diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..852a8df --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,23 @@ + + +**What this PR does / why we need it**: + +**Which issue(s) this PR fixes** *(optional, in `fixes #(, fixes #, ...)` format, will close +the issue(s) when PR gets merged)*: +Fixes # + +**Special notes for your reviewer**: + +**Does this PR introduce a user-facing change?**: + + +```release-note +``` diff --git a/.prow.yaml b/.prow.yaml new file mode 100644 index 0000000..b57cd2e --- /dev/null +++ b/.prow.yaml @@ -0,0 +1,28 @@ +# Copyright 2020 The KubeLB Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# presubmits: +# - name: pre-kubelb-verify-boilerplate +# always_run: true +# decorate: true +# clone_uri: "ssh://git@github.com/kubermatic/kubelb.git" +# spec: +# containers: +# - image: quay.io/kubermatic-labs/boilerplate:v0.1.1 +# command: +# - ./hack/verify-boilerplate.sh +# resources: +# requests: +# cpu: 200m +# memory: 256Mi diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..b595a0c --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,36 @@ +# Kubermatic Community Code of Conduct + +## Contributor Code of Conduct + +As contributors and maintainers of this project, and in the interest of fostering an open and welcoming community, we +pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, +submitting pull requests or patches, and other activities. + +We are committed to making participation in this project a harassment-free experience for everyone, regardless of level +of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, +race, ethnicity, age, religion, or nationality. + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery +* Personal attacks +* Trolling or insulting/derogatory comments +* Public or private harassment +* Publishing others' private information, such as physical or electronic addresses, without explicit permission +* Other unethical or unprofessional conduct. + +Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, +issues, and other contributions that are not aligned to this Code of Conduct. By adopting this Code of Conduct, project +maintainers commit themselves to fairly and consistently applying these principles to every aspect of managing this +project. Project maintainers who do not follow or enforce the Code of Conduct may be permanently removed from the +project team. + +This code of conduct applies both within project spaces and in public spaces when an individual is representing the +project or its community. + +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the Kubermatic Conduct +Committee via coc@kubermatic.com. + +This Code of Conduct is adapted from +the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md) +and [Contributor Covenant](http://contributor-covenant.org/version/1/2/0/), version 1.2.0. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..2677ad4 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,104 @@ +# How to Contribute + +Kubermatic projects are [Apache 2.0 licensed](LICENSE) and accept contributions via GitHub pull requests. This document +outlines some of the conventions on development workflow, commit message formatting, contact points and other resources +to make it easier to get your contribution accepted. + +## Certificate of Origin + +By contributing to this project you agree to the Developer Certificate of Origin (DCO). This document was created by the +Linux Kernel community and is a simple statement that you, as a contributor, have the legal right to make the +contribution. See the [DCO](DCO) file for details. + +Any copyright notices in this repo should specify the authors as "the Kubermatic KubeLB project contributors". + +To sign your work, just add a line like this at the end of your commit message: + +``` +Signed-off-by: Joe Example +``` + +This can easily be done with the `--signoff` option to `git commit`. + +Note that we're requiring all commits in a PR to be signed-off. If you already created a PR, you can sign-off all +existing commits by rebasing with the `--signoff` flag. + +``` +git rebase --signoff origin/master +``` + +By doing this you state that you can certify the following (from https://developercertificate.org/): + +``` +Developer Certificate of Origin +Version 1.1 + +Copyright (C) 2004, 2006 The Linux Foundation and its contributors. +1 Letterman Drive +Suite D4700 +San Francisco, CA, 94129 + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + + +Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +(a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +(b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +(c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +(d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. +``` + +## Email and Chat + +The KubeLB project currently uses the general Kubermatic email list and Slack channel: + +- Email: [kubermatic-dev](https://groups.google.com/forum/#!forum/kubermatic-dev) +- Slack: #[Slack](http://slack.kubermatic.io/) on Slack + +Please avoid emailing maintainers found in the MAINTAINERS file directly. They are very busy and read the mailing lists. + +## Reporting a security vulnerability + +Due to their public nature, GitHub and mailing lists are not appropriate places for reporting vulnerabilities. If you +suspect you have found a security vulnerability, please do not file a GitHub issue, but instead email +security@kubermatic.com with the full details, including steps to reproduce the issue. + +## Getting Started + +- Fork the repository on GitHub +- Read the [README](README.md) for build and test instructions +- Play with the project, submit bugs, submit patches! + +### Contribution Flow + +This is a rough outline of what a contributor's workflow looks like: + +- Create a topic branch from where you want to base your work (usually master). +- Make commits of logical units. +- Make sure your commit messages are in the proper format (see below). +- Push your changes to a topic branch in your fork of the repository. +- Make sure the tests pass, and add any new tests as appropriate. +- Submit a pull request to the original repository. + +Thanks for your contributions! diff --git a/DCO b/DCO new file mode 100644 index 0000000..716561d --- /dev/null +++ b/DCO @@ -0,0 +1,36 @@ +Developer Certificate of Origin +Version 1.1 + +Copyright (C) 2004, 2006 The Linux Foundation and its contributors. +660 York Street, Suite 102, +San Francisco, CA 94110 USA + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + + +Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +(a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +(b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +(c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +(d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..84e6db4 --- /dev/null +++ b/LICENSE @@ -0,0 +1,176 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS \ No newline at end of file diff --git a/NOTICE b/NOTICE new file mode 100644 index 0000000..e678ecc --- /dev/null +++ b/NOTICE @@ -0,0 +1,5 @@ +Kubermatic Project +Copyright 2020 Kubermatic GmbH + +This product includes software developed at Kubermatic GmbH. +(http://www.kubermatic.com/). diff --git a/README.md b/README.md new file mode 100644 index 0000000..b7540dd --- /dev/null +++ b/README.md @@ -0,0 +1,98 @@ +# KubeLB + +## Overview + +KubeLB is in an open source project to centrally manage load balancers across multicloud and on-prem. + +## Architecture + +The overall implementation contains two different parts: + +**Agent**: Controller which is deployed in every user cluster. It watches for Services, Ingresses and node changes. + +**Manager**: Controller which is responsible for deploying and configuring the actual LoadBalancer. Runs inside the load +balancer cluster. + +**Load balancer cluster requirements:** + +* Service type "LoadBalancer" implementation (This can be a cloud solution, or some single cluster implementations) + +* Ingress controller installation + +* Network access to the user cluster nodes with node port range (default: 30000-32767) + +**User cluster requirements:** + +* Load balancer cluster API access + +## Installation + +We strongly recommend that you use an [official release][3] of KubeLB. The tarballs for each release contain the +version-specific sample YAML files for deploying KubeLB to your cluster. + +_The code and sample YAML files in the main branch of the KubeLB repository are under active development and are not +guaranteed to be stable. Use them at your own risk!_ + +Make sure your current cluster configuration for kubectl points to the correct cluster. + +You probably want to change the default configuration of the agent or manager. + +To do so, you can edit the deployment with your parameters in the config/agent/deployment or config/manager/deployment +directory. + +**Manager** + +Deploy the manager to the load balancer cluster + +Install the LoadBalancers CRD: `make install` + +Deploy to load balancer cluster: `make deploy-manager` + +**Agent** + +Deploy the agent to every user cluster where you want to use KubeLB + +The agent expects a configmap with a kubeconf file to access the load balancer cluster. + +To create such run: `kubectl create --namespace kubelb configmap kubelb --from-file ` + +Deploy to user cluster: `make deploy-agent` + +## Troubleshooting + +If you encounter issues [file an issue][1] or talk to us on the [#KubeLB channel][12] on the [Kubermatic Slack][15]. + +## Contributing + +Thanks for taking the time to join our community and start contributing! + +Feedback and discussion are available on [the mailing list][11]. + +### Before you start + +* Please familiarize yourself with the [Code of Conduct][4] before contributing. +* See [CONTRIBUTING.md][2] for instructions on the developer certificate of origin that we require. + +### Pull requests + +* We welcome pull requests. Feel free to dig through the [issues][1] and jump in. + +## Changelog + +See [the list of releases][3] to find out about feature changes. + +[1]: https://github.com/kubermatic/KubeLB/issues + +[2]: https://github.com/kubermatic/KubeLB/blob/main/CONTRIBUTING.md + +[3]: https://github.com/kubermatic/KubeLB/releases + +[4]: https://github.com/kubermatic/KubeLB/blob/main/CODE_OF_CONDUCT.md + +[11]: https://groups.google.com/forum/#!forum/kubelb-dev + +[12]: https://kubermatic.slack.com/messages/kubelb + +[15]: http://slack.kubermatic.io/ + +[21]: https://kubermatic.github.io/KubeLB/ diff --git a/Readme.md b/Readme.md deleted file mode 100644 index ac79e30..0000000 --- a/Readme.md +++ /dev/null @@ -1,21 +0,0 @@ -# KubeLB - -**Work in progress** - -Control-plane for multicluster loadbalancing. - -## Agent - -Watches for Services, Ingress and node Changes inside the user cluster and creates a CRD accordingly inside the LB -cluster - -## Manager - -Watches for it's CRD and configures the load balancer inside the LB cluster accordingly. - -## Todo's - -Remove all biolerplate code and cleanup some autgenerated files - -Linting -> golangci-lint - diff --git a/config/agent/deployment/agent.yaml b/config/agent/deployment/agent.yaml index 51968ef..03fff96 100644 --- a/config/agent/deployment/agent.yaml +++ b/config/agent/deployment/agent.yaml @@ -52,13 +52,13 @@ spec: cpu: 100m memory: 20Mi volumeMounts: - - name: kubelb-cfg + - name: kubelb mountPath: "/home/nonroot/.kube/" readOnly: true volumes: - - name: kubelb-cfg + - name: kubelb configMap: - name: kubelb-cfg + name: kubelb imagePullSecrets: - name: regcred terminationGracePeriodSeconds: 10 diff --git a/hack/verify-boilerplate.sh b/hack/verify-boilerplate.sh new file mode 100755 index 0000000..17a436a --- /dev/null +++ b/hack/verify-boilerplate.sh @@ -0,0 +1,23 @@ +#!/usr/bin/env bash +# Copyright 2020 The KubeLB Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +set -euo pipefail + +cd $(dirname $0)/.. + +boilerplate \ + -boilerplates hack/boilerplate/ \ + .