 @@ package manager
 
 import (
 	"bytes"
+	"context"
 	"crypto/tls"
 	"fmt"
 	"os"
@@ -17,6 +18,7 @@ import (
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/cache"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/manager"
 	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 
@@ -42,6 +44,7 @@ type Options struct {
 	SpokeConcurrentReconciles int
 	InstanceType              string
 	EnableLegacyControllers   bool
+	EnableTopologyResources   bool
 	Scheme                    *runtime.Scheme
 }
 
@@ -100,34 +103,50 @@ func ForHub(setupLog logr.Logger, opts Options) (ctrl.Manager, error) {
 		return nil, err
 	}
 
-	if err := (&controllerv1beta1.HubReconciler{
+	if opts.EnableTopologyResources {
+		setupLog.Info("creating topology resources")
+		// Wait for cache to sync before setting up controllers
+		if err = mgr.Add(manager.RunnableFunc(func(ctx context.Context) error {
+			setupLog.Info("waiting for cache to sync")
+			if !mgr.GetCache().WaitForCacheSync(ctx) {
+				err = fmt.Errorf("cache sync failed")
+				setupLog.Error(err, "failed to sync cache")
+				return ctx.Err()
+			}
+
+			setupLog.Info("cache synced successfully")
+			if err := createTopologyResources(ctx, mgr.GetClient(), setupLog); err != nil {
+				setupLog.Error(err, "failed to create topology resources at startup")
+				return err
+			}
+			setupLog.Info("topology resources created successfully")
+			return nil
+		})); err != nil {
+			return nil, err
+		}
+	}
+
+	hubReconciler := &controllerv1beta1.HubReconciler{
 		Client: mgr.GetClient(),
 		Log:    ctrl.Log.WithName("controllers").WithName("Hub"),
 		Scheme: mgr.GetScheme(),
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "Hub")
-		return nil, err
 	}
-	if err := (&controllerv1beta1.SpokeReconciler{
+
+	spokeReconciler := &controllerv1beta1.SpokeReconciler{
 		Client:               mgr.GetClient(),
 		Log:                  ctrl.Log.WithName("controllers").WithName("Spoke"),
 		ConcurrentReconciles: opts.SpokeConcurrentReconciles,
 		Scheme:               mgr.GetScheme(),
 		InstanceType:         opts.InstanceType,
-	}).SetupWithManagerForHub(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "Spoke")
+	}
+	if err := hubReconciler.SetupWithManager(mgr); err != nil {
+		setupLog.Error(err, "unable to create controller", "controller", "Hub")
 		return nil, err
 	}
 
-	if opts.EnableLegacyControllers {
-		if err = (&controllerv1alpha1.FleetConfigReconciler{
-			Client: mgr.GetClient(),
-			Log:    ctrl.Log.WithName("controllers").WithName("FleetConfig"),
-			Scheme: mgr.GetScheme(),
-		}).SetupWithManager(mgr); err != nil {
-			setupLog.Error(err, "unable to create controller", "controller", "FleetConfig")
-			return nil, err
-		}
+	if err := spokeReconciler.SetupWithManagerForHub(mgr); err != nil {
+		setupLog.Error(err, "unable to create controller", "controller", "Spoke")
+		return nil, err
 	}
 
 	// nolint:goconst
@@ -140,13 +159,24 @@ func ForHub(setupLog logr.Logger, opts Options) (ctrl.Manager, error) {
 			setupLog.Error(err, "unable to create webhook", "webhook", "Spoke")
 			return nil, err
 		}
-		if opts.EnableLegacyControllers {
-			if err = apiv1alpha1.SetupFleetConfigWebhookWithManager(mgr); err != nil {
-				setupLog.Error(err, "unable to create webhook", "webhook", "FleetConfig")
-				return nil, err
-			}
+	}
+
+	if opts.EnableLegacyControllers {
+		fleetConfigReconciler := &controllerv1alpha1.FleetConfigReconciler{
+			Client: mgr.GetClient(),
+			Log:    ctrl.Log.WithName("controllers").WithName("FleetConfig"),
+			Scheme: mgr.GetScheme(),
+		}
+		if err = fleetConfigReconciler.SetupWithManager(mgr); err != nil {
+			setupLog.Error(err, "unable to create controller", "controller", "FleetConfig")
+			return nil, err
+		}
+		if err = apiv1alpha1.SetupFleetConfigWebhookWithManager(mgr); err != nil {
+			setupLog.Error(err, "unable to create webhook", "webhook", "FleetConfig")
+			return nil, err
 		}
 	}
+
 	return mgr, nil
 }