vmware-tanzu · liu4480 · Mar 28, 2023
@@ -329,7 +329,7 @@ func (r *AntreaConfigReconciler) ensureProviderServiceAccount(ctx context.Contex
 }
 
 func (r *AntreaConfigReconciler) registerAntreaNSX(ctx context.Context, antreaConfig *cniv1alpha2.AntreaConfig, cluster *clusterapiv1beta1.Cluster) error {
-	if !antreaConfig.Spec.AntreaNsx.Enable || antreaConfig.Spec.AntreaNsx.BootstrapFrom.Inline != nil {
+	if !r.Config.AntreaNsxEnabledFSS || !antreaConfig.Spec.AntreaNsx.Enable || antreaConfig.Spec.AntreaNsx.BootstrapFrom.Inline != nil {
 		r.Log.Info("antreaNsx is not enabled or inline is set, there is no ProviderServiceAccount or NsxServiceAccount to be created")
 		r.deregisterAntreaNSX(ctx, antreaConfig, cluster)
 		return nil
@@ -354,7 +354,7 @@ func (r *AntreaConfigReconciler) registerAntreaNSX(ctx context.Context, antreaCo
 }
 
 func (r *AntreaConfigReconciler) deregisterAntreaNSX(ctx context.Context, antreaConfig *cniv1alpha2.AntreaConfig, cluster *clusterapiv1beta1.Cluster) error {
-	if !antreaConfig.Spec.AntreaNsx.Enable {
+	if !r.Config.AntreaNsxEnabledFSS || !antreaConfig.Spec.AntreaNsx.Enable {
 		r.Log.Info("antreaNsx is not enabled, there is no ProviderServiceAccount or NsxServiceAccount to be deleted")
 		return nil
 	}

@@ -34,6 +34,17 @@ kind: DockerCluster
 metadata:
   name: test-cluster-5
 ---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  labels:
+    app: addons-manager
+  name: vmware-system-tkg-addons-manager-config
+  namespace: tkg-system
+data:
+  addons-manager.conf: |
+    antreaNsxEnabled: true
+---
 apiVersion: cni.tanzu.vmware.com/v1alpha2
 kind: AntreaConfig
 metadata:

@@ -120,6 +120,7 @@ type addonFlags struct {
 	pprofBindAddress                string
 	tlsMinVersion                   string
 	tlsCipherSuites                 string
+	configFile                      string
 }
 
 func parseAddonFlags(addonFlags *addonFlags) {
@@ -164,6 +165,7 @@ func parseAddonFlags(addonFlags *addonFlags) {
 	flag.StringVar(&addonFlags.pprofBindAddress, "pprof-bind-addr", ":18318", "Bind address of pprof web server if enabled")
 	flag.StringVar(&addonFlags.tlsMinVersion, "tls-min-version", "1.2", "minimum TLS version in use by the webhook server. Recommended values are \"1.2\" and \"1.3\".")
 	flag.StringVar(&addonFlags.tlsCipherSuites, "tls-cipher-suites", "", "Comma-separated list of cipher suites for the server. If omitted, the default Go cipher suites will be used.\n"+fmt.Sprintf("Possible values are %s.", strings.Join(cliflag.TLSCipherPossibleValues(), ", ")))
+	flag.StringVar(&addonFlags.configFile, "config-file", "", "The path to set configuration file for addon manager")
 	flag.Parse()
 }
 
@@ -237,6 +239,9 @@ func main() {
 		os.Exit(1)
 	}
 
+	opt := addonconfig.NewOptions(ctrl.Log.WithName("controllers").WithName("Addon"))
+	opt.Complete(flags.configFile)
+
 	addonReconciler := &controllers.AddonReconciler{
 		Client: mgr.GetClient(),
 		Log:    ctrl.Log.WithName("controllers").WithName("Addon"),
@@ -251,14 +256,15 @@ func main() {
 			AddonImagePullPolicy:        flags.addonImagePullPolicy,
 			CorePackageRepoName:         flags.corePackageRepoName,
 			FeatureGateClusterBootstrap: flags.featureGateClusterBootstrap,
+			AntreaNsxEnabled:            opt.Config.AntreaNsxEnabled,
 		},
 	}
 	if err = addonReconciler.SetupWithManager(ctx, mgr, controller.Options{MaxConcurrentReconciles: flags.clusterConcurrency}); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "Addon")
 		os.Exit(1)
 	}
 	if flags.featureGateClusterBootstrap {
-		enableClusterBootstrapAndConfigControllers(ctx, mgr, flags)
+		enableClusterBootstrapAndConfigControllers(ctx, mgr, flags, opt.Config.AntreaNsxEnabled)
 		enableWebhooks(ctx, mgr, flags)
 	}
 
@@ -300,7 +306,7 @@ func setupChecks(mgr ctrl.Manager) {
 	}
 }
 
-func enableClusterBootstrapAndConfigControllers(ctx context.Context, mgr ctrl.Manager, flags *addonFlags) {
+func enableClusterBootstrapAndConfigControllers(ctx context.Context, mgr ctrl.Manager, flags *addonFlags, antreaNsxEnabled bool) {
 	if err := (&calicocontroller.CalicoConfigReconciler{
 		Client: mgr.GetClient(),
 		Log:    ctrl.Log.WithName("CalicoConfigController"),
@@ -317,7 +323,9 @@ func enableClusterBootstrapAndConfigControllers(ctx context.Context, mgr ctrl.Ma
 		Log:    ctrl.Log.WithName("AntreaConfigController"),
 		Scheme: mgr.GetScheme(),
 		Config: addonconfig.AntreaConfigControllerConfig{
-			ConfigControllerConfig: addonconfig.ConfigControllerConfig{SystemNamespace: flags.addonNamespace}},
+			ConfigControllerConfig: addonconfig.ConfigControllerConfig{SystemNamespace: flags.addonNamespace},
+			AntreaNsxEnabledFSS:    antreaNsxEnabled,
+		},
 	}).SetupWithManager(ctx, mgr, controller.Options{MaxConcurrentReconciles: 1}); err != nil {
 		setupLog.Error(err, "unable to create AntreaConfigController", "controller", "antrea")
 		os.Exit(1)

@@ -19,6 +19,7 @@ type AddonControllerConfig struct {
 	AddonImagePullPolicy        string
 	CorePackageRepoName         string
 	FeatureGateClusterBootstrap bool
+	AntreaNsxEnabled            bool
 }
 
 // ClusterBootstrapControllerConfig contains configuration information related to ClusterBootstrap
@@ -53,6 +54,7 @@ type ConfigControllerConfig struct {
 // AntreaConfigControllerConfig contains configuration information of AntreaConfig controller
 type AntreaConfigControllerConfig struct {
 	ConfigControllerConfig
+	AntreaNsxEnabledFSS bool
 }
 
 // CalicoConfigControllerConfig contains configuration information of CalicoConfig controller

@@ -0,0 +1,71 @@
+package config
+
+import (
+	"os"
+
+	"github.com/go-logr/logr"
+	"gopkg.in/yaml.v2"
+)
+
+const (
+	defaultConfigurationFile = "/etc/addons-manager/addons-manager.conf"
+)
+
+type Options struct {
+	// The path of configuration file
+	ConfigFile string
+	Config     *ControllerConfig
+	Log        logr.Logger
+}
+
+type ControllerConfig struct {
+	AntreaNsxEnabled bool `yaml:"antreaNsxEnabled,omitempty"`
+}
+
+func NewOptions(Log logr.Logger) *Options {
+	return &Options{
+		Config: new(ControllerConfig),
+		Log:    Log,
+	}
+}
+
+func (o *Options) Complete(configFile string) error {
+	o.setDefaults()
+	if configFile != "" {
+		_, err := os.Stat(configFile)
+		if err != nil {
+			o.Log.Info("configFile does not exist, will use default settings")
+			return nil
+		}
+		o.ConfigFile = configFile
+	}
+	if len(o.ConfigFile) > 0 {
+		o.Log.Info("config file is", o.ConfigFile)
+		err := o.loadConfigFromFile(o.ConfigFile)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (o *Options) setDefaults() {
+	if o.ConfigFile == "" {
+		o.ConfigFile = defaultConfigurationFile
+	}
+}
+
+func (o *Options) loadConfigFromFile(file string) error {
+	data, err := os.ReadFile(file)
+	if err != nil {
+		o.Log.Error(err, "failed to read file", file)
+		return err
+	}
+
+	o.Log.Info("read config from file", file, string(data))
+	err = yaml.UnmarshalStrict(data, o.Config)
+	if err != nil {
+		return err
+	}
+	return nil
+}
@@ -372,6 +372,7 @@ spec:
         - --feature-gate-cluster-bootstrap=true
         #@ if/end data.values.tanzuAddonsManager.featureGates.packageInstallStatus:
         - --feature-gate-package-install-status=true
+        - --config-file=/etc/addons-manager/addons-manager.conf
         image: addons-controller:latest
         imagePullPolicy: IfNotPresent
         name: tanzu-addons-controller
@@ -412,6 +413,20 @@ spec:
             valueFrom:
               fieldRef:
                 fieldPath: metadata.namespace
+        volumeMounts:
+          - mountPath: /etc/addons-manager
+            name: addons-manager-config
+            readOnly: true
+      volumes:
+        - name: addons-manager-config
+          projected:
+            sources:
+              - configMap:
+                  name: vmware-system-tkg-addons-manager-config
+                  items:
+                    - key: addons-manager.conf
+                      path: addons-manager.conf
+                  optional: true
       serviceAccount: tanzu-addons-manager-sa
       terminationGracePeriodSeconds: 10
       #@ if/end data.values.tanzuAddonsManager.deployment.hostNetwork: