From fc585fe30de31ddb825dfe1f2ff5a1087e80cce3 Mon Sep 17 00:00:00 2001 From: Antonin Bas Date: Wed, 9 Feb 2022 12:39:27 -0800 Subject: [PATCH] Remove all legacy (*.antrea.tanzu.vmware.com) APIs These APIs were scheduled for deletion in December 2021. So it seems reasonable to remove them in Antrea v1.6, without causing significant disruption to users. As part of this, the CRD mirroring controller code can be removed entirely and the legacyCRDMirroring config option for the controller is deprecated (it's a no-op and users trying to set this option to anything will see a warning in the logs). The API dcoumentation is updated. We add a note to inform users who may still be using Antrea pre-v1.0 that they will need to make an intermediate upgrade first and migrate their CRDs, if they want to upgrade to Antrea >= v1.6. Fixes #3298 Signed-off-by: Antonin Bas --- build/yamls/antrea-aks.yml | 2330 +++------------ build/yamls/antrea-eks.yml | 2330 +++------------ build/yamls/antrea-gke.yml | 2330 +++------------ build/yamls/antrea-ipsec.yml | 2330 +++------------ build/yamls/antrea-kind.yml | 2330 +++------------ build/yamls/antrea.yml | 2330 +++------------ build/yamls/base/agent-rbac.yml | 5 - build/yamls/base/antctl.yml | 5 - build/yamls/base/conf/antrea-controller.conf | 14 - build/yamls/base/controller-rbac.yml | 96 +- build/yamls/base/controller.yml | 146 - build/yamls/base/crds-rbac.yml | 18 - build/yamls/base/crds.yml | 1269 --------- cmd/antrea-agent/agent.go | 6 +- cmd/antrea-controller/controller.go | 96 +- cmd/antrea-controller/options.go | 10 +- docs/api.md | 46 +- hack/update-codegen-dockerized.sh | 46 - pkg/apiserver/apiserver.go | 40 +- pkg/config/controller/config.go | 2 +- .../crdmirroring/crdhandler/clustergroup.go | 144 - .../crdhandler/clusternetworkpolicy.go | 144 - .../crdmirroring/crdhandler/externalentity.go | 124 - .../crdmirroring/crdhandler/networkpolicy.go | 152 - pkg/controller/crdmirroring/crdhandler/ops.go | 147 - .../crdmirroring/crdhandler/tier.go | 121 - .../crdmirroring/crdhandler/utils.go | 35 - .../crdmirroring/crdmirroring_controller.go | 331 --- .../crdmirroring_controller_test.go | 1608 ----------- .../crdmirroring/types/interface.go | 27 - pkg/controller/crdmirroring/types/types.go | 22 - .../clusterinformation/v1beta1/doc.go | 20 - .../clusterinformation/v1beta1/register.go | 56 - .../clusterinformation/v1beta1/types.go | 73 - .../v1beta1/zz_generated.deepcopy.go | 170 -- pkg/legacyapis/controlplane/doc.go | 24 - .../controlplane/install/install.go | 30 - pkg/legacyapis/controlplane/register.go | 64 - .../controlplane/v1beta2/conversion.go | 46 - pkg/legacyapis/controlplane/v1beta2/doc.go | 22 - .../controlplane/v1beta2/register.go | 81 - pkg/legacyapis/core/doc.go | 18 - pkg/legacyapis/core/register.go | 20 - pkg/legacyapis/core/v1alpha2/doc.go | 19 - pkg/legacyapis/core/v1alpha2/register.go | 55 - pkg/legacyapis/core/v1alpha2/types.go | 67 - pkg/legacyapis/core/v1alpha2/webhook.go | 81 - .../core/v1alpha2/zz_generated.deepcopy.go | 145 - pkg/legacyapis/ops/v1alpha1/doc.go | 20 - pkg/legacyapis/ops/v1alpha1/register.go | 54 - pkg/legacyapis/ops/v1alpha1/types.go | 40 - .../ops/v1alpha1/zz_generated.deepcopy.go | 85 - pkg/legacyapis/security/doc.go | 18 - pkg/legacyapis/security/register.go | 20 - pkg/legacyapis/security/v1alpha1/doc.go | 19 - pkg/legacyapis/security/v1alpha1/register.go | 57 - pkg/legacyapis/security/v1alpha1/types.go | 94 - .../v1alpha1/zz_generated.deepcopy.go | 206 -- pkg/legacyapis/stats/doc.go | 21 - pkg/legacyapis/stats/install/install.go | 30 - pkg/legacyapis/stats/register.go | 57 - pkg/legacyapis/stats/v1alpha1/doc.go | 22 - pkg/legacyapis/stats/v1alpha1/register.go | 54 - pkg/legacyapis/system/doc.go | 19 - pkg/legacyapis/system/install/install.go | 28 - pkg/legacyapis/system/v1beta1/doc.go | 22 - pkg/legacyapis/system/v1beta1/register.go | 63 - .../clientset/versioned/clientset.go | 179 -- pkg/legacyclient/clientset/versioned/doc.go | 18 - .../versioned/fake/clientset_generated.go | 122 - .../clientset/versioned/fake/doc.go | 18 - .../clientset/versioned/fake/register.go | 66 - .../clientset/versioned/scheme/doc.go | 18 - .../clientset/versioned/scheme/register.go | 66 - .../v1beta1/antreaagentinfo.go | 166 -- .../v1beta1/antreacontrollerinfo.go | 166 -- .../v1beta1/clusterinformation_client.go | 92 - .../typed/clusterinformation/v1beta1/doc.go | 18 - .../clusterinformation/v1beta1/fake/doc.go | 18 - .../v1beta1/fake/fake_antreaagentinfo.go | 120 - .../v1beta1/fake/fake_antreacontrollerinfo.go | 120 - .../fake/fake_clusterinformation_client.go | 42 - .../v1beta1/generated_expansion.go | 21 - .../v1beta2/controlplane_client.go | 82 - .../typed/controlplane/v1beta2/doc.go | 18 - .../typed/controlplane/v1beta2/fake/doc.go | 18 - .../v1beta2/fake/fake_controlplane_client.go | 33 - .../v1beta2/generated_expansion.go | 17 - .../typed/core/v1alpha2/clustergroup.go | 182 -- .../typed/core/v1alpha2/core_client.go | 92 - .../versioned/typed/core/v1alpha2/doc.go | 18 - .../typed/core/v1alpha2/externalentity.go | 176 -- .../versioned/typed/core/v1alpha2/fake/doc.go | 18 - .../core/v1alpha2/fake/fake_clustergroup.go | 131 - .../core/v1alpha2/fake/fake_core_client.go | 42 - .../core/v1alpha2/fake/fake_externalentity.go | 128 - .../core/v1alpha2/generated_expansion.go | 21 - .../versioned/typed/ops/v1alpha1/doc.go | 18 - .../versioned/typed/ops/v1alpha1/fake/doc.go | 18 - .../ops/v1alpha1/fake/fake_ops_client.go | 38 - .../typed/ops/v1alpha1/fake/fake_traceflow.go | 131 - .../typed/ops/v1alpha1/generated_expansion.go | 19 - .../typed/ops/v1alpha1/ops_client.go | 87 - .../versioned/typed/ops/v1alpha1/traceflow.go | 182 -- .../security/v1alpha1/clusternetworkpolicy.go | 182 -- .../versioned/typed/security/v1alpha1/doc.go | 18 - .../typed/security/v1alpha1/fake/doc.go | 18 - .../fake/fake_clusternetworkpolicy.go | 131 - .../v1alpha1/fake/fake_networkpolicy.go | 140 - .../v1alpha1/fake/fake_security_client.go | 46 - .../typed/security/v1alpha1/fake/fake_tier.go | 120 - .../security/v1alpha1/generated_expansion.go | 23 - .../typed/security/v1alpha1/networkpolicy.go | 193 -- .../security/v1alpha1/security_client.go | 97 - .../versioned/typed/security/v1alpha1/tier.go | 166 -- .../versioned/typed/stats/v1alpha1/doc.go | 18 - .../typed/stats/v1alpha1/fake/doc.go | 18 - .../stats/v1alpha1/fake/fake_stats_client.go | 33 - .../stats/v1alpha1/generated_expansion.go | 17 - .../typed/stats/v1alpha1/stats_client.go | 82 - .../versioned/typed/system/v1beta1/doc.go | 18 - .../typed/system/v1beta1/fake/doc.go | 18 - .../system/v1beta1/fake/fake_system_client.go | 33 - .../system/v1beta1/generated_expansion.go | 17 - .../typed/system/v1beta1/system_client.go | 82 - .../clusterinformation/interface.go | 44 - .../v1beta1/antreaagentinfo.go | 87 - .../v1beta1/antreacontrollerinfo.go | 87 - .../clusterinformation/v1beta1/interface.go | 50 - .../externalversions/core/interface.go | 44 - .../core/v1alpha2/clustergroup.go | 87 - .../core/v1alpha2/externalentity.go | 88 - .../core/v1alpha2/interface.go | 50 - .../informers/externalversions/factory.go | 196 -- .../informers/externalversions/generic.go | 83 - .../internalinterfaces/factory_interfaces.go | 38 - .../externalversions/ops/interface.go | 44 - .../ops/v1alpha1/interface.go | 43 - .../ops/v1alpha1/traceflow.go | 87 - .../externalversions/security/interface.go | 44 - .../security/v1alpha1/clusternetworkpolicy.go | 87 - .../security/v1alpha1/interface.go | 57 - .../security/v1alpha1/networkpolicy.go | 88 - .../security/v1alpha1/tier.go | 87 - .../v1beta1/antreaagentinfo.go | 66 - .../v1beta1/antreacontrollerinfo.go | 66 - .../v1beta1/expansion_generated.go | 25 - .../listers/core/v1alpha2/clustergroup.go | 66 - .../core/v1alpha2/expansion_generated.go | 29 - .../listers/core/v1alpha2/externalentity.go | 97 - .../ops/v1alpha1/expansion_generated.go | 21 - .../listers/ops/v1alpha1/traceflow.go | 66 - .../security/v1alpha1/clusternetworkpolicy.go | 66 - .../security/v1alpha1/expansion_generated.go | 33 - .../security/v1alpha1/networkpolicy.go | 97 - .../listers/security/v1alpha1/tier.go | 66 - pkg/monitor/agent.go | 101 +- pkg/monitor/controller.go | 127 +- pkg/util/k8s/client.go | 15 - test/e2e/antreapolicy_test.go | 17 - test/e2e/framework.go | 7 - test/e2e/k8s_util.go | 218 -- test/e2e/legacyantreapolicy_test.go | 2496 ----------------- test/e2e/legacyclustergroup_test.go | 261 -- test/e2e/utils/anpspecbuilder.go | 17 - test/e2e/utils/cgspecbuilder.go | 10 - test/e2e/utils/cnpspecbuilder.go | 16 - 167 files changed, 2127 insertions(+), 27990 deletions(-) delete mode 100644 pkg/controller/crdmirroring/crdhandler/clustergroup.go delete mode 100644 pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go delete mode 100644 pkg/controller/crdmirroring/crdhandler/externalentity.go delete mode 100644 pkg/controller/crdmirroring/crdhandler/networkpolicy.go delete mode 100644 pkg/controller/crdmirroring/crdhandler/ops.go delete mode 100644 pkg/controller/crdmirroring/crdhandler/tier.go delete mode 100644 pkg/controller/crdmirroring/crdhandler/utils.go delete mode 100644 pkg/controller/crdmirroring/crdmirroring_controller.go delete mode 100644 pkg/controller/crdmirroring/crdmirroring_controller_test.go delete mode 100644 pkg/controller/crdmirroring/types/interface.go delete mode 100644 pkg/controller/crdmirroring/types/types.go delete mode 100644 pkg/legacyapis/clusterinformation/v1beta1/doc.go delete mode 100644 pkg/legacyapis/clusterinformation/v1beta1/register.go delete mode 100644 pkg/legacyapis/clusterinformation/v1beta1/types.go delete mode 100644 pkg/legacyapis/clusterinformation/v1beta1/zz_generated.deepcopy.go delete mode 100644 pkg/legacyapis/controlplane/doc.go delete mode 100644 pkg/legacyapis/controlplane/install/install.go delete mode 100644 pkg/legacyapis/controlplane/register.go delete mode 100644 pkg/legacyapis/controlplane/v1beta2/conversion.go delete mode 100644 pkg/legacyapis/controlplane/v1beta2/doc.go delete mode 100644 pkg/legacyapis/controlplane/v1beta2/register.go delete mode 100644 pkg/legacyapis/core/doc.go delete mode 100644 pkg/legacyapis/core/register.go delete mode 100644 pkg/legacyapis/core/v1alpha2/doc.go delete mode 100644 pkg/legacyapis/core/v1alpha2/register.go delete mode 100644 pkg/legacyapis/core/v1alpha2/types.go delete mode 100644 pkg/legacyapis/core/v1alpha2/webhook.go delete mode 100644 pkg/legacyapis/core/v1alpha2/zz_generated.deepcopy.go delete mode 100644 pkg/legacyapis/ops/v1alpha1/doc.go delete mode 100644 pkg/legacyapis/ops/v1alpha1/register.go delete mode 100644 pkg/legacyapis/ops/v1alpha1/types.go delete mode 100644 pkg/legacyapis/ops/v1alpha1/zz_generated.deepcopy.go delete mode 100644 pkg/legacyapis/security/doc.go delete mode 100644 pkg/legacyapis/security/register.go delete mode 100644 pkg/legacyapis/security/v1alpha1/doc.go delete mode 100644 pkg/legacyapis/security/v1alpha1/register.go delete mode 100644 pkg/legacyapis/security/v1alpha1/types.go delete mode 100644 pkg/legacyapis/security/v1alpha1/zz_generated.deepcopy.go delete mode 100644 pkg/legacyapis/stats/doc.go delete mode 100644 pkg/legacyapis/stats/install/install.go delete mode 100644 pkg/legacyapis/stats/register.go delete mode 100644 pkg/legacyapis/stats/v1alpha1/doc.go delete mode 100644 pkg/legacyapis/stats/v1alpha1/register.go delete mode 100644 pkg/legacyapis/system/doc.go delete mode 100644 pkg/legacyapis/system/install/install.go delete mode 100644 pkg/legacyapis/system/v1beta1/doc.go delete mode 100644 pkg/legacyapis/system/v1beta1/register.go delete mode 100644 pkg/legacyclient/clientset/versioned/clientset.go delete mode 100644 pkg/legacyclient/clientset/versioned/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/fake/clientset_generated.go delete mode 100644 pkg/legacyclient/clientset/versioned/fake/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/fake/register.go delete mode 100644 pkg/legacyclient/clientset/versioned/scheme/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/scheme/register.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/fake_controlplane_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/generated_expansion.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/clustergroup.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/core_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/externalentity.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/generated_expansion.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/ops_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/traceflow.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/generated_expansion.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/networkpolicy.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/security_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/tier.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/stats_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/doc.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/generated_expansion.go delete mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/system_client.go delete mode 100644 pkg/legacyclient/informers/externalversions/clusterinformation/interface.go delete mode 100644 pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go delete mode 100644 pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go delete mode 100644 pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/interface.go delete mode 100644 pkg/legacyclient/informers/externalversions/core/interface.go delete mode 100644 pkg/legacyclient/informers/externalversions/core/v1alpha2/clustergroup.go delete mode 100644 pkg/legacyclient/informers/externalversions/core/v1alpha2/externalentity.go delete mode 100644 pkg/legacyclient/informers/externalversions/core/v1alpha2/interface.go delete mode 100644 pkg/legacyclient/informers/externalversions/factory.go delete mode 100644 pkg/legacyclient/informers/externalversions/generic.go delete mode 100644 pkg/legacyclient/informers/externalversions/internalinterfaces/factory_interfaces.go delete mode 100644 pkg/legacyclient/informers/externalversions/ops/interface.go delete mode 100644 pkg/legacyclient/informers/externalversions/ops/v1alpha1/interface.go delete mode 100644 pkg/legacyclient/informers/externalversions/ops/v1alpha1/traceflow.go delete mode 100644 pkg/legacyclient/informers/externalversions/security/interface.go delete mode 100644 pkg/legacyclient/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go delete mode 100644 pkg/legacyclient/informers/externalversions/security/v1alpha1/interface.go delete mode 100644 pkg/legacyclient/informers/externalversions/security/v1alpha1/networkpolicy.go delete mode 100644 pkg/legacyclient/informers/externalversions/security/v1alpha1/tier.go delete mode 100644 pkg/legacyclient/listers/clusterinformation/v1beta1/antreaagentinfo.go delete mode 100644 pkg/legacyclient/listers/clusterinformation/v1beta1/antreacontrollerinfo.go delete mode 100644 pkg/legacyclient/listers/clusterinformation/v1beta1/expansion_generated.go delete mode 100644 pkg/legacyclient/listers/core/v1alpha2/clustergroup.go delete mode 100644 pkg/legacyclient/listers/core/v1alpha2/expansion_generated.go delete mode 100644 pkg/legacyclient/listers/core/v1alpha2/externalentity.go delete mode 100644 pkg/legacyclient/listers/ops/v1alpha1/expansion_generated.go delete mode 100644 pkg/legacyclient/listers/ops/v1alpha1/traceflow.go delete mode 100644 pkg/legacyclient/listers/security/v1alpha1/clusternetworkpolicy.go delete mode 100644 pkg/legacyclient/listers/security/v1alpha1/expansion_generated.go delete mode 100644 pkg/legacyclient/listers/security/v1alpha1/networkpolicy.go delete mode 100644 pkg/legacyclient/listers/security/v1alpha1/tier.go delete mode 100644 test/e2e/legacyantreapolicy_test.go delete mode 100644 test/e2e/legacyclustergroup_test.go diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml index 3e936070589..9963dc526cc 100644 --- a/build/yamls/antrea-aks.yml +++ b/build/yamls/antrea-aks.yml @@ -1,29 +1,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaAgentInfo - plural: antreaagentinfos - shortNames: - - laai - singular: antreaagentinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -77,30 +53,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaControllerInfo - plural: antreacontrollerinfos - shortNames: - - laci - singular: antreacontrollerinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -154,146 +106,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: clustergroups.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ClusterGroup - plural: clustergroups - shortNames: - - lcg - singular: group - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - childGroups: - items: - type: string - type: array - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - ipBlocks: - items: - properties: - cidr: - format: cidr - type: string - type: object - type: array - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - serviceReference: - properties: - name: - type: string - namespace: - type: string - type: object - type: object - status: - properties: - conditions: - items: - properties: - lastTransitionTime: - type: string - status: - type: string - type: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -1006,682 +818,197 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: egresses.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: - kind: ClusterNetworkPolicy - plural: clusternetworkpolicies + kind: Egress + plural: egresses shortNames: - - lacnp - singular: clusternetworkpolicy + - eg + singular: egress scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this ClusterNetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier + - description: Specifies the SNAT IP address for the selected workloads. + jsonPath: .spec.egressIP + name: EgressIP type: string - - description: The Priority of this ClusterNetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1alpha1 + - description: The Owner Node of egress IP + jsonPath: .status.egressNode + name: Node + type: string + name: v1alpha2 schema: openAPIV3Schema: properties: spec: + anyOf: + - required: + - egressIP + - required: + - externalIPPool properties: appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + properties: + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + podSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + egressIP: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + externalIPPool: + type: string + required: + - appliedTo + type: object + status: + properties: + egressNode: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass + ip: + oneOf: + - format: ipv4 + - format: ipv6 type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - required: - - action type: object type: array - ingress: - items: + externalNode: + type: string + ports: + items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action + port: + x-kubernetes-int-or-string: true + protocol: + type: string type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object type: object served: true storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: egresses.crd.antrea.io + name: externalippools.crd.antrea.io spec: group: crd.antrea.io names: - kind: Egress - plural: egresses + kind: ExternalIPPool + plural: externalippools shortNames: - - eg - singular: egress + - eip + singular: externalippool scope: Cluster versions: - additionalPrinterColumns: - - description: Specifies the SNAT IP address for the selected workloads. - jsonPath: .spec.egressIP - name: EgressIP - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: The Owner Node of egress IP - jsonPath: .status.egressNode - name: Node - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - anyOf: - - required: - - egressIP - - required: - - externalIPPool - properties: - appliedTo: - properties: - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - egressIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - externalIPPool: - type: string - required: - - appliedTo - type: object - status: - properties: - egressNode: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - lee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalIPPool - plural: externalippools - shortNames: - - eip - singular: externalippool - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The number of total IPs - jsonPath: .status.usage.total - name: Total - type: integer - - description: The number of allocated IPs - jsonPath: .status.usage.used - name: Used - type: integer + - description: The number of total IPs + jsonPath: .status.usage.total + name: Total + type: integer + - description: The number of allocated IPs + jsonPath: .status.usage.used + name: Used + type: integer - jsonPath: .metadata.creationTimestamp name: Age type: date @@ -1699,564 +1026,168 @@ spec: - required: - start - end - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - type: object - type: array - nodeSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - required: - - ipRanges - - nodeSelector - type: object - status: - properties: - usage: - properties: - total: - type: integer - used: - type: integer - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: ippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: IPPool - plural: ippools - shortNames: - - ipp - singular: ippool - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - ipRanges: - items: - oneOf: - - required: - - cidr - - gateway - - prefixLength - - required: - - start - - end - - gateway - - prefixLength - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - gateway: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - prefixLength: - type: integer - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - vlan: - type: string - type: object - type: array - ipVersion: - type: integer - required: - - ipVersion - - ipRanges - type: object - status: - properties: - ipAddresses: - items: - properties: - ipAddress: - type: string - owner: - properties: - pod: - properties: - containerID: - type: string - name: - type: string - namespace: - type: string - type: object - statefulSet: - properties: - index: - type: integer - name: - type: string - namespace: - type: string - type: object - type: object - phase: - type: string - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: NetworkPolicy - plural: networkpolicies - shortNames: - - anp - singular: networkpolicy - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier - type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - name: - type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - fqdn: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - toServices: - items: - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - required: - - action - type: object - type: array - ingress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - name: + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + start: + oneOf: + - format: ipv4 + - format: ipv6 type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string + nodeSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ + type: string + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object required: - - priority + - ipRanges + - nodeSelector type: object status: properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: + usage: + properties: + total: + type: integer + used: + type: integer + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: ippools.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: IPPool + plural: ippools + shortNames: + - ipp + singular: ippool + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + ipRanges: + items: + oneOf: + - required: + - cidr + - gateway + - prefixLength + - required: + - start + - end + - gateway + - prefixLength + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + gateway: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + prefixLength: + type: integer + start: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + vlan: + type: string + type: object + type: array + ipVersion: type: integer - phase: - type: string + required: + - ipVersion + - ipRanges + type: object + status: + properties: + ipAddresses: + items: + properties: + ipAddress: + type: string + owner: + properties: + pod: + properties: + containerID: + type: string + name: + type: string + namespace: + type: string + type: object + statefulSet: + properties: + index: + type: integer + name: + type: string + namespace: + type: string + type: object + type: object + phase: + type: string + type: object + type: array type: object + required: + - spec type: object served: true storage: true @@ -2268,14 +1199,14 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: networkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: NetworkPolicy plural: networkpolicies shortNames: - - lanp + - anp singular: networkpolicy scope: Namespaced versions: @@ -2418,6 +1349,8 @@ spec: matchLabels: x-kubernetes-preserve-unknown-fields: true type: object + fqdn: + type: string ipBlock: properties: cidr: @@ -2474,6 +1407,17 @@ spec: type: object type: object type: array + toServices: + items: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array required: - action type: object @@ -2620,88 +1564,45 @@ spec: type: object type: array priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string required: - priority type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object type: object served: true storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: tiers.security.antrea.tanzu.vmware.com + name: tiers.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: Tier plural: tiers shortNames: - - ltr + - tr singular: tier scope: Cluster versions: @@ -2984,186 +1885,6 @@ spec: subresources: status: {} --- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: traceflows.ops.antrea.tanzu.vmware.com -spec: - group: ops.antrea.tanzu.vmware.com - names: - kind: Traceflow - plural: traceflows - shortNames: - - ltf - singular: traceflow - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The phase of the Traceflow. - jsonPath: .status.phase - name: Phase - type: string - - description: The name of the source Pod. - jsonPath: .spec.source.pod - name: Source-Pod - priority: 10 - type: string - - description: The name of the destination Pod. - jsonPath: .spec.destination.pod - name: Destination-Pod - priority: 10 - type: string - - description: The IP address of the destination. - jsonPath: .spec.destination.ip - name: Destination-IP - priority: 10 - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - destination: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - namespace: - type: string - pod: - type: string - service: - type: string - type: object - packet: - properties: - ipHeader: - properties: - flags: - type: integer - protocol: - type: integer - srcIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - ttl: - type: integer - type: object - ipv6Header: - properties: - hopLimit: - type: integer - nextHeader: - type: integer - srcIP: - format: ipv6 - type: string - type: object - transportHeader: - properties: - icmp: - properties: - id: - type: integer - sequence: - type: integer - type: object - tcp: - properties: - dstPort: - type: integer - flags: - type: integer - srcPort: - type: integer - type: object - udp: - properties: - dstPort: - type: integer - srcPort: - type: integer - type: object - type: object - type: object - source: - properties: - namespace: - type: string - pod: - type: string - required: - - pod - - namespace - type: object - required: - - source - type: object - status: - properties: - dataplaneTag: - type: integer - phase: - type: string - reason: - type: string - results: - items: - properties: - node: - type: string - observations: - items: - properties: - action: - type: string - component: - type: string - componentInfo: - type: string - dstMAC: - type: string - networkPolicy: - type: string - pod: - type: string - translatedDstIP: - type: string - translatedSrcIP: - type: string - ttl: - type: integer - tunnelDstIP: - type: string - type: object - type: array - role: - type: string - timestamp: - type: integer - type: object - type: array - startTime: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- apiVersion: v1 kind: ServiceAccount metadata: @@ -3197,18 +1918,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-clustergroups-edit rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3230,14 +1939,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-clustergroups-view rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3256,19 +1957,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-policies-edit rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3291,15 +1979,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-policies-view rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3319,18 +1998,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-traceflows-edit rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3350,16 +2017,8 @@ metadata: labels: app: antrea rbac.authorization.k8s.io/aggregate-to-view: "true" - name: aggregate-traceflows-view -rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch + name: aggregate-traceflows-view +rules: - apiGroups: - crd.antrea.io resources: @@ -3377,7 +2036,6 @@ metadata: name: antctl rules: - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3387,7 +2045,6 @@ rules: - get - list - apiGroups: - - stats.antrea.tanzu.vmware.com - stats.antrea.io resources: - networkpolicystats @@ -3397,7 +2054,6 @@ rules: - get - list - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - controllerinfos @@ -3405,7 +2061,6 @@ rules: verbs: - get - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles @@ -3413,7 +2068,6 @@ rules: - get - post - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles/download @@ -3483,7 +2137,6 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - crd.antrea.io resources: - antreaagentinfos @@ -3493,7 +2146,6 @@ rules: - update - delete - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3512,14 +2164,12 @@ rules: - watch - list - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies/status @@ -3559,7 +2209,6 @@ rules: - watch - list - apiGroups: - - ops.antrea.tanzu.vmware.com - crd.antrea.io resources: - traceflows @@ -3719,9 +2368,6 @@ rules: - apiGroups: - apiregistration.k8s.io resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - v1alpha1.stats.antrea.io - v1beta1.system.antrea.io - v1beta2.controlplane.antrea.io @@ -3735,6 +2381,9 @@ rules: resourceNames: - v1beta1.networking.antrea.tanzu.vmware.com - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com resources: - apiservices verbs: @@ -3742,8 +2391,6 @@ rules: - apiGroups: - admissionregistration.k8s.io resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - labelsmutator.antrea.io - crdmutator.antrea.io - crdvalidator.antrea.io @@ -3867,86 +2514,6 @@ rules: - get - list - watch -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreacontrollerinfos - verbs: - - get - - create - - update - - delete -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreaagentinfos - verbs: - - list - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies/status - - networkpolicies/status - verbs: - - update -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - tiers - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - - traceflows/status - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - externalentities - - clustergroups - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups/status - verbs: - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -4298,20 +2865,6 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: - # If Antrea is upgraded from version <= v0.13 and legacy CRDs are used, this option should be - # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and - # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API - # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy - # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new - # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized - # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. - # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be - # annotated with "crd.antrea.io/stop-mirror". Afterwards, updates to the legacy CRDs will no - # longer be reflected in the new CRD, and all CRUD operations should be done through the new - # API groups. After adding the annotation, legacy CRDs can be deleted safely without impacting - # new CRDs. - #legacyCRDMirroring: true - nodeIPAM: # Enable the integrated Node IPAM controller within the Antrea controller. # enableNodeIPAM: false @@ -4338,7 +2891,7 @@ metadata: annotations: {} labels: app: antrea - name: antrea-config-7gm92g46hf + name: antrea-config-bg855thh55 namespace: kube-system --- apiVersion: v1 @@ -4409,7 +2962,7 @@ spec: fieldRef: fieldPath: spec.serviceAccountName - name: ANTREA_CONFIG_MAP_NAME - value: antrea-config-7gm92g46hf + value: antrea-config-bg855thh55 image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest imagePullPolicy: IfNotPresent livenessProbe: @@ -4460,7 +3013,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-7gm92g46hf + name: antrea-config-bg855thh55 name: antrea-config - name: antrea-controller-tls secret: @@ -4489,21 +3042,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1alpha1.stats.antrea.tanzu.vmware.com -spec: - group: stats.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1alpha1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4519,21 +3057,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1beta1.system.antrea.tanzu.vmware.com -spec: - group: system.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4547,21 +3070,6 @@ spec: version: v1beta2 versionPriority: 100 --- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - labels: - app: antrea - name: v1beta2.controlplane.antrea.tanzu.vmware.com -spec: - group: controlplane.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta2 - versionPriority: 100 ---- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -4741,7 +3249,7 @@ spec: operator: Exists volumes: - configMap: - name: antrea-config-7gm92g46hf + name: antrea-config-bg855thh55 name: antrea-config - hostPath: path: /etc/cni/net.d @@ -4826,58 +3334,6 @@ webhooks: timeoutSeconds: 5 --- apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdmutator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/acnp - name: acnpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/anp - name: anpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: labels: @@ -5039,101 +3495,3 @@ webhooks: scope: Cluster sideEffects: None timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdvalidator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/tier - name: tiervalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - tiers - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/acnp - name: acnpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/anp - name: anpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/clustergroup - name: clustergroupvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - core.antrea.tanzu.vmware.com - apiVersions: - - v1alpha2 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clustergroups - scope: Cluster - sideEffects: None - timeoutSeconds: 5 diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml index 27b17cd6303..8db5047418a 100644 --- a/build/yamls/antrea-eks.yml +++ b/build/yamls/antrea-eks.yml @@ -1,29 +1,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaAgentInfo - plural: antreaagentinfos - shortNames: - - laai - singular: antreaagentinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -77,30 +53,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaControllerInfo - plural: antreacontrollerinfos - shortNames: - - laci - singular: antreacontrollerinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -154,146 +106,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: clustergroups.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ClusterGroup - plural: clustergroups - shortNames: - - lcg - singular: group - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - childGroups: - items: - type: string - type: array - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - ipBlocks: - items: - properties: - cidr: - format: cidr - type: string - type: object - type: array - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - serviceReference: - properties: - name: - type: string - namespace: - type: string - type: object - type: object - status: - properties: - conditions: - items: - properties: - lastTransitionTime: - type: string - status: - type: string - type: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -1006,682 +818,197 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: egresses.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: - kind: ClusterNetworkPolicy - plural: clusternetworkpolicies + kind: Egress + plural: egresses shortNames: - - lacnp - singular: clusternetworkpolicy + - eg + singular: egress scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this ClusterNetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier + - description: Specifies the SNAT IP address for the selected workloads. + jsonPath: .spec.egressIP + name: EgressIP type: string - - description: The Priority of this ClusterNetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1alpha1 + - description: The Owner Node of egress IP + jsonPath: .status.egressNode + name: Node + type: string + name: v1alpha2 schema: openAPIV3Schema: properties: spec: + anyOf: + - required: + - egressIP + - required: + - externalIPPool properties: appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + properties: + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + podSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + egressIP: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + externalIPPool: + type: string + required: + - appliedTo + type: object + status: + properties: + egressNode: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass + ip: + oneOf: + - format: ipv4 + - format: ipv6 type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - required: - - action type: object type: array - ingress: - items: + externalNode: + type: string + ports: + items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action + port: + x-kubernetes-int-or-string: true + protocol: + type: string type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object type: object served: true storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: egresses.crd.antrea.io + name: externalippools.crd.antrea.io spec: group: crd.antrea.io names: - kind: Egress - plural: egresses + kind: ExternalIPPool + plural: externalippools shortNames: - - eg - singular: egress + - eip + singular: externalippool scope: Cluster versions: - additionalPrinterColumns: - - description: Specifies the SNAT IP address for the selected workloads. - jsonPath: .spec.egressIP - name: EgressIP - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: The Owner Node of egress IP - jsonPath: .status.egressNode - name: Node - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - anyOf: - - required: - - egressIP - - required: - - externalIPPool - properties: - appliedTo: - properties: - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - egressIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - externalIPPool: - type: string - required: - - appliedTo - type: object - status: - properties: - egressNode: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - lee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalIPPool - plural: externalippools - shortNames: - - eip - singular: externalippool - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The number of total IPs - jsonPath: .status.usage.total - name: Total - type: integer - - description: The number of allocated IPs - jsonPath: .status.usage.used - name: Used - type: integer + - description: The number of total IPs + jsonPath: .status.usage.total + name: Total + type: integer + - description: The number of allocated IPs + jsonPath: .status.usage.used + name: Used + type: integer - jsonPath: .metadata.creationTimestamp name: Age type: date @@ -1699,564 +1026,168 @@ spec: - required: - start - end - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - type: object - type: array - nodeSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - required: - - ipRanges - - nodeSelector - type: object - status: - properties: - usage: - properties: - total: - type: integer - used: - type: integer - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: ippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: IPPool - plural: ippools - shortNames: - - ipp - singular: ippool - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - ipRanges: - items: - oneOf: - - required: - - cidr - - gateway - - prefixLength - - required: - - start - - end - - gateway - - prefixLength - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - gateway: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - prefixLength: - type: integer - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - vlan: - type: string - type: object - type: array - ipVersion: - type: integer - required: - - ipVersion - - ipRanges - type: object - status: - properties: - ipAddresses: - items: - properties: - ipAddress: - type: string - owner: - properties: - pod: - properties: - containerID: - type: string - name: - type: string - namespace: - type: string - type: object - statefulSet: - properties: - index: - type: integer - name: - type: string - namespace: - type: string - type: object - type: object - phase: - type: string - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: NetworkPolicy - plural: networkpolicies - shortNames: - - anp - singular: networkpolicy - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier - type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - name: - type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - fqdn: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - toServices: - items: - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - required: - - action - type: object - type: array - ingress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - name: + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + start: + oneOf: + - format: ipv4 + - format: ipv6 type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string + nodeSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ + type: string + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object required: - - priority + - ipRanges + - nodeSelector type: object status: properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: + usage: + properties: + total: + type: integer + used: + type: integer + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: ippools.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: IPPool + plural: ippools + shortNames: + - ipp + singular: ippool + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + ipRanges: + items: + oneOf: + - required: + - cidr + - gateway + - prefixLength + - required: + - start + - end + - gateway + - prefixLength + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + gateway: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + prefixLength: + type: integer + start: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + vlan: + type: string + type: object + type: array + ipVersion: type: integer - phase: - type: string + required: + - ipVersion + - ipRanges + type: object + status: + properties: + ipAddresses: + items: + properties: + ipAddress: + type: string + owner: + properties: + pod: + properties: + containerID: + type: string + name: + type: string + namespace: + type: string + type: object + statefulSet: + properties: + index: + type: integer + name: + type: string + namespace: + type: string + type: object + type: object + phase: + type: string + type: object + type: array type: object + required: + - spec type: object served: true storage: true @@ -2268,14 +1199,14 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: networkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: NetworkPolicy plural: networkpolicies shortNames: - - lanp + - anp singular: networkpolicy scope: Namespaced versions: @@ -2418,6 +1349,8 @@ spec: matchLabels: x-kubernetes-preserve-unknown-fields: true type: object + fqdn: + type: string ipBlock: properties: cidr: @@ -2474,6 +1407,17 @@ spec: type: object type: object type: array + toServices: + items: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array required: - action type: object @@ -2620,88 +1564,45 @@ spec: type: object type: array priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string required: - priority type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object type: object served: true storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: tiers.security.antrea.tanzu.vmware.com + name: tiers.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: Tier plural: tiers shortNames: - - ltr + - tr singular: tier scope: Cluster versions: @@ -2984,186 +1885,6 @@ spec: subresources: status: {} --- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: traceflows.ops.antrea.tanzu.vmware.com -spec: - group: ops.antrea.tanzu.vmware.com - names: - kind: Traceflow - plural: traceflows - shortNames: - - ltf - singular: traceflow - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The phase of the Traceflow. - jsonPath: .status.phase - name: Phase - type: string - - description: The name of the source Pod. - jsonPath: .spec.source.pod - name: Source-Pod - priority: 10 - type: string - - description: The name of the destination Pod. - jsonPath: .spec.destination.pod - name: Destination-Pod - priority: 10 - type: string - - description: The IP address of the destination. - jsonPath: .spec.destination.ip - name: Destination-IP - priority: 10 - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - destination: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - namespace: - type: string - pod: - type: string - service: - type: string - type: object - packet: - properties: - ipHeader: - properties: - flags: - type: integer - protocol: - type: integer - srcIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - ttl: - type: integer - type: object - ipv6Header: - properties: - hopLimit: - type: integer - nextHeader: - type: integer - srcIP: - format: ipv6 - type: string - type: object - transportHeader: - properties: - icmp: - properties: - id: - type: integer - sequence: - type: integer - type: object - tcp: - properties: - dstPort: - type: integer - flags: - type: integer - srcPort: - type: integer - type: object - udp: - properties: - dstPort: - type: integer - srcPort: - type: integer - type: object - type: object - type: object - source: - properties: - namespace: - type: string - pod: - type: string - required: - - pod - - namespace - type: object - required: - - source - type: object - status: - properties: - dataplaneTag: - type: integer - phase: - type: string - reason: - type: string - results: - items: - properties: - node: - type: string - observations: - items: - properties: - action: - type: string - component: - type: string - componentInfo: - type: string - dstMAC: - type: string - networkPolicy: - type: string - pod: - type: string - translatedDstIP: - type: string - translatedSrcIP: - type: string - ttl: - type: integer - tunnelDstIP: - type: string - type: object - type: array - role: - type: string - timestamp: - type: integer - type: object - type: array - startTime: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- apiVersion: v1 kind: ServiceAccount metadata: @@ -3197,18 +1918,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-clustergroups-edit rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3230,14 +1939,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-clustergroups-view rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3256,19 +1957,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-policies-edit rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3291,15 +1979,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-policies-view rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3319,18 +1998,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-traceflows-edit rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3350,16 +2017,8 @@ metadata: labels: app: antrea rbac.authorization.k8s.io/aggregate-to-view: "true" - name: aggregate-traceflows-view -rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch + name: aggregate-traceflows-view +rules: - apiGroups: - crd.antrea.io resources: @@ -3377,7 +2036,6 @@ metadata: name: antctl rules: - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3387,7 +2045,6 @@ rules: - get - list - apiGroups: - - stats.antrea.tanzu.vmware.com - stats.antrea.io resources: - networkpolicystats @@ -3397,7 +2054,6 @@ rules: - get - list - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - controllerinfos @@ -3405,7 +2061,6 @@ rules: verbs: - get - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles @@ -3413,7 +2068,6 @@ rules: - get - post - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles/download @@ -3483,7 +2137,6 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - crd.antrea.io resources: - antreaagentinfos @@ -3493,7 +2146,6 @@ rules: - update - delete - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3512,14 +2164,12 @@ rules: - watch - list - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies/status @@ -3559,7 +2209,6 @@ rules: - watch - list - apiGroups: - - ops.antrea.tanzu.vmware.com - crd.antrea.io resources: - traceflows @@ -3719,9 +2368,6 @@ rules: - apiGroups: - apiregistration.k8s.io resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - v1alpha1.stats.antrea.io - v1beta1.system.antrea.io - v1beta2.controlplane.antrea.io @@ -3735,6 +2381,9 @@ rules: resourceNames: - v1beta1.networking.antrea.tanzu.vmware.com - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com resources: - apiservices verbs: @@ -3742,8 +2391,6 @@ rules: - apiGroups: - admissionregistration.k8s.io resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - labelsmutator.antrea.io - crdmutator.antrea.io - crdvalidator.antrea.io @@ -3867,86 +2514,6 @@ rules: - get - list - watch -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreacontrollerinfos - verbs: - - get - - create - - update - - delete -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreaagentinfos - verbs: - - list - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies/status - - networkpolicies/status - verbs: - - update -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - tiers - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - - traceflows/status - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - externalentities - - clustergroups - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups/status - verbs: - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -4298,20 +2865,6 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: - # If Antrea is upgraded from version <= v0.13 and legacy CRDs are used, this option should be - # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and - # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API - # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy - # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new - # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized - # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. - # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be - # annotated with "crd.antrea.io/stop-mirror". Afterwards, updates to the legacy CRDs will no - # longer be reflected in the new CRD, and all CRUD operations should be done through the new - # API groups. After adding the annotation, legacy CRDs can be deleted safely without impacting - # new CRDs. - #legacyCRDMirroring: true - nodeIPAM: # Enable the integrated Node IPAM controller within the Antrea controller. # enableNodeIPAM: false @@ -4338,7 +2891,7 @@ metadata: annotations: {} labels: app: antrea - name: antrea-config-7gm92g46hf + name: antrea-config-bg855thh55 namespace: kube-system --- apiVersion: v1 @@ -4409,7 +2962,7 @@ spec: fieldRef: fieldPath: spec.serviceAccountName - name: ANTREA_CONFIG_MAP_NAME - value: antrea-config-7gm92g46hf + value: antrea-config-bg855thh55 image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest imagePullPolicy: IfNotPresent livenessProbe: @@ -4460,7 +3013,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-7gm92g46hf + name: antrea-config-bg855thh55 name: antrea-config - name: antrea-controller-tls secret: @@ -4489,21 +3042,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1alpha1.stats.antrea.tanzu.vmware.com -spec: - group: stats.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1alpha1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4519,21 +3057,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1beta1.system.antrea.tanzu.vmware.com -spec: - group: system.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4547,21 +3070,6 @@ spec: version: v1beta2 versionPriority: 100 --- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - labels: - app: antrea - name: v1beta2.controlplane.antrea.tanzu.vmware.com -spec: - group: controlplane.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta2 - versionPriority: 100 ---- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -4743,7 +3251,7 @@ spec: operator: Exists volumes: - configMap: - name: antrea-config-7gm92g46hf + name: antrea-config-bg855thh55 name: antrea-config - hostPath: path: /etc/cni/net.d @@ -4828,58 +3336,6 @@ webhooks: timeoutSeconds: 5 --- apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdmutator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/acnp - name: acnpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/anp - name: anpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: labels: @@ -5041,101 +3497,3 @@ webhooks: scope: Cluster sideEffects: None timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdvalidator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/tier - name: tiervalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - tiers - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/acnp - name: acnpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/anp - name: anpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/clustergroup - name: clustergroupvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - core.antrea.tanzu.vmware.com - apiVersions: - - v1alpha2 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clustergroups - scope: Cluster - sideEffects: None - timeoutSeconds: 5 diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml index 50e984b40b8..d8e5adf70c9 100644 --- a/build/yamls/antrea-gke.yml +++ b/build/yamls/antrea-gke.yml @@ -1,29 +1,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaAgentInfo - plural: antreaagentinfos - shortNames: - - laai - singular: antreaagentinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -77,30 +53,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaControllerInfo - plural: antreacontrollerinfos - shortNames: - - laci - singular: antreacontrollerinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -154,146 +106,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: clustergroups.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ClusterGroup - plural: clustergroups - shortNames: - - lcg - singular: group - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - childGroups: - items: - type: string - type: array - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - ipBlocks: - items: - properties: - cidr: - format: cidr - type: string - type: object - type: array - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - serviceReference: - properties: - name: - type: string - namespace: - type: string - type: object - type: object - status: - properties: - conditions: - items: - properties: - lastTransitionTime: - type: string - status: - type: string - type: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -1006,682 +818,197 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: egresses.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: - kind: ClusterNetworkPolicy - plural: clusternetworkpolicies + kind: Egress + plural: egresses shortNames: - - lacnp - singular: clusternetworkpolicy + - eg + singular: egress scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this ClusterNetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier + - description: Specifies the SNAT IP address for the selected workloads. + jsonPath: .spec.egressIP + name: EgressIP type: string - - description: The Priority of this ClusterNetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1alpha1 + - description: The Owner Node of egress IP + jsonPath: .status.egressNode + name: Node + type: string + name: v1alpha2 schema: openAPIV3Schema: properties: spec: + anyOf: + - required: + - egressIP + - required: + - externalIPPool properties: appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + properties: + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + podSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + egressIP: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + externalIPPool: + type: string + required: + - appliedTo + type: object + status: + properties: + egressNode: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass + ip: + oneOf: + - format: ipv4 + - format: ipv6 type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - required: - - action type: object type: array - ingress: - items: + externalNode: + type: string + ports: + items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action + port: + x-kubernetes-int-or-string: true + protocol: + type: string type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object type: object served: true storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: egresses.crd.antrea.io + name: externalippools.crd.antrea.io spec: group: crd.antrea.io names: - kind: Egress - plural: egresses + kind: ExternalIPPool + plural: externalippools shortNames: - - eg - singular: egress + - eip + singular: externalippool scope: Cluster versions: - additionalPrinterColumns: - - description: Specifies the SNAT IP address for the selected workloads. - jsonPath: .spec.egressIP - name: EgressIP - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: The Owner Node of egress IP - jsonPath: .status.egressNode - name: Node - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - anyOf: - - required: - - egressIP - - required: - - externalIPPool - properties: - appliedTo: - properties: - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - egressIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - externalIPPool: - type: string - required: - - appliedTo - type: object - status: - properties: - egressNode: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - lee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalIPPool - plural: externalippools - shortNames: - - eip - singular: externalippool - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The number of total IPs - jsonPath: .status.usage.total - name: Total - type: integer - - description: The number of allocated IPs - jsonPath: .status.usage.used - name: Used - type: integer + - description: The number of total IPs + jsonPath: .status.usage.total + name: Total + type: integer + - description: The number of allocated IPs + jsonPath: .status.usage.used + name: Used + type: integer - jsonPath: .metadata.creationTimestamp name: Age type: date @@ -1699,564 +1026,168 @@ spec: - required: - start - end - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - type: object - type: array - nodeSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - required: - - ipRanges - - nodeSelector - type: object - status: - properties: - usage: - properties: - total: - type: integer - used: - type: integer - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: ippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: IPPool - plural: ippools - shortNames: - - ipp - singular: ippool - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - ipRanges: - items: - oneOf: - - required: - - cidr - - gateway - - prefixLength - - required: - - start - - end - - gateway - - prefixLength - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - gateway: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - prefixLength: - type: integer - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - vlan: - type: string - type: object - type: array - ipVersion: - type: integer - required: - - ipVersion - - ipRanges - type: object - status: - properties: - ipAddresses: - items: - properties: - ipAddress: - type: string - owner: - properties: - pod: - properties: - containerID: - type: string - name: - type: string - namespace: - type: string - type: object - statefulSet: - properties: - index: - type: integer - name: - type: string - namespace: - type: string - type: object - type: object - phase: - type: string - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: NetworkPolicy - plural: networkpolicies - shortNames: - - anp - singular: networkpolicy - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier - type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - name: - type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - fqdn: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - toServices: - items: - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - required: - - action - type: object - type: array - ingress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - name: + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + start: + oneOf: + - format: ipv4 + - format: ipv6 type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string + nodeSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ + type: string + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object required: - - priority + - ipRanges + - nodeSelector type: object status: properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: + usage: + properties: + total: + type: integer + used: + type: integer + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: ippools.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: IPPool + plural: ippools + shortNames: + - ipp + singular: ippool + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + ipRanges: + items: + oneOf: + - required: + - cidr + - gateway + - prefixLength + - required: + - start + - end + - gateway + - prefixLength + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + gateway: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + prefixLength: + type: integer + start: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + vlan: + type: string + type: object + type: array + ipVersion: type: integer - phase: - type: string + required: + - ipVersion + - ipRanges + type: object + status: + properties: + ipAddresses: + items: + properties: + ipAddress: + type: string + owner: + properties: + pod: + properties: + containerID: + type: string + name: + type: string + namespace: + type: string + type: object + statefulSet: + properties: + index: + type: integer + name: + type: string + namespace: + type: string + type: object + type: object + phase: + type: string + type: object + type: array type: object + required: + - spec type: object served: true storage: true @@ -2268,14 +1199,14 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: networkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: NetworkPolicy plural: networkpolicies shortNames: - - lanp + - anp singular: networkpolicy scope: Namespaced versions: @@ -2418,6 +1349,8 @@ spec: matchLabels: x-kubernetes-preserve-unknown-fields: true type: object + fqdn: + type: string ipBlock: properties: cidr: @@ -2474,6 +1407,17 @@ spec: type: object type: object type: array + toServices: + items: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array required: - action type: object @@ -2620,88 +1564,45 @@ spec: type: object type: array priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string required: - priority type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object type: object served: true storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: tiers.security.antrea.tanzu.vmware.com + name: tiers.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: Tier plural: tiers shortNames: - - ltr + - tr singular: tier scope: Cluster versions: @@ -2984,186 +1885,6 @@ spec: subresources: status: {} --- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: traceflows.ops.antrea.tanzu.vmware.com -spec: - group: ops.antrea.tanzu.vmware.com - names: - kind: Traceflow - plural: traceflows - shortNames: - - ltf - singular: traceflow - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The phase of the Traceflow. - jsonPath: .status.phase - name: Phase - type: string - - description: The name of the source Pod. - jsonPath: .spec.source.pod - name: Source-Pod - priority: 10 - type: string - - description: The name of the destination Pod. - jsonPath: .spec.destination.pod - name: Destination-Pod - priority: 10 - type: string - - description: The IP address of the destination. - jsonPath: .spec.destination.ip - name: Destination-IP - priority: 10 - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - destination: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - namespace: - type: string - pod: - type: string - service: - type: string - type: object - packet: - properties: - ipHeader: - properties: - flags: - type: integer - protocol: - type: integer - srcIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - ttl: - type: integer - type: object - ipv6Header: - properties: - hopLimit: - type: integer - nextHeader: - type: integer - srcIP: - format: ipv6 - type: string - type: object - transportHeader: - properties: - icmp: - properties: - id: - type: integer - sequence: - type: integer - type: object - tcp: - properties: - dstPort: - type: integer - flags: - type: integer - srcPort: - type: integer - type: object - udp: - properties: - dstPort: - type: integer - srcPort: - type: integer - type: object - type: object - type: object - source: - properties: - namespace: - type: string - pod: - type: string - required: - - pod - - namespace - type: object - required: - - source - type: object - status: - properties: - dataplaneTag: - type: integer - phase: - type: string - reason: - type: string - results: - items: - properties: - node: - type: string - observations: - items: - properties: - action: - type: string - component: - type: string - componentInfo: - type: string - dstMAC: - type: string - networkPolicy: - type: string - pod: - type: string - translatedDstIP: - type: string - translatedSrcIP: - type: string - ttl: - type: integer - tunnelDstIP: - type: string - type: object - type: array - role: - type: string - timestamp: - type: integer - type: object - type: array - startTime: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- apiVersion: v1 kind: ServiceAccount metadata: @@ -3197,18 +1918,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-clustergroups-edit rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3230,14 +1939,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-clustergroups-view rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3256,19 +1957,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-policies-edit rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3291,15 +1979,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-policies-view rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3319,18 +1998,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-traceflows-edit rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3350,16 +2017,8 @@ metadata: labels: app: antrea rbac.authorization.k8s.io/aggregate-to-view: "true" - name: aggregate-traceflows-view -rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch + name: aggregate-traceflows-view +rules: - apiGroups: - crd.antrea.io resources: @@ -3377,7 +2036,6 @@ metadata: name: antctl rules: - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3387,7 +2045,6 @@ rules: - get - list - apiGroups: - - stats.antrea.tanzu.vmware.com - stats.antrea.io resources: - networkpolicystats @@ -3397,7 +2054,6 @@ rules: - get - list - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - controllerinfos @@ -3405,7 +2061,6 @@ rules: verbs: - get - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles @@ -3413,7 +2068,6 @@ rules: - get - post - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles/download @@ -3483,7 +2137,6 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - crd.antrea.io resources: - antreaagentinfos @@ -3493,7 +2146,6 @@ rules: - update - delete - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3512,14 +2164,12 @@ rules: - watch - list - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies/status @@ -3559,7 +2209,6 @@ rules: - watch - list - apiGroups: - - ops.antrea.tanzu.vmware.com - crd.antrea.io resources: - traceflows @@ -3719,9 +2368,6 @@ rules: - apiGroups: - apiregistration.k8s.io resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - v1alpha1.stats.antrea.io - v1beta1.system.antrea.io - v1beta2.controlplane.antrea.io @@ -3735,6 +2381,9 @@ rules: resourceNames: - v1beta1.networking.antrea.tanzu.vmware.com - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com resources: - apiservices verbs: @@ -3742,8 +2391,6 @@ rules: - apiGroups: - admissionregistration.k8s.io resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - labelsmutator.antrea.io - crdmutator.antrea.io - crdvalidator.antrea.io @@ -3867,86 +2514,6 @@ rules: - get - list - watch -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreacontrollerinfos - verbs: - - get - - create - - update - - delete -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreaagentinfos - verbs: - - list - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies/status - - networkpolicies/status - verbs: - - update -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - tiers - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - - traceflows/status - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - externalentities - - clustergroups - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups/status - verbs: - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -4298,20 +2865,6 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: - # If Antrea is upgraded from version <= v0.13 and legacy CRDs are used, this option should be - # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and - # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API - # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy - # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new - # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized - # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. - # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be - # annotated with "crd.antrea.io/stop-mirror". Afterwards, updates to the legacy CRDs will no - # longer be reflected in the new CRD, and all CRUD operations should be done through the new - # API groups. After adding the annotation, legacy CRDs can be deleted safely without impacting - # new CRDs. - #legacyCRDMirroring: true - nodeIPAM: # Enable the integrated Node IPAM controller within the Antrea controller. # enableNodeIPAM: false @@ -4338,7 +2891,7 @@ metadata: annotations: {} labels: app: antrea - name: antrea-config-hcg89gk472 + name: antrea-config-d44h5956gg namespace: kube-system --- apiVersion: v1 @@ -4409,7 +2962,7 @@ spec: fieldRef: fieldPath: spec.serviceAccountName - name: ANTREA_CONFIG_MAP_NAME - value: antrea-config-hcg89gk472 + value: antrea-config-d44h5956gg image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest imagePullPolicy: IfNotPresent livenessProbe: @@ -4460,7 +3013,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-hcg89gk472 + name: antrea-config-d44h5956gg name: antrea-config - name: antrea-controller-tls secret: @@ -4489,21 +3042,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1alpha1.stats.antrea.tanzu.vmware.com -spec: - group: stats.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1alpha1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4519,21 +3057,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1beta1.system.antrea.tanzu.vmware.com -spec: - group: system.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4547,21 +3070,6 @@ spec: version: v1beta2 versionPriority: 100 --- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - labels: - app: antrea - name: v1beta2.controlplane.antrea.tanzu.vmware.com -spec: - group: controlplane.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta2 - versionPriority: 100 ---- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -4744,7 +3252,7 @@ spec: path: /home/kubernetes/bin name: host-cni-bin - configMap: - name: antrea-config-hcg89gk472 + name: antrea-config-d44h5956gg name: antrea-config - hostPath: path: /etc/cni/net.d @@ -4826,58 +3334,6 @@ webhooks: timeoutSeconds: 5 --- apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdmutator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/acnp - name: acnpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/anp - name: anpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: labels: @@ -5039,101 +3495,3 @@ webhooks: scope: Cluster sideEffects: None timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdvalidator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/tier - name: tiervalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - tiers - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/acnp - name: acnpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/anp - name: anpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/clustergroup - name: clustergroupvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - core.antrea.tanzu.vmware.com - apiVersions: - - v1alpha2 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clustergroups - scope: Cluster - sideEffects: None - timeoutSeconds: 5 diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml index 29a6409db81..292c21a71d0 100644 --- a/build/yamls/antrea-ipsec.yml +++ b/build/yamls/antrea-ipsec.yml @@ -1,29 +1,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaAgentInfo - plural: antreaagentinfos - shortNames: - - laai - singular: antreaagentinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -77,30 +53,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaControllerInfo - plural: antreacontrollerinfos - shortNames: - - laci - singular: antreacontrollerinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -154,146 +106,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: clustergroups.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ClusterGroup - plural: clustergroups - shortNames: - - lcg - singular: group - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - childGroups: - items: - type: string - type: array - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - ipBlocks: - items: - properties: - cidr: - format: cidr - type: string - type: object - type: array - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - serviceReference: - properties: - name: - type: string - namespace: - type: string - type: object - type: object - status: - properties: - conditions: - items: - properties: - lastTransitionTime: - type: string - status: - type: string - type: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -1006,682 +818,197 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: egresses.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: - kind: ClusterNetworkPolicy - plural: clusternetworkpolicies + kind: Egress + plural: egresses shortNames: - - lacnp - singular: clusternetworkpolicy + - eg + singular: egress scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this ClusterNetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier + - description: Specifies the SNAT IP address for the selected workloads. + jsonPath: .spec.egressIP + name: EgressIP type: string - - description: The Priority of this ClusterNetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1alpha1 + - description: The Owner Node of egress IP + jsonPath: .status.egressNode + name: Node + type: string + name: v1alpha2 schema: openAPIV3Schema: properties: spec: + anyOf: + - required: + - egressIP + - required: + - externalIPPool properties: appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + properties: + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + podSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + egressIP: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + externalIPPool: + type: string + required: + - appliedTo + type: object + status: + properties: + egressNode: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass + ip: + oneOf: + - format: ipv4 + - format: ipv6 type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - required: - - action type: object type: array - ingress: - items: + externalNode: + type: string + ports: + items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action + port: + x-kubernetes-int-or-string: true + protocol: + type: string type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object type: object served: true storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: egresses.crd.antrea.io + name: externalippools.crd.antrea.io spec: group: crd.antrea.io names: - kind: Egress - plural: egresses + kind: ExternalIPPool + plural: externalippools shortNames: - - eg - singular: egress + - eip + singular: externalippool scope: Cluster versions: - additionalPrinterColumns: - - description: Specifies the SNAT IP address for the selected workloads. - jsonPath: .spec.egressIP - name: EgressIP - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: The Owner Node of egress IP - jsonPath: .status.egressNode - name: Node - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - anyOf: - - required: - - egressIP - - required: - - externalIPPool - properties: - appliedTo: - properties: - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - egressIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - externalIPPool: - type: string - required: - - appliedTo - type: object - status: - properties: - egressNode: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - lee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalIPPool - plural: externalippools - shortNames: - - eip - singular: externalippool - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The number of total IPs - jsonPath: .status.usage.total - name: Total - type: integer - - description: The number of allocated IPs - jsonPath: .status.usage.used - name: Used - type: integer + - description: The number of total IPs + jsonPath: .status.usage.total + name: Total + type: integer + - description: The number of allocated IPs + jsonPath: .status.usage.used + name: Used + type: integer - jsonPath: .metadata.creationTimestamp name: Age type: date @@ -1699,564 +1026,168 @@ spec: - required: - start - end - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - type: object - type: array - nodeSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - required: - - ipRanges - - nodeSelector - type: object - status: - properties: - usage: - properties: - total: - type: integer - used: - type: integer - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: ippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: IPPool - plural: ippools - shortNames: - - ipp - singular: ippool - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - ipRanges: - items: - oneOf: - - required: - - cidr - - gateway - - prefixLength - - required: - - start - - end - - gateway - - prefixLength - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - gateway: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - prefixLength: - type: integer - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - vlan: - type: string - type: object - type: array - ipVersion: - type: integer - required: - - ipVersion - - ipRanges - type: object - status: - properties: - ipAddresses: - items: - properties: - ipAddress: - type: string - owner: - properties: - pod: - properties: - containerID: - type: string - name: - type: string - namespace: - type: string - type: object - statefulSet: - properties: - index: - type: integer - name: - type: string - namespace: - type: string - type: object - type: object - phase: - type: string - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: NetworkPolicy - plural: networkpolicies - shortNames: - - anp - singular: networkpolicy - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier - type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - name: - type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - fqdn: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - toServices: - items: - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - required: - - action - type: object - type: array - ingress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - name: + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + start: + oneOf: + - format: ipv4 + - format: ipv6 type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string + nodeSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ + type: string + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object required: - - priority + - ipRanges + - nodeSelector type: object status: properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: + usage: + properties: + total: + type: integer + used: + type: integer + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: ippools.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: IPPool + plural: ippools + shortNames: + - ipp + singular: ippool + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + ipRanges: + items: + oneOf: + - required: + - cidr + - gateway + - prefixLength + - required: + - start + - end + - gateway + - prefixLength + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + gateway: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + prefixLength: + type: integer + start: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + vlan: + type: string + type: object + type: array + ipVersion: type: integer - phase: - type: string + required: + - ipVersion + - ipRanges + type: object + status: + properties: + ipAddresses: + items: + properties: + ipAddress: + type: string + owner: + properties: + pod: + properties: + containerID: + type: string + name: + type: string + namespace: + type: string + type: object + statefulSet: + properties: + index: + type: integer + name: + type: string + namespace: + type: string + type: object + type: object + phase: + type: string + type: object + type: array type: object + required: + - spec type: object served: true storage: true @@ -2268,14 +1199,14 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: networkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: NetworkPolicy plural: networkpolicies shortNames: - - lanp + - anp singular: networkpolicy scope: Namespaced versions: @@ -2418,6 +1349,8 @@ spec: matchLabels: x-kubernetes-preserve-unknown-fields: true type: object + fqdn: + type: string ipBlock: properties: cidr: @@ -2474,6 +1407,17 @@ spec: type: object type: object type: array + toServices: + items: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array required: - action type: object @@ -2620,88 +1564,45 @@ spec: type: object type: array priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string required: - priority type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object type: object served: true storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: tiers.security.antrea.tanzu.vmware.com + name: tiers.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: Tier plural: tiers shortNames: - - ltr + - tr singular: tier scope: Cluster versions: @@ -2984,186 +1885,6 @@ spec: subresources: status: {} --- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: traceflows.ops.antrea.tanzu.vmware.com -spec: - group: ops.antrea.tanzu.vmware.com - names: - kind: Traceflow - plural: traceflows - shortNames: - - ltf - singular: traceflow - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The phase of the Traceflow. - jsonPath: .status.phase - name: Phase - type: string - - description: The name of the source Pod. - jsonPath: .spec.source.pod - name: Source-Pod - priority: 10 - type: string - - description: The name of the destination Pod. - jsonPath: .spec.destination.pod - name: Destination-Pod - priority: 10 - type: string - - description: The IP address of the destination. - jsonPath: .spec.destination.ip - name: Destination-IP - priority: 10 - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - destination: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - namespace: - type: string - pod: - type: string - service: - type: string - type: object - packet: - properties: - ipHeader: - properties: - flags: - type: integer - protocol: - type: integer - srcIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - ttl: - type: integer - type: object - ipv6Header: - properties: - hopLimit: - type: integer - nextHeader: - type: integer - srcIP: - format: ipv6 - type: string - type: object - transportHeader: - properties: - icmp: - properties: - id: - type: integer - sequence: - type: integer - type: object - tcp: - properties: - dstPort: - type: integer - flags: - type: integer - srcPort: - type: integer - type: object - udp: - properties: - dstPort: - type: integer - srcPort: - type: integer - type: object - type: object - type: object - source: - properties: - namespace: - type: string - pod: - type: string - required: - - pod - - namespace - type: object - required: - - source - type: object - status: - properties: - dataplaneTag: - type: integer - phase: - type: string - reason: - type: string - results: - items: - properties: - node: - type: string - observations: - items: - properties: - action: - type: string - component: - type: string - componentInfo: - type: string - dstMAC: - type: string - networkPolicy: - type: string - pod: - type: string - translatedDstIP: - type: string - translatedSrcIP: - type: string - ttl: - type: integer - tunnelDstIP: - type: string - type: object - type: array - role: - type: string - timestamp: - type: integer - type: object - type: array - startTime: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- apiVersion: v1 kind: ServiceAccount metadata: @@ -3197,18 +1918,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-clustergroups-edit rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3230,14 +1939,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-clustergroups-view rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3256,19 +1957,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-policies-edit rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3291,15 +1979,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-policies-view rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3319,18 +1998,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-traceflows-edit rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3350,16 +2017,8 @@ metadata: labels: app: antrea rbac.authorization.k8s.io/aggregate-to-view: "true" - name: aggregate-traceflows-view -rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch + name: aggregate-traceflows-view +rules: - apiGroups: - crd.antrea.io resources: @@ -3377,7 +2036,6 @@ metadata: name: antctl rules: - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3387,7 +2045,6 @@ rules: - get - list - apiGroups: - - stats.antrea.tanzu.vmware.com - stats.antrea.io resources: - networkpolicystats @@ -3397,7 +2054,6 @@ rules: - get - list - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - controllerinfos @@ -3405,7 +2061,6 @@ rules: verbs: - get - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles @@ -3413,7 +2068,6 @@ rules: - get - post - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles/download @@ -3483,7 +2137,6 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - crd.antrea.io resources: - antreaagentinfos @@ -3493,7 +2146,6 @@ rules: - update - delete - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3512,14 +2164,12 @@ rules: - watch - list - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies/status @@ -3559,7 +2209,6 @@ rules: - watch - list - apiGroups: - - ops.antrea.tanzu.vmware.com - crd.antrea.io resources: - traceflows @@ -3719,9 +2368,6 @@ rules: - apiGroups: - apiregistration.k8s.io resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - v1alpha1.stats.antrea.io - v1beta1.system.antrea.io - v1beta2.controlplane.antrea.io @@ -3735,6 +2381,9 @@ rules: resourceNames: - v1beta1.networking.antrea.tanzu.vmware.com - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com resources: - apiservices verbs: @@ -3742,8 +2391,6 @@ rules: - apiGroups: - admissionregistration.k8s.io resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - labelsmutator.antrea.io - crdmutator.antrea.io - crdvalidator.antrea.io @@ -3867,86 +2514,6 @@ rules: - get - list - watch -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreacontrollerinfos - verbs: - - get - - create - - update - - delete -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreaagentinfos - verbs: - - list - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies/status - - networkpolicies/status - verbs: - - update -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - tiers - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - - traceflows/status - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - externalentities - - clustergroups - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups/status - verbs: - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -4303,20 +2870,6 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: - # If Antrea is upgraded from version <= v0.13 and legacy CRDs are used, this option should be - # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and - # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API - # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy - # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new - # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized - # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. - # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be - # annotated with "crd.antrea.io/stop-mirror". Afterwards, updates to the legacy CRDs will no - # longer be reflected in the new CRD, and all CRUD operations should be done through the new - # API groups. After adding the annotation, legacy CRDs can be deleted safely without impacting - # new CRDs. - #legacyCRDMirroring: true - nodeIPAM: # Enable the integrated Node IPAM controller within the Antrea controller. # enableNodeIPAM: false @@ -4343,7 +2896,7 @@ metadata: annotations: {} labels: app: antrea - name: antrea-config-h7767t7cfh + name: antrea-config-56dhk99g5f namespace: kube-system --- apiVersion: v1 @@ -4423,7 +2976,7 @@ spec: fieldRef: fieldPath: spec.serviceAccountName - name: ANTREA_CONFIG_MAP_NAME - value: antrea-config-h7767t7cfh + value: antrea-config-56dhk99g5f image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest imagePullPolicy: IfNotPresent livenessProbe: @@ -4474,7 +3027,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-h7767t7cfh + name: antrea-config-56dhk99g5f name: antrea-config - name: antrea-controller-tls secret: @@ -4503,21 +3056,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1alpha1.stats.antrea.tanzu.vmware.com -spec: - group: stats.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1alpha1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4533,21 +3071,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1beta1.system.antrea.tanzu.vmware.com -spec: - group: system.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4561,21 +3084,6 @@ spec: version: v1beta2 versionPriority: 100 --- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - labels: - app: antrea - name: v1beta2.controlplane.antrea.tanzu.vmware.com -spec: - group: controlplane.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta2 - versionPriority: 100 ---- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -4790,7 +3298,7 @@ spec: operator: Exists volumes: - configMap: - name: antrea-config-h7767t7cfh + name: antrea-config-56dhk99g5f name: antrea-config - hostPath: path: /etc/cni/net.d @@ -4875,58 +3383,6 @@ webhooks: timeoutSeconds: 5 --- apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdmutator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/acnp - name: acnpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/anp - name: anpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: labels: @@ -5088,101 +3544,3 @@ webhooks: scope: Cluster sideEffects: None timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdvalidator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/tier - name: tiervalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - tiers - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/acnp - name: acnpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/anp - name: anpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/clustergroup - name: clustergroupvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - core.antrea.tanzu.vmware.com - apiVersions: - - v1alpha2 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clustergroups - scope: Cluster - sideEffects: None - timeoutSeconds: 5 diff --git a/build/yamls/antrea-kind.yml b/build/yamls/antrea-kind.yml index 2b818746826..da3b0e82e15 100644 --- a/build/yamls/antrea-kind.yml +++ b/build/yamls/antrea-kind.yml @@ -1,29 +1,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaAgentInfo - plural: antreaagentinfos - shortNames: - - laai - singular: antreaagentinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -77,30 +53,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaControllerInfo - plural: antreacontrollerinfos - shortNames: - - laci - singular: antreacontrollerinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -154,146 +106,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: clustergroups.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ClusterGroup - plural: clustergroups - shortNames: - - lcg - singular: group - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - childGroups: - items: - type: string - type: array - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - ipBlocks: - items: - properties: - cidr: - format: cidr - type: string - type: object - type: array - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - serviceReference: - properties: - name: - type: string - namespace: - type: string - type: object - type: object - status: - properties: - conditions: - items: - properties: - lastTransitionTime: - type: string - status: - type: string - type: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -1006,682 +818,197 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: egresses.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: - kind: ClusterNetworkPolicy - plural: clusternetworkpolicies + kind: Egress + plural: egresses shortNames: - - lacnp - singular: clusternetworkpolicy + - eg + singular: egress scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this ClusterNetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier + - description: Specifies the SNAT IP address for the selected workloads. + jsonPath: .spec.egressIP + name: EgressIP type: string - - description: The Priority of this ClusterNetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1alpha1 + - description: The Owner Node of egress IP + jsonPath: .status.egressNode + name: Node + type: string + name: v1alpha2 schema: openAPIV3Schema: properties: spec: + anyOf: + - required: + - egressIP + - required: + - externalIPPool properties: appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + properties: + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + podSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + egressIP: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + externalIPPool: + type: string + required: + - appliedTo + type: object + status: + properties: + egressNode: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass + ip: + oneOf: + - format: ipv4 + - format: ipv6 type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - required: - - action type: object type: array - ingress: - items: + externalNode: + type: string + ports: + items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action + port: + x-kubernetes-int-or-string: true + protocol: + type: string type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object type: object served: true storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: egresses.crd.antrea.io + name: externalippools.crd.antrea.io spec: group: crd.antrea.io names: - kind: Egress - plural: egresses + kind: ExternalIPPool + plural: externalippools shortNames: - - eg - singular: egress + - eip + singular: externalippool scope: Cluster versions: - additionalPrinterColumns: - - description: Specifies the SNAT IP address for the selected workloads. - jsonPath: .spec.egressIP - name: EgressIP - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: The Owner Node of egress IP - jsonPath: .status.egressNode - name: Node - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - anyOf: - - required: - - egressIP - - required: - - externalIPPool - properties: - appliedTo: - properties: - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - egressIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - externalIPPool: - type: string - required: - - appliedTo - type: object - status: - properties: - egressNode: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - lee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalIPPool - plural: externalippools - shortNames: - - eip - singular: externalippool - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The number of total IPs - jsonPath: .status.usage.total - name: Total - type: integer - - description: The number of allocated IPs - jsonPath: .status.usage.used - name: Used - type: integer + - description: The number of total IPs + jsonPath: .status.usage.total + name: Total + type: integer + - description: The number of allocated IPs + jsonPath: .status.usage.used + name: Used + type: integer - jsonPath: .metadata.creationTimestamp name: Age type: date @@ -1699,564 +1026,168 @@ spec: - required: - start - end - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - type: object - type: array - nodeSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - required: - - ipRanges - - nodeSelector - type: object - status: - properties: - usage: - properties: - total: - type: integer - used: - type: integer - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: ippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: IPPool - plural: ippools - shortNames: - - ipp - singular: ippool - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - ipRanges: - items: - oneOf: - - required: - - cidr - - gateway - - prefixLength - - required: - - start - - end - - gateway - - prefixLength - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - gateway: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - prefixLength: - type: integer - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - vlan: - type: string - type: object - type: array - ipVersion: - type: integer - required: - - ipVersion - - ipRanges - type: object - status: - properties: - ipAddresses: - items: - properties: - ipAddress: - type: string - owner: - properties: - pod: - properties: - containerID: - type: string - name: - type: string - namespace: - type: string - type: object - statefulSet: - properties: - index: - type: integer - name: - type: string - namespace: - type: string - type: object - type: object - phase: - type: string - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: NetworkPolicy - plural: networkpolicies - shortNames: - - anp - singular: networkpolicy - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier - type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - name: - type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - fqdn: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - toServices: - items: - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - required: - - action - type: object - type: array - ingress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - name: + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + start: + oneOf: + - format: ipv4 + - format: ipv6 type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string + nodeSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ + type: string + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object required: - - priority + - ipRanges + - nodeSelector type: object status: properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: + usage: + properties: + total: + type: integer + used: + type: integer + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: ippools.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: IPPool + plural: ippools + shortNames: + - ipp + singular: ippool + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + ipRanges: + items: + oneOf: + - required: + - cidr + - gateway + - prefixLength + - required: + - start + - end + - gateway + - prefixLength + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + gateway: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + prefixLength: + type: integer + start: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + vlan: + type: string + type: object + type: array + ipVersion: type: integer - phase: - type: string + required: + - ipVersion + - ipRanges + type: object + status: + properties: + ipAddresses: + items: + properties: + ipAddress: + type: string + owner: + properties: + pod: + properties: + containerID: + type: string + name: + type: string + namespace: + type: string + type: object + statefulSet: + properties: + index: + type: integer + name: + type: string + namespace: + type: string + type: object + type: object + phase: + type: string + type: object + type: array type: object + required: + - spec type: object served: true storage: true @@ -2268,14 +1199,14 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: networkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: NetworkPolicy plural: networkpolicies shortNames: - - lanp + - anp singular: networkpolicy scope: Namespaced versions: @@ -2418,6 +1349,8 @@ spec: matchLabels: x-kubernetes-preserve-unknown-fields: true type: object + fqdn: + type: string ipBlock: properties: cidr: @@ -2474,6 +1407,17 @@ spec: type: object type: object type: array + toServices: + items: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array required: - action type: object @@ -2620,88 +1564,45 @@ spec: type: object type: array priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string required: - priority type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object type: object served: true storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: tiers.security.antrea.tanzu.vmware.com + name: tiers.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: Tier plural: tiers shortNames: - - ltr + - tr singular: tier scope: Cluster versions: @@ -2984,186 +1885,6 @@ spec: subresources: status: {} --- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: traceflows.ops.antrea.tanzu.vmware.com -spec: - group: ops.antrea.tanzu.vmware.com - names: - kind: Traceflow - plural: traceflows - shortNames: - - ltf - singular: traceflow - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The phase of the Traceflow. - jsonPath: .status.phase - name: Phase - type: string - - description: The name of the source Pod. - jsonPath: .spec.source.pod - name: Source-Pod - priority: 10 - type: string - - description: The name of the destination Pod. - jsonPath: .spec.destination.pod - name: Destination-Pod - priority: 10 - type: string - - description: The IP address of the destination. - jsonPath: .spec.destination.ip - name: Destination-IP - priority: 10 - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - destination: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - namespace: - type: string - pod: - type: string - service: - type: string - type: object - packet: - properties: - ipHeader: - properties: - flags: - type: integer - protocol: - type: integer - srcIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - ttl: - type: integer - type: object - ipv6Header: - properties: - hopLimit: - type: integer - nextHeader: - type: integer - srcIP: - format: ipv6 - type: string - type: object - transportHeader: - properties: - icmp: - properties: - id: - type: integer - sequence: - type: integer - type: object - tcp: - properties: - dstPort: - type: integer - flags: - type: integer - srcPort: - type: integer - type: object - udp: - properties: - dstPort: - type: integer - srcPort: - type: integer - type: object - type: object - type: object - source: - properties: - namespace: - type: string - pod: - type: string - required: - - pod - - namespace - type: object - required: - - source - type: object - status: - properties: - dataplaneTag: - type: integer - phase: - type: string - reason: - type: string - results: - items: - properties: - node: - type: string - observations: - items: - properties: - action: - type: string - component: - type: string - componentInfo: - type: string - dstMAC: - type: string - networkPolicy: - type: string - pod: - type: string - translatedDstIP: - type: string - translatedSrcIP: - type: string - ttl: - type: integer - tunnelDstIP: - type: string - type: object - type: array - role: - type: string - timestamp: - type: integer - type: object - type: array - startTime: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- apiVersion: v1 kind: ServiceAccount metadata: @@ -3197,18 +1918,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-clustergroups-edit rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3230,14 +1939,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-clustergroups-view rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3256,19 +1957,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-policies-edit rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3291,15 +1979,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-policies-view rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3319,18 +1998,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-traceflows-edit rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3350,16 +2017,8 @@ metadata: labels: app: antrea rbac.authorization.k8s.io/aggregate-to-view: "true" - name: aggregate-traceflows-view -rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch + name: aggregate-traceflows-view +rules: - apiGroups: - crd.antrea.io resources: @@ -3377,7 +2036,6 @@ metadata: name: antctl rules: - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3387,7 +2045,6 @@ rules: - get - list - apiGroups: - - stats.antrea.tanzu.vmware.com - stats.antrea.io resources: - networkpolicystats @@ -3397,7 +2054,6 @@ rules: - get - list - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - controllerinfos @@ -3405,7 +2061,6 @@ rules: verbs: - get - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles @@ -3413,7 +2068,6 @@ rules: - get - post - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles/download @@ -3483,7 +2137,6 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - crd.antrea.io resources: - antreaagentinfos @@ -3493,7 +2146,6 @@ rules: - update - delete - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3512,14 +2164,12 @@ rules: - watch - list - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies/status @@ -3559,7 +2209,6 @@ rules: - watch - list - apiGroups: - - ops.antrea.tanzu.vmware.com - crd.antrea.io resources: - traceflows @@ -3719,9 +2368,6 @@ rules: - apiGroups: - apiregistration.k8s.io resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - v1alpha1.stats.antrea.io - v1beta1.system.antrea.io - v1beta2.controlplane.antrea.io @@ -3735,6 +2381,9 @@ rules: resourceNames: - v1beta1.networking.antrea.tanzu.vmware.com - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com resources: - apiservices verbs: @@ -3742,8 +2391,6 @@ rules: - apiGroups: - admissionregistration.k8s.io resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - labelsmutator.antrea.io - crdmutator.antrea.io - crdvalidator.antrea.io @@ -3867,86 +2514,6 @@ rules: - get - list - watch -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreacontrollerinfos - verbs: - - get - - create - - update - - delete -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreaagentinfos - verbs: - - list - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies/status - - networkpolicies/status - verbs: - - update -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - tiers - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - - traceflows/status - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - externalentities - - clustergroups - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups/status - verbs: - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -4303,20 +2870,6 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: - # If Antrea is upgraded from version <= v0.13 and legacy CRDs are used, this option should be - # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and - # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API - # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy - # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new - # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized - # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. - # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be - # annotated with "crd.antrea.io/stop-mirror". Afterwards, updates to the legacy CRDs will no - # longer be reflected in the new CRD, and all CRUD operations should be done through the new - # API groups. After adding the annotation, legacy CRDs can be deleted safely without impacting - # new CRDs. - #legacyCRDMirroring: true - nodeIPAM: # Enable the integrated Node IPAM controller within the Antrea controller. # enableNodeIPAM: false @@ -4343,7 +2896,7 @@ metadata: annotations: {} labels: app: antrea - name: antrea-config-kkmb8ft29d + name: antrea-config-m4h4624d24 namespace: kube-system --- apiVersion: v1 @@ -4414,7 +2967,7 @@ spec: fieldRef: fieldPath: spec.serviceAccountName - name: ANTREA_CONFIG_MAP_NAME - value: antrea-config-kkmb8ft29d + value: antrea-config-m4h4624d24 image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest imagePullPolicy: IfNotPresent livenessProbe: @@ -4465,7 +3018,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-kkmb8ft29d + name: antrea-config-m4h4624d24 name: antrea-config - name: antrea-controller-tls secret: @@ -4494,21 +3047,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1alpha1.stats.antrea.tanzu.vmware.com -spec: - group: stats.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1alpha1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4524,21 +3062,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1beta1.system.antrea.tanzu.vmware.com -spec: - group: system.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4552,21 +3075,6 @@ spec: version: v1beta2 versionPriority: 100 --- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - labels: - app: antrea - name: v1beta2.controlplane.antrea.tanzu.vmware.com -spec: - group: controlplane.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta2 - versionPriority: 100 ---- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -4742,7 +3250,7 @@ spec: type: CharDevice name: dev-tun - configMap: - name: antrea-config-kkmb8ft29d + name: antrea-config-m4h4624d24 name: antrea-config - hostPath: path: /etc/cni/net.d @@ -4827,58 +3335,6 @@ webhooks: timeoutSeconds: 5 --- apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdmutator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/acnp - name: acnpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/anp - name: anpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: labels: @@ -5040,101 +3496,3 @@ webhooks: scope: Cluster sideEffects: None timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdvalidator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/tier - name: tiervalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - tiers - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/acnp - name: acnpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/anp - name: anpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/clustergroup - name: clustergroupvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - core.antrea.tanzu.vmware.com - apiVersions: - - v1alpha2 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clustergroups - scope: Cluster - sideEffects: None - timeoutSeconds: 5 diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml index afb487f3017..7ada9b7a746 100644 --- a/build/yamls/antrea.yml +++ b/build/yamls/antrea.yml @@ -1,29 +1,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaAgentInfo - plural: antreaagentinfos - shortNames: - - laai - singular: antreaagentinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -77,30 +53,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - names: - kind: AntreaControllerInfo - plural: antreacontrollerinfos - shortNames: - - laci - singular: antreacontrollerinfo - scope: Cluster - versions: - - name: v1beta1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -154,146 +106,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: clustergroups.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ClusterGroup - plural: clustergroups - shortNames: - - lcg - singular: group - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - childGroups: - items: - type: string - type: array - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - ipBlocks: - items: - properties: - cidr: - format: cidr - type: string - type: object - type: array - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - serviceReference: - properties: - name: - type: string - namespace: - type: string - type: object - type: object - status: - properties: - conditions: - items: - properties: - lastTransitionTime: - type: string - status: - type: string - type: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -1006,682 +818,197 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: egresses.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: - kind: ClusterNetworkPolicy - plural: clusternetworkpolicies + kind: Egress + plural: egresses shortNames: - - lacnp - singular: clusternetworkpolicy + - eg + singular: egress scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this ClusterNetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier + - description: Specifies the SNAT IP address for the selected workloads. + jsonPath: .spec.egressIP + name: EgressIP type: string - - description: The Priority of this ClusterNetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1alpha1 + - description: The Owner Node of egress IP + jsonPath: .status.egressNode + name: Node + type: string + name: v1alpha2 schema: openAPIV3Schema: properties: spec: + anyOf: + - required: + - egressIP + - required: + - externalIPPool properties: appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + properties: + namespaceSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + podSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + egressIP: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + externalIPPool: + type: string + required: + - appliedTo + type: object + status: + properties: + egressNode: + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass + ip: + oneOf: + - format: ipv4 + - format: ipv6 type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - required: - - action type: object type: array - ingress: - items: + externalNode: + type: string + ports: + items: properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - group: - type: string - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - group: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - namespaces: - properties: - match: - type: string - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array name: type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action + port: + x-kubernetes-int-or-string: true + protocol: + type: string type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object type: object served: true storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: egresses.crd.antrea.io + name: externalippools.crd.antrea.io spec: group: crd.antrea.io names: - kind: Egress - plural: egresses + kind: ExternalIPPool + plural: externalippools shortNames: - - eg - singular: egress + - eip + singular: externalippool scope: Cluster versions: - additionalPrinterColumns: - - description: Specifies the SNAT IP address for the selected workloads. - jsonPath: .spec.egressIP - name: EgressIP - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: The Owner Node of egress IP - jsonPath: .status.egressNode - name: Node - type: string - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - anyOf: - - required: - - egressIP - - required: - - externalIPPool - properties: - appliedTo: - properties: - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - egressIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - externalIPPool: - type: string - required: - - appliedTo - type: object - status: - properties: - egressNode: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - lee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalentities.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: externalippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: ExternalIPPool - plural: externalippools - shortNames: - - eip - singular: externalippool - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The number of total IPs - jsonPath: .status.usage.total - name: Total - type: integer - - description: The number of allocated IPs - jsonPath: .status.usage.used - name: Used - type: integer + - description: The number of total IPs + jsonPath: .status.usage.total + name: Total + type: integer + - description: The number of allocated IPs + jsonPath: .status.usage.used + name: Used + type: integer - jsonPath: .metadata.creationTimestamp name: Age type: date @@ -1699,564 +1026,168 @@ spec: - required: - start - end - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - type: object - type: array - nodeSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - required: - - ipRanges - - nodeSelector - type: object - status: - properties: - usage: - properties: - total: - type: integer - used: - type: integer - type: object - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: ippools.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: IPPool - plural: ippools - shortNames: - - ipp - singular: ippool - scope: Cluster - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - ipRanges: - items: - oneOf: - - required: - - cidr - - gateway - - prefixLength - - required: - - start - - end - - gateway - - prefixLength - properties: - cidr: - format: cidr - type: string - end: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - gateway: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - prefixLength: - type: integer - start: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - vlan: - type: string - type: object - type: array - ipVersion: - type: integer - required: - - ipVersion - - ipRanges - type: object - status: - properties: - ipAddresses: - items: - properties: - ipAddress: - type: string - owner: - properties: - pod: - properties: - containerID: - type: string - name: - type: string - namespace: - type: string - type: object - statefulSet: - properties: - index: - type: integer - name: - type: string - namespace: - type: string - type: object - type: object - phase: - type: string - type: object - type: array - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: NetworkPolicy - plural: networkpolicies - shortNames: - - anp - singular: networkpolicy - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. - jsonPath: .spec.tier - name: Tier - type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. - format: float - jsonPath: .spec.priority - name: Priority - type: number - - description: The total number of Nodes that should realize the NetworkPolicy. - format: int32 - jsonPath: .status.desiredNodesRealized - name: Desired Nodes - type: number - - description: The number of Nodes that have realized the NetworkPolicy. - format: int32 - jsonPath: .status.currentNodesRealized - name: Current Nodes - type: number - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - egress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - name: - type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - to: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - fqdn: - type: string - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - toServices: - items: - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - required: - - action - type: object - type: array - ingress: - items: - properties: - action: - enum: - - Allow - - Drop - - Reject - - Pass - type: string - appliedTo: - items: - properties: - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - enableLogging: - type: boolean - from: - items: - properties: - externalEntitySelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - ipBlock: - properties: - cidr: - format: cidr - type: string - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - podSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - items: - pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ - type: string - type: array - type: object - type: array - matchLabels: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - type: array - name: + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + start: + oneOf: + - format: ipv4 + - format: ipv6 type: string - ports: - items: - properties: - endPort: - type: integer - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - required: - - action type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string + nodeSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + items: + pattern: ^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$ + type: string + type: array + type: object + type: array + matchLabels: + x-kubernetes-preserve-unknown-fields: true + type: object required: - - priority + - ipRanges + - nodeSelector type: object status: properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: + usage: + properties: + total: + type: integer + used: + type: integer + type: object + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: ippools.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: IPPool + plural: ippools + shortNames: + - ipp + singular: ippool + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + ipRanges: + items: + oneOf: + - required: + - cidr + - gateway + - prefixLength + - required: + - start + - end + - gateway + - prefixLength + properties: + cidr: + format: cidr + type: string + end: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + gateway: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + prefixLength: + type: integer + start: + oneOf: + - format: ipv4 + - format: ipv6 + type: string + vlan: + type: string + type: object + type: array + ipVersion: type: integer - phase: - type: string + required: + - ipVersion + - ipRanges + type: object + status: + properties: + ipAddresses: + items: + properties: + ipAddress: + type: string + owner: + properties: + pod: + properties: + containerID: + type: string + name: + type: string + namespace: + type: string + type: object + statefulSet: + properties: + index: + type: integer + name: + type: string + namespace: + type: string + type: object + type: object + phase: + type: string + type: object + type: array type: object + required: + - spec type: object served: true storage: true @@ -2268,14 +1199,14 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: networkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: NetworkPolicy plural: networkpolicies shortNames: - - lanp + - anp singular: networkpolicy scope: Namespaced versions: @@ -2418,6 +1349,8 @@ spec: matchLabels: x-kubernetes-preserve-unknown-fields: true type: object + fqdn: + type: string ipBlock: properties: cidr: @@ -2474,6 +1407,17 @@ spec: type: object type: object type: array + toServices: + items: + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array required: - action type: object @@ -2620,88 +1564,45 @@ spec: type: object type: array priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.crd.antrea.io -spec: - group: crd.antrea.io - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string required: - priority type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object type: object served: true storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: labels: app: antrea - name: tiers.security.antrea.tanzu.vmware.com + name: tiers.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: Tier plural: tiers shortNames: - - ltr + - tr singular: tier scope: Cluster versions: @@ -2984,186 +1885,6 @@ spec: subresources: status: {} --- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: traceflows.ops.antrea.tanzu.vmware.com -spec: - group: ops.antrea.tanzu.vmware.com - names: - kind: Traceflow - plural: traceflows - shortNames: - - ltf - singular: traceflow - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The phase of the Traceflow. - jsonPath: .status.phase - name: Phase - type: string - - description: The name of the source Pod. - jsonPath: .spec.source.pod - name: Source-Pod - priority: 10 - type: string - - description: The name of the destination Pod. - jsonPath: .spec.destination.pod - name: Destination-Pod - priority: 10 - type: string - - description: The IP address of the destination. - jsonPath: .spec.destination.ip - name: Destination-IP - priority: 10 - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - destination: - properties: - ip: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - namespace: - type: string - pod: - type: string - service: - type: string - type: object - packet: - properties: - ipHeader: - properties: - flags: - type: integer - protocol: - type: integer - srcIP: - oneOf: - - format: ipv4 - - format: ipv6 - type: string - ttl: - type: integer - type: object - ipv6Header: - properties: - hopLimit: - type: integer - nextHeader: - type: integer - srcIP: - format: ipv6 - type: string - type: object - transportHeader: - properties: - icmp: - properties: - id: - type: integer - sequence: - type: integer - type: object - tcp: - properties: - dstPort: - type: integer - flags: - type: integer - srcPort: - type: integer - type: object - udp: - properties: - dstPort: - type: integer - srcPort: - type: integer - type: object - type: object - type: object - source: - properties: - namespace: - type: string - pod: - type: string - required: - - pod - - namespace - type: object - required: - - source - type: object - status: - properties: - dataplaneTag: - type: integer - phase: - type: string - reason: - type: string - results: - items: - properties: - node: - type: string - observations: - items: - properties: - action: - type: string - component: - type: string - componentInfo: - type: string - dstMAC: - type: string - networkPolicy: - type: string - pod: - type: string - translatedDstIP: - type: string - translatedSrcIP: - type: string - ttl: - type: integer - tunnelDstIP: - type: string - type: object - type: array - role: - type: string - timestamp: - type: integer - type: object - type: array - startTime: - type: string - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- apiVersion: v1 kind: ServiceAccount metadata: @@ -3197,18 +1918,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-clustergroups-edit rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3230,14 +1939,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-clustergroups-view rules: -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3256,19 +1957,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-antrea-policies-edit rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3291,15 +1979,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-view: "true" name: aggregate-antrea-policies-view rules: -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - list - - watch - apiGroups: - crd.antrea.io resources: @@ -3319,18 +1998,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-edit: "true" name: aggregate-traceflows-edit rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - apiGroups: - crd.antrea.io resources: @@ -3350,16 +2017,8 @@ metadata: labels: app: antrea rbac.authorization.k8s.io/aggregate-to-view: "true" - name: aggregate-traceflows-view -rules: -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - verbs: - - get - - list - - watch + name: aggregate-traceflows-view +rules: - apiGroups: - crd.antrea.io resources: @@ -3377,7 +2036,6 @@ metadata: name: antctl rules: - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3387,7 +2045,6 @@ rules: - get - list - apiGroups: - - stats.antrea.tanzu.vmware.com - stats.antrea.io resources: - networkpolicystats @@ -3397,7 +2054,6 @@ rules: - get - list - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - controllerinfos @@ -3405,7 +2061,6 @@ rules: verbs: - get - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles @@ -3413,7 +2068,6 @@ rules: - get - post - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles/download @@ -3483,7 +2137,6 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - crd.antrea.io resources: - antreaagentinfos @@ -3493,7 +2146,6 @@ rules: - update - delete - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -3512,14 +2164,12 @@ rules: - watch - list - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies/status @@ -3559,7 +2209,6 @@ rules: - watch - list - apiGroups: - - ops.antrea.tanzu.vmware.com - crd.antrea.io resources: - traceflows @@ -3719,9 +2368,6 @@ rules: - apiGroups: - apiregistration.k8s.io resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - v1alpha1.stats.antrea.io - v1beta1.system.antrea.io - v1beta2.controlplane.antrea.io @@ -3735,6 +2381,9 @@ rules: resourceNames: - v1beta1.networking.antrea.tanzu.vmware.com - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com resources: - apiservices verbs: @@ -3742,8 +2391,6 @@ rules: - apiGroups: - admissionregistration.k8s.io resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - labelsmutator.antrea.io - crdmutator.antrea.io - crdvalidator.antrea.io @@ -3867,86 +2514,6 @@ rules: - get - list - watch -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreacontrollerinfos - verbs: - - get - - create - - update - - delete -- apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreaagentinfos - verbs: - - list - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies/status - - networkpolicies/status - verbs: - - update -- apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - tiers - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - - traceflows/status - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - externalentities - - clustergroups - verbs: - - get - - watch - - list - - update - - patch - - create - - delete -- apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups/status - verbs: - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -4303,20 +2870,6 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: - # If Antrea is upgraded from version <= v0.13 and legacy CRDs are used, this option should be - # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and - # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API - # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy - # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new - # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized - # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. - # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be - # annotated with "crd.antrea.io/stop-mirror". Afterwards, updates to the legacy CRDs will no - # longer be reflected in the new CRD, and all CRUD operations should be done through the new - # API groups. After adding the annotation, legacy CRDs can be deleted safely without impacting - # new CRDs. - #legacyCRDMirroring: true - nodeIPAM: # Enable the integrated Node IPAM controller within the Antrea controller. # enableNodeIPAM: false @@ -4343,7 +2896,7 @@ metadata: annotations: {} labels: app: antrea - name: antrea-config-k7tg4t4t8h + name: antrea-config-895f7f85g9 namespace: kube-system --- apiVersion: v1 @@ -4414,7 +2967,7 @@ spec: fieldRef: fieldPath: spec.serviceAccountName - name: ANTREA_CONFIG_MAP_NAME - value: antrea-config-k7tg4t4t8h + value: antrea-config-895f7f85g9 image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest imagePullPolicy: IfNotPresent livenessProbe: @@ -4465,7 +3018,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-k7tg4t4t8h + name: antrea-config-895f7f85g9 name: antrea-config - name: antrea-controller-tls secret: @@ -4494,21 +3047,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1alpha1.stats.antrea.tanzu.vmware.com -spec: - group: stats.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1alpha1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4524,21 +3062,6 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService -metadata: - labels: - app: antrea - name: v1beta1.system.antrea.tanzu.vmware.com -spec: - group: system.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta1 - versionPriority: 100 ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService metadata: labels: app: antrea @@ -4552,21 +3075,6 @@ spec: version: v1beta2 versionPriority: 100 --- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - labels: - app: antrea - name: v1beta2.controlplane.antrea.tanzu.vmware.com -spec: - group: controlplane.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - service: - name: antrea - namespace: kube-system - version: v1beta2 - versionPriority: 100 ---- apiVersion: apps/v1 kind: DaemonSet metadata: @@ -4746,7 +3254,7 @@ spec: operator: Exists volumes: - configMap: - name: antrea-config-k7tg4t4t8h + name: antrea-config-895f7f85g9 name: antrea-config - hostPath: path: /etc/cni/net.d @@ -4831,58 +3339,6 @@ webhooks: timeoutSeconds: 5 --- apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdmutator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/acnp - name: acnpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /mutate/anp - name: anpmutator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: labels: @@ -5044,101 +3500,3 @@ webhooks: scope: Cluster sideEffects: None timeoutSeconds: 5 ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - labels: - app: antrea - name: crdvalidator.antrea.tanzu.vmware.com -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/tier - name: tiervalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - tiers - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/acnp - name: acnpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - clusternetworkpolicies - scope: Cluster - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/anp - name: anpvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - security.antrea.tanzu.vmware.com - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - networkpolicies - scope: Namespaced - sideEffects: None - timeoutSeconds: 5 -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: antrea - namespace: kube-system - path: /validate/clustergroup - name: clustergroupvalidator.antrea.tanzu.vmware.com - rules: - - apiGroups: - - core.antrea.tanzu.vmware.com - apiVersions: - - v1alpha2 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clustergroups - scope: Cluster - sideEffects: None - timeoutSeconds: 5 diff --git a/build/yamls/base/agent-rbac.yml b/build/yamls/base/agent-rbac.yml index 28de5de5c1d..4927d68443a 100644 --- a/build/yamls/base/agent-rbac.yml +++ b/build/yamls/base/agent-rbac.yml @@ -54,7 +54,6 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - crd.antrea.io resources: - antreaagentinfos @@ -64,7 +63,6 @@ rules: - update - delete - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -83,14 +81,12 @@ rules: - watch - list - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies/status @@ -136,7 +132,6 @@ rules: - watch - list - apiGroups: - - ops.antrea.tanzu.vmware.com - crd.antrea.io resources: - traceflows diff --git a/build/yamls/base/antctl.yml b/build/yamls/base/antctl.yml index cae3ff79224..6a3764ae560 100644 --- a/build/yamls/base/antctl.yml +++ b/build/yamls/base/antctl.yml @@ -11,7 +11,6 @@ metadata: name: antctl rules: - apiGroups: - - controlplane.antrea.tanzu.vmware.com - controlplane.antrea.io resources: - networkpolicies @@ -21,7 +20,6 @@ rules: - get - list - apiGroups: - - stats.antrea.tanzu.vmware.com - stats.antrea.io resources: - networkpolicystats @@ -31,7 +29,6 @@ rules: - get - list - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - controllerinfos @@ -39,7 +36,6 @@ rules: verbs: - get - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles @@ -47,7 +43,6 @@ rules: - get - post - apiGroups: - - system.antrea.tanzu.vmware.com - system.antrea.io resources: - supportbundles/download diff --git a/build/yamls/base/conf/antrea-controller.conf b/build/yamls/base/conf/antrea-controller.conf index 433401f7a49..6669237da18 100644 --- a/build/yamls/base/conf/antrea-controller.conf +++ b/build/yamls/base/conf/antrea-controller.conf @@ -50,20 +50,6 @@ featureGates: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: -# If Antrea is upgraded from version <= v0.13 and legacy CRDs are used, this option should be -# enabled, otherwise the CRDs created with the legacy API groups will not take any effect and -# work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API -# groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy -# CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new -# CRD automatically. In addition, the modification of Status in new CRD will also be synchronized -# to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. -# Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be -# annotated with "crd.antrea.io/stop-mirror". Afterwards, updates to the legacy CRDs will no -# longer be reflected in the new CRD, and all CRUD operations should be done through the new -# API groups. After adding the annotation, legacy CRDs can be deleted safely without impacting -# new CRDs. -#legacyCRDMirroring: true - nodeIPAM: # Enable the integrated Node IPAM controller within the Antrea controller. # enableNodeIPAM: false diff --git a/build/yamls/base/controller-rbac.yml b/build/yamls/base/controller-rbac.yml index 0401cb68396..28b42986b26 100644 --- a/build/yamls/base/controller-rbac.yml +++ b/build/yamls/base/controller-rbac.yml @@ -104,9 +104,6 @@ rules: resources: - apiservices resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - v1alpha1.stats.antrea.io - v1beta1.system.antrea.io - v1beta2.controlplane.antrea.io @@ -120,6 +117,9 @@ rules: resourceNames: - v1beta1.networking.antrea.tanzu.vmware.com - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com verbs: - delete - apiGroups: @@ -128,8 +128,6 @@ rules: - mutatingwebhookconfigurations - validatingwebhookconfigurations resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - labelsmutator.antrea.io - crdmutator.antrea.io - crdvalidator.antrea.io @@ -250,94 +248,6 @@ rules: - get - list - watch - # Deprecated in v1.0.0. - - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreacontrollerinfos - verbs: - - get - - create - - update - - delete - # Deprecated in v1.0.0. - - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreaagentinfos - verbs: - - list - - delete - # Deprecated in v1.0.0. - - apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies - - networkpolicies - verbs: - - get - - watch - - list - - update - - patch - - create - - delete - # Deprecated in v1.0.0. - - apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - clusternetworkpolicies/status - - networkpolicies/status - verbs: - - update - # Deprecated in v1.0.0. - - apiGroups: - - security.antrea.tanzu.vmware.com - resources: - - tiers - verbs: - - get - - watch - - list - - update - - patch - - create - - delete - # Deprecated in v1.0.0. - - apiGroups: - - ops.antrea.tanzu.vmware.com - resources: - - traceflows - - traceflows/status - verbs: - - get - - watch - - list - - update - - patch - - create - - delete - # Deprecated in v1.0.0. - - apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - externalentities - - clustergroups - verbs: - - get - - watch - - list - - update - - patch - - create - - delete - # Deprecated in v1.0.0. - - apiGroups: - - core.antrea.tanzu.vmware.com - resources: - - clustergroups/status - verbs: - - update --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/build/yamls/base/controller.yml b/build/yamls/base/controller.yml index 942c8c3ca6f..f529315379b 100644 --- a/build/yamls/base/controller.yml +++ b/build/yamls/base/controller.yml @@ -304,149 +304,3 @@ spec: path: /var/log/antrea type: DirectoryOrCreate --- -# Deprecated in v1.0.0. -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1beta2.controlplane.antrea.tanzu.vmware.com -spec: - group: controlplane.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - version: v1beta2 - versionPriority: 100 - service: - name: antrea - namespace: kube-system ---- -# Deprecated in v1.0.0. -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1beta1.system.antrea.tanzu.vmware.com -spec: - group: system.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - version: v1beta1 - versionPriority: 100 - service: - name: antrea - namespace: kube-system ---- -# Deprecated in v1.0.0. -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: "crdmutator.antrea.tanzu.vmware.com" -webhooks: - - name: "acnpmutator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/mutate/acnp" - rules: - - operations: ["CREATE", "UPDATE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha1"] - resources: ["clusternetworkpolicies"] - scope: "Cluster" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 - - name: "anpmutator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/mutate/anp" - rules: - - operations: ["CREATE", "UPDATE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha1"] - resources: ["networkpolicies"] - scope: "Namespaced" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 ---- -# Deprecated in v1.0.0. -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: "crdvalidator.antrea.tanzu.vmware.com" -webhooks: - - name: "tiervalidator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/validate/tier" - rules: - - operations: ["CREATE", "UPDATE", "DELETE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha1"] - resources: ["tiers"] - scope: "Cluster" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 - - name: "acnpvalidator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/validate/acnp" - rules: - - operations: ["CREATE", "UPDATE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha1"] - resources: ["clusternetworkpolicies"] - scope: "Cluster" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 - - name: "anpvalidator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/validate/anp" - rules: - - operations: ["CREATE", "UPDATE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha1"] - resources: ["networkpolicies"] - scope: "Namespaced" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 - - name: "clustergroupvalidator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/validate/clustergroup" - rules: - - operations: ["CREATE", "UPDATE", "DELETE"] - apiGroups: ["core.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha2"] - resources: ["clustergroups"] - scope: "Cluster" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 ---- -# Deprecated in v1.0.0. -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1alpha1.stats.antrea.tanzu.vmware.com -spec: - group: stats.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - version: v1alpha1 - versionPriority: 100 - service: - name: antrea - namespace: kube-system ---- diff --git a/build/yamls/base/crds-rbac.yml b/build/yamls/base/crds-rbac.yml index c34c33e11c9..3ddc3ac9167 100644 --- a/build/yamls/base/crds-rbac.yml +++ b/build/yamls/base/crds-rbac.yml @@ -8,9 +8,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rules: -- apiGroups: ["security.antrea.tanzu.vmware.com"] - resources: ["clusternetworkpolicies", "networkpolicies"] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] - apiGroups: ["crd.antrea.io"] resources: ["clusternetworkpolicies", "networkpolicies"] verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] @@ -23,9 +20,6 @@ metadata: # Add these permissions to the "view" default role. rbac.authorization.k8s.io/aggregate-to-view: "true" rules: -- apiGroups: ["security.antrea.tanzu.vmware.com"] - resources: ["clusternetworkpolicies", "networkpolicies"] - verbs: ["get", "list", "watch"] - apiGroups: ["crd.antrea.io"] resources: ["clusternetworkpolicies", "networkpolicies"] verbs: ["get", "list", "watch"] @@ -39,9 +33,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rules: -- apiGroups: ["ops.antrea.tanzu.vmware.com"] - resources: ["traceflows"] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] - apiGroups: ["crd.antrea.io"] resources: ["traceflows"] verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] @@ -54,9 +45,6 @@ metadata: # Add these permissions to the "view" default role. rbac.authorization.k8s.io/aggregate-to-view: "true" rules: -- apiGroups: ["ops.antrea.tanzu.vmware.com"] - resources: ["traceflows"] - verbs: ["get", "list", "watch"] - apiGroups: ["crd.antrea.io"] resources: ["traceflows"] verbs: ["get", "list", "watch"] @@ -70,9 +58,6 @@ metadata: rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rules: -- apiGroups: ["core.antrea.tanzu.vmware.com"] - resources: ["clustergroups"] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] - apiGroups: ["crd.antrea.io"] resources: ["clustergroups"] verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] @@ -85,9 +70,6 @@ metadata: # Add these permissions to the "view" default role. rbac.authorization.k8s.io/aggregate-to-view: "true" rules: -- apiGroups: ["core.antrea.tanzu.vmware.com"] - resources: ["clustergroups"] - verbs: ["get", "list", "watch"] - apiGroups: ["crd.antrea.io"] resources: ["clustergroups"] verbs: ["get", "list", "watch"] diff --git a/build/yamls/base/crds.yml b/build/yamls/base/crds.yml index e116d637f79..56e7d162685 100644 --- a/build/yamls/base/crds.yml +++ b/build/yamls/base/crds.yml @@ -1860,1272 +1860,3 @@ spec: shortNames: - cg --- -# Deprecated in v1.0.0. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - scope: Cluster - names: - plural: antreacontrollerinfos - singular: antreacontrollerinfo - kind: AntreaControllerInfo - shortNames: - - laci ---- -# Deprecated in v1.0.0. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com -spec: - group: clusterinformation.antrea.tanzu.vmware.com - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - scope: Cluster - names: - plural: antreaagentinfos - singular: antreaagentinfo - kind: AntreaAgentInfo - shortNames: - - laai ---- -# Deprecated in v1.0.0. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: traceflows.ops.antrea.tanzu.vmware.com -spec: - group: ops.antrea.tanzu.vmware.com - versions: - - name: v1alpha1 - served: true - storage: true - additionalPrinterColumns: - - jsonPath: .status.phase - description: The phase of the Traceflow. - name: Phase - type: string - - jsonPath: .spec.source.pod - description: The name of the source Pod. - name: Source-Pod - type: string - priority: 10 - - jsonPath: .spec.destination.pod - description: The name of the destination Pod. - name: Destination-Pod - type: string - priority: 10 - - jsonPath: .spec.destination.ip - description: The IP address of the destination. - name: Destination-IP - type: string - priority: 10 - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - schema: - openAPIV3Schema: - type: object - required: - - spec - properties: - spec: - type: object - required: - - source - properties: - source: - type: object - required: - - pod - - namespace - properties: - pod: - type: string - namespace: - type: string - destination: - type: object - properties: - pod: - type: string - service: - type: string - namespace: - type: string - ip: - type: string - oneOf: - - format: ipv4 - - format: ipv6 - packet: - type: object - properties: - ipHeader: - type: object - properties: - srcIP: - type: string - oneOf: - - format: ipv4 - - format: ipv6 - protocol: - type: integer - ttl: - type: integer - flags: - type: integer - ipv6Header: - type: object - properties: - srcIP: - type: string - format: ipv6 - nextHeader: - type: integer - hopLimit: - type: integer - transportHeader: - type: object - properties: - icmp: - type: object - properties: - id: - type: integer - sequence: - type: integer - udp: - type: object - properties: - srcPort: - type: integer - dstPort: - type: integer - tcp: - type: object - properties: - srcPort: - type: integer - dstPort: - type: integer - flags: - type: integer - status: - type: object - properties: - reason: - type: string - dataplaneTag: - type: integer - phase: - type: string - startTime: - type: string - results: - type: array - items: - type: object - properties: - node: - type: string - role: - type: string - timestamp: - type: integer - observations: - type: array - items: - type: object - properties: - component: - type: string - componentInfo: - type: string - action: - type: string - pod: - type: string - dstMAC: - type: string - networkPolicy: - type: string - ttl: - type: integer - translatedSrcIP: - type: string - translatedDstIP: - type: string - tunnelDstIP: - type: string - subresources: - status: {} - scope: Cluster - names: - plural: traceflows - singular: traceflow - kind: Traceflow - shortNames: - - ltf ---- -# Deprecated in v1.0.0. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: tiers.security.antrea.tanzu.vmware.com -spec: - group: security.antrea.tanzu.vmware.com - versions: - - name: v1alpha1 - served: true - storage: true - additionalPrinterColumns: - - name: Priority - type: integer - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - schema: - openAPIV3Schema: - type: object - properties: - spec: - required: - - priority - type: object - properties: - priority: - type: integer - minimum: 0 - maximum: 255 - description: - type: string - scope: Cluster - names: - plural: tiers - singular: tier - kind: Tier - shortNames: - - ltr ---- -# Deprecated in v1.0.0. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com -spec: - group: security.antrea.tanzu.vmware.com - versions: - - name: v1alpha1 - served: true - storage: true - additionalPrinterColumns: - - name: Tier - type: string - description: The Tier to which this ClusterNetworkPolicy belongs to. - jsonPath: .spec.tier - - name: Priority - type: number - format: float - description: The Priority of this ClusterNetworkPolicy relative to other policies. - jsonPath: .spec.priority - - name: Desired Nodes - type: number - format: int32 - description: The total number of Nodes that should realize the NetworkPolicy. - jsonPath: .status.desiredNodesRealized - - name: Current Nodes - type: number - format: int32 - description: The number of Nodes that have realized the NetworkPolicy. - jsonPath: .status.currentNodesRealized - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - schema: - openAPIV3Schema: - type: object - properties: - spec: - # Ensure that Spec.Priority field is set - required: - - priority - type: object - properties: - tier: - type: string - priority: - type: number - format: float - # Ensure that Spec.Priority field is between 1 and 10000 - minimum: 1.0 - maximum: 10000.0 - appliedTo: - type: array - items: - type: object - # Ensure that Spec.AppliedTo does not allow IPBlock field - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - group: - type: string - ingress: - type: array - items: - type: object - required: - - action - properties: - appliedTo: - type: array - items: - type: object - # Ensure that rule AppliedTo does not allow IPBlock field - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - group: - type: string - # Ensure that Action field allows only ALLOW, DROP and REJECT values - action: - type: string - enum: ['Allow', 'Drop', 'Reject', 'Pass'] - ports: - type: array - items: - type: object - properties: - protocol: - type: string - port: - x-kubernetes-int-or-string: true - endPort: - type: integer - from: - type: array - items: - type: object - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaces: - type: object - properties: - match: - type: string - ipBlock: - type: object - properties: - cidr: - type: string - format: cidr - group: - type: string - name: - type: string - enableLogging: - type: boolean - egress: - type: array - items: - type: object - required: - - action - properties: - appliedTo: - type: array - items: - type: object - # Ensure that rule AppliedTo does not allow IPBlock field - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - group: - type: string - # Ensure that Action field allows only ALLOW, DROP and REJECT values - action: - type: string - enum: ['Allow', 'Drop', 'Reject', 'Pass'] - ports: - type: array - items: - type: object - properties: - protocol: - type: string - port: - x-kubernetes-int-or-string: true - endPort: - type: integer - to: - type: array - items: - type: object - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaces: - type: object - properties: - match: - type: string - ipBlock: - type: object - properties: - cidr: - type: string - format: cidr - group: - type: string - name: - type: string - enableLogging: - type: boolean - status: - type: object - properties: - phase: - type: string - observedGeneration: - type: integer - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - subresources: - status: {} - scope: Cluster - names: - plural: clusternetworkpolicies - singular: clusternetworkpolicy - kind: ClusterNetworkPolicy - shortNames: - - lacnp ---- -# Deprecated in v1.0.0. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: networkpolicies.security.antrea.tanzu.vmware.com -spec: - group: security.antrea.tanzu.vmware.com - versions: - - name: v1alpha1 - served: true - storage: true - additionalPrinterColumns: - - name: Tier - type: string - description: The Tier to which this Antrea NetworkPolicy belongs to. - jsonPath: .spec.tier - - name: Priority - type: number - format: float - description: The Priority of this Antrea NetworkPolicy relative to other policies. - jsonPath: .spec.priority - - name: Desired Nodes - type: number - format: int32 - description: The total number of Nodes that should realize the NetworkPolicy. - jsonPath: .status.desiredNodesRealized - - name: Current Nodes - type: number - format: int32 - description: The number of Nodes that have realized the NetworkPolicy. - jsonPath: .status.currentNodesRealized - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - schema: - openAPIV3Schema: - type: object - properties: - spec: - # Ensure that Spec.Priority field is set - required: - - priority - type: object - properties: - tier: - type: string - priority: - type: number - format: float - # Ensure that Spec.Priority field is between 1 and 10000 - minimum: 1.0 - maximum: 10000.0 - appliedTo: - type: array - items: - type: object - # Ensure that Spec.AppliedTo does not allow NamespaceSelector/IPBlock field - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - ingress: - type: array - items: - type: object - required: - - action - properties: - appliedTo: - type: array - items: - type: object - # Ensure that rule AppliedTo does not allow NamespaceSelector/IPBlock field - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - # Ensure that Action field allows only ALLOW, DROP and REJECT values - action: - type: string - enum: ['Allow', 'Drop', 'Reject', 'Pass'] - ports: - type: array - items: - type: object - properties: - protocol: - type: string - port: - x-kubernetes-int-or-string: true - endPort: - type: integer - from: - type: array - items: - type: object - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - externalEntitySelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - ipBlock: - type: object - properties: - cidr: - type: string - format: cidr - name: - type: string - enableLogging: - type: boolean - egress: - type: array - items: - type: object - required: - - action - properties: - appliedTo: - type: array - items: - type: object - # Ensure that rule AppliedTo does not allow NamespaceSelector/IPBlock field - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - # Ensure that Action field allows only ALLOW, DROP and REJECT values - action: - type: string - enum: ['Allow', 'Drop', 'Reject', 'Pass'] - ports: - type: array - items: - type: object - properties: - protocol: - type: string - port: - x-kubernetes-int-or-string: true - endPort: - type: integer - to: - type: array - items: - type: object - properties: - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - externalEntitySelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - ipBlock: - type: object - properties: - cidr: - type: string - format: cidr - name: - type: string - enableLogging: - type: boolean - status: - type: object - properties: - phase: - type: string - observedGeneration: - type: integer - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - subresources: - status: {} - scope: Namespaced - names: - plural: networkpolicies - singular: networkpolicy - kind: NetworkPolicy - shortNames: - - lanp ---- -# Deprecated in v1.0.0. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - versions: - - name: v1alpha2 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - endpoints: - type: array - items: - type: object - properties: - ip: - type: string - oneOf: - - format: ipv4 - - format: ipv6 - name: - type: string - ports: - type: array - items: - type: object - properties: - protocol: - type: string - port: - x-kubernetes-int-or-string: true - name: - type: string - externalNode: - type: string - - name: v1alpha1 - served: false - storage: false - schema: - openAPIV3Schema: - type: object - scope: Namespaced - names: - plural: externalentities - singular: externalentity - kind: ExternalEntity - shortNames: - - lee ---- -# Deprecated in v1.0.0. -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clustergroups.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - versions: - - name: v1alpha2 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - childGroups: - type: array - items: - type: string - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - externalEntitySelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" - matchLabels: - x-kubernetes-preserve-unknown-fields: true - ipBlock: - type: object - properties: - cidr: - type: string - format: cidr - ipBlocks: - type: array - items: - type: object - properties: - cidr: - type: string - format: cidr - serviceReference: - type: object - properties: - name: - type: string - namespace: - type: string - status: - type: object - properties: - conditions: - type: array - items: - type: object - properties: - type: - type: string - status: - type: string - lastTransitionTime: - type: string - subresources: - status: {} - scope: Cluster - names: - plural: clustergroups - singular: group - kind: ClusterGroup - shortNames: - - lcg ---- diff --git a/cmd/antrea-agent/agent.go b/cmd/antrea-agent/agent.go index eecb52fce49..dd23164cb7c 100644 --- a/cmd/antrea-agent/agent.go +++ b/cmd/antrea-agent/agent.go @@ -88,10 +88,6 @@ func run(o *Options) error { if err != nil { return fmt.Errorf("error creating K8s clients: %v", err) } - legacyCRDClient, err := k8s.CreateLegacyCRDClient(o.config.ClientConnection, o.config.KubeAPIServerOverride) - if err != nil { - return fmt.Errorf("error creating legacy CRD client: %v", err) - } informerFactory := informers.NewSharedInformerFactory(k8sClient, informerDefaultResync) crdInformerFactory := crdinformers.NewSharedInformerFactory(crdClient, informerDefaultResync) @@ -601,7 +597,7 @@ func run(o *Options) error { networkPolicyController, o.config.APIPort) - agentMonitor := monitor.NewAgentMonitor(crdClient, legacyCRDClient, agentQuerier) + agentMonitor := monitor.NewAgentMonitor(crdClient, agentQuerier) go agentMonitor.Run(stopCh) diff --git a/cmd/antrea-controller/controller.go b/cmd/antrea-controller/controller.go index ae162691e5b..60a726591af 100644 --- a/cmd/antrea-controller/controller.go +++ b/cmd/antrea-controller/controller.go @@ -38,8 +38,6 @@ import ( "antrea.io/antrea/pkg/apiserver/storage" crdinformers "antrea.io/antrea/pkg/client/informers/externalversions" "antrea.io/antrea/pkg/clusteridentity" - "antrea.io/antrea/pkg/controller/crdmirroring" - "antrea.io/antrea/pkg/controller/crdmirroring/crdhandler" "antrea.io/antrea/pkg/controller/egress" egressstore "antrea.io/antrea/pkg/controller/egress/store" "antrea.io/antrea/pkg/controller/externalippool" @@ -53,7 +51,6 @@ import ( "antrea.io/antrea/pkg/controller/stats" "antrea.io/antrea/pkg/controller/traceflow" "antrea.io/antrea/pkg/features" - legacycrdinformers "antrea.io/antrea/pkg/legacyclient/informers/externalversions" "antrea.io/antrea/pkg/log" "antrea.io/antrea/pkg/monitor" "antrea.io/antrea/pkg/signals" @@ -123,7 +120,6 @@ func run(o *Options) error { anpInformer := crdInformerFactory.Crd().V1alpha1().NetworkPolicies() tierInformer := crdInformerFactory.Crd().V1alpha1().Tiers() tfInformer := crdInformerFactory.Crd().V1alpha1().Traceflows() - cgv1a2Informer := crdInformerFactory.Crd().V1alpha2().ClusterGroups() cgInformer := crdInformerFactory.Crd().V1alpha3().ClusterGroups() egressInformer := crdInformerFactory.Crd().V1alpha2().Egresses() externalIPPoolInformer := crdInformerFactory.Crd().V1alpha2().ExternalIPPools() @@ -143,19 +139,6 @@ func run(o *Options) error { groupEntityIndex := grouping.NewGroupEntityIndex() groupEntityController := grouping.NewGroupEntityController(groupEntityIndex, podInformer, namespaceInformer, eeInformer) - legacyCRDClient, err := k8s.CreateLegacyCRDClient(o.config.ClientConnection, "") - if err != nil { - return fmt.Errorf("error creating legacy CRD client: %v", err) - } - - legacyCRDInformerFactory := legacycrdinformers.NewSharedInformerFactory(legacyCRDClient, informerDefaultResync) - legacyANPInformer := legacyCRDInformerFactory.Security().V1alpha1().NetworkPolicies() - legacyCNPInformer := legacyCRDInformerFactory.Security().V1alpha1().ClusterNetworkPolicies() - legacyTierInformer := legacyCRDInformerFactory.Security().V1alpha1().Tiers() - legacyCGInformer := legacyCRDInformerFactory.Core().V1alpha2().ClusterGroups() - legacyEEInformer := legacyCRDInformerFactory.Core().V1alpha2().ExternalEntities() - legacyTFInformer := legacyCRDInformerFactory.Ops().V1alpha1().Traceflows() - networkPolicyController := networkpolicy.NewNetworkPolicyController(client, crdClient, groupEntityIndex, @@ -176,63 +159,11 @@ func run(o *Options) error { networkPolicyStatusController = networkpolicy.NewStatusController(crdClient, networkPolicyStore, cnpInformer, anpInformer) } - var anpMirroringController *crdmirroring.Controller - var cnpMirroringController *crdmirroring.Controller - var tierMirroringController *crdmirroring.Controller - var cgMirroringController *crdmirroring.Controller - var eeMirroringController *crdmirroring.Controller - if features.DefaultFeatureGate.Enabled(features.AntreaPolicy) && *o.config.LegacyCRDMirroring { - anpMirroringHandler := crdhandler.NewNetworkPolicyHandler(anpInformer.Lister(), - legacyANPInformer.Lister(), - crdClient, - legacyCRDClient) - anpMirroringController = crdmirroring.NewController(anpInformer.Informer(), - legacyANPInformer.Informer(), - anpMirroringHandler, - "NetworkPolicy") - - cnpMirroringHandler := crdhandler.NewClusterNetworkPolicyHandler(cnpInformer.Lister(), - legacyCNPInformer.Lister(), - crdClient.CrdV1alpha1().ClusterNetworkPolicies(), - legacyCRDClient.SecurityV1alpha1().ClusterNetworkPolicies()) - cnpMirroringController = crdmirroring.NewController(cnpInformer.Informer(), - legacyCNPInformer.Informer(), - cnpMirroringHandler, - "ClusterNetworkPolicy") - - tierMirroringHandler := crdhandler.NewTierHandler(tierInformer.Lister(), - legacyTierInformer.Lister(), - crdClient.CrdV1alpha1().Tiers(), - legacyCRDClient.SecurityV1alpha1().Tiers()) - tierMirroringController = crdmirroring.NewController(tierInformer.Informer(), - legacyTierInformer.Informer(), - tierMirroringHandler, - "Tier") - - cgMirroringHandler := crdhandler.NewClusterGroupHandler(cgv1a2Informer.Lister(), - legacyCGInformer.Lister(), - crdClient.CrdV1alpha2().ClusterGroups(), - legacyCRDClient.CoreV1alpha2().ClusterGroups()) - cgMirroringController = crdmirroring.NewController(cgv1a2Informer.Informer(), - legacyCGInformer.Informer(), - cgMirroringHandler, - "ClusterGroup") - - eeMirroringHandler := crdhandler.NewExternalEntityHandler(eeInformer.Lister(), - legacyEEInformer.Lister(), - crdClient, - legacyCRDClient) - eeMirroringController = crdmirroring.NewController(eeInformer.Informer(), - legacyEEInformer.Informer(), - eeMirroringHandler, - "ExternalEntity") - } - endpointQuerier := networkpolicy.NewEndpointQuerier(networkPolicyController) controllerQuerier := querier.NewControllerQuerier(networkPolicyController, o.config.APIPort) - controllerMonitor := monitor.NewControllerMonitor(crdClient, legacyCRDClient, nodeInformer, controllerQuerier) + controllerMonitor := monitor.NewControllerMonitor(crdClient, nodeInformer, controllerQuerier) var egressController *egress.EgressController var externalIPPoolController *externalippool.ExternalIPPoolController @@ -256,18 +187,6 @@ func run(o *Options) error { traceflowController = traceflow.NewTraceflowController(crdClient, podInformer, tfInformer) } - var traceflowMirroringController *crdmirroring.Controller - if features.DefaultFeatureGate.Enabled(features.Traceflow) && *o.config.LegacyCRDMirroring { - tfMirroringHandler := crdhandler.NewTraceflowHandler(tfInformer.Lister(), - legacyTFInformer.Lister(), - crdClient.CrdV1alpha1().Traceflows(), - legacyCRDClient.OpsV1alpha1().Traceflows()) - traceflowMirroringController = crdmirroring.NewController(tfInformer.Informer(), - legacyTFInformer.Informer(), - tfMirroringHandler, - "Traceflow") - } - // statsAggregator takes stats summaries from antrea-agents, aggregates them, and serves the Stats APIs with the // aggregated data. For now it's only used for NetworkPolicy stats. var statsAggregator *stats.Aggregator @@ -329,7 +248,6 @@ func run(o *Options) error { informerFactory.Start(stopCh) crdInformerFactory.Start(stopCh) - legacyCRDInformerFactory.Start(stopCh) go clusterIdentityAllocator.Run(stopCh) @@ -378,18 +296,6 @@ func run(o *Options) error { } } - if *o.config.LegacyCRDMirroring { - if features.DefaultFeatureGate.Enabled(features.Traceflow) { - go traceflowMirroringController.Run(stopCh) - } - if features.DefaultFeatureGate.Enabled(features.AntreaPolicy) { - go anpMirroringController.Run(stopCh) - go cnpMirroringController.Run(stopCh) - go tierMirroringController.Run(stopCh) - go cgMirroringController.Run(stopCh) - go eeMirroringController.Run(stopCh) - } - } if features.DefaultFeatureGate.Enabled(features.Egress) || features.DefaultFeatureGate.Enabled(features.ServiceExternalIP) { go externalIPPoolController.Run(stopCh) } diff --git a/cmd/antrea-controller/options.go b/cmd/antrea-controller/options.go index 6302cbd7751..ebc495cf590 100644 --- a/cmd/antrea-controller/options.go +++ b/cmd/antrea-controller/options.go @@ -22,6 +22,7 @@ import ( "github.com/spf13/pflag" "gopkg.in/yaml.v2" + "k8s.io/klog/v2" netutils "k8s.io/utils/net" "antrea.io/antrea/pkg/apis" @@ -137,6 +138,11 @@ func (o *Options) validateNodeIPAMControllerOptions() error { return fmt.Errorf("secondary service CIDR %s is invalid", o.config.NodeIPAM.ServiceCIDRv6) } } + + if o.config.LegacyCRDMirroring != nil { + klog.InfoS("The legacyCRDMirroring config option is deprecated and will be ignored (no CRD mirroring)") + } + return nil } @@ -161,10 +167,6 @@ func (o *Options) setDefaults() { o.config.SelfSignedCert = new(bool) *o.config.SelfSignedCert = true } - if o.config.LegacyCRDMirroring == nil { - o.config.LegacyCRDMirroring = new(bool) - *o.config.LegacyCRDMirroring = true - } if o.config.NodeIPAM.NodeCIDRMaskSizeIPv4 == 0 { o.config.NodeIPAM.NodeCIDRMaskSizeIPv4 = ipamIPv4MaskDefault } diff --git a/docs/api.md b/docs/api.md index 6d199ee56c3..51213c4014e 100644 --- a/docs/api.md +++ b/docs/api.md @@ -44,13 +44,6 @@ These are the API group versions which are curently available when using Antrea. | API group | API version | API Service? | Introduced in | Deprecated in / Planned Deprecation | Planned Removal | |---|---|---|---|---|---| -| `clusterinformation.antrea.tanzu.vmware.com` | `v1beta1` | No | v0.3.0 | v1.0.0 | Dec 2021 | -| `core.antrea.tanzu.vmware.com` | `v1alpha2` | No | v0.11.0 | v1.0.0 | Dec 2021 | -| `controlplane.antrea.tanzu.vmware.com` | `v1beta2` | Yes | v0.11.0 | v1.0.0 | Dec 2021 | -| `ops.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | Dec 2021 | -| `security.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | Dec 2021 | -| `stats.antrea.tanzu.vmware.com` | `v1alpha1` | Yes | v0.10.0 | v1.0.0 | Dec 2021 | -| `system.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.5.0 | v1.0.0 | Dec 2021 | | `controlplane.antrea.io` | `v1beta2` | Yes | v1.0.0 | N/A | N/A | | `stats.antrea.io` | `v1alpha1` | Yes | v1.0.0 | N/A | N/A | | `system.antrea.io` | `v1beta1` | Yes | v1.0.0 | N/A | N/A | @@ -62,15 +55,31 @@ These are the API group versions which are curently available when using Antrea. | `core.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v0.11.0 | v0.11.0 | | `networking.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.3.0 | v0.10.0 | v1.2.0 | | `controlplane.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.10.0 | v0.11.0 | v1.3.0 | +| `clusterinformation.antrea.tanzu.vmware.com` | `v1beta1` | No | v0.3.0 | v1.0.0 | v1.6.0 | +| `core.antrea.tanzu.vmware.com` | `v1alpha2` | No | v0.11.0 | v1.0.0 | v1.6.0 | +| `controlplane.antrea.tanzu.vmware.com` | `v1beta2` | Yes | v0.11.0 | v1.0.0 | v1.6.0 | +| `ops.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | v1.6.0 | +| `security.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | v1.6.0 | +| `stats.antrea.tanzu.vmware.com` | `v1alpha1` | Yes | v0.10.0 | v1.0.0 | v1.6.0 | +| `system.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.5.0 | v1.0.0 | v1.6.0 | ## API renaming from `*.antrea.tanzu.vmware.com` to `*.antrea.io` -For the v1.0 release, we undertook to rename all Antrea API to use the +For the v1.0 release, we undertook to rename all Antrea APIs to use the `antrea.io` suffix instead of the `antrea.tanzu.vmware.com` suffix. For more information about the motivations behind this undertaking, please refer to [Github issue #1715](https://github.com/antrea-io/antrea/issues/1715). -As part of this renaming, and to avoid proliferation of API groups, we have +From the v1.6 release, all legacy APIs (ending with the +`antrea.tanzu.vmware.com` suffix) have been completely removed. If you are +running an Antrea version older than v1.0 and you want to upgrade to Antrea v1.6 +or greater and migrate your API resources, you will first need to do an +intermediate upgrade to an Antrea version >= v1.0 and <= v1.5. You will then be +able to migrate all your API resources to the new (`*.antrea.io`) API, by +following the steps below. Finally, you will be able to upgrade to your desired +Antrea version (>= v1.6). + +As part of the API renaming, and to avoid proliferation of API groups, we have decided to group all the Custom Resource Definitions (CRDs) defined by Antrea in a single API group: `crd.antrea.io`. @@ -192,8 +201,17 @@ Note that for CRDs which are "owned" by Antrea, `AntreaAgentInfo` and `AntreaControllerInfo`, resources are automatically created by the Antrea components using both API versions. -All legacy API groups are planned for removal in December 2021. All versions of -Antrea released after that will no longer include support for legacy API groups -and will no longer ship with the mirroring controller. We recommend that all -applications using the Antrea API be upgraded before then using the procedure -detailed above. +### Deleting legacy Kubernetes resources after an upgrade + +After a successful upgrade from Antrea < v1.6 to Antrea >= v1.6, you may want to +manually clean up legacy Kubernetes resources which were created by an old +Antrea version but are no longer needed. Note that keeping these resource will +not impact any Antrea functions. + +To delete these legacy resources (CRDs and webhooks), run: + +```bash +kubectl get crds -o=name --no-headers=true | grep "antrea\.tanzu\.vmware\.com" | xargs kubectl delete +kubectl get mutatingwebhookconfigurations -o=name --no-headers=true | grep "antrea\.tanzu\.vmware\.com" | xargs kubectl delete +kubectl get validatingwebhookconfigurations -o=name --no-headers=true | grep "antrea\.tanzu\.vmware\.com" | xargs kubectl delete +``` diff --git a/hack/update-codegen-dockerized.sh b/hack/update-codegen-dockerized.sh index a184128f71b..797f1620ac0 100755 --- a/hack/update-codegen-dockerized.sh +++ b/hack/update-codegen-dockerized.sh @@ -107,52 +107,6 @@ $GOPATH/bin/openapi-gen \ -O zz_generated.openapi \ --go-header-file hack/boilerplate/license_header.go.txt -# Generate legacy clientset and apis code with K8s codegen tools. -$GOPATH/bin/client-gen \ - --clientset-name versioned \ - --input-base "${ANTREA_PKG}/pkg/legacyapis/" \ - --input "clusterinformation/v1beta1" \ - --input "controlplane/v1beta2" \ - --input "system/v1beta1" \ - --input "security/v1alpha1" \ - --input "core/v1alpha2" \ - --input "ops/v1alpha1" \ - --input "stats/v1alpha1" \ - --output-package "${ANTREA_PKG}/pkg/legacyclient/clientset" \ - --plural-exceptions "NetworkPolicyStats:NetworkPolicyStats" \ - --plural-exceptions "AntreaNetworkPolicyStats:AntreaNetworkPolicyStats" \ - --plural-exceptions "AntreaClusterNetworkPolicyStats:AntreaClusterNetworkPolicyStats" \ - --plural-exceptions "ClusterGroupMembers:ClusterGroupMembers" \ - --go-header-file hack/boilerplate/license_header.go.txt - -# Generate legacy listers with K8s codegen tools. -$GOPATH/bin/lister-gen \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/clusterinformation/v1beta1" \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/security/v1alpha1" \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/core/v1alpha2" \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/ops/v1alpha1" \ - --output-package "${ANTREA_PKG}/pkg/legacyclient/listers" \ - --go-header-file hack/boilerplate/license_header.go.txt - -# Generate legacy informers with K8s codegen tools. -$GOPATH/bin/informer-gen \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/clusterinformation/v1beta1" \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/security/v1alpha1" \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/core/v1alpha2" \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/ops/v1alpha1" \ - --versioned-clientset-package "${ANTREA_PKG}/pkg/legacyclient/clientset/versioned" \ - --listers-package "${ANTREA_PKG}/pkg/legacyclient/listers" \ - --output-package "${ANTREA_PKG}/pkg/legacyclient/informers" \ - --go-header-file hack/boilerplate/license_header.go.txt - -$GOPATH/bin/deepcopy-gen \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/clusterinformation/v1beta1" \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/security/v1alpha1" \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/core/v1alpha2" \ - --input-dirs "${ANTREA_PKG}/pkg/legacyapis/ops/v1alpha1" \ - -O zz_generated.deepcopy \ - --go-header-file hack/boilerplate/license_header.go.txt - # Generate mocks for testing with mockgen. MOCKGEN_TARGETS=( "pkg/agent/cniserver/ipam IPAMDriver testing" diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go index b95fbeecc94..fb66d9139c6 100644 --- a/pkg/apiserver/apiserver.go +++ b/pkg/apiserver/apiserver.go @@ -61,12 +61,6 @@ import ( "antrea.io/antrea/pkg/controller/querier" "antrea.io/antrea/pkg/controller/stats" "antrea.io/antrea/pkg/features" - legacycontrolplane "antrea.io/antrea/pkg/legacyapis/controlplane" - legacycpinstall "antrea.io/antrea/pkg/legacyapis/controlplane/install" - legacyapistats "antrea.io/antrea/pkg/legacyapis/stats" - legacystatsinstall "antrea.io/antrea/pkg/legacyapis/stats/install" - legacysysteminstall "antrea.io/antrea/pkg/legacyapis/system/install" - legacysystem "antrea.io/antrea/pkg/legacyapis/system/v1beta1" ) var ( @@ -84,10 +78,6 @@ func init() { systeminstall.Install(Scheme) statsinstall.Install(Scheme) - legacycpinstall.Install(Scheme) - legacysysteminstall.Install(Scheme) - legacystatsinstall.Install(Scheme) - // We need to add the options to empty v1, see sample-apiserver/pkg/apiserver/apiserver.go. metav1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) } @@ -207,28 +197,6 @@ func installAPIGroup(s *APIServer, c completedConfig) error { statsGroup.VersionedResourcesStorageMap["v1alpha1"] = statsStorage groups := []*genericapiserver.APIGroupInfo{&cpGroup, &systemGroup, &statsGroup} - - // legacy groups - legacyCPGroup := genericapiserver.NewDefaultAPIGroupInfo(legacycontrolplane.GroupName, Scheme, metav1.ParameterCodec, Codecs) - legacyCPv1beta2Storage := map[string]rest.Storage{} - legacyCPv1beta2Storage["addressgroups"] = addressGroupStorage - legacyCPv1beta2Storage["appliedtogroups"] = appliedToGroupStorage - legacyCPv1beta2Storage["networkpolicies"] = networkPolicyStorage - legacyCPv1beta2Storage["networkpolicies/status"] = networkPolicyStatusStorage - legacyCPv1beta2Storage["nodestatssummaries"] = nodeStatsSummaryStorage - legacyCPv1beta2Storage["groupassociations"] = groupAssociationStorage - legacyCPv1beta2Storage["clustergroupmembers"] = clusterGroupMembershipStorage - legacyCPGroup.VersionedResourcesStorageMap["v1beta2"] = legacyCPv1beta2Storage - - legacySystemGroup := genericapiserver.NewDefaultAPIGroupInfo(legacysystem.GroupName, Scheme, metav1.ParameterCodec, Codecs) - legacySystemGroup.VersionedResourcesStorageMap["v1beta1"] = systemStorage - - legacyStatsGroup := genericapiserver.NewDefaultAPIGroupInfo(legacyapistats.GroupName, Scheme, metav1.ParameterCodec, Codecs) - legacyStatsGroup.VersionedResourcesStorageMap["v1alpha1"] = statsStorage - - // legacy API groups - groups = append(groups, &legacyCPGroup, &legacySystemGroup, &legacyStatsGroup) - for _, apiGroupInfo := range groups { if err := s.GenericAPIServer.InstallAPIGroup(apiGroupInfo); err != nil { return err @@ -267,6 +235,9 @@ func CleanupDeprecatedAPIServices(aggregatorClient clientset.Interface) error { deprecatedAPIServices := []string{ "v1beta1.networking.antrea.tanzu.vmware.com", "v1beta1.controlplane.antrea.tanzu.vmware.com", + "v1alpha1.stats.antrea.tanzu.vmware.com", + "v1beta1.system.antrea.tanzu.vmware.com", + "v1beta2.controlplane.antrea.tanzu.vmware.com", } for _, as := range deprecatedAPIServices { err := aggregatorClient.ApiregistrationV1().APIServices().Delete(context.TODO(), as, metav1.DeleteOptions{}) @@ -327,19 +298,14 @@ func DefaultCAConfig() *certificate.CAConfig { return &certificate.CAConfig{ CAConfigMapName: certificate.AntreaCAConfigMapName, APIServiceNames: []string{ - "v1alpha1.stats.antrea.tanzu.vmware.com", - "v1beta2.controlplane.antrea.tanzu.vmware.com", - "v1beta1.system.antrea.tanzu.vmware.com", "v1alpha1.stats.antrea.io", "v1beta1.system.antrea.io", "v1beta2.controlplane.antrea.io", }, ValidatingWebhooks: []string{ - "crdvalidator.antrea.tanzu.vmware.com", "crdvalidator.antrea.io", }, MutationWebhooks: []string{ - "crdmutator.antrea.tanzu.vmware.com", "crdmutator.antrea.io", }, OptionalMutationWebhooks: []string{ diff --git a/pkg/config/controller/config.go b/pkg/config/controller/config.go index e32544a4fea..d7e08a358a1 100644 --- a/pkg/config/controller/config.go +++ b/pkg/config/controller/config.go @@ -63,7 +63,7 @@ type ControllerConfig struct { TLSCipherSuites string `yaml:"tlsCipherSuites,omitempty"` // TLS min version. TLSMinVersion string `yaml:"tlsMinVersion,omitempty"` - // Legacy CRD mirroring. + // Legacy CRD mirroring (deprecated). LegacyCRDMirroring *bool `yaml:"legacyCRDMirroring,omitempty"` // NodeIPAM Configuration NodeIPAM NodeIPAMConfig `yaml:"nodeIPAM"` diff --git a/pkg/controller/crdmirroring/crdhandler/clustergroup.go b/pkg/controller/crdmirroring/crdhandler/clustergroup.go deleted file mode 100644 index 4c9c9c7fbc0..00000000000 --- a/pkg/controller/crdmirroring/crdhandler/clustergroup.go +++ /dev/null @@ -1,144 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package crdhandler - -import ( - "context" - "reflect" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - crd "antrea.io/antrea/pkg/apis/crd/v1alpha2" - crdclient "antrea.io/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha2" - crdlister "antrea.io/antrea/pkg/client/listers/crd/v1alpha2" - "antrea.io/antrea/pkg/controller/crdmirroring/types" - legacycore "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - legacycoreclient "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2" - legacycorelister "antrea.io/antrea/pkg/legacyclient/listers/core/v1alpha2" -) - -type ClusterGroupHandler struct { - lister crdlister.ClusterGroupLister - legacyLister legacycorelister.ClusterGroupLister - client crdclient.ClusterGroupInterface - legacyClient legacycoreclient.ClusterGroupInterface -} - -func NewClusterGroupHandler(lister crdlister.ClusterGroupLister, - legacyLister legacycorelister.ClusterGroupLister, - client crdclient.ClusterGroupInterface, - legacyClient legacycoreclient.ClusterGroupInterface) types.MirroringHandler { - mc := &ClusterGroupHandler{ - lister: lister, - legacyLister: legacyLister, - client: client, - legacyClient: legacyClient, - } - return mc -} - -// GetNewObject gets the mirrored new ClusterGroup struct. -func (c *ClusterGroupHandler) GetNewObject(namespace, name string) (metav1.Object, error) { - return c.lister.Get(name) -} - -// AddNewObject creates the mirrored new ClusterGroup. -func (c *ClusterGroupHandler) AddNewObject(obj metav1.Object) error { - l := obj.(*legacycore.ClusterGroup) - n := c.buildNewObject(l) - _, err := c.client.Create(context.TODO(), n, metav1.CreateOptions{}) - return err -} - -// SyncObject updates the mirrored new ClusterGroup. -func (c *ClusterGroupHandler) SyncObject(legacyObj, newObj metav1.Object) error { - if !c.deepEqualSpecAndLabels(legacyObj, newObj) { - n := c.syncNewObject(legacyObj, newObj) - _, err := c.client.Update(context.TODO(), n, metav1.UpdateOptions{}) - if err != nil { - return err - } - } - - if !c.deepEqualStatus(legacyObj, newObj) { - l := c.syncLegacyObject(legacyObj, newObj) - _, err := c.legacyClient.UpdateStatus(context.TODO(), l, metav1.UpdateOptions{}) - if err != nil { - return err - } - } - return nil -} - -// DeleteNewObject deletes the mirrored new ClusterGroup. -func (c *ClusterGroupHandler) DeleteNewObject(namespace, name string) error { - return c.client.Delete(context.TODO(), name, metav1.DeleteOptions{}) -} - -// UpdateNewObject updates the mirrored new ClusterGroup. -func (c *ClusterGroupHandler) UpdateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.ClusterGroup) - _, err := c.client.Update(context.TODO(), n, metav1.UpdateOptions{}) - return err -} - -// GetLegacyObject gets the legacy ClusterGroup struct. -func (c *ClusterGroupHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { - return c.legacyLister.Get(name) -} - -// buildNewObject returns a new ClusterGroup struct. -func (c *ClusterGroupHandler) buildNewObject(obj metav1.Object) *crd.ClusterGroup { - l := obj.(*legacycore.ClusterGroup) - n := &crd.ClusterGroup{} - n.Spec = *l.Spec.DeepCopy() - setMetaData(l, n) - return n -} - -// syncNewObject syncs legacy ClusterGroup's Spec and Labels to the new ClusterGroup. -func (c *ClusterGroupHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.ClusterGroup { - l := legacyObj.(*legacycore.ClusterGroup) - n := newObj.(*crd.ClusterGroup).DeepCopy() - n.Spec = *l.Spec.DeepCopy() - n.Labels = labelsDeepCopy(l) - return n -} - -// syncLegacyObject syncs new ClusterGroup's Status to the legacy ClusterGroup. -func (c *ClusterGroupHandler) syncLegacyObject(legacyObj, newObj metav1.Object) *legacycore.ClusterGroup { - l := legacyObj.(*legacycore.ClusterGroup).DeepCopy() - n := newObj.(*crd.ClusterGroup) - l.Status = *n.Status.DeepCopy() - return l -} - -func (c *ClusterGroupHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacycore.ClusterGroup) - n := newObj.(*crd.ClusterGroup) - if !reflect.DeepEqual(l.Spec, n.Spec) { - return false - } - if !reflect.DeepEqual(l.Labels, n.Labels) { - return false - } - return true -} - -func (c *ClusterGroupHandler) deepEqualStatus(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacycore.ClusterGroup) - n := newObj.(*crd.ClusterGroup) - return reflect.DeepEqual(l.Status, n.Status) -} diff --git a/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go b/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go deleted file mode 100644 index 7f1507563ee..00000000000 --- a/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go +++ /dev/null @@ -1,144 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package crdhandler - -import ( - "context" - "reflect" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - crd "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdclient "antrea.io/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha1" - crdlister "antrea.io/antrea/pkg/client/listers/crd/v1alpha1" - "antrea.io/antrea/pkg/controller/crdmirroring/types" - legacysecurity "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - legacysecurityclient "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1" - legacysecuritylister "antrea.io/antrea/pkg/legacyclient/listers/security/v1alpha1" -) - -type ClusterNetworkPolicyHandler struct { - lister crdlister.ClusterNetworkPolicyLister - legacyLister legacysecuritylister.ClusterNetworkPolicyLister - client crdclient.ClusterNetworkPolicyInterface - legacyClient legacysecurityclient.ClusterNetworkPolicyInterface -} - -func NewClusterNetworkPolicyHandler(lister crdlister.ClusterNetworkPolicyLister, - legacyLister legacysecuritylister.ClusterNetworkPolicyLister, - client crdclient.ClusterNetworkPolicyInterface, - legacyClient legacysecurityclient.ClusterNetworkPolicyInterface) types.MirroringHandler { - mc := &ClusterNetworkPolicyHandler{ - lister: lister, - legacyLister: legacyLister, - client: client, - legacyClient: legacyClient, - } - return mc -} - -// GetNewObject gets the mirrored new ClusterNetworkPolicy struct. -func (c *ClusterNetworkPolicyHandler) GetNewObject(namespace, name string) (metav1.Object, error) { - return c.lister.Get(name) -} - -// AddNewObject creates the mirrored new ClusterNetworkPolicy. -func (c *ClusterNetworkPolicyHandler) AddNewObject(obj metav1.Object) error { - l := obj.(*legacysecurity.ClusterNetworkPolicy) - n := c.buildNewObject(l) - _, err := c.client.Create(context.TODO(), n, metav1.CreateOptions{}) - return err -} - -// SyncObject updates the mirrored new ClusterNetworkPolicy. -func (c *ClusterNetworkPolicyHandler) SyncObject(legacyObj, newObj metav1.Object) error { - if !c.deepEqualSpecAndLabels(legacyObj, newObj) { - n := c.syncNewObject(legacyObj, newObj) - _, err := c.client.Update(context.TODO(), n, metav1.UpdateOptions{}) - if err != nil { - return err - } - } - - if !c.deepEqualStatus(legacyObj, newObj) { - l := c.syncLegacyObject(legacyObj, newObj) - _, err := c.legacyClient.UpdateStatus(context.TODO(), l, metav1.UpdateOptions{}) - if err != nil { - return err - } - } - return nil -} - -// DeleteNewObject deletes the mirrored new ClusterNetworkPolicy. -func (c *ClusterNetworkPolicyHandler) DeleteNewObject(namespace, name string) error { - return c.client.Delete(context.TODO(), name, metav1.DeleteOptions{}) -} - -// UpdateNewObject updates the mirrored new ClusterGroup. -func (c *ClusterNetworkPolicyHandler) UpdateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.ClusterNetworkPolicy) - _, err := c.client.Update(context.TODO(), n, metav1.UpdateOptions{}) - return err -} - -// GetLegacyObject gets the legacy ClusterNetworkPolicy struct. -func (c *ClusterNetworkPolicyHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { - return c.legacyLister.Get(name) -} - -// buildNewObject returns a new ClusterNetworkPolicy struct. -func (c *ClusterNetworkPolicyHandler) buildNewObject(obj metav1.Object) *crd.ClusterNetworkPolicy { - l := obj.(*legacysecurity.ClusterNetworkPolicy) - n := &crd.ClusterNetworkPolicy{} - n.Spec = *l.Spec.DeepCopy() - setMetaData(l, n) - return n -} - -// syncNewObject syncs legacy ClusterNetworkPolicy' Spec and Labels to the new ClusterNetworkPolicy. -func (c *ClusterNetworkPolicyHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.ClusterNetworkPolicy { - l := legacyObj.(*legacysecurity.ClusterNetworkPolicy) - n := newObj.(*crd.ClusterNetworkPolicy).DeepCopy() - n.Spec = *l.Spec.DeepCopy() - n.Labels = labelsDeepCopy(l) - return n -} - -// syncLegacyObject syncs new ClusterNetworkPolicy's Status to the legacy ClusterNetworkPolicy. -func (c *ClusterNetworkPolicyHandler) syncLegacyObject(legacyObj, newObj metav1.Object) *legacysecurity.ClusterNetworkPolicy { - l := legacyObj.(*legacysecurity.ClusterNetworkPolicy).DeepCopy() - n := newObj.(*crd.ClusterNetworkPolicy) - l.Status = *n.Status.DeepCopy() - return l -} - -func (c *ClusterNetworkPolicyHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacysecurity.ClusterNetworkPolicy) - n := newObj.(*crd.ClusterNetworkPolicy) - if !reflect.DeepEqual(l.Spec, n.Spec) { - return false - } - if !reflect.DeepEqual(l.Labels, n.Labels) { - return false - } - return true -} - -func (c *ClusterNetworkPolicyHandler) deepEqualStatus(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacysecurity.ClusterNetworkPolicy) - n := newObj.(*crd.ClusterNetworkPolicy) - return reflect.DeepEqual(l.Status, n.Status) -} diff --git a/pkg/controller/crdmirroring/crdhandler/externalentity.go b/pkg/controller/crdmirroring/crdhandler/externalentity.go deleted file mode 100644 index bac7cee4168..00000000000 --- a/pkg/controller/crdmirroring/crdhandler/externalentity.go +++ /dev/null @@ -1,124 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package crdhandler - -import ( - "context" - "reflect" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - crd "antrea.io/antrea/pkg/apis/crd/v1alpha2" - crdclientset "antrea.io/antrea/pkg/client/clientset/versioned" - crdlister "antrea.io/antrea/pkg/client/listers/crd/v1alpha2" - "antrea.io/antrea/pkg/controller/crdmirroring/types" - legacycore "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - legacycoreclientset "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - legacycorelister "antrea.io/antrea/pkg/legacyclient/listers/core/v1alpha2" -) - -type ExternalEntityHandler struct { - lister crdlister.ExternalEntityLister - legacyLister legacycorelister.ExternalEntityLister - client crdclientset.Interface - legacyClient legacycoreclientset.Interface -} - -func NewExternalEntityHandler(lister crdlister.ExternalEntityLister, - legacyLister legacycorelister.ExternalEntityLister, - client crdclientset.Interface, - legacyClient legacycoreclientset.Interface) types.MirroringHandler { - mc := &ExternalEntityHandler{ - lister: lister, - legacyLister: legacyLister, - client: client, - legacyClient: legacyClient, - } - return mc -} - -// GetNewObject gets the mirrored new ExternalEntity struct. -func (c *ExternalEntityHandler) GetNewObject(namespace, name string) (metav1.Object, error) { - return c.lister.ExternalEntities(namespace).Get(name) -} - -// AddNewObject creates the mirrored new ExternalEntity. -func (c *ExternalEntityHandler) AddNewObject(obj metav1.Object) error { - l := obj.(*legacycore.ExternalEntity) - n := c.buildNewObject(l) - client := c.client.CrdV1alpha2().ExternalEntities(obj.GetNamespace()) - _, err := client.Create(context.TODO(), n, metav1.CreateOptions{}) - return err -} - -// SyncObject updates the mirrored new ExternalEntity. -func (c *ExternalEntityHandler) SyncObject(legacyObj, newObj metav1.Object) error { - if !c.deepEqualSpecAndLabels(legacyObj, newObj) { - n := c.syncNewObject(legacyObj, newObj) - newClient := c.client.CrdV1alpha2().ExternalEntities(legacyObj.GetNamespace()) - _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) - return err - } - return nil -} - -// DeleteNewObject deletes the mirrored new ExternalEntity. -func (c *ExternalEntityHandler) DeleteNewObject(namespace, name string) error { - client := c.client.CrdV1alpha2().ExternalEntities(namespace) - return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) -} - -// UpdateNewObject updates the mirrored new ClusterGroup. -func (c *ExternalEntityHandler) UpdateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.ExternalEntity) - client := c.client.CrdV1alpha2().ExternalEntities(newObj.GetNamespace()) - _, err := client.Update(context.TODO(), n, metav1.UpdateOptions{}) - return err -} - -// GetLegacyObject gets the legacy ExternalEntity struct. -func (c *ExternalEntityHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { - return c.legacyLister.ExternalEntities(namespace).Get(name) -} - -// buildNewObject returns a new ExternalEntity struct. -func (c *ExternalEntityHandler) buildNewObject(obj metav1.Object) *crd.ExternalEntity { - l := obj.(*legacycore.ExternalEntity) - n := &crd.ExternalEntity{} - n.Spec = *l.Spec.DeepCopy() - setMetaData(l, n) - return n -} - -// syncNewObject syncs legacy ExternalEntity' Spec and Labels to the new ExternalEntity. -func (c *ExternalEntityHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.ExternalEntity { - l := legacyObj.(*legacycore.ExternalEntity) - n := newObj.(*crd.ExternalEntity).DeepCopy() - n.Spec = *l.Spec.DeepCopy() - n.Labels = labelsDeepCopy(l) - return n -} - -func (c *ExternalEntityHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacycore.ExternalEntity) - n := newObj.(*crd.ExternalEntity) - if !reflect.DeepEqual(l.Spec, n.Spec) { - return false - } - if !reflect.DeepEqual(l.Labels, n.Labels) { - return false - } - return true -} diff --git a/pkg/controller/crdmirroring/crdhandler/networkpolicy.go b/pkg/controller/crdmirroring/crdhandler/networkpolicy.go deleted file mode 100644 index 5f6db7470e6..00000000000 --- a/pkg/controller/crdmirroring/crdhandler/networkpolicy.go +++ /dev/null @@ -1,152 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package crdhandler - -import ( - "context" - "reflect" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - crd "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdclientset "antrea.io/antrea/pkg/client/clientset/versioned" - crdlister "antrea.io/antrea/pkg/client/listers/crd/v1alpha1" - "antrea.io/antrea/pkg/controller/crdmirroring/types" - legacysecurity "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - legacysecurityclientset "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - legacysecuritylister "antrea.io/antrea/pkg/legacyclient/listers/security/v1alpha1" -) - -type NetworkPolicyHandler struct { - lister crdlister.NetworkPolicyLister - legacyLister legacysecuritylister.NetworkPolicyLister - client crdclientset.Interface - legacyClient legacysecurityclientset.Interface -} - -func NewNetworkPolicyHandler(lister crdlister.NetworkPolicyLister, - legacyLister legacysecuritylister.NetworkPolicyLister, - client crdclientset.Interface, - legacyClient legacysecurityclientset.Interface) types.MirroringHandler { - mc := &NetworkPolicyHandler{ - lister: lister, - legacyLister: legacyLister, - client: client, - legacyClient: legacyClient, - } - return mc -} - -// GetNewObject gets the mirrored new NetworkPolicy struct. -func (c *NetworkPolicyHandler) GetNewObject(namespace, name string) (metav1.Object, error) { - return c.lister.NetworkPolicies(namespace).Get(name) -} - -// AddNewObject creates the mirrored new NetworkPolicy. -func (c *NetworkPolicyHandler) AddNewObject(obj metav1.Object) error { - l := obj.(*legacysecurity.NetworkPolicy) - n := c.buildNewObject(l) - client := c.client.CrdV1alpha1().NetworkPolicies(obj.GetNamespace()) - _, err := client.Create(context.TODO(), n, metav1.CreateOptions{}) - if err != nil { - return err - } - return nil -} - -// SyncObject updates the mirrored new NetworkPolicy. -func (c *NetworkPolicyHandler) SyncObject(legacyObj, newObj metav1.Object) error { - if !c.deepEqualSpecAndLabels(legacyObj, newObj) { - n := c.syncNewObject(legacyObj, newObj) - newClient := c.client.CrdV1alpha1().NetworkPolicies(legacyObj.GetNamespace()) - _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) - if err != nil { - return err - } - } - - if !c.deepEqualStatus(legacyObj, newObj) { - l := c.syncLegacyObject(legacyObj, newObj) - legacyClient := c.legacyClient.SecurityV1alpha1().NetworkPolicies(legacyObj.GetNamespace()) - _, err := legacyClient.UpdateStatus(context.TODO(), l, metav1.UpdateOptions{}) - if err != nil { - return err - } - } - return nil -} - -// DeleteNewObject deletes the mirrored new NetworkPolicy. -func (c *NetworkPolicyHandler) DeleteNewObject(namespace, name string) error { - client := c.client.CrdV1alpha1().NetworkPolicies(namespace) - return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) -} - -// UpdateNewObject updates the mirrored new ClusterGroup. -func (c *NetworkPolicyHandler) UpdateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.NetworkPolicy) - client := c.client.CrdV1alpha1().NetworkPolicies(newObj.GetNamespace()) - _, err := client.Update(context.TODO(), n, metav1.UpdateOptions{}) - return err -} - -// GetLegacyObject gets the legacy NetworkPolicy struct. -func (c *NetworkPolicyHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { - return c.legacyLister.NetworkPolicies(namespace).Get(name) -} - -// buildNewObject returns a new NetworkPolicy struct. -func (c *NetworkPolicyHandler) buildNewObject(obj metav1.Object) *crd.NetworkPolicy { - l := obj.(*legacysecurity.NetworkPolicy) - n := &crd.NetworkPolicy{} - n.Spec = *l.Spec.DeepCopy() - setMetaData(l, n) - return n -} - -// syncNewObject syncs legacy NetworkPolicy's Spec and Labels to the new NetworkPolicy -func (c *NetworkPolicyHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.NetworkPolicy { - l := legacyObj.(*legacysecurity.NetworkPolicy) - n := newObj.(*crd.NetworkPolicy).DeepCopy() - n.Spec = *l.Spec.DeepCopy() - n.Labels = labelsDeepCopy(l) - return n -} - -// syncLegacyObject syncs new NetworkPolicy's Status to the legacy NetworkPolicy -func (c *NetworkPolicyHandler) syncLegacyObject(legacyObj, newObj metav1.Object) *legacysecurity.NetworkPolicy { - l := legacyObj.(*legacysecurity.NetworkPolicy).DeepCopy() - n := newObj.(*crd.NetworkPolicy) - l.Status = *n.Status.DeepCopy() - return l -} - -func (c *NetworkPolicyHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacysecurity.NetworkPolicy) - n := newObj.(*crd.NetworkPolicy) - if !reflect.DeepEqual(l.Spec, n.Spec) { - return false - } - if !reflect.DeepEqual(l.Labels, n.Labels) { - return false - } - return true -} - -func (c *NetworkPolicyHandler) deepEqualStatus(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacysecurity.NetworkPolicy) - n := newObj.(*crd.NetworkPolicy) - return reflect.DeepEqual(l.Status, n.Status) -} diff --git a/pkg/controller/crdmirroring/crdhandler/ops.go b/pkg/controller/crdmirroring/crdhandler/ops.go deleted file mode 100644 index d84aab14504..00000000000 --- a/pkg/controller/crdmirroring/crdhandler/ops.go +++ /dev/null @@ -1,147 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package crdhandler - -import ( - "context" - "reflect" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - crd "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdclient "antrea.io/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha1" - crdlister "antrea.io/antrea/pkg/client/listers/crd/v1alpha1" - "antrea.io/antrea/pkg/controller/crdmirroring/types" - legacyops "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - legacyopsclient "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1" - legacyopslister "antrea.io/antrea/pkg/legacyclient/listers/ops/v1alpha1" -) - -type TraceflowHandler struct { - lister crdlister.TraceflowLister - legacyLister legacyopslister.TraceflowLister - client crdclient.TraceflowInterface - legacyClient legacyopsclient.TraceflowInterface -} - -func NewTraceflowHandler(lister crdlister.TraceflowLister, - legacyLister legacyopslister.TraceflowLister, - client crdclient.TraceflowInterface, - legacyClient legacyopsclient.TraceflowInterface) types.MirroringHandler { - mc := &TraceflowHandler{ - lister: lister, - legacyLister: legacyLister, - client: client, - legacyClient: legacyClient, - } - return mc -} - -// GetNewObject gets the mirrored new Traceflow struct. -func (c *TraceflowHandler) GetNewObject(namespace, name string) (metav1.Object, error) { - return c.lister.Get(name) -} - -// AddNewObject creates the mirrored new Traceflow. -func (c *TraceflowHandler) AddNewObject(obj metav1.Object) error { - l := obj.(*legacyops.Traceflow) - n := c.buildNewObject(l) - _, err := c.client.Create(context.TODO(), n, metav1.CreateOptions{}) - if err != nil { - return err - } - return nil -} - -// SyncObject updates the mirrored new Traceflow. -func (c *TraceflowHandler) SyncObject(legacyObj, newObj metav1.Object) error { - if !c.deepEqualSpecAndLabels(legacyObj, newObj) { - n := c.syncNewObject(legacyObj, newObj) - _, err := c.client.Update(context.TODO(), n, metav1.UpdateOptions{}) - if err != nil { - return err - } - } - - if !c.deepEqualStatus(legacyObj, newObj) { - l := c.syncLegacyObject(legacyObj, newObj) - _, err := c.legacyClient.UpdateStatus(context.TODO(), l, metav1.UpdateOptions{}) - if err != nil { - return err - } - } - return nil -} - -// DeleteNewObject deletes the mirrored new Traceflow. -func (c *TraceflowHandler) DeleteNewObject(namespace, name string) error { - return c.client.Delete(context.TODO(), name, metav1.DeleteOptions{}) -} - -// UpdateNewObject updates the mirrored new ClusterGroup. -func (c *TraceflowHandler) UpdateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.Traceflow) - _, err := c.client.Update(context.TODO(), n, metav1.UpdateOptions{}) - return err -} - -// GetLegacyObject gets the legacy Traceflow struct. -func (c *TraceflowHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { - return c.legacyLister.Get(name) -} - -// buildNewObject returns a new Traceflow struct. -func (c *TraceflowHandler) buildNewObject(obj metav1.Object) *crd.Traceflow { - l := obj.(*legacyops.Traceflow) - n := &crd.Traceflow{} - n.Spec = *l.Spec.DeepCopy() - setMetaData(l, n) - return n -} - -// syncNewObject syncs legacy Traceflow's Spec and Labels to the new Traceflow. -func (c *TraceflowHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.Traceflow { - l := legacyObj.(*legacyops.Traceflow) - n := newObj.(*crd.Traceflow).DeepCopy() - n.Spec = *l.Spec.DeepCopy() - n.Labels = labelsDeepCopy(l) - return n -} - -// syncLegacyObject syncs new Traceflow's Status to the legacy Traceflow. -func (c *TraceflowHandler) syncLegacyObject(legacyObj, newObj metav1.Object) *legacyops.Traceflow { - l := legacyObj.(*legacyops.Traceflow).DeepCopy() - n := newObj.(*crd.Traceflow) - l.Status = *n.Status.DeepCopy() - return l -} - -func (c *TraceflowHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacyops.Traceflow) - n := newObj.(*crd.Traceflow) - if !reflect.DeepEqual(l.Spec, n.Spec) { - return false - } - if !reflect.DeepEqual(l.Labels, n.Labels) { - return false - } - return true -} - -func (c *TraceflowHandler) deepEqualStatus(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacyops.Traceflow) - n := newObj.(*crd.Traceflow) - return reflect.DeepEqual(l.Status, n.Status) -} diff --git a/pkg/controller/crdmirroring/crdhandler/tier.go b/pkg/controller/crdmirroring/crdhandler/tier.go deleted file mode 100644 index 88b95b1403b..00000000000 --- a/pkg/controller/crdmirroring/crdhandler/tier.go +++ /dev/null @@ -1,121 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package crdhandler - -import ( - "context" - "reflect" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - crd "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdclient "antrea.io/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha1" - crdlister "antrea.io/antrea/pkg/client/listers/crd/v1alpha1" - "antrea.io/antrea/pkg/controller/crdmirroring/types" - legacysecurity "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - legacysecurityclient "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1" - legacysecuritylister "antrea.io/antrea/pkg/legacyclient/listers/security/v1alpha1" -) - -type TierHandler struct { - lister crdlister.TierLister - legacyLister legacysecuritylister.TierLister - client crdclient.TierInterface - legacyClient legacysecurityclient.TierInterface -} - -func NewTierHandler(lister crdlister.TierLister, - legacyLister legacysecuritylister.TierLister, - client crdclient.TierInterface, - legacyClient legacysecurityclient.TierInterface) types.MirroringHandler { - mc := &TierHandler{ - lister: lister, - legacyLister: legacyLister, - client: client, - legacyClient: legacyClient, - } - return mc -} - -// GetNewObject gets the mirrored new Tier struct. -func (c *TierHandler) GetNewObject(namespace, name string) (metav1.Object, error) { - lister := c.lister - return lister.Get(name) -} - -// AddNewObject creates the mirrored new Tier. -func (c *TierHandler) AddNewObject(obj metav1.Object) error { - l := obj.(*legacysecurity.Tier) - n := c.buildNewObject(l) - _, err := c.client.Create(context.TODO(), n, metav1.CreateOptions{}) - return err -} - -// SyncObject updates the mirrored new Tier. -func (c *TierHandler) SyncObject(legacyObj, newObj metav1.Object) error { - if !c.deepEqualSpecAndLabels(legacyObj, newObj) { - n := c.syncNewObject(legacyObj, newObj) - _, err := c.client.Update(context.TODO(), n, metav1.UpdateOptions{}) - return err - } - return nil -} - -// DeleteNewObject deletes the mirrored new Tier. -func (c *TierHandler) DeleteNewObject(namespace, name string) error { - return c.client.Delete(context.TODO(), name, metav1.DeleteOptions{}) -} - -// UpdateNewObject updates the mirrored new ClusterGroup. -func (c *TierHandler) UpdateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.Tier) - _, err := c.client.Update(context.TODO(), n, metav1.UpdateOptions{}) - return err -} - -// GetLegacyObject gets the legacy Tier struct. -func (c *TierHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { - return c.legacyLister.Get(name) -} - -// buildNewObject returns a new Tier struct. -func (c *TierHandler) buildNewObject(obj metav1.Object) *crd.Tier { - l := obj.(*legacysecurity.Tier) - n := &crd.Tier{} - n.Spec = *l.Spec.DeepCopy() - setMetaData(l, n) - return n -} - -// syncNewObject syncs legacy Tier's Spec and Labels to the new Tier. -func (c *TierHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.Tier { - l := legacyObj.(*legacysecurity.Tier) - n := newObj.(*crd.Tier).DeepCopy() - n.Spec = *l.Spec.DeepCopy() - n.Labels = labelsDeepCopy(l) - return n -} - -func (c *TierHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { - l := legacyObj.(*legacysecurity.Tier) - n := newObj.(*crd.Tier) - if !reflect.DeepEqual(l.Spec, n.Spec) { - return false - } - if !reflect.DeepEqual(l.Labels, n.Labels) { - return false - } - return true -} diff --git a/pkg/controller/crdmirroring/crdhandler/utils.go b/pkg/controller/crdmirroring/crdhandler/utils.go deleted file mode 100644 index 3c7266b5509..00000000000 --- a/pkg/controller/crdmirroring/crdhandler/utils.go +++ /dev/null @@ -1,35 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -package crdhandler - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - "antrea.io/antrea/pkg/controller/crdmirroring/types" -) - -func setMetaData(legacyObj, newObj metav1.Object) { - newObj.SetLabels(labelsDeepCopy(legacyObj)) - newObj.SetName(legacyObj.GetName()) - newObj.SetNamespace(legacyObj.GetNamespace()) - newObj.SetAnnotations(map[string]string{types.ManagedBy: types.ControllerName}) -} - -func labelsDeepCopy(obj metav1.Object) map[string]string { - res := map[string]string{} - for label, val := range obj.GetLabels() { - res[label] = val - } - return res -} diff --git a/pkg/controller/crdmirroring/crdmirroring_controller.go b/pkg/controller/crdmirroring/crdmirroring_controller.go deleted file mode 100644 index 64fa0f1ccb9..00000000000 --- a/pkg/controller/crdmirroring/crdmirroring_controller.go +++ /dev/null @@ -1,331 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package crdmirroring - -import ( - "fmt" - "time" - - apierrors "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" - "k8s.io/apimachinery/pkg/util/wait" - "k8s.io/client-go/tools/cache" - "k8s.io/client-go/util/workqueue" - "k8s.io/klog/v2" - - "antrea.io/antrea/pkg/controller/crdmirroring/types" -) - -const ( - // maxRetries is the number of times a legacy CRD resource will be retried - // before it is dropped out of the queue. - maxRetries = 15 - - minRetryDelay = 5 * time.Second - maxRetryDelay = 300 * time.Second - - defaultWorkers = 4 -) - -type Controller struct { - informer cache.SharedInformer - listerSycned cache.InformerSynced - legacyInformer cache.SharedInformer - legacyListerSynced cache.InformerSynced - - workerLoopPeriod time.Duration - queue workqueue.RateLimitingInterface - - mirroringHandler types.MirroringHandler - crdName string -} - -func NewController(informer, legacyInformer cache.SharedInformer, mirroringHandler types.MirroringHandler, crdName string) *Controller { - c := &Controller{ - informer: informer, - legacyInformer: legacyInformer, - mirroringHandler: mirroringHandler, - crdName: crdName, - queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), fmt.Sprintf("%v_mirroring", crdName)), - workerLoopPeriod: time.Second, - } - - handlers := cache.ResourceEventHandlerFuncs{ - AddFunc: c.onNewCRDAdd, - UpdateFunc: c.onNewCRDUpdate, - DeleteFunc: c.onNewCRDDelete, - } - legacyHandlers := cache.ResourceEventHandlerFuncs{ - AddFunc: c.onLegacyCRDAdd, - UpdateFunc: c.onLegacyCRDUpdate, - DeleteFunc: c.onLegacyCRDDelete, - } - - c.informer.AddEventHandler(handlers) - c.listerSycned = c.informer.HasSynced - c.legacyInformer.AddEventHandler(legacyHandlers) - c.legacyListerSynced = c.legacyInformer.HasSynced - - return c -} - -func (c *Controller) Run(stopCh <-chan struct{}) { - defer utilruntime.HandleCrash() - defer c.queue.ShutDown() - - klog.Infof("Starting %vMirroringController", c.crdName) - defer klog.Infof("Shutting down %vMirroringController", c.crdName) - - if !cache.WaitForNamedCacheSync(fmt.Sprintf("%vMirroringController", c.crdName), stopCh, c.listerSycned, c.legacyListerSynced) { - return - } - - klog.Infof("Starting %d worker threads", defaultWorkers) - for i := 0; i < defaultWorkers; i++ { - go wait.Until(c.worker, c.workerLoopPeriod, stopCh) - } - - <-stopCh -} - -func (c *Controller) worker() { - for c.processNextWorkItem() { - } -} - -func (c *Controller) processNextWorkItem() bool { - cKey, quit := c.queue.Get() - if quit { - return false - } - defer c.queue.Done(cKey) - - err := c.syncMirroring(cKey.(string)) - c.handleErr(err, cKey) - - return true -} - -func (c *Controller) syncMirroring(key string) error { - startTime := time.Now() - defer func() { - klog.V(4).Infof("Finished syncing for %q legacy CRD. (%v)", key, time.Since(startTime)) - }() - - klog.V(4).Infof("Sync mirroring CRD (%q)", key) - namespace, name, err := cache.SplitMetaNamespaceKey(key) - if err != nil { - return err - } - - // Get the legacy object, and if got an error that is not "IsNotFound", return the error - legacyExist := true - legacyObj, err := c.mirroringHandler.GetLegacyObject(namespace, name) - if err != nil { - if !apierrors.IsNotFound(err) { - return fmt.Errorf("failed to get legacy %s %s/%s: %v", c.crdName, namespace, name, err) - } - legacyExist = false - } - - // Get the new object, and if got an error that is not "IsNotFound", return the error - newExist := true - newObj, err := c.mirroringHandler.GetNewObject(namespace, name) - if err != nil { - if !apierrors.IsNotFound(err) { - return fmt.Errorf("failed to get new %s %s/%s: %v", c.crdName, namespace, name, err) - } - newExist = false - } - - // If neither the old object nor the new object exists, return - if !legacyExist && !newExist { - return nil - } - - // If the legacy object annotated with "crd.antrea.io/stop-mirror" exists, and the new object does not - // exist, create a new object. - if legacyExist && !newExist { - _, exist := legacyObj.GetAnnotations()[types.StopMirror] - if !exist { - klog.V(4).Infof("New %s %s/%s not found, mirroring a new %s", c.crdName, namespace, name, c.crdName) - err = c.mirroringHandler.AddNewObject(legacyObj) - if err != nil { - return fmt.Errorf("failed to mirror new %s %s/%s:%v", c.crdName, namespace, name, err) - } - } - return nil - } - - // If the legacy object doesn't exist and the new object annotated with "crd.antrea.io/managed-by" exists, - // delete the mirrored new object. - if !legacyExist && newExist { - _, managedByController := newObj.GetAnnotations()[types.ManagedBy] - if managedByController { - klog.V(4).Infof("Legacy %s %s/%s not found, deleting the mirrored new %s", c.crdName, namespace, name, c.crdName) - err = c.mirroringHandler.DeleteNewObject(namespace, name) - if err != nil { - return fmt.Errorf("failed to delete mirrored new %s %s/%s: %v", c.crdName, namespace, name, err) - } - } - return nil - } - - // If both the legacy object and the new object exist, do something according their annotations. - _, stopMirror := legacyObj.GetAnnotations()[types.StopMirror] - _, managedByController := newObj.GetAnnotations()[types.ManagedBy] - - if managedByController { - if !stopMirror { - // Sync the legacy object's Spec and Labels to the new object. - // Sync the new object's Status to the legacy object. - klog.V(4).Infof("Sync data between legacy and new %s %s/%s", c.crdName, namespace, name) - err = c.mirroringHandler.SyncObject(legacyObj, newObj) - if err != nil { - return fmt.Errorf("failed to sync data between legacy and new %s %s/%s: %v", c.crdName, namespace, name, err) - } - } else { - // If the legacy object annotated with "crd.antrea.io/stop-mirror" and the new object annotated with "crd.antrea.io/managed-by", - // this means that user wants to stop mirroring. - klog.V(4).Infof("Update the mirrored new %s %s/%s, then mirroring is stopped", c.crdName, namespace, name) - newObjCopied := deepCopy(newObj) - delete(newObjCopied.GetAnnotations(), types.ManagedBy) - - err = c.mirroringHandler.UpdateNewObject(newObjCopied) - if err != nil { - return fmt.Errorf("failed to update the mirrored new %s %s/%s: %v", c.crdName, namespace, name, err) - } - } - } - - return nil -} - -func (c *Controller) queueCRD(obj interface{}) { - key, err := cache.DeletionHandlingMetaNamespaceKeyFunc(obj) - if err != nil { - utilruntime.HandleError(fmt.Errorf("couldn't get key for object %+v (type %T): %v", obj, obj, err)) - return - } - c.queue.Add(key) -} - -func (c *Controller) handleErr(err error, key interface{}) { - if err == nil { - c.queue.Forget(key) - return - } - - if c.queue.NumRequeues(key) < maxRetries { - klog.Warningf("Error mirroring object for %q resource, retrying. Error: %v", key, err) - c.queue.AddRateLimited(key) - return - } - - klog.Warningf("Retry budget exceeded, dropping %q resource out of the queue: %v", key, err) - c.queue.Forget(key) - utilruntime.HandleError(err) -} - -func (c *Controller) onNewCRDAdd(obj interface{}) { - crd := obj.(metav1.Object) - - _, exist := crd.GetAnnotations()[types.ManagedBy] - if exist { - klog.V(4).Infof("Processing mirroring %s %s/%s ADD event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onNewCRDUpdate(prevObj, obj interface{}) { - crd := obj.(metav1.Object) - - _, exist := crd.GetAnnotations()[types.ManagedBy] - if exist { - klog.V(4).Infof("Processing mirroring %s %s/%s UPDATE event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onNewCRDDelete(obj interface{}) { - crd := getCRDFromDeleteAction(obj) - if crd == nil { - return - } - - _, exist := crd.GetAnnotations()[types.ManagedBy] - if exist { - klog.V(4).Infof("Processing mirroring %s %s/%s DELETE event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onLegacyCRDAdd(obj interface{}) { - crd := obj.(metav1.Object) - - _, exist := crd.GetAnnotations()[types.StopMirror] - if !exist { - klog.V(4).Infof("Processing legacy %s %s/%s ADD event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onLegacyCRDUpdate(prevObj, obj interface{}) { - prevCrd := prevObj.(metav1.Object) - - _, exist := prevCrd.GetAnnotations()[types.StopMirror] - if !exist { - klog.V(4).Infof("Processing legacy %s %s/%s UPDATE event", c.crdName, prevCrd.GetNamespace(), prevCrd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onLegacyCRDDelete(obj interface{}) { - crd := getCRDFromDeleteAction(obj) - if crd == nil { - return - } - - _, exist := crd.GetAnnotations()[types.StopMirror] - if !exist { - klog.V(4).Infof("Processing legacy %s %s/%s DELETE event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func getCRDFromDeleteAction(obj interface{}) metav1.Object { - _, ok := obj.(metav1.Object) - if ok { - return obj.(metav1.Object) - } - tombstone, ok := obj.(cache.DeletedFinalStateUnknown) - if !ok { - utilruntime.HandleError(fmt.Errorf("couldn't get object from tombstone %#v", obj)) - return nil - } - - _, ok = tombstone.Obj.(metav1.Object) - if ok { - return tombstone.Obj.(metav1.Object) - } - utilruntime.HandleError(fmt.Errorf("tombstone contained object that is not an object resource: %#v", obj)) - return nil -} - -func deepCopy(obj metav1.Object) metav1.Object { - return obj.(runtime.Object).DeepCopyObject().(metav1.Object) -} diff --git a/pkg/controller/crdmirroring/crdmirroring_controller_test.go b/pkg/controller/crdmirroring/crdmirroring_controller_test.go deleted file mode 100644 index 3e4b4934855..00000000000 --- a/pkg/controller/crdmirroring/crdmirroring_controller_test.go +++ /dev/null @@ -1,1608 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package crdmirroring - -import ( - "context" - "reflect" - "sync" - "testing" - "time" - - "github.com/stretchr/testify/assert" - v1 "k8s.io/api/core/v1" - apierrors "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/util/wait" - "k8s.io/client-go/tools/cache" - - crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" - crdclientset "antrea.io/antrea/pkg/client/clientset/versioned" - fakeversioned "antrea.io/antrea/pkg/client/clientset/versioned/fake" - crdinformers "antrea.io/antrea/pkg/client/informers/externalversions" - crdv1a1lister "antrea.io/antrea/pkg/client/listers/crd/v1alpha1" - crdv1a2lister "antrea.io/antrea/pkg/client/listers/crd/v1alpha2" - "antrea.io/antrea/pkg/controller/crdmirroring/crdhandler" - "antrea.io/antrea/pkg/controller/crdmirroring/types" - legacycore "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - legacyops "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - legacysecurity "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - legacycrdclientset "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - legacyfakeversioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned/fake" - legacycrdinformers "antrea.io/antrea/pkg/legacyclient/informers/externalversions" - legacycorelister "antrea.io/antrea/pkg/legacyclient/listers/core/v1alpha2" - legacyopslister "antrea.io/antrea/pkg/legacyclient/listers/ops/v1alpha1" - legacysecuritylister "antrea.io/antrea/pkg/legacyclient/listers/security/v1alpha1" -) - -const ( - informerDefaultResync = 30 * time.Second - timeout = 2 * time.Second - mockWait = 200 * time.Millisecond - - networkPolicy = "NetworkPolicy" - clusterNetworkPolicy = "ClusterNetworkPolicy" - tier = "Tier" - clusterGroup = "ClusterGroup" - externalEntity = "ExternalEntity" - traceflow = "Traceflow" -) - -var ( - labelSelector1 = metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} - labelSelector2 = metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} - - endPoints1 = []crdv1alpha2.Endpoint{{IP: "192.168.1.1", Name: "ep1"}, {IP: "192.168.1.2", Name: "ep2"}} - endPoints2 = []crdv1alpha2.Endpoint{{IP: "172.16.1.1", Name: "ep1"}, {IP: "172.16.1.2", Name: "ep2"}} - - priority1 float64 = 100 - priority2 float64 = 200 - - spec1 = crdv1alpha1.TierSpec{Priority: 100, Description: "test1"} - spec2 = crdv1alpha1.TierSpec{Priority: 200, Description: "test2"} - - source1 = crdv1alpha1.Source{Namespace: "test-namespace", Pod: "test-pod1"} - source2 = crdv1alpha1.Source{Namespace: "test-namespace", Pod: "test-pod2"} - - conditions = []crdv1alpha2.GroupCondition{ - { - Type: crdv1alpha2.GroupConditionType("test"), - Status: v1.ConditionStatus("test"), - LastTransitionTime: metav1.Time{Time: time.Now()}, - }, - } - - npStatus = crdv1alpha1.NetworkPolicyStatus{ - Phase: "test", ObservedGeneration: 1, - CurrentNodesRealized: 1, - DesiredNodesRealized: 3, - } - tfStatus = crdv1alpha1.TraceflowStatus{Phase: "test", Reason: "test", DataplaneTag: 1} -) - -type mirroringController struct { - *Controller - client *fakeversioned.Clientset - legacyClient *legacyfakeversioned.Clientset - informerFactory crdinformers.SharedInformerFactory - legacyInformerFactory legacycrdinformers.SharedInformerFactory - testHandler mirroringTestHandler - wg *sync.WaitGroup -} - -func newMirroringController(crdName string) *mirroringController { - client := fakeversioned.NewSimpleClientset() - legacyClient := legacyfakeversioned.NewSimpleClientset() - crdInformerFactory := crdinformers.NewSharedInformerFactory(client, informerDefaultResync) - legacyCRDInformerFactory := legacycrdinformers.NewSharedInformerFactory(legacyClient, informerDefaultResync) - - var mirroringHandler types.MirroringHandler - var informer, legacyInformer cache.SharedInformer - var wg sync.WaitGroup - m := &mirroringController{} - - switch crdName { - case networkPolicy: - crdInformer := crdInformerFactory.Crd().V1alpha1().NetworkPolicies() - legacyCRDInformer := legacyCRDInformerFactory.Security().V1alpha1().NetworkPolicies() - informer = crdInformer.Informer() - legacyInformer = legacyCRDInformer.Informer() - - m.testHandler = NewNetworkPolicyTestHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client, - legacyClient) - mirroringHandler = crdhandler.NewNetworkPolicyHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client, - legacyClient) - - case clusterNetworkPolicy: - crdInformer := crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies() - legacyCRDInformer := legacyCRDInformerFactory.Security().V1alpha1().ClusterNetworkPolicies() - informer = crdInformer.Informer() - legacyInformer = legacyCRDInformer.Informer() - - m.testHandler = NewClusterNetworkPolicyTestHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client, - legacyClient) - mirroringHandler = crdhandler.NewClusterNetworkPolicyHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client.CrdV1alpha1().ClusterNetworkPolicies(), - legacyClient.SecurityV1alpha1().ClusterNetworkPolicies()) - - case tier: - crdInformer := crdInformerFactory.Crd().V1alpha1().Tiers() - legacyCRDInformer := legacyCRDInformerFactory.Security().V1alpha1().Tiers() - informer = crdInformer.Informer() - legacyInformer = legacyCRDInformer.Informer() - - m.testHandler = NewTierTestHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client, - legacyClient) - mirroringHandler = crdhandler.NewTierHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client.CrdV1alpha1().Tiers(), - legacyClient.SecurityV1alpha1().Tiers()) - - case clusterGroup: - crdInformer := crdInformerFactory.Crd().V1alpha2().ClusterGroups() - legacyCRDInformer := legacyCRDInformerFactory.Core().V1alpha2().ClusterGroups() - informer = crdInformer.Informer() - legacyInformer = legacyCRDInformer.Informer() - - m.testHandler = NewClusterGroupTestHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client, - legacyClient) - mirroringHandler = crdhandler.NewClusterGroupHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client.CrdV1alpha2().ClusterGroups(), - legacyClient.CoreV1alpha2().ClusterGroups()) - - case externalEntity: - crdInformer := crdInformerFactory.Crd().V1alpha2().ExternalEntities() - legacyCRDInformer := legacyCRDInformerFactory.Core().V1alpha2().ExternalEntities() - informer = crdInformer.Informer() - legacyInformer = legacyCRDInformer.Informer() - - m.testHandler = NewExternalEntityTestHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client, - legacyClient) - mirroringHandler = crdhandler.NewExternalEntityHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client, - legacyClient) - - case traceflow: - crdInformer := crdInformerFactory.Crd().V1alpha1().Traceflows() - legacyCRDInformer := legacyCRDInformerFactory.Ops().V1alpha1().Traceflows() - informer = crdInformer.Informer() - legacyInformer = legacyCRDInformer.Informer() - - m.testHandler = NewTraceflowTestHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client, - legacyClient) - mirroringHandler = crdhandler.NewTraceflowHandler(crdInformer.Lister(), - legacyCRDInformer.Lister(), - client.CrdV1alpha1().Traceflows(), - legacyClient.OpsV1alpha1().Traceflows()) - } - - c := NewController(informer, legacyInformer, mirroringHandler, crdName) - - m.Controller = c - m.client = client - m.legacyClient = legacyClient - m.informerFactory = crdInformerFactory - m.legacyInformerFactory = legacyCRDInformerFactory - m.wg = &wg - - return m -} - -func buildObj(crdName, namespace, name string) metav1.Object { - var obj metav1.Object - - switch crdName { - case networkPolicy: - obj = &legacysecurity.NetworkPolicy{} - obj.SetNamespace(namespace) - obj.(*legacysecurity.NetworkPolicy).Spec.Priority = priority1 - case clusterNetworkPolicy: - obj = &legacysecurity.ClusterNetworkPolicy{} - obj.(*legacysecurity.ClusterNetworkPolicy).Spec.Priority = priority1 - case tier: - obj = &legacysecurity.Tier{} - obj.(*legacysecurity.Tier).Spec = spec1 - case clusterGroup: - obj = &legacycore.ClusterGroup{} - obj.(*legacycore.ClusterGroup).Spec.PodSelector = &labelSelector1 - case externalEntity: - obj = &legacycore.ExternalEntity{} - obj.SetNamespace(namespace) - obj.(*legacycore.ExternalEntity).Spec.Endpoints = endPoints1 - case traceflow: - obj = &legacyops.Traceflow{} - obj.(*legacyops.Traceflow).Spec.Source = source1 - } - obj.SetName(name) - obj.SetLabels(map[string]string{}) // init labels - - return obj -} - -func updateLegacyObj(crdName string, obj metav1.Object) metav1.Object { - res := deepCopy(obj) - switch crdName { - case networkPolicy: - res.(*legacysecurity.NetworkPolicy).Spec.Priority = priority2 - case clusterNetworkPolicy: - res.(*legacysecurity.ClusterNetworkPolicy).Spec.Priority = priority2 - case tier: - res.(*legacysecurity.Tier).Spec = spec2 - case clusterGroup: - res.(*legacycore.ClusterGroup).Spec.PodSelector = &labelSelector2 - case externalEntity: - res.(*legacycore.ExternalEntity).Spec.Endpoints = endPoints2 - case traceflow: - res.(*legacyops.Traceflow).Spec.Source = source2 - } - return res -} - -func updateLegacyObjAnnotation(obj metav1.Object) metav1.Object { - res := deepCopy(obj) - res.SetAnnotations(map[string]string{types.StopMirror: "true"}) - return res -} - -func updateNewObj(crdName string, obj metav1.Object) metav1.Object { - res := deepCopy(obj) - switch crdName { - case networkPolicy: - res.(*crdv1alpha1.NetworkPolicy).Spec.Priority = priority2 - case clusterNetworkPolicy: - res.(*crdv1alpha1.ClusterNetworkPolicy).Spec.Priority = priority2 - case tier: - res.(*crdv1alpha1.Tier).DeepCopy().Spec = spec2 - case clusterGroup: - res.(*crdv1alpha2.ClusterGroup).Spec.PodSelector = &labelSelector2 - case externalEntity: - res.(*crdv1alpha2.ExternalEntity).Spec.Endpoints = endPoints2 - case traceflow: - res.(*crdv1alpha1.Traceflow).Spec.Source = source2 - } - return res -} - -func updateNewObjStatus(crdName string, obj metav1.Object) metav1.Object { - res := deepCopy(obj) - switch crdName { - case networkPolicy: - res.(*crdv1alpha1.NetworkPolicy).Status = npStatus - case clusterNetworkPolicy: - res.(*crdv1alpha1.ClusterNetworkPolicy).Status = npStatus - case clusterGroup: - res.(*crdv1alpha2.ClusterGroup).Status.Conditions = conditions - case traceflow: - res.(*crdv1alpha1.Traceflow).Status = tfStatus - } - return res -} - -func assertSpec(t *testing.T, crdName string, expectedObj, res metav1.Object) { - switch crdName { - case networkPolicy: - assert.Equal(t, expectedObj.(*legacysecurity.NetworkPolicy).Spec, res.(*crdv1alpha1.NetworkPolicy).Spec) - case clusterNetworkPolicy: - assert.Equal(t, expectedObj.(*legacysecurity.ClusterNetworkPolicy).Spec, res.(*crdv1alpha1.ClusterNetworkPolicy).Spec) - case tier: - assert.Equal(t, expectedObj.(*legacysecurity.Tier).Spec, res.(*crdv1alpha1.Tier).Spec) - case clusterGroup: - assert.Equal(t, expectedObj.(*legacycore.ClusterGroup).Spec, res.(*crdv1alpha2.ClusterGroup).Spec) - case externalEntity: - assert.Equal(t, expectedObj.(*legacycore.ExternalEntity).Spec, res.(*crdv1alpha2.ExternalEntity).Spec) - case traceflow: - assert.Equal(t, expectedObj.(*legacyops.Traceflow).Spec, res.(*crdv1alpha1.Traceflow).Spec) - } -} - -type mirroringTestHandler interface { - LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) - LegacyDeleteAndWait(namespace, name string) error - LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) - NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) - NewDeleteAndWait(namespace, name string) error - NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) - NewUpdateStatusAndWait(res metav1.Object) error -} - -// ClusterGroup -type ClusterGroupTestHandler struct { - lister crdv1a2lister.ClusterGroupLister - client crdclientset.Interface - legacyLister legacycorelister.ClusterGroupLister - legacyClient legacycrdclientset.Interface -} - -func NewClusterGroupTestHandler(lister crdv1a2lister.ClusterGroupLister, - legacyLister legacycorelister.ClusterGroupLister, - client crdclientset.Interface, - legacyClient legacycrdclientset.Interface) *ClusterGroupTestHandler { - nt := &ClusterGroupTestHandler{ - client: client, - lister: lister, - legacyClient: legacyClient, - legacyLister: legacyLister, - } - return nt -} - -func (c *ClusterGroupTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacycore.ClusterGroup) - _, err := c.legacyClient.CoreV1alpha2().ClusterGroups().Create(context.TODO(), crd, metav1.CreateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *ClusterGroupTestHandler) LegacyDeleteAndWait(namespace, name string) error { - err := c.legacyClient.CoreV1alpha2().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - err = c.waitForNewDeleted(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *ClusterGroupTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacycore.ClusterGroup) - _, err := c.legacyClient.CoreV1alpha2().ClusterGroups().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *ClusterGroupTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { - crd := obj.(*legacycore.ClusterGroup) - res1, err := c.legacyClient.CoreV1alpha2().ClusterGroups().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, nil, err - } - - res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, nil, err - } - return res1, res2, nil -} - -func (c *ClusterGroupTestHandler) NewDeleteAndWait(namespace, name string) error { - err := c.client.CrdV1alpha2().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - time.Sleep(mockWait) - _, err = c.waitForNewReady(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *ClusterGroupTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { - crd := newObj.(*crdv1alpha2.ClusterGroup) - lCRD := legacyObj.(*legacycore.ClusterGroup) - _, err := c.client.CrdV1alpha2().ClusterGroups().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - - time.Sleep(mockWait) - res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) - if err != nil { - return nil, err - } - - return res, nil -} - -func (c *ClusterGroupTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { - crd := obj.(*crdv1alpha2.ClusterGroup) - _, err := c.client.CrdV1alpha2().ClusterGroups().UpdateStatus(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return err - } - - time.Sleep(mockWait) - err = c.waitForLegacyUpdated(crd.Namespace, crd.Name, crd.Status, timeout) - if err != nil { - return err - } - return nil -} - -func (c *ClusterGroupTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha2.ClusterGroup, error) { - var crd *crdv1alpha2.ClusterGroup - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err != nil { - return false, nil - } - return true, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *ClusterGroupTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - _, err = c.lister.Get(name) - if err != nil && apierrors.IsNotFound(err) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *ClusterGroupTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha2.GroupSpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha2.ClusterGroup - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { - return true, nil - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *ClusterGroupTestHandler) waitForLegacyUpdated(namespace, name string, status crdv1alpha2.GroupStatus, timeout time.Duration) error { - var crd *legacycore.ClusterGroup - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.legacyLister.Get(name) - if err == nil && reflect.DeepEqual(crd.Status, status) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *ClusterGroupTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha2.ClusterGroup - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err == nil { - if _, exist := crd.Annotations[types.ManagedBy]; !exist { - return true, nil - } - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -// ExternalEntityTestHandler -type ExternalEntityTestHandler struct { - lister crdv1a2lister.ExternalEntityLister - client crdclientset.Interface - legacyLister legacycorelister.ExternalEntityLister - legacyClient legacycrdclientset.Interface -} - -func NewExternalEntityTestHandler(lister crdv1a2lister.ExternalEntityLister, - legacyLister legacycorelister.ExternalEntityLister, - client crdclientset.Interface, - legacyClient legacycrdclientset.Interface) *ExternalEntityTestHandler { - nt := &ExternalEntityTestHandler{ - client: client, - lister: lister, - legacyClient: legacyClient, - legacyLister: legacyLister, - } - return nt -} - -func (c *ExternalEntityTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacycore.ExternalEntity) - _, err := c.legacyClient.CoreV1alpha2().ExternalEntities(crd.Namespace).Create(context.TODO(), crd, metav1.CreateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *ExternalEntityTestHandler) LegacyDeleteAndWait(namespace, name string) error { - err := c.legacyClient.CoreV1alpha2().ExternalEntities(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - err = c.waitForNewDeleted(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *ExternalEntityTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacycore.ExternalEntity) - _, err := c.legacyClient.CoreV1alpha2().ExternalEntities(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *ExternalEntityTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { - crd := obj.(*legacycore.ExternalEntity) - res1, err := c.legacyClient.CoreV1alpha2().ExternalEntities(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, nil, err - } - - res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, nil, err - } - return res1, res2, nil -} - -func (c *ExternalEntityTestHandler) NewDeleteAndWait(namespace, name string) error { - err := c.client.CrdV1alpha2().ExternalEntities(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - time.Sleep(mockWait) - _, err = c.waitForNewReady(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *ExternalEntityTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { - crd := newObj.(*crdv1alpha2.ExternalEntity) - lCRD := legacyObj.(*legacycore.ExternalEntity) - _, err := c.client.CrdV1alpha2().ExternalEntities(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - - time.Sleep(mockWait) - res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) - if err != nil { - return nil, err - } - - return res, nil -} - -func (c *ExternalEntityTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { - return nil -} - -func (c *ExternalEntityTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha2.ExternalEntity, error) { - var crd *crdv1alpha2.ExternalEntity - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.ExternalEntities(namespace).Get(name) - if err != nil { - return false, nil - } - return true, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *ExternalEntityTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - _, err = c.lister.ExternalEntities(namespace).Get(name) - if err != nil && apierrors.IsNotFound(err) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *ExternalEntityTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha2.ExternalEntitySpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha2.ExternalEntity - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.ExternalEntities(namespace).Get(name) - if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { - return true, nil - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *ExternalEntityTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha2.ExternalEntity - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.ExternalEntities(namespace).Get(name) - if err == nil { - if _, exist := crd.Annotations[types.ManagedBy]; !exist { - return true, nil - } - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -// NetworkPolicyTestHandler -type NetworkPolicyTestHandler struct { - lister crdv1a1lister.NetworkPolicyLister - client crdclientset.Interface - legacyLister legacysecuritylister.NetworkPolicyLister - legacyClient legacycrdclientset.Interface -} - -func NewNetworkPolicyTestHandler(lister crdv1a1lister.NetworkPolicyLister, - legacyLister legacysecuritylister.NetworkPolicyLister, - client crdclientset.Interface, - legacyClient legacycrdclientset.Interface) *NetworkPolicyTestHandler { - nt := &NetworkPolicyTestHandler{ - client: client, - lister: lister, - legacyClient: legacyClient, - legacyLister: legacyLister, - } - return nt -} - -func (c *NetworkPolicyTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacysecurity.NetworkPolicy) - _, err := c.legacyClient.SecurityV1alpha1().NetworkPolicies(crd.Namespace).Create(context.TODO(), crd, metav1.CreateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *NetworkPolicyTestHandler) LegacyDeleteAndWait(namespace, name string) error { - err := c.legacyClient.SecurityV1alpha1().NetworkPolicies(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - err = c.waitForNewDeleted(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *NetworkPolicyTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacysecurity.NetworkPolicy) - _, err := c.legacyClient.SecurityV1alpha1().NetworkPolicies(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *NetworkPolicyTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { - crd := obj.(*legacysecurity.NetworkPolicy) - res1, err := c.legacyClient.SecurityV1alpha1().NetworkPolicies(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, nil, err - } - - res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, nil, err - } - return res1, res2, nil -} - -func (c *NetworkPolicyTestHandler) NewDeleteAndWait(namespace, name string) error { - err := c.client.CrdV1alpha1().NetworkPolicies(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - time.Sleep(mockWait) - _, err = c.waitForNewReady(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *NetworkPolicyTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { - crd := newObj.(*crdv1alpha1.NetworkPolicy) - lCRD := legacyObj.(*legacysecurity.NetworkPolicy) - _, err := c.client.CrdV1alpha1().NetworkPolicies(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - - time.Sleep(mockWait) - res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) - if err != nil { - return nil, err - } - - return res, nil -} - -func (c *NetworkPolicyTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { - crd := obj.(*crdv1alpha1.NetworkPolicy) - _, err := c.client.CrdV1alpha1().NetworkPolicies(crd.Namespace).UpdateStatus(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return err - } - - time.Sleep(mockWait) - err = c.waitForLegacyUpdated(crd.Namespace, crd.Name, crd.Status, timeout) - if err != nil { - return err - } - return nil -} - -func (c *NetworkPolicyTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha1.NetworkPolicy, error) { - var crd *crdv1alpha1.NetworkPolicy - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.NetworkPolicies(namespace).Get(name) - if err != nil { - return false, nil - } - return true, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *NetworkPolicyTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - _, err = c.lister.NetworkPolicies(namespace).Get(name) - if err != nil && apierrors.IsNotFound(err) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *NetworkPolicyTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha1.NetworkPolicySpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha1.NetworkPolicy - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.NetworkPolicies(namespace).Get(name) - if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { - return true, nil - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *NetworkPolicyTestHandler) waitForLegacyUpdated(namespace, name string, status crdv1alpha1.NetworkPolicyStatus, timeout time.Duration) error { - var crd *legacysecurity.NetworkPolicy - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.legacyLister.NetworkPolicies(namespace).Get(name) - if err == nil && reflect.DeepEqual(crd.Status, status) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *NetworkPolicyTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha1.NetworkPolicy - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.NetworkPolicies(namespace).Get(name) - if err == nil { - if _, exist := crd.Annotations[types.ManagedBy]; !exist { - return true, nil - } - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -// ClusterNetworkPolicyTestHandler -type ClusterNetworkPolicyTestHandler struct { - lister crdv1a1lister.ClusterNetworkPolicyLister - client crdclientset.Interface - legacyLister legacysecuritylister.ClusterNetworkPolicyLister - legacyClient legacycrdclientset.Interface -} - -func NewClusterNetworkPolicyTestHandler(lister crdv1a1lister.ClusterNetworkPolicyLister, - legacyLister legacysecuritylister.ClusterNetworkPolicyLister, - client crdclientset.Interface, - legacyClient legacycrdclientset.Interface) *ClusterNetworkPolicyTestHandler { - nt := &ClusterNetworkPolicyTestHandler{ - client: client, - lister: lister, - legacyClient: legacyClient, - legacyLister: legacyLister, - } - return nt -} - -func (c *ClusterNetworkPolicyTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacysecurity.ClusterNetworkPolicy) - _, err := c.legacyClient.SecurityV1alpha1().ClusterNetworkPolicies().Create(context.TODO(), crd, metav1.CreateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *ClusterNetworkPolicyTestHandler) LegacyDeleteAndWait(namespace, name string) error { - err := c.legacyClient.SecurityV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - err = c.waitForNewDeleted(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *ClusterNetworkPolicyTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacysecurity.ClusterNetworkPolicy) - _, err := c.legacyClient.SecurityV1alpha1().ClusterNetworkPolicies().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *ClusterNetworkPolicyTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { - crd := obj.(*legacysecurity.ClusterNetworkPolicy) - res1, err := c.legacyClient.SecurityV1alpha1().ClusterNetworkPolicies().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, nil, err - } - - res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, nil, err - } - return res1, res2, nil -} - -func (c *ClusterNetworkPolicyTestHandler) NewDeleteAndWait(namespace, name string) error { - err := c.client.CrdV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - time.Sleep(mockWait) - _, err = c.waitForNewReady(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *ClusterNetworkPolicyTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { - crd := newObj.(*crdv1alpha1.ClusterNetworkPolicy) - lCRD := legacyObj.(*legacysecurity.ClusterNetworkPolicy) - _, err := c.client.CrdV1alpha1().ClusterNetworkPolicies().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - - time.Sleep(mockWait) - res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) - if err != nil { - return nil, err - } - - return res, nil -} - -func (c *ClusterNetworkPolicyTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { - crd := obj.(*crdv1alpha1.ClusterNetworkPolicy) - _, err := c.client.CrdV1alpha1().ClusterNetworkPolicies().UpdateStatus(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return err - } - - time.Sleep(mockWait) - err = c.waitForLegacyUpdated(crd.Namespace, crd.Name, crd.Status, timeout) - if err != nil { - return err - } - return nil -} - -func (c *ClusterNetworkPolicyTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha1.ClusterNetworkPolicy, error) { - var crd *crdv1alpha1.ClusterNetworkPolicy - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err != nil { - return false, nil - } - return true, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *ClusterNetworkPolicyTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - _, err = c.lister.Get(name) - if err != nil && apierrors.IsNotFound(err) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *ClusterNetworkPolicyTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha1.ClusterNetworkPolicySpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha1.ClusterNetworkPolicy - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { - return true, nil - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *ClusterNetworkPolicyTestHandler) waitForLegacyUpdated(namespace, name string, status crdv1alpha1.NetworkPolicyStatus, timeout time.Duration) error { - var crd *legacysecurity.ClusterNetworkPolicy - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.legacyLister.Get(name) - if err == nil && reflect.DeepEqual(crd.Status, status) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *ClusterNetworkPolicyTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha1.ClusterNetworkPolicy - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err == nil { - if _, exist := crd.Annotations[types.ManagedBy]; !exist { - return true, nil - } - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -// TierTestHandler -type TierTestHandler struct { - lister crdv1a1lister.TierLister - client crdclientset.Interface - legacyLister legacysecuritylister.TierLister - legacyClient legacycrdclientset.Interface -} - -func NewTierTestHandler(lister crdv1a1lister.TierLister, - legacyLister legacysecuritylister.TierLister, - client crdclientset.Interface, - legacyClient legacycrdclientset.Interface) *TierTestHandler { - nt := &TierTestHandler{ - client: client, - lister: lister, - legacyClient: legacyClient, - legacyLister: legacyLister, - } - return nt -} - -func (c *TierTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacysecurity.Tier) - _, err := c.legacyClient.SecurityV1alpha1().Tiers().Create(context.TODO(), crd, metav1.CreateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *TierTestHandler) LegacyDeleteAndWait(namespace, name string) error { - err := c.legacyClient.SecurityV1alpha1().Tiers().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - err = c.waitForNewDeleted(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *TierTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacysecurity.Tier) - _, err := c.legacyClient.SecurityV1alpha1().Tiers().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *TierTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { - crd := obj.(*legacysecurity.Tier) - res1, err := c.legacyClient.SecurityV1alpha1().Tiers().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, nil, err - } - - res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, nil, err - } - return res1, res2, nil -} - -func (c *TierTestHandler) NewDeleteAndWait(namespace, name string) error { - err := c.client.CrdV1alpha1().Tiers().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - time.Sleep(mockWait) - _, err = c.waitForNewReady(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *TierTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { - crd := newObj.(*crdv1alpha1.Tier) - lCRD := legacyObj.(*legacysecurity.Tier) - _, err := c.client.CrdV1alpha1().Tiers().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - - time.Sleep(mockWait) - res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) - if err != nil { - return nil, err - } - - return res, nil -} - -func (c *TierTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { - return nil -} - -func (c *TierTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha1.Tier, error) { - var crd *crdv1alpha1.Tier - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err != nil { - return false, nil - } - return true, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *TierTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - _, err = c.lister.Get(name) - if err != nil && apierrors.IsNotFound(err) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *TierTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha1.TierSpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha1.Tier - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { - return true, nil - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *TierTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha1.Tier - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err == nil { - if _, exist := crd.Annotations[types.ManagedBy]; !exist { - return true, nil - } - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -// TraceflowTestHandler -type TraceflowTestHandler struct { - lister crdv1a1lister.TraceflowLister - client crdclientset.Interface - legacyLister legacyopslister.TraceflowLister - legacyClient legacycrdclientset.Interface -} - -func NewTraceflowTestHandler(lister crdv1a1lister.TraceflowLister, - legacyLister legacyopslister.TraceflowLister, - client crdclientset.Interface, - legacyClient legacycrdclientset.Interface) *TraceflowTestHandler { - nt := &TraceflowTestHandler{ - client: client, - lister: lister, - legacyClient: legacyClient, - legacyLister: legacyLister, - } - return nt -} - -func (c *TraceflowTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacyops.Traceflow) - _, err := c.legacyClient.OpsV1alpha1().Traceflows().Create(context.TODO(), crd, metav1.CreateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *TraceflowTestHandler) LegacyDeleteAndWait(namespace, name string) error { - err := c.legacyClient.OpsV1alpha1().Traceflows().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - err = c.waitForNewDeleted(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *TraceflowTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { - crd := obj.(*legacyops.Traceflow) - _, err := c.legacyClient.OpsV1alpha1().Traceflows().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) - if err != nil { - return nil, err - } - return res, nil -} - -func (c *TraceflowTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { - crd := obj.(*legacyops.Traceflow) - res1, err := c.legacyClient.OpsV1alpha1().Traceflows().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, nil, err - } - - res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) - if err != nil { - return nil, nil, err - } - return res1, res2, nil -} - -func (c *TraceflowTestHandler) NewDeleteAndWait(namespace, name string) error { - err := c.client.CrdV1alpha1().Traceflows().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return err - } - time.Sleep(mockWait) - _, err = c.waitForNewReady(namespace, name, timeout) - if err != nil { - return err - } - return nil -} - -func (c *TraceflowTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { - crd := newObj.(*crdv1alpha1.Traceflow) - lCRD := legacyObj.(*legacyops.Traceflow) - _, err := c.client.CrdV1alpha1().Traceflows().Update(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return nil, err - } - - time.Sleep(mockWait) - res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) - if err != nil { - return nil, err - } - - return res, nil -} - -func (c *TraceflowTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { - crd := obj.(*crdv1alpha1.Traceflow) - _, err := c.client.CrdV1alpha1().Traceflows().UpdateStatus(context.TODO(), crd, metav1.UpdateOptions{}) - if err != nil { - return err - } - - time.Sleep(mockWait) - err = c.waitForLegacyUpdated(crd.Namespace, crd.Name, crd.Status, timeout) - if err != nil { - return err - } - return nil -} - -func (c *TraceflowTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha1.Traceflow, error) { - var crd *crdv1alpha1.Traceflow - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err != nil { - return false, nil - } - return true, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *TraceflowTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - _, err = c.lister.Get(name) - if err != nil && apierrors.IsNotFound(err) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *TraceflowTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha1.TraceflowSpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha1.Traceflow - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { - return true, nil - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -func (c *TraceflowTestHandler) waitForLegacyUpdated(namespace, name string, status crdv1alpha1.TraceflowStatus, timeout time.Duration) error { - var crd *legacyops.Traceflow - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.legacyLister.Get(name) - if err == nil && reflect.DeepEqual(crd.Status, status) { - return true, nil - } - return false, nil - }); err != nil { - return err - } - return nil -} - -func (c *TraceflowTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { - var crd *crdv1alpha1.Traceflow - var err error - if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - crd, err = c.lister.Get(name) - if err == nil { - if _, exist := crd.Annotations[types.ManagedBy]; !exist { - return true, nil - } - } - return false, nil - }); err != nil { - return nil, err - } - return crd, nil -} - -// mirroringController -func (c *mirroringController) testLegacyAdd(t *testing.T) { - name := "legacy-add" - namespace := "test" - defer c.wg.Done() - - expectedObj := buildObj(c.crdName, namespace, name) - resObj, err := c.testHandler.LegacyAddAndWait(expectedObj) - if err != nil { - t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) - } - - assert.NotNil(t, resObj) - assert.Equal(t, expectedObj.GetName(), resObj.GetName()) - assert.Equal(t, expectedObj.GetLabels(), resObj.GetLabels()) - assertSpec(t, c.crdName, expectedObj, resObj) -} - -func (c *mirroringController) testLegacyDelete(t *testing.T) { - name := "legacy-delete" - namespace := "test" - defer c.wg.Done() - - obj := buildObj(c.crdName, namespace, name) - _, err := c.testHandler.LegacyAddAndWait(obj) - if err != nil { - t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) - } - - err = c.testHandler.LegacyDeleteAndWait(namespace, name) - if err != nil { - t.Fatalf("Expected no error running LegacyDeleteAndWait, got %v", err) - } -} - -func (c *mirroringController) testLegacyUpdate(t *testing.T) { - name := "legacy-update" - namespace := "test" - defer c.wg.Done() - - obj := buildObj(c.crdName, namespace, name) - _, err := c.testHandler.LegacyAddAndWait(obj) - if err != nil { - t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) - } - - expectedObj := updateLegacyObj(c.crdName, obj) - resObj, err := c.testHandler.LegacyUpdateAndWait(expectedObj) - if err != nil { - t.Fatalf("Expected no error running LegacyUpdateAndWait, got %v", err) - } - assertSpec(t, c.crdName, expectedObj, resObj) -} - -func (c *mirroringController) testNewLiberate(t *testing.T) { - name := "new-liberate" - namespace := "test" - defer c.wg.Done() - - obj := buildObj(c.crdName, namespace, name) - _, err := c.testHandler.LegacyAddAndWait(obj) - if err != nil { - t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) - } - - legacyObj, newObj, err := c.testHandler.NewLiberateAndWait(updateLegacyObjAnnotation(obj)) - if err != nil { - t.Fatalf("Expected no error running NewLiberateAndWait, got %v", err) - } - - _, managedBy := newObj.GetAnnotations()[types.ManagedBy] - _, stopMirror := legacyObj.GetAnnotations()[types.StopMirror] - - assert.Equal(t, false, managedBy) - assert.Equal(t, true, stopMirror) -} - -func (c *mirroringController) testNewDelete(t *testing.T) { - name := "new-delete" - namespace := "test" - defer c.wg.Done() - - obj := buildObj(c.crdName, namespace, name) - _, err := c.testHandler.LegacyAddAndWait(obj) - if err != nil { - t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) - } - - err = c.testHandler.NewDeleteAndWait(namespace, name) - if err != nil { - t.Fatalf("Expected no error running NewDeleteAndWait, got %v", err) - } -} - -func (c *mirroringController) testNewUpdate(t *testing.T) { - name := "new-update" - namespace := "test" - defer c.wg.Done() - - legacyObj := buildObj(c.crdName, namespace, name) - newObj, err := c.testHandler.LegacyAddAndWait(legacyObj) - if err != nil { - t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) - } - - res, err := c.testHandler.NewUpdateAndWait(legacyObj, updateNewObj(c.crdName, newObj)) - if err != nil { - t.Fatalf("Expected no error running NewUpdateAndWait, got %v", err) - } - assertSpec(t, c.crdName, legacyObj, res) -} - -func (c *mirroringController) testNewUpdateStatus(t *testing.T) { - name := "new-update-status" - namespace := "test" - defer c.wg.Done() - - obj := buildObj(c.crdName, namespace, name) - res, err := c.testHandler.LegacyAddAndWait(obj) - if err != nil { - t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) - } - - err = c.testHandler.NewUpdateStatusAndWait(updateNewObjStatus(c.crdName, res)) - if err != nil { - t.Fatalf("Expected no error running NewUpdateStatusAndWait, got %v", err) - } -} - -func testCRD(t *testing.T, crd string) { - controller := newMirroringController(crd) - stopCh := make(chan struct{}) - controller.informerFactory.Start(stopCh) - controller.legacyInformerFactory.Start(stopCh) - controller.informerFactory.WaitForCacheSync(stopCh) - controller.legacyInformerFactory.WaitForCacheSync(stopCh) - go controller.Run(stopCh) - controller.wg.Add(7) - - t.Run("LegacyAdd", func(t *testing.T) { controller.testLegacyAdd(t) }) - t.Run("LegacyDelete", func(t *testing.T) { controller.testLegacyDelete(t) }) - t.Run("LegacyUpdate", func(t *testing.T) { controller.testLegacyUpdate(t) }) - t.Run("NewLiberate", func(t *testing.T) { controller.testNewLiberate(t) }) - t.Run("NewDelete", func(t *testing.T) { controller.testNewDelete(t) }) - t.Run("NewUpdate", func(t *testing.T) { controller.testNewUpdate(t) }) - t.Run("NewUpdateStatus", func(t *testing.T) { controller.testNewUpdateStatus(t) }) - - controller.wg.Wait() - close(stopCh) -} - -func TestCRDMirroringController(t *testing.T) { - t.Run(clusterGroup, func(t *testing.T) { testCRD(t, clusterGroup) }) - t.Run(externalEntity, func(t *testing.T) { testCRD(t, externalEntity) }) - t.Run(networkPolicy, func(t *testing.T) { testCRD(t, networkPolicy) }) - t.Run(clusterNetworkPolicy, func(t *testing.T) { testCRD(t, clusterNetworkPolicy) }) - t.Run(tier, func(t *testing.T) { testCRD(t, tier) }) - t.Run(traceflow, func(t *testing.T) { testCRD(t, traceflow) }) -} diff --git a/pkg/controller/crdmirroring/types/interface.go b/pkg/controller/crdmirroring/types/interface.go deleted file mode 100644 index 467c6f55a58..00000000000 --- a/pkg/controller/crdmirroring/types/interface.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -package types - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type MirroringHandler interface { - GetLegacyObject(namespace, name string) (metav1.Object, error) - GetNewObject(namespace, name string) (metav1.Object, error) - AddNewObject(obj metav1.Object) error - SyncObject(legacyObj, newObj metav1.Object) error - DeleteNewObject(namespace, name string) error - UpdateNewObject(obj metav1.Object) error -} diff --git a/pkg/controller/crdmirroring/types/types.go b/pkg/controller/crdmirroring/types/types.go deleted file mode 100644 index ec491e4ea74..00000000000 --- a/pkg/controller/crdmirroring/types/types.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package types - -const ( - ManagedBy = "crd.antrea.io/managed-by" - ControllerName = "crdmirroring-controller" - - StopMirror = "crd.antrea.io/stop-mirror" -) diff --git a/pkg/legacyapis/clusterinformation/v1beta1/doc.go b/pkg/legacyapis/clusterinformation/v1beta1/doc.go deleted file mode 100644 index cee74ccf6e2..00000000000 --- a/pkg/legacyapis/clusterinformation/v1beta1/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright 2019 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=clusterinformation.antrea.tanzu.vmware.com - -package v1beta1 diff --git a/pkg/legacyapis/clusterinformation/v1beta1/register.go b/pkg/legacyapis/clusterinformation/v1beta1/register.go deleted file mode 100644 index 8bf9b237212..00000000000 --- a/pkg/legacyapis/clusterinformation/v1beta1/register.go +++ /dev/null @@ -1,56 +0,0 @@ -// Copyright 2019 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1beta1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -var SchemeGroupVersion = schema.GroupVersion{ - Group: "clusterinformation.antrea.tanzu.vmware.com", - Version: "v1beta1", -} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - localSchemeBuilder.Register(addKnownTypes) -} - -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes( - SchemeGroupVersion, - &AntreaControllerInfo{}, - &AntreaControllerInfoList{}, - &AntreaAgentInfo{}, - &AntreaAgentInfoList{}, - ) - - metav1.AddToGroupVersion( - scheme, - SchemeGroupVersion, - ) - return nil -} diff --git a/pkg/legacyapis/clusterinformation/v1beta1/types.go b/pkg/legacyapis/clusterinformation/v1beta1/types.go deleted file mode 100644 index 9707a6cfe28..00000000000 --- a/pkg/legacyapis/clusterinformation/v1beta1/types.go +++ /dev/null @@ -1,73 +0,0 @@ -// Copyright 2019 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1beta1 - -import ( - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type AntreaAgentInfo struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Version string `json:"version,omitempty"` // Antrea binary version - PodRef corev1.ObjectReference `json:"podRef,omitempty"` // The Pod that Antrea Agent is running in - NodeRef corev1.ObjectReference `json:"nodeRef,omitempty"` // The Node that Antrea Agent is running in - NodeSubnets []string `json:"nodeSubnets,omitempty"` // Node subnets - OVSInfo crdv1beta1.OVSInfo `json:"ovsInfo,omitempty"` // OVS Information - NetworkPolicyControllerInfo crdv1beta1.NetworkPolicyControllerInfo `json:"networkPolicyControllerInfo,omitempty"` // Antrea Agent NetworkPolicy information - LocalPodNum int32 `json:"localPodNum,omitempty"` // The number of Pods which the agent is in charge of - AgentConditions []crdv1beta1.AgentCondition `json:"agentConditions,omitempty"` // Agent condition contains types like AgentHealthy - APIPort int `json:"apiPort,omitempty"` // The port of antrea agent API Server -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type AntreaAgentInfoList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []AntreaAgentInfo `json:"items"` -} - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type AntreaControllerInfo struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Version string `json:"version,omitempty"` // Antrea binary version - PodRef corev1.ObjectReference `json:"podRef,omitempty"` // The Pod that Antrea Controller is running in - NodeRef corev1.ObjectReference `json:"nodeRef,omitempty"` // The Node that Antrea Controller is running in - ServiceRef corev1.ObjectReference `json:"serviceRef,omitempty"` // Antrea Controller Service - NetworkPolicyControllerInfo crdv1beta1.NetworkPolicyControllerInfo `json:"networkPolicyControllerInfo,omitempty"` // Antrea Controller NetworkPolicy information - ConnectedAgentNum int32 `json:"connectedAgentNum,omitempty"` // Number of agents which are connected to this controller - ControllerConditions []crdv1beta1.ControllerCondition `json:"controllerConditions,omitempty"` // Controller condition contains types like ControllerHealthy - APIPort int `json:"apiPort,omitempty"` // The port of antrea controller API Server -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type AntreaControllerInfoList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []AntreaControllerInfo `json:"items"` -} diff --git a/pkg/legacyapis/clusterinformation/v1beta1/zz_generated.deepcopy.go b/pkg/legacyapis/clusterinformation/v1beta1/zz_generated.deepcopy.go deleted file mode 100644 index a18bf00e02d..00000000000 --- a/pkg/legacyapis/clusterinformation/v1beta1/zz_generated.deepcopy.go +++ /dev/null @@ -1,170 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1beta1 - -import ( - crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AntreaAgentInfo) DeepCopyInto(out *AntreaAgentInfo) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.PodRef = in.PodRef - out.NodeRef = in.NodeRef - if in.NodeSubnets != nil { - in, out := &in.NodeSubnets, &out.NodeSubnets - *out = make([]string, len(*in)) - copy(*out, *in) - } - in.OVSInfo.DeepCopyInto(&out.OVSInfo) - out.NetworkPolicyControllerInfo = in.NetworkPolicyControllerInfo - if in.AgentConditions != nil { - in, out := &in.AgentConditions, &out.AgentConditions - *out = make([]crdv1beta1.AgentCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntreaAgentInfo. -func (in *AntreaAgentInfo) DeepCopy() *AntreaAgentInfo { - if in == nil { - return nil - } - out := new(AntreaAgentInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AntreaAgentInfo) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AntreaAgentInfoList) DeepCopyInto(out *AntreaAgentInfoList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]AntreaAgentInfo, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntreaAgentInfoList. -func (in *AntreaAgentInfoList) DeepCopy() *AntreaAgentInfoList { - if in == nil { - return nil - } - out := new(AntreaAgentInfoList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AntreaAgentInfoList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AntreaControllerInfo) DeepCopyInto(out *AntreaControllerInfo) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.PodRef = in.PodRef - out.NodeRef = in.NodeRef - out.ServiceRef = in.ServiceRef - out.NetworkPolicyControllerInfo = in.NetworkPolicyControllerInfo - if in.ControllerConditions != nil { - in, out := &in.ControllerConditions, &out.ControllerConditions - *out = make([]crdv1beta1.ControllerCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntreaControllerInfo. -func (in *AntreaControllerInfo) DeepCopy() *AntreaControllerInfo { - if in == nil { - return nil - } - out := new(AntreaControllerInfo) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AntreaControllerInfo) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AntreaControllerInfoList) DeepCopyInto(out *AntreaControllerInfoList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]AntreaControllerInfo, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntreaControllerInfoList. -func (in *AntreaControllerInfoList) DeepCopy() *AntreaControllerInfoList { - if in == nil { - return nil - } - out := new(AntreaControllerInfoList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AntreaControllerInfoList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} diff --git a/pkg/legacyapis/controlplane/doc.go b/pkg/legacyapis/controlplane/doc.go deleted file mode 100644 index ef2d47997be..00000000000 --- a/pkg/legacyapis/controlplane/doc.go +++ /dev/null @@ -1,24 +0,0 @@ -// Copyright 2019 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:deepcopy-gen=package -// +groupName=controlplane.antrea.tanzu.vmware.com - -// Package controlplane contains the latest (or "internal") version of the Antrea -// NetworkPolicy API messages. This is the API messages as represented in memory. -// The contract presented to clients is located in the versioned packages, -// which are sub-directories. The first one is "v1beta1". -// The messages are generated based on the stored NetworkPolicy objects, i.e. -// the objects defined in antrea/pkg/controller/types/networkpolicy.go. -package controlplane diff --git a/pkg/legacyapis/controlplane/install/install.go b/pkg/legacyapis/controlplane/install/install.go deleted file mode 100644 index aacc222b05e..00000000000 --- a/pkg/legacyapis/controlplane/install/install.go +++ /dev/null @@ -1,30 +0,0 @@ -// Copyright 2019 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package install - -import ( - "k8s.io/apimachinery/pkg/runtime" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" - - "antrea.io/antrea/pkg/legacyapis/controlplane" - "antrea.io/antrea/pkg/legacyapis/controlplane/v1beta2" -) - -// Install registers the API group and adds types to a scheme -func Install(scheme *runtime.Scheme) { - utilruntime.Must(controlplane.AddToScheme(scheme)) - utilruntime.Must(v1beta2.AddToScheme(scheme)) - utilruntime.Must(scheme.SetVersionPriority(v1beta2.SchemeGroupVersion)) -} diff --git a/pkg/legacyapis/controlplane/register.go b/pkg/legacyapis/controlplane/register.go deleted file mode 100644 index 58629dd7b5d..00000000000 --- a/pkg/legacyapis/controlplane/register.go +++ /dev/null @@ -1,64 +0,0 @@ -// Copyright 2019 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package controlplane - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - newcontrolplane "antrea.io/antrea/pkg/apis/controlplane" -) - -// GroupName is the group name used in this package. -const GroupName = "controlplane.antrea.tanzu.vmware.com" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns a Group qualified GroupKind. -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - // SchemeBuilder points to a list of functions added to Scheme. - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - // AddToScheme applies all the stored functions to the scheme. - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &newcontrolplane.AppliedToGroup{}, - &newcontrolplane.AppliedToGroupPatch{}, - &newcontrolplane.AppliedToGroupList{}, - &newcontrolplane.AddressGroup{}, - &newcontrolplane.AddressGroupPatch{}, - &newcontrolplane.AddressGroupList{}, - &newcontrolplane.NetworkPolicy{}, - &newcontrolplane.NetworkPolicyList{}, - &newcontrolplane.NetworkPolicyStatus{}, - &newcontrolplane.NodeStatsSummary{}, - &newcontrolplane.ClusterGroupMembers{}, - &newcontrolplane.GroupAssociation{}, - ) - return nil -} diff --git a/pkg/legacyapis/controlplane/v1beta2/conversion.go b/pkg/legacyapis/controlplane/v1beta2/conversion.go deleted file mode 100644 index 1d4c6ce62b5..00000000000 --- a/pkg/legacyapis/controlplane/v1beta2/conversion.go +++ /dev/null @@ -1,46 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1beta2 - -import ( - "fmt" - - "k8s.io/apimachinery/pkg/runtime" -) - -func init() { - localSchemeBuilder.Register(addConversionFuncs) -} - -// addConversionFuncs adds non-generated conversion functions to the given scheme. -func addConversionFuncs(scheme *runtime.Scheme) error { - for _, kind := range []string{"AppliedToGroup", "AddressGroup", "NetworkPolicy"} { - err := scheme.AddFieldLabelConversionFunc(SchemeGroupVersion.WithKind(kind), - func(label, value string) (string, string, error) { - switch label { - // Antrea Agents select resources by nodeName. - case "metadata.name", "nodeName": - return label, value, nil - default: - return "", "", fmt.Errorf("field label not supported: %s", label) - } - }, - ) - if err != nil { - return err - } - } - return nil -} diff --git a/pkg/legacyapis/controlplane/v1beta2/doc.go b/pkg/legacyapis/controlplane/v1beta2/doc.go deleted file mode 100644 index cdb80c8aaa7..00000000000 --- a/pkg/legacyapis/controlplane/v1beta2/doc.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:protobuf-gen=package -// +k8s:conversion-gen=antrea.io/antrea/pkg/apis/controlplane -// +groupName=controlplane.antrea.tanzu.vmware.com - -// Package v1beta2 is the v1beta2 version of the Antrea NetworkPolicy API messages. -package v1beta2 diff --git a/pkg/legacyapis/controlplane/v1beta2/register.go b/pkg/legacyapis/controlplane/v1beta2/register.go deleted file mode 100644 index 30f484d5b76..00000000000 --- a/pkg/legacyapis/controlplane/v1beta2/register.go +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1beta2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - "antrea.io/antrea/pkg/apis/controlplane/v1beta2" -) - -// GroupName is the group name used in this package. -const GroupName = "controlplane.antrea.tanzu.vmware.com" - -var ( - // SchemeGroupVersion is group version used to register these objects. - SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta2"} - - AppliedToGroupVersionResource = schema.GroupVersionResource{ - Group: SchemeGroupVersion.Group, - Version: SchemeGroupVersion.Version, - Resource: "appliedtogroups"} - AddressGroupVersionResource = schema.GroupVersionResource{ - Group: SchemeGroupVersion.Group, - Version: SchemeGroupVersion.Version, - Resource: "addressgroups"} - NetworkPolicyVersionResource = schema.GroupVersionResource{ - Group: SchemeGroupVersion.Group, - Version: SchemeGroupVersion.Version, - Resource: "networkpolicies"} - GroupVersionResource = schema.GroupVersionResource{ - Group: SchemeGroupVersion.Group, - Version: SchemeGroupVersion.Version, - Resource: "groups", - } -) - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &v1beta2.AppliedToGroup{}, - &v1beta2.AppliedToGroupPatch{}, - &v1beta2.AppliedToGroupList{}, - &v1beta2.AddressGroup{}, - &v1beta2.AddressGroupPatch{}, - &v1beta2.AddressGroupList{}, - &v1beta2.NetworkPolicy{}, - &v1beta2.NetworkPolicyList{}, - &v1beta2.NetworkPolicyStatus{}, - &v1beta2.NodeStatsSummary{}, - &v1beta2.ClusterGroupMembers{}, - &v1beta2.GroupAssociation{}, - ) - - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/pkg/legacyapis/core/doc.go b/pkg/legacyapis/core/doc.go deleted file mode 100644 index cb62e03041a..00000000000 --- a/pkg/legacyapis/core/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:deepcopy-gen=package -// +groupName=core.antrea.tanzu.vmware.com - -package core diff --git a/pkg/legacyapis/core/register.go b/pkg/legacyapis/core/register.go deleted file mode 100644 index 7948c385555..00000000000 --- a/pkg/legacyapis/core/register.go +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package core - -// GroupName is the group name used in this package -const ( - GroupName = "core.antrea.tanzu.vmware.com" -) diff --git a/pkg/legacyapis/core/v1alpha2/doc.go b/pkg/legacyapis/core/v1alpha2/doc.go deleted file mode 100644 index 185e5d03cb0..00000000000 --- a/pkg/legacyapis/core/v1alpha2/doc.go +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +groupName=core.antrea.tanzu.vmware.com - -package v1alpha2 // import "antrea.io/antrea/pkg/apis/legacyclient/core/v1alpha2" diff --git a/pkg/legacyapis/core/v1alpha2/register.go b/pkg/legacyapis/core/v1alpha2/register.go deleted file mode 100644 index 7f084e609c4..00000000000 --- a/pkg/legacyapis/core/v1alpha2/register.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -// GroupName is the group name used in this package. -const GroupName = "core.antrea.tanzu.vmware.com" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha2"} - -// Kind takes an unqualified kind and returns back a Group qualified GroupKind -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &ExternalEntity{}, - &ExternalEntityList{}, - &ClusterGroup{}, - &ClusterGroupList{}, - ) - - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/pkg/legacyapis/core/v1alpha2/types.go b/pkg/legacyapis/core/v1alpha2/types.go deleted file mode 100644 index bac998da472..00000000000 --- a/pkg/legacyapis/core/v1alpha2/types.go +++ /dev/null @@ -1,67 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" -) - -// +genclient -// +genclient:noStatus -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type ExternalEntity struct { - metav1.TypeMeta `json:",inline"` - // Standard metadata of the object. - metav1.ObjectMeta `json:"metadata,omitempty"` - // Desired state of the external entity. - Spec crdv1alpha2.ExternalEntitySpec `json:"spec,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type ExternalEntityList struct { - metav1.TypeMeta `json:",inline"` - // +optional - metav1.ListMeta `json:"metadata,omitempty"` - - Items []ExternalEntity `json:"items,omitempty"` -} - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type ClusterGroup struct { - metav1.TypeMeta `json:",inline"` - // Standard metadata of the object. - metav1.ObjectMeta `json:"metadata,omitempty"` - // Desired state of the group. - Spec crdv1alpha2.GroupSpec `json:"spec"` - // Most recently observed status of the group. - Status crdv1alpha2.GroupStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type ClusterGroupList struct { - metav1.TypeMeta `json:",inline"` - // +optional - metav1.ListMeta `json:"metadata,omitempty"` - - Items []ClusterGroup `json:"items,omitempty"` -} diff --git a/pkg/legacyapis/core/v1alpha2/webhook.go b/pkg/legacyapis/core/v1alpha2/webhook.go deleted file mode 100644 index 206db8637e2..00000000000 --- a/pkg/legacyapis/core/v1alpha2/webhook.go +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha2 - -import ( - "fmt" - "reflect" - - "k8s.io/apimachinery/pkg/runtime" -) - -// WebhookImpl implements webhook validator of a resource. -type WebhookImpl interface { - Default(in *ExternalEntity) - ValidateCreate(in *ExternalEntity) error - ValidateUpdate(in *ExternalEntity, old runtime.Object) error - ValidateDelete(in *ExternalEntity) error -} - -var ( - externalEntityWebhook WebhookImpl -) - -// RegisterWebhook registers webhook implementation of a resource. -func RegisterWebhook(in runtime.Object, webhook WebhookImpl) error { - switch in.(type) { - case *ExternalEntity: - if externalEntityWebhook != nil { - return fmt.Errorf("externalEntityWebhook already registered") - } - externalEntityWebhook = webhook - default: - return fmt.Errorf("unknown type %s to register webhook", reflect.TypeOf(in).Elem().Name()) - } - return nil -} - -// Default implements webhook Defaulter. -func (in *ExternalEntity) Default() { - if externalEntityWebhook != nil { - externalEntityWebhook.Default(in) - } - return -} - -// ValidateCreate implements webhook Validator. -func (in *ExternalEntity) ValidateCreate() error { - if externalEntityWebhook != nil { - return externalEntityWebhook.ValidateCreate(in) - } - return nil -} - -// ValidateUpdate implements webhook Validator. -func (in *ExternalEntity) ValidateUpdate(old runtime.Object) error { - if externalEntityWebhook != nil { - return externalEntityWebhook.ValidateUpdate(in, old) - } - - return nil -} - -// ValidateDelete implements webhook Validator. -func (in *ExternalEntity) ValidateDelete() error { - if externalEntityWebhook != nil { - return externalEntityWebhook.ValidateDelete(in) - } - return nil -} diff --git a/pkg/legacyapis/core/v1alpha2/zz_generated.deepcopy.go b/pkg/legacyapis/core/v1alpha2/zz_generated.deepcopy.go deleted file mode 100644 index 30b0874dd46..00000000000 --- a/pkg/legacyapis/core/v1alpha2/zz_generated.deepcopy.go +++ /dev/null @@ -1,145 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterGroup) DeepCopyInto(out *ClusterGroup) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterGroup. -func (in *ClusterGroup) DeepCopy() *ClusterGroup { - if in == nil { - return nil - } - out := new(ClusterGroup) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterGroup) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterGroupList) DeepCopyInto(out *ClusterGroupList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterGroup, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterGroupList. -func (in *ClusterGroupList) DeepCopy() *ClusterGroupList { - if in == nil { - return nil - } - out := new(ClusterGroupList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterGroupList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExternalEntity) DeepCopyInto(out *ExternalEntity) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalEntity. -func (in *ExternalEntity) DeepCopy() *ExternalEntity { - if in == nil { - return nil - } - out := new(ExternalEntity) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ExternalEntity) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExternalEntityList) DeepCopyInto(out *ExternalEntityList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ExternalEntity, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalEntityList. -func (in *ExternalEntityList) DeepCopy() *ExternalEntityList { - if in == nil { - return nil - } - out := new(ExternalEntityList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ExternalEntityList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} diff --git a/pkg/legacyapis/ops/v1alpha1/doc.go b/pkg/legacyapis/ops/v1alpha1/doc.go deleted file mode 100644 index 5c495c3ebef..00000000000 --- a/pkg/legacyapis/ops/v1alpha1/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=ops.antrea.tanzu.vmware.com - -package v1alpha1 diff --git a/pkg/legacyapis/ops/v1alpha1/register.go b/pkg/legacyapis/ops/v1alpha1/register.go deleted file mode 100644 index 4bc3bac8386..00000000000 --- a/pkg/legacyapis/ops/v1alpha1/register.go +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -var SchemeGroupVersion = schema.GroupVersion{ - Group: "ops.antrea.tanzu.vmware.com", - Version: "v1alpha1", -} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - localSchemeBuilder.Register(addKnownTypes) -} - -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes( - SchemeGroupVersion, - &Traceflow{}, - &TraceflowList{}, - ) - - metav1.AddToGroupVersion( - scheme, - SchemeGroupVersion, - ) - return nil -} diff --git a/pkg/legacyapis/ops/v1alpha1/types.go b/pkg/legacyapis/ops/v1alpha1/types.go deleted file mode 100644 index cf3ef592c34..00000000000 --- a/pkg/legacyapis/ops/v1alpha1/types.go +++ /dev/null @@ -1,40 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - "antrea.io/antrea/pkg/apis/crd/v1alpha1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type Traceflow struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec v1alpha1.TraceflowSpec `json:"spec,omitempty"` - Status v1alpha1.TraceflowStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TraceflowList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []Traceflow `json:"items"` -} diff --git a/pkg/legacyapis/ops/v1alpha1/zz_generated.deepcopy.go b/pkg/legacyapis/ops/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 8fee68d97bd..00000000000 --- a/pkg/legacyapis/ops/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,85 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Traceflow) DeepCopyInto(out *Traceflow) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Traceflow. -func (in *Traceflow) DeepCopy() *Traceflow { - if in == nil { - return nil - } - out := new(Traceflow) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Traceflow) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TraceflowList) DeepCopyInto(out *TraceflowList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Traceflow, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TraceflowList. -func (in *TraceflowList) DeepCopy() *TraceflowList { - if in == nil { - return nil - } - out := new(TraceflowList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TraceflowList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} diff --git a/pkg/legacyapis/security/doc.go b/pkg/legacyapis/security/doc.go deleted file mode 100644 index 4db6c7e2e35..00000000000 --- a/pkg/legacyapis/security/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:deepcopy-gen=package -// +groupName=security.antrea.tanzu.vmware.com - -package security diff --git a/pkg/legacyapis/security/register.go b/pkg/legacyapis/security/register.go deleted file mode 100644 index ae9e808c67e..00000000000 --- a/pkg/legacyapis/security/register.go +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package security - -// GroupName is the group name used in this package -const ( - GroupName = "security.antrea.tanzu.vmware.com" -) diff --git a/pkg/legacyapis/security/v1alpha1/doc.go b/pkg/legacyapis/security/v1alpha1/doc.go deleted file mode 100644 index 9c8aae8940c..00000000000 --- a/pkg/legacyapis/security/v1alpha1/doc.go +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +groupName=security.antrea.tanzu.vmware.com - -package v1alpha1 // import "antrea.io/antrea/pkg/apis/security/v1alpha1" diff --git a/pkg/legacyapis/security/v1alpha1/register.go b/pkg/legacyapis/security/v1alpha1/register.go deleted file mode 100644 index 31f1d553c1c..00000000000 --- a/pkg/legacyapis/security/v1alpha1/register.go +++ /dev/null @@ -1,57 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -// GroupName is the group name used in this package. -const GroupName = "security.antrea.tanzu.vmware.com" - -// SchemeGroupVersion is group version used to register these objects. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -// Kind takes an unqualified kind and returns back a Group qualified GroupKind -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource. -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - AddToScheme = SchemeBuilder.AddToScheme -) - -// Adds the list of known types to the given scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &NetworkPolicy{}, - &NetworkPolicyList{}, - &ClusterNetworkPolicy{}, - &ClusterNetworkPolicyList{}, - &Tier{}, - &TierList{}, - ) - - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/pkg/legacyapis/security/v1alpha1/types.go b/pkg/legacyapis/security/v1alpha1/types.go deleted file mode 100644 index 3074717a86f..00000000000 --- a/pkg/legacyapis/security/v1alpha1/types.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - "antrea.io/antrea/pkg/apis/crd/v1alpha1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type NetworkPolicy struct { - metav1.TypeMeta `json:",inline"` - // Standard metadata of the object. - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Specification of the desired behavior of NetworkPolicy. - Spec v1alpha1.NetworkPolicySpec `json:"spec"` - // Most recently observed status of the NetworkPolicy. - Status v1alpha1.NetworkPolicyStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type NetworkPolicyList struct { - metav1.TypeMeta `json:",inline"` - // +optional - metav1.ListMeta `json:"metadata,omitempty"` - - Items []NetworkPolicy `json:"items"` -} - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type ClusterNetworkPolicy struct { - metav1.TypeMeta `json:",inline"` - // Standard metadata of the object. - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Specification of the desired behavior of ClusterNetworkPolicy. - Spec v1alpha1.ClusterNetworkPolicySpec `json:"spec"` - // Most recently observed status of the NetworkPolicy. - Status v1alpha1.NetworkPolicyStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type ClusterNetworkPolicyList struct { - metav1.TypeMeta `json:",inline"` - // +optional - metav1.ListMeta `json:"metadata,omitempty"` - - Items []ClusterNetworkPolicy `json:"items"` -} - -// +genclient -// +genclient:nonNamespaced -// +genclient:noStatus -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type Tier struct { - metav1.TypeMeta `json:",inline"` - // Standard metadata of the object. - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Specification of the desired behavior of Tier. - Spec v1alpha1.TierSpec `json:"spec"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -type TierList struct { - metav1.TypeMeta `json:",inline"` - // +optional - metav1.ListMeta `json:"metadata,omitempty"` - - Items []Tier `json:"items"` -} diff --git a/pkg/legacyapis/security/v1alpha1/zz_generated.deepcopy.go b/pkg/legacyapis/security/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index f178caa5e69..00000000000 --- a/pkg/legacyapis/security/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,206 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterNetworkPolicy) DeepCopyInto(out *ClusterNetworkPolicy) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterNetworkPolicy. -func (in *ClusterNetworkPolicy) DeepCopy() *ClusterNetworkPolicy { - if in == nil { - return nil - } - out := new(ClusterNetworkPolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterNetworkPolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterNetworkPolicyList) DeepCopyInto(out *ClusterNetworkPolicyList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterNetworkPolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterNetworkPolicyList. -func (in *ClusterNetworkPolicyList) DeepCopy() *ClusterNetworkPolicyList { - if in == nil { - return nil - } - out := new(ClusterNetworkPolicyList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterNetworkPolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicy. -func (in *NetworkPolicy) DeepCopy() *NetworkPolicy { - if in == nil { - return nil - } - out := new(NetworkPolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *NetworkPolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NetworkPolicyList) DeepCopyInto(out *NetworkPolicyList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]NetworkPolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyList. -func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList { - if in == nil { - return nil - } - out := new(NetworkPolicyList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *NetworkPolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Tier) DeepCopyInto(out *Tier) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tier. -func (in *Tier) DeepCopy() *Tier { - if in == nil { - return nil - } - out := new(Tier) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Tier) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TierList) DeepCopyInto(out *TierList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Tier, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TierList. -func (in *TierList) DeepCopy() *TierList { - if in == nil { - return nil - } - out := new(TierList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TierList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} diff --git a/pkg/legacyapis/stats/doc.go b/pkg/legacyapis/stats/doc.go deleted file mode 100644 index 29c41dc8264..00000000000 --- a/pkg/legacyapis/stats/doc.go +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:deepcopy-gen=package -// +groupName=stats.antrea.tanzu.vmware.com - -// Package stats is the internal version of the Antrea Stats API. -// Refer to https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api_changes.md doc -// for more information. -package stats diff --git a/pkg/legacyapis/stats/install/install.go b/pkg/legacyapis/stats/install/install.go deleted file mode 100644 index 46cb46901bf..00000000000 --- a/pkg/legacyapis/stats/install/install.go +++ /dev/null @@ -1,30 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package install - -import ( - "k8s.io/apimachinery/pkg/runtime" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" - - "antrea.io/antrea/pkg/legacyapis/stats" - "antrea.io/antrea/pkg/legacyapis/stats/v1alpha1" -) - -// Install registers the API group and adds types to a scheme -func Install(scheme *runtime.Scheme) { - utilruntime.Must(stats.AddToScheme(scheme)) - utilruntime.Must(v1alpha1.AddToScheme(scheme)) - utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion)) -} diff --git a/pkg/legacyapis/stats/register.go b/pkg/legacyapis/stats/register.go deleted file mode 100644 index 86a29f702f8..00000000000 --- a/pkg/legacyapis/stats/register.go +++ /dev/null @@ -1,57 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package stats - -import ( - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - newstats "antrea.io/antrea/pkg/apis/stats" -) - -// GroupName is the group name use in this package -const GroupName = "stats.antrea.tanzu.vmware.com" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} - -// Kind takes an unqualified kind and returns back a Group qualified GroupKind -func Kind(kind string) schema.GroupKind { - return SchemeGroupVersion.WithKind(kind).GroupKind() -} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - // SchemeBuilder points to a list of functions added to Scheme. - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - // AddToScheme applies all the stored functions to the scheme. - AddToScheme = SchemeBuilder.AddToScheme -) - -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &newstats.AntreaClusterNetworkPolicyStats{}, - &newstats.AntreaClusterNetworkPolicyStatsList{}, - &newstats.AntreaNetworkPolicyStats{}, - &newstats.AntreaNetworkPolicyStatsList{}, - &newstats.NetworkPolicyStats{}, - &newstats.NetworkPolicyStatsList{}, - ) - return nil -} diff --git a/pkg/legacyapis/stats/v1alpha1/doc.go b/pkg/legacyapis/stats/v1alpha1/doc.go deleted file mode 100644 index e9060d24b09..00000000000 --- a/pkg/legacyapis/stats/v1alpha1/doc.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:protobuf-gen=package -// +k8s:conversion-gen=antrea.io/antrea/pkg/apis/stats -// +groupName=stats.antrea.tanzu.vmware.com - -// Package v1alpha1 is the v1alpha1 version of the Antrea Stats API. -package v1alpha1 diff --git a/pkg/legacyapis/stats/v1alpha1/register.go b/pkg/legacyapis/stats/v1alpha1/register.go deleted file mode 100644 index 2ac1825226b..00000000000 --- a/pkg/legacyapis/stats/v1alpha1/register.go +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - "antrea.io/antrea/pkg/apis/stats/v1alpha1" -) - -// GroupName is the group name use in this package -const GroupName = "stats.antrea.tanzu.vmware.com" - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - // SchemeBuilder points to a list of functions added to Scheme. - SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) - // AddToScheme applies all the stored functions to the scheme. - AddToScheme = SchemeBuilder.AddToScheme -) - -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &v1alpha1.AntreaClusterNetworkPolicyStats{}, - &v1alpha1.AntreaClusterNetworkPolicyStatsList{}, - &v1alpha1.AntreaNetworkPolicyStats{}, - &v1alpha1.AntreaNetworkPolicyStatsList{}, - &v1alpha1.NetworkPolicyStats{}, - &v1alpha1.NetworkPolicyStatsList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/pkg/legacyapis/system/doc.go b/pkg/legacyapis/system/doc.go deleted file mode 100644 index 27578102f06..00000000000 --- a/pkg/legacyapis/system/doc.go +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package system contains the Antrea "system" API group definitions. -// The contract presented to clients is located in the versioned packages, -// which are sub-directories. Right now, only version "v1beta1" is supported -// for the API group; the internal version is not needed. -package system diff --git a/pkg/legacyapis/system/install/install.go b/pkg/legacyapis/system/install/install.go deleted file mode 100644 index bad90b390dd..00000000000 --- a/pkg/legacyapis/system/install/install.go +++ /dev/null @@ -1,28 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package install - -import ( - "k8s.io/apimachinery/pkg/runtime" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" - - "antrea.io/antrea/pkg/legacyapis/system/v1beta1" -) - -// Install registers the API group and adds types to a scheme -func Install(scheme *runtime.Scheme) { - utilruntime.Must(v1beta1.AddToScheme(scheme)) - utilruntime.Must(scheme.SetVersionPriority(v1beta1.SchemeGroupVersion)) -} diff --git a/pkg/legacyapis/system/v1beta1/doc.go b/pkg/legacyapis/system/v1beta1/doc.go deleted file mode 100644 index d0c483ed44e..00000000000 --- a/pkg/legacyapis/system/v1beta1/doc.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen=package -// +k8s:defaulter-gen=TypeMeta -// +groupName=system.antrea.tanzu.vmware.com - -// Package v1beta1 contains the v1beta1 version of the Antrea "system" API -// group definitions. -package v1beta1 diff --git a/pkg/legacyapis/system/v1beta1/register.go b/pkg/legacyapis/system/v1beta1/register.go deleted file mode 100644 index 1eaa4cd6fbd..00000000000 --- a/pkg/legacyapis/system/v1beta1/register.go +++ /dev/null @@ -1,63 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1beta1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" - "antrea.io/antrea/pkg/apis/system/v1beta1" -) - -const GroupName = "system.antrea.tanzu.vmware.com" - -var ( - SchemeGroupVersion = schema.GroupVersion{ - Group: GroupName, - Version: "v1beta1"} - - ControllerInfoVersionResource = schema.GroupVersionResource{ - Group: SchemeGroupVersion.Group, - Version: SchemeGroupVersion.Version, - Resource: "controllerinfos"} -) - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - localSchemeBuilder.Register(addKnownTypes) -} - -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes( - SchemeGroupVersion, - &crdv1beta1.AntreaControllerInfo{}, - &crdv1beta1.AntreaControllerInfoList{}, - &v1beta1.SupportBundle{}, - ) - - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/pkg/legacyclient/clientset/versioned/clientset.go b/pkg/legacyclient/clientset/versioned/clientset.go deleted file mode 100644 index 00cd6cf5fb1..00000000000 --- a/pkg/legacyclient/clientset/versioned/clientset.go +++ /dev/null @@ -1,179 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package versioned - -import ( - "fmt" - - clusterinformationv1beta1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1" - controlplanev1beta2 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2" - corev1alpha2 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2" - opsv1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1" - securityv1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1" - statsv1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1" - systemv1beta1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/system/v1beta1" - discovery "k8s.io/client-go/discovery" - rest "k8s.io/client-go/rest" - flowcontrol "k8s.io/client-go/util/flowcontrol" -) - -type Interface interface { - Discovery() discovery.DiscoveryInterface - ClusterinformationV1beta1() clusterinformationv1beta1.ClusterinformationV1beta1Interface - ControlplaneV1beta2() controlplanev1beta2.ControlplaneV1beta2Interface - CoreV1alpha2() corev1alpha2.CoreV1alpha2Interface - OpsV1alpha1() opsv1alpha1.OpsV1alpha1Interface - SecurityV1alpha1() securityv1alpha1.SecurityV1alpha1Interface - StatsV1alpha1() statsv1alpha1.StatsV1alpha1Interface - SystemV1beta1() systemv1beta1.SystemV1beta1Interface -} - -// Clientset contains the clients for groups. Each group has exactly one -// version included in a Clientset. -type Clientset struct { - *discovery.DiscoveryClient - clusterinformationV1beta1 *clusterinformationv1beta1.ClusterinformationV1beta1Client - controlplaneV1beta2 *controlplanev1beta2.ControlplaneV1beta2Client - coreV1alpha2 *corev1alpha2.CoreV1alpha2Client - opsV1alpha1 *opsv1alpha1.OpsV1alpha1Client - securityV1alpha1 *securityv1alpha1.SecurityV1alpha1Client - statsV1alpha1 *statsv1alpha1.StatsV1alpha1Client - systemV1beta1 *systemv1beta1.SystemV1beta1Client -} - -// ClusterinformationV1beta1 retrieves the ClusterinformationV1beta1Client -func (c *Clientset) ClusterinformationV1beta1() clusterinformationv1beta1.ClusterinformationV1beta1Interface { - return c.clusterinformationV1beta1 -} - -// ControlplaneV1beta2 retrieves the ControlplaneV1beta2Client -func (c *Clientset) ControlplaneV1beta2() controlplanev1beta2.ControlplaneV1beta2Interface { - return c.controlplaneV1beta2 -} - -// CoreV1alpha2 retrieves the CoreV1alpha2Client -func (c *Clientset) CoreV1alpha2() corev1alpha2.CoreV1alpha2Interface { - return c.coreV1alpha2 -} - -// OpsV1alpha1 retrieves the OpsV1alpha1Client -func (c *Clientset) OpsV1alpha1() opsv1alpha1.OpsV1alpha1Interface { - return c.opsV1alpha1 -} - -// SecurityV1alpha1 retrieves the SecurityV1alpha1Client -func (c *Clientset) SecurityV1alpha1() securityv1alpha1.SecurityV1alpha1Interface { - return c.securityV1alpha1 -} - -// StatsV1alpha1 retrieves the StatsV1alpha1Client -func (c *Clientset) StatsV1alpha1() statsv1alpha1.StatsV1alpha1Interface { - return c.statsV1alpha1 -} - -// SystemV1beta1 retrieves the SystemV1beta1Client -func (c *Clientset) SystemV1beta1() systemv1beta1.SystemV1beta1Interface { - return c.systemV1beta1 -} - -// Discovery retrieves the DiscoveryClient -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - if c == nil { - return nil - } - return c.DiscoveryClient -} - -// NewForConfig creates a new Clientset for the given config. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfig will generate a rate-limiter in configShallowCopy. -func NewForConfig(c *rest.Config) (*Clientset, error) { - configShallowCopy := *c - if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { - if configShallowCopy.Burst <= 0 { - return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") - } - configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) - } - var cs Clientset - var err error - cs.clusterinformationV1beta1, err = clusterinformationv1beta1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.controlplaneV1beta2, err = controlplanev1beta2.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.coreV1alpha2, err = corev1alpha2.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.opsV1alpha1, err = opsv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.securityV1alpha1, err = securityv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.statsV1alpha1, err = statsv1alpha1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.systemV1beta1, err = systemv1beta1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - - cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - return &cs, nil -} - -// NewForConfigOrDie creates a new Clientset for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *Clientset { - var cs Clientset - cs.clusterinformationV1beta1 = clusterinformationv1beta1.NewForConfigOrDie(c) - cs.controlplaneV1beta2 = controlplanev1beta2.NewForConfigOrDie(c) - cs.coreV1alpha2 = corev1alpha2.NewForConfigOrDie(c) - cs.opsV1alpha1 = opsv1alpha1.NewForConfigOrDie(c) - cs.securityV1alpha1 = securityv1alpha1.NewForConfigOrDie(c) - cs.statsV1alpha1 = statsv1alpha1.NewForConfigOrDie(c) - cs.systemV1beta1 = systemv1beta1.NewForConfigOrDie(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) - return &cs -} - -// New creates a new Clientset for the given RESTClient. -func New(c rest.Interface) *Clientset { - var cs Clientset - cs.clusterinformationV1beta1 = clusterinformationv1beta1.New(c) - cs.controlplaneV1beta2 = controlplanev1beta2.New(c) - cs.coreV1alpha2 = corev1alpha2.New(c) - cs.opsV1alpha1 = opsv1alpha1.New(c) - cs.securityV1alpha1 = securityv1alpha1.New(c) - cs.statsV1alpha1 = statsv1alpha1.New(c) - cs.systemV1beta1 = systemv1beta1.New(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClient(c) - return &cs -} diff --git a/pkg/legacyclient/clientset/versioned/doc.go b/pkg/legacyclient/clientset/versioned/doc.go deleted file mode 100644 index 03053156dc6..00000000000 --- a/pkg/legacyclient/clientset/versioned/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated clientset. -package versioned diff --git a/pkg/legacyclient/clientset/versioned/fake/clientset_generated.go b/pkg/legacyclient/clientset/versioned/fake/clientset_generated.go deleted file mode 100644 index 2fde5875a67..00000000000 --- a/pkg/legacyclient/clientset/versioned/fake/clientset_generated.go +++ /dev/null @@ -1,122 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - clientset "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - clusterinformationv1beta1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1" - fakeclusterinformationv1beta1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake" - controlplanev1beta2 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2" - fakecontrolplanev1beta2 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake" - corev1alpha2 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2" - fakecorev1alpha2 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake" - opsv1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1" - fakeopsv1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake" - securityv1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1" - fakesecurityv1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake" - statsv1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1" - fakestatsv1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake" - systemv1beta1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/system/v1beta1" - fakesystemv1beta1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/discovery" - fakediscovery "k8s.io/client-go/discovery/fake" - "k8s.io/client-go/testing" -) - -// NewSimpleClientset returns a clientset that will respond with the provided objects. -// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement -// for a real clientset and is mostly useful in simple unit tests. -func NewSimpleClientset(objects ...runtime.Object) *Clientset { - o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) - for _, obj := range objects { - if err := o.Add(obj); err != nil { - panic(err) - } - } - - cs := &Clientset{tracker: o} - cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} - cs.AddReactor("*", "*", testing.ObjectReaction(o)) - cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { - gvr := action.GetResource() - ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) - if err != nil { - return false, nil, err - } - return true, watch, nil - }) - - return cs -} - -// Clientset implements clientset.Interface. Meant to be embedded into a -// struct to get a default implementation. This makes faking out just the method -// you want to test easier. -type Clientset struct { - testing.Fake - discovery *fakediscovery.FakeDiscovery - tracker testing.ObjectTracker -} - -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - return c.discovery -} - -func (c *Clientset) Tracker() testing.ObjectTracker { - return c.tracker -} - -var _ clientset.Interface = &Clientset{} - -// ClusterinformationV1beta1 retrieves the ClusterinformationV1beta1Client -func (c *Clientset) ClusterinformationV1beta1() clusterinformationv1beta1.ClusterinformationV1beta1Interface { - return &fakeclusterinformationv1beta1.FakeClusterinformationV1beta1{Fake: &c.Fake} -} - -// ControlplaneV1beta2 retrieves the ControlplaneV1beta2Client -func (c *Clientset) ControlplaneV1beta2() controlplanev1beta2.ControlplaneV1beta2Interface { - return &fakecontrolplanev1beta2.FakeControlplaneV1beta2{Fake: &c.Fake} -} - -// CoreV1alpha2 retrieves the CoreV1alpha2Client -func (c *Clientset) CoreV1alpha2() corev1alpha2.CoreV1alpha2Interface { - return &fakecorev1alpha2.FakeCoreV1alpha2{Fake: &c.Fake} -} - -// OpsV1alpha1 retrieves the OpsV1alpha1Client -func (c *Clientset) OpsV1alpha1() opsv1alpha1.OpsV1alpha1Interface { - return &fakeopsv1alpha1.FakeOpsV1alpha1{Fake: &c.Fake} -} - -// SecurityV1alpha1 retrieves the SecurityV1alpha1Client -func (c *Clientset) SecurityV1alpha1() securityv1alpha1.SecurityV1alpha1Interface { - return &fakesecurityv1alpha1.FakeSecurityV1alpha1{Fake: &c.Fake} -} - -// StatsV1alpha1 retrieves the StatsV1alpha1Client -func (c *Clientset) StatsV1alpha1() statsv1alpha1.StatsV1alpha1Interface { - return &fakestatsv1alpha1.FakeStatsV1alpha1{Fake: &c.Fake} -} - -// SystemV1beta1 retrieves the SystemV1beta1Client -func (c *Clientset) SystemV1beta1() systemv1beta1.SystemV1beta1Interface { - return &fakesystemv1beta1.FakeSystemV1beta1{Fake: &c.Fake} -} diff --git a/pkg/legacyclient/clientset/versioned/fake/doc.go b/pkg/legacyclient/clientset/versioned/fake/doc.go deleted file mode 100644 index 86d0cd17555..00000000000 --- a/pkg/legacyclient/clientset/versioned/fake/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated fake clientset. -package fake diff --git a/pkg/legacyclient/clientset/versioned/fake/register.go b/pkg/legacyclient/clientset/versioned/fake/register.go deleted file mode 100644 index bb69c2f8eea..00000000000 --- a/pkg/legacyclient/clientset/versioned/fake/register.go +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - clusterinformationv1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - controlplanev1beta2 "antrea.io/antrea/pkg/legacyapis/controlplane/v1beta2" - corev1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - opsv1alpha1 "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - securityv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - statsv1alpha1 "antrea.io/antrea/pkg/legacyapis/stats/v1alpha1" - systemv1beta1 "antrea.io/antrea/pkg/legacyapis/system/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var scheme = runtime.NewScheme() -var codecs = serializer.NewCodecFactory(scheme) - -var localSchemeBuilder = runtime.SchemeBuilder{ - clusterinformationv1beta1.AddToScheme, - controlplanev1beta2.AddToScheme, - corev1alpha2.AddToScheme, - opsv1alpha1.AddToScheme, - securityv1alpha1.AddToScheme, - statsv1alpha1.AddToScheme, - systemv1beta1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(scheme)) -} diff --git a/pkg/legacyclient/clientset/versioned/scheme/doc.go b/pkg/legacyclient/clientset/versioned/scheme/doc.go deleted file mode 100644 index 766321fd9cd..00000000000 --- a/pkg/legacyclient/clientset/versioned/scheme/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package contains the scheme of the automatically generated clientset. -package scheme diff --git a/pkg/legacyclient/clientset/versioned/scheme/register.go b/pkg/legacyclient/clientset/versioned/scheme/register.go deleted file mode 100644 index 028a7a5c2f7..00000000000 --- a/pkg/legacyclient/clientset/versioned/scheme/register.go +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package scheme - -import ( - clusterinformationv1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - controlplanev1beta2 "antrea.io/antrea/pkg/legacyapis/controlplane/v1beta2" - corev1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - opsv1alpha1 "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - securityv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - statsv1alpha1 "antrea.io/antrea/pkg/legacyapis/stats/v1alpha1" - systemv1beta1 "antrea.io/antrea/pkg/legacyapis/system/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - serializer "k8s.io/apimachinery/pkg/runtime/serializer" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" -) - -var Scheme = runtime.NewScheme() -var Codecs = serializer.NewCodecFactory(Scheme) -var ParameterCodec = runtime.NewParameterCodec(Scheme) -var localSchemeBuilder = runtime.SchemeBuilder{ - clusterinformationv1beta1.AddToScheme, - controlplanev1beta2.AddToScheme, - corev1alpha2.AddToScheme, - opsv1alpha1.AddToScheme, - securityv1alpha1.AddToScheme, - statsv1alpha1.AddToScheme, - systemv1beta1.AddToScheme, -} - -// AddToScheme adds all types of this clientset into the given scheme. This allows composition -// of clientsets, like in: -// -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) -// -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) -// -// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types -// correctly. -var AddToScheme = localSchemeBuilder.AddToScheme - -func init() { - v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) - utilruntime.Must(AddToScheme(Scheme)) -} diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go deleted file mode 100644 index 1abcc9c5a4b..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go +++ /dev/null @@ -1,166 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - "time" - - v1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - scheme "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// AntreaAgentInfosGetter has a method to return a AntreaAgentInfoInterface. -// A group's client should implement this interface. -type AntreaAgentInfosGetter interface { - AntreaAgentInfos() AntreaAgentInfoInterface -} - -// AntreaAgentInfoInterface has methods to work with AntreaAgentInfo resources. -type AntreaAgentInfoInterface interface { - Create(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.CreateOptions) (*v1beta1.AntreaAgentInfo, error) - Update(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.UpdateOptions) (*v1beta1.AntreaAgentInfo, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.AntreaAgentInfo, error) - List(ctx context.Context, opts v1.ListOptions) (*v1beta1.AntreaAgentInfoList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaAgentInfo, err error) - AntreaAgentInfoExpansion -} - -// antreaAgentInfos implements AntreaAgentInfoInterface -type antreaAgentInfos struct { - client rest.Interface -} - -// newAntreaAgentInfos returns a AntreaAgentInfos -func newAntreaAgentInfos(c *ClusterinformationV1beta1Client) *antreaAgentInfos { - return &antreaAgentInfos{ - client: c.RESTClient(), - } -} - -// Get takes name of the antreaAgentInfo, and returns the corresponding antreaAgentInfo object, and an error if there is any. -func (c *antreaAgentInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AntreaAgentInfo, err error) { - result = &v1beta1.AntreaAgentInfo{} - err = c.client.Get(). - Resource("antreaagentinfos"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of AntreaAgentInfos that match those selectors. -func (c *antreaAgentInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.AntreaAgentInfoList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1beta1.AntreaAgentInfoList{} - err = c.client.Get(). - Resource("antreaagentinfos"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested antreaAgentInfos. -func (c *antreaAgentInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("antreaagentinfos"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a antreaAgentInfo and creates it. Returns the server's representation of the antreaAgentInfo, and an error, if there is any. -func (c *antreaAgentInfos) Create(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.CreateOptions) (result *v1beta1.AntreaAgentInfo, err error) { - result = &v1beta1.AntreaAgentInfo{} - err = c.client.Post(). - Resource("antreaagentinfos"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(antreaAgentInfo). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a antreaAgentInfo and updates it. Returns the server's representation of the antreaAgentInfo, and an error, if there is any. -func (c *antreaAgentInfos) Update(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.UpdateOptions) (result *v1beta1.AntreaAgentInfo, err error) { - result = &v1beta1.AntreaAgentInfo{} - err = c.client.Put(). - Resource("antreaagentinfos"). - Name(antreaAgentInfo.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(antreaAgentInfo). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the antreaAgentInfo and deletes it. Returns an error if one occurs. -func (c *antreaAgentInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("antreaagentinfos"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *antreaAgentInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("antreaagentinfos"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched antreaAgentInfo. -func (c *antreaAgentInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaAgentInfo, err error) { - result = &v1beta1.AntreaAgentInfo{} - err = c.client.Patch(pt). - Resource("antreaagentinfos"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go deleted file mode 100644 index 84369963bde..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go +++ /dev/null @@ -1,166 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - "time" - - v1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - scheme "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// AntreaControllerInfosGetter has a method to return a AntreaControllerInfoInterface. -// A group's client should implement this interface. -type AntreaControllerInfosGetter interface { - AntreaControllerInfos() AntreaControllerInfoInterface -} - -// AntreaControllerInfoInterface has methods to work with AntreaControllerInfo resources. -type AntreaControllerInfoInterface interface { - Create(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.CreateOptions) (*v1beta1.AntreaControllerInfo, error) - Update(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.UpdateOptions) (*v1beta1.AntreaControllerInfo, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.AntreaControllerInfo, error) - List(ctx context.Context, opts v1.ListOptions) (*v1beta1.AntreaControllerInfoList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaControllerInfo, err error) - AntreaControllerInfoExpansion -} - -// antreaControllerInfos implements AntreaControllerInfoInterface -type antreaControllerInfos struct { - client rest.Interface -} - -// newAntreaControllerInfos returns a AntreaControllerInfos -func newAntreaControllerInfos(c *ClusterinformationV1beta1Client) *antreaControllerInfos { - return &antreaControllerInfos{ - client: c.RESTClient(), - } -} - -// Get takes name of the antreaControllerInfo, and returns the corresponding antreaControllerInfo object, and an error if there is any. -func (c *antreaControllerInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AntreaControllerInfo, err error) { - result = &v1beta1.AntreaControllerInfo{} - err = c.client.Get(). - Resource("antreacontrollerinfos"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of AntreaControllerInfos that match those selectors. -func (c *antreaControllerInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.AntreaControllerInfoList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1beta1.AntreaControllerInfoList{} - err = c.client.Get(). - Resource("antreacontrollerinfos"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested antreaControllerInfos. -func (c *antreaControllerInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("antreacontrollerinfos"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a antreaControllerInfo and creates it. Returns the server's representation of the antreaControllerInfo, and an error, if there is any. -func (c *antreaControllerInfos) Create(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.CreateOptions) (result *v1beta1.AntreaControllerInfo, err error) { - result = &v1beta1.AntreaControllerInfo{} - err = c.client.Post(). - Resource("antreacontrollerinfos"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(antreaControllerInfo). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a antreaControllerInfo and updates it. Returns the server's representation of the antreaControllerInfo, and an error, if there is any. -func (c *antreaControllerInfos) Update(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.UpdateOptions) (result *v1beta1.AntreaControllerInfo, err error) { - result = &v1beta1.AntreaControllerInfo{} - err = c.client.Put(). - Resource("antreacontrollerinfos"). - Name(antreaControllerInfo.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(antreaControllerInfo). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the antreaControllerInfo and deletes it. Returns an error if one occurs. -func (c *antreaControllerInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("antreacontrollerinfos"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *antreaControllerInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("antreacontrollerinfos"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched antreaControllerInfo. -func (c *antreaControllerInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaControllerInfo, err error) { - result = &v1beta1.AntreaControllerInfo{} - err = c.client.Patch(pt). - Resource("antreacontrollerinfos"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go deleted file mode 100644 index b0f1b49298e..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go +++ /dev/null @@ -1,92 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - v1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type ClusterinformationV1beta1Interface interface { - RESTClient() rest.Interface - AntreaAgentInfosGetter - AntreaControllerInfosGetter -} - -// ClusterinformationV1beta1Client is used to interact with features provided by the clusterinformation.antrea.tanzu.vmware.com group. -type ClusterinformationV1beta1Client struct { - restClient rest.Interface -} - -func (c *ClusterinformationV1beta1Client) AntreaAgentInfos() AntreaAgentInfoInterface { - return newAntreaAgentInfos(c) -} - -func (c *ClusterinformationV1beta1Client) AntreaControllerInfos() AntreaControllerInfoInterface { - return newAntreaControllerInfos(c) -} - -// NewForConfig creates a new ClusterinformationV1beta1Client for the given config. -func NewForConfig(c *rest.Config) (*ClusterinformationV1beta1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &ClusterinformationV1beta1Client{client}, nil -} - -// NewForConfigOrDie creates a new ClusterinformationV1beta1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *ClusterinformationV1beta1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new ClusterinformationV1beta1Client for the given RESTClient. -func New(c rest.Interface) *ClusterinformationV1beta1Client { - return &ClusterinformationV1beta1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1beta1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *ClusterinformationV1beta1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/doc.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/doc.go deleted file mode 100644 index c41ac51a831..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1beta1 diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go deleted file mode 100644 index 5807b680f75..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go deleted file mode 100644 index 8091aaf53de..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go +++ /dev/null @@ -1,120 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeAntreaAgentInfos implements AntreaAgentInfoInterface -type FakeAntreaAgentInfos struct { - Fake *FakeClusterinformationV1beta1 -} - -var antreaagentinfosResource = schema.GroupVersionResource{Group: "clusterinformation.antrea.tanzu.vmware.com", Version: "v1beta1", Resource: "antreaagentinfos"} - -var antreaagentinfosKind = schema.GroupVersionKind{Group: "clusterinformation.antrea.tanzu.vmware.com", Version: "v1beta1", Kind: "AntreaAgentInfo"} - -// Get takes name of the antreaAgentInfo, and returns the corresponding antreaAgentInfo object, and an error if there is any. -func (c *FakeAntreaAgentInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AntreaAgentInfo, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(antreaagentinfosResource, name), &v1beta1.AntreaAgentInfo{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.AntreaAgentInfo), err -} - -// List takes label and field selectors, and returns the list of AntreaAgentInfos that match those selectors. -func (c *FakeAntreaAgentInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.AntreaAgentInfoList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(antreaagentinfosResource, antreaagentinfosKind, opts), &v1beta1.AntreaAgentInfoList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1beta1.AntreaAgentInfoList{ListMeta: obj.(*v1beta1.AntreaAgentInfoList).ListMeta} - for _, item := range obj.(*v1beta1.AntreaAgentInfoList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested antreaAgentInfos. -func (c *FakeAntreaAgentInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(antreaagentinfosResource, opts)) -} - -// Create takes the representation of a antreaAgentInfo and creates it. Returns the server's representation of the antreaAgentInfo, and an error, if there is any. -func (c *FakeAntreaAgentInfos) Create(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.CreateOptions) (result *v1beta1.AntreaAgentInfo, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(antreaagentinfosResource, antreaAgentInfo), &v1beta1.AntreaAgentInfo{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.AntreaAgentInfo), err -} - -// Update takes the representation of a antreaAgentInfo and updates it. Returns the server's representation of the antreaAgentInfo, and an error, if there is any. -func (c *FakeAntreaAgentInfos) Update(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.UpdateOptions) (result *v1beta1.AntreaAgentInfo, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(antreaagentinfosResource, antreaAgentInfo), &v1beta1.AntreaAgentInfo{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.AntreaAgentInfo), err -} - -// Delete takes name of the antreaAgentInfo and deletes it. Returns an error if one occurs. -func (c *FakeAntreaAgentInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(antreaagentinfosResource, name), &v1beta1.AntreaAgentInfo{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeAntreaAgentInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(antreaagentinfosResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1beta1.AntreaAgentInfoList{}) - return err -} - -// Patch applies the patch and returns the patched antreaAgentInfo. -func (c *FakeAntreaAgentInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaAgentInfo, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(antreaagentinfosResource, name, pt, data, subresources...), &v1beta1.AntreaAgentInfo{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.AntreaAgentInfo), err -} diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go deleted file mode 100644 index fcb8bdb11e1..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go +++ /dev/null @@ -1,120 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeAntreaControllerInfos implements AntreaControllerInfoInterface -type FakeAntreaControllerInfos struct { - Fake *FakeClusterinformationV1beta1 -} - -var antreacontrollerinfosResource = schema.GroupVersionResource{Group: "clusterinformation.antrea.tanzu.vmware.com", Version: "v1beta1", Resource: "antreacontrollerinfos"} - -var antreacontrollerinfosKind = schema.GroupVersionKind{Group: "clusterinformation.antrea.tanzu.vmware.com", Version: "v1beta1", Kind: "AntreaControllerInfo"} - -// Get takes name of the antreaControllerInfo, and returns the corresponding antreaControllerInfo object, and an error if there is any. -func (c *FakeAntreaControllerInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AntreaControllerInfo, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(antreacontrollerinfosResource, name), &v1beta1.AntreaControllerInfo{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.AntreaControllerInfo), err -} - -// List takes label and field selectors, and returns the list of AntreaControllerInfos that match those selectors. -func (c *FakeAntreaControllerInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.AntreaControllerInfoList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(antreacontrollerinfosResource, antreacontrollerinfosKind, opts), &v1beta1.AntreaControllerInfoList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1beta1.AntreaControllerInfoList{ListMeta: obj.(*v1beta1.AntreaControllerInfoList).ListMeta} - for _, item := range obj.(*v1beta1.AntreaControllerInfoList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested antreaControllerInfos. -func (c *FakeAntreaControllerInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(antreacontrollerinfosResource, opts)) -} - -// Create takes the representation of a antreaControllerInfo and creates it. Returns the server's representation of the antreaControllerInfo, and an error, if there is any. -func (c *FakeAntreaControllerInfos) Create(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.CreateOptions) (result *v1beta1.AntreaControllerInfo, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(antreacontrollerinfosResource, antreaControllerInfo), &v1beta1.AntreaControllerInfo{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.AntreaControllerInfo), err -} - -// Update takes the representation of a antreaControllerInfo and updates it. Returns the server's representation of the antreaControllerInfo, and an error, if there is any. -func (c *FakeAntreaControllerInfos) Update(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.UpdateOptions) (result *v1beta1.AntreaControllerInfo, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(antreacontrollerinfosResource, antreaControllerInfo), &v1beta1.AntreaControllerInfo{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.AntreaControllerInfo), err -} - -// Delete takes name of the antreaControllerInfo and deletes it. Returns an error if one occurs. -func (c *FakeAntreaControllerInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(antreacontrollerinfosResource, name), &v1beta1.AntreaControllerInfo{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeAntreaControllerInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(antreacontrollerinfosResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1beta1.AntreaControllerInfoList{}) - return err -} - -// Patch applies the patch and returns the patched antreaControllerInfo. -func (c *FakeAntreaControllerInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaControllerInfo, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(antreacontrollerinfosResource, name, pt, data, subresources...), &v1beta1.AntreaControllerInfo{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.AntreaControllerInfo), err -} diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go deleted file mode 100644 index f9c541f42ce..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1beta1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeClusterinformationV1beta1 struct { - *testing.Fake -} - -func (c *FakeClusterinformationV1beta1) AntreaAgentInfos() v1beta1.AntreaAgentInfoInterface { - return &FakeAntreaAgentInfos{c} -} - -func (c *FakeClusterinformationV1beta1) AntreaControllerInfos() v1beta1.AntreaControllerInfoInterface { - return &FakeAntreaControllerInfos{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeClusterinformationV1beta1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go deleted file mode 100644 index 9e4c79f4934..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -type AntreaAgentInfoExpansion interface{} - -type AntreaControllerInfoExpansion interface{} diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go deleted file mode 100644 index 5d9772d3297..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go +++ /dev/null @@ -1,82 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta2 - -import ( - v1beta2 "antrea.io/antrea/pkg/legacyapis/controlplane/v1beta2" - "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type ControlplaneV1beta2Interface interface { - RESTClient() rest.Interface -} - -// ControlplaneV1beta2Client is used to interact with features provided by the controlplane.antrea.tanzu.vmware.com group. -type ControlplaneV1beta2Client struct { - restClient rest.Interface -} - -// NewForConfig creates a new ControlplaneV1beta2Client for the given config. -func NewForConfig(c *rest.Config) (*ControlplaneV1beta2Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &ControlplaneV1beta2Client{client}, nil -} - -// NewForConfigOrDie creates a new ControlplaneV1beta2Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *ControlplaneV1beta2Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new ControlplaneV1beta2Client for the given RESTClient. -func New(c rest.Interface) *ControlplaneV1beta2Client { - return &ControlplaneV1beta2Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1beta2.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *ControlplaneV1beta2Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/doc.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/doc.go deleted file mode 100644 index 09fba3d1c4d..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1beta2 diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go deleted file mode 100644 index 5807b680f75..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/fake_controlplane_client.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/fake_controlplane_client.go deleted file mode 100644 index 6731fe0c904..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/fake_controlplane_client.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeControlplaneV1beta2 struct { - *testing.Fake -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeControlplaneV1beta2) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/generated_expansion.go deleted file mode 100644 index 6291517f207..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/generated_expansion.go +++ /dev/null @@ -1,17 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta2 diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/clustergroup.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/clustergroup.go deleted file mode 100644 index 7cc9f4a81ec..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/clustergroup.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - "time" - - v1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - scheme "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ClusterGroupsGetter has a method to return a ClusterGroupInterface. -// A group's client should implement this interface. -type ClusterGroupsGetter interface { - ClusterGroups() ClusterGroupInterface -} - -// ClusterGroupInterface has methods to work with ClusterGroup resources. -type ClusterGroupInterface interface { - Create(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.CreateOptions) (*v1alpha2.ClusterGroup, error) - Update(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (*v1alpha2.ClusterGroup, error) - UpdateStatus(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (*v1alpha2.ClusterGroup, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.ClusterGroup, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.ClusterGroupList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ClusterGroup, err error) - ClusterGroupExpansion -} - -// clusterGroups implements ClusterGroupInterface -type clusterGroups struct { - client rest.Interface -} - -// newClusterGroups returns a ClusterGroups -func newClusterGroups(c *CoreV1alpha2Client) *clusterGroups { - return &clusterGroups{ - client: c.RESTClient(), - } -} - -// Get takes name of the clusterGroup, and returns the corresponding clusterGroup object, and an error if there is any. -func (c *clusterGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ClusterGroup, err error) { - result = &v1alpha2.ClusterGroup{} - err = c.client.Get(). - Resource("clustergroups"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ClusterGroups that match those selectors. -func (c *clusterGroups) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ClusterGroupList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha2.ClusterGroupList{} - err = c.client.Get(). - Resource("clustergroups"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested clusterGroups. -func (c *clusterGroups) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("clustergroups"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a clusterGroup and creates it. Returns the server's representation of the clusterGroup, and an error, if there is any. -func (c *clusterGroups) Create(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.CreateOptions) (result *v1alpha2.ClusterGroup, err error) { - result = &v1alpha2.ClusterGroup{} - err = c.client.Post(). - Resource("clustergroups"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterGroup). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a clusterGroup and updates it. Returns the server's representation of the clusterGroup, and an error, if there is any. -func (c *clusterGroups) Update(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (result *v1alpha2.ClusterGroup, err error) { - result = &v1alpha2.ClusterGroup{} - err = c.client.Put(). - Resource("clustergroups"). - Name(clusterGroup.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterGroup). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *clusterGroups) UpdateStatus(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (result *v1alpha2.ClusterGroup, err error) { - result = &v1alpha2.ClusterGroup{} - err = c.client.Put(). - Resource("clustergroups"). - Name(clusterGroup.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterGroup). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the clusterGroup and deletes it. Returns an error if one occurs. -func (c *clusterGroups) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("clustergroups"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *clusterGroups) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("clustergroups"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched clusterGroup. -func (c *clusterGroups) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ClusterGroup, err error) { - result = &v1alpha2.ClusterGroup{} - err = c.client.Patch(pt). - Resource("clustergroups"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/core_client.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/core_client.go deleted file mode 100644 index 7ff67ceaf0c..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/core_client.go +++ /dev/null @@ -1,92 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - v1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type CoreV1alpha2Interface interface { - RESTClient() rest.Interface - ClusterGroupsGetter - ExternalEntitiesGetter -} - -// CoreV1alpha2Client is used to interact with features provided by the core.antrea.tanzu.vmware.com group. -type CoreV1alpha2Client struct { - restClient rest.Interface -} - -func (c *CoreV1alpha2Client) ClusterGroups() ClusterGroupInterface { - return newClusterGroups(c) -} - -func (c *CoreV1alpha2Client) ExternalEntities(namespace string) ExternalEntityInterface { - return newExternalEntities(c, namespace) -} - -// NewForConfig creates a new CoreV1alpha2Client for the given config. -func NewForConfig(c *rest.Config) (*CoreV1alpha2Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &CoreV1alpha2Client{client}, nil -} - -// NewForConfigOrDie creates a new CoreV1alpha2Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *CoreV1alpha2Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new CoreV1alpha2Client for the given RESTClient. -func New(c rest.Interface) *CoreV1alpha2Client { - return &CoreV1alpha2Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha2.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *CoreV1alpha2Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/doc.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/doc.go deleted file mode 100644 index bf83a89a24f..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha2 diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/externalentity.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/externalentity.go deleted file mode 100644 index dfcc067eb83..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/externalentity.go +++ /dev/null @@ -1,176 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - "time" - - v1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - scheme "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ExternalEntitiesGetter has a method to return a ExternalEntityInterface. -// A group's client should implement this interface. -type ExternalEntitiesGetter interface { - ExternalEntities(namespace string) ExternalEntityInterface -} - -// ExternalEntityInterface has methods to work with ExternalEntity resources. -type ExternalEntityInterface interface { - Create(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.CreateOptions) (*v1alpha2.ExternalEntity, error) - Update(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.UpdateOptions) (*v1alpha2.ExternalEntity, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.ExternalEntity, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.ExternalEntityList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ExternalEntity, err error) - ExternalEntityExpansion -} - -// externalEntities implements ExternalEntityInterface -type externalEntities struct { - client rest.Interface - ns string -} - -// newExternalEntities returns a ExternalEntities -func newExternalEntities(c *CoreV1alpha2Client, namespace string) *externalEntities { - return &externalEntities{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the externalEntity, and returns the corresponding externalEntity object, and an error if there is any. -func (c *externalEntities) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ExternalEntity, err error) { - result = &v1alpha2.ExternalEntity{} - err = c.client.Get(). - Namespace(c.ns). - Resource("externalentities"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ExternalEntities that match those selectors. -func (c *externalEntities) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ExternalEntityList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha2.ExternalEntityList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("externalentities"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested externalEntities. -func (c *externalEntities) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("externalentities"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a externalEntity and creates it. Returns the server's representation of the externalEntity, and an error, if there is any. -func (c *externalEntities) Create(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.CreateOptions) (result *v1alpha2.ExternalEntity, err error) { - result = &v1alpha2.ExternalEntity{} - err = c.client.Post(). - Namespace(c.ns). - Resource("externalentities"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(externalEntity). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a externalEntity and updates it. Returns the server's representation of the externalEntity, and an error, if there is any. -func (c *externalEntities) Update(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.UpdateOptions) (result *v1alpha2.ExternalEntity, err error) { - result = &v1alpha2.ExternalEntity{} - err = c.client.Put(). - Namespace(c.ns). - Resource("externalentities"). - Name(externalEntity.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(externalEntity). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the externalEntity and deletes it. Returns an error if one occurs. -func (c *externalEntities) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("externalentities"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *externalEntities) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("externalentities"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched externalEntity. -func (c *externalEntities) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ExternalEntity, err error) { - result = &v1alpha2.ExternalEntity{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("externalentities"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/doc.go deleted file mode 100644 index 5807b680f75..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go deleted file mode 100644 index ef475480325..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go +++ /dev/null @@ -1,131 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeClusterGroups implements ClusterGroupInterface -type FakeClusterGroups struct { - Fake *FakeCoreV1alpha2 -} - -var clustergroupsResource = schema.GroupVersionResource{Group: "core.antrea.tanzu.vmware.com", Version: "v1alpha2", Resource: "clustergroups"} - -var clustergroupsKind = schema.GroupVersionKind{Group: "core.antrea.tanzu.vmware.com", Version: "v1alpha2", Kind: "ClusterGroup"} - -// Get takes name of the clusterGroup, and returns the corresponding clusterGroup object, and an error if there is any. -func (c *FakeClusterGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ClusterGroup, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(clustergroupsResource, name), &v1alpha2.ClusterGroup{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterGroup), err -} - -// List takes label and field selectors, and returns the list of ClusterGroups that match those selectors. -func (c *FakeClusterGroups) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ClusterGroupList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(clustergroupsResource, clustergroupsKind, opts), &v1alpha2.ClusterGroupList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha2.ClusterGroupList{ListMeta: obj.(*v1alpha2.ClusterGroupList).ListMeta} - for _, item := range obj.(*v1alpha2.ClusterGroupList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested clusterGroups. -func (c *FakeClusterGroups) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(clustergroupsResource, opts)) -} - -// Create takes the representation of a clusterGroup and creates it. Returns the server's representation of the clusterGroup, and an error, if there is any. -func (c *FakeClusterGroups) Create(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.CreateOptions) (result *v1alpha2.ClusterGroup, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(clustergroupsResource, clusterGroup), &v1alpha2.ClusterGroup{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterGroup), err -} - -// Update takes the representation of a clusterGroup and updates it. Returns the server's representation of the clusterGroup, and an error, if there is any. -func (c *FakeClusterGroups) Update(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (result *v1alpha2.ClusterGroup, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(clustergroupsResource, clusterGroup), &v1alpha2.ClusterGroup{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterGroup), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeClusterGroups) UpdateStatus(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (*v1alpha2.ClusterGroup, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(clustergroupsResource, "status", clusterGroup), &v1alpha2.ClusterGroup{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterGroup), err -} - -// Delete takes name of the clusterGroup and deletes it. Returns an error if one occurs. -func (c *FakeClusterGroups) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(clustergroupsResource, name), &v1alpha2.ClusterGroup{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeClusterGroups) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(clustergroupsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha2.ClusterGroupList{}) - return err -} - -// Patch applies the patch and returns the patched clusterGroup. -func (c *FakeClusterGroups) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ClusterGroup, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(clustergroupsResource, name, pt, data, subresources...), &v1alpha2.ClusterGroup{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterGroup), err -} diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go deleted file mode 100644 index 09f11f40e8d..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha2 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeCoreV1alpha2 struct { - *testing.Fake -} - -func (c *FakeCoreV1alpha2) ClusterGroups() v1alpha2.ClusterGroupInterface { - return &FakeClusterGroups{c} -} - -func (c *FakeCoreV1alpha2) ExternalEntities(namespace string) v1alpha2.ExternalEntityInterface { - return &FakeExternalEntities{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeCoreV1alpha2) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go deleted file mode 100644 index c2f6b9caa8a..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeExternalEntities implements ExternalEntityInterface -type FakeExternalEntities struct { - Fake *FakeCoreV1alpha2 - ns string -} - -var externalentitiesResource = schema.GroupVersionResource{Group: "core.antrea.tanzu.vmware.com", Version: "v1alpha2", Resource: "externalentities"} - -var externalentitiesKind = schema.GroupVersionKind{Group: "core.antrea.tanzu.vmware.com", Version: "v1alpha2", Kind: "ExternalEntity"} - -// Get takes name of the externalEntity, and returns the corresponding externalEntity object, and an error if there is any. -func (c *FakeExternalEntities) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ExternalEntity, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(externalentitiesResource, c.ns, name), &v1alpha2.ExternalEntity{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ExternalEntity), err -} - -// List takes label and field selectors, and returns the list of ExternalEntities that match those selectors. -func (c *FakeExternalEntities) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ExternalEntityList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(externalentitiesResource, externalentitiesKind, c.ns, opts), &v1alpha2.ExternalEntityList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha2.ExternalEntityList{ListMeta: obj.(*v1alpha2.ExternalEntityList).ListMeta} - for _, item := range obj.(*v1alpha2.ExternalEntityList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested externalEntities. -func (c *FakeExternalEntities) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(externalentitiesResource, c.ns, opts)) - -} - -// Create takes the representation of a externalEntity and creates it. Returns the server's representation of the externalEntity, and an error, if there is any. -func (c *FakeExternalEntities) Create(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.CreateOptions) (result *v1alpha2.ExternalEntity, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(externalentitiesResource, c.ns, externalEntity), &v1alpha2.ExternalEntity{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ExternalEntity), err -} - -// Update takes the representation of a externalEntity and updates it. Returns the server's representation of the externalEntity, and an error, if there is any. -func (c *FakeExternalEntities) Update(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.UpdateOptions) (result *v1alpha2.ExternalEntity, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(externalentitiesResource, c.ns, externalEntity), &v1alpha2.ExternalEntity{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ExternalEntity), err -} - -// Delete takes name of the externalEntity and deletes it. Returns an error if one occurs. -func (c *FakeExternalEntities) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(externalentitiesResource, c.ns, name), &v1alpha2.ExternalEntity{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeExternalEntities) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(externalentitiesResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha2.ExternalEntityList{}) - return err -} - -// Patch applies the patch and returns the patched externalEntity. -func (c *FakeExternalEntities) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ExternalEntity, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(externalentitiesResource, c.ns, name, pt, data, subresources...), &v1alpha2.ExternalEntity{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ExternalEntity), err -} diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/generated_expansion.go deleted file mode 100644 index 94393e2df12..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/generated_expansion.go +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -type ClusterGroupExpansion interface{} - -type ExternalEntityExpansion interface{} diff --git a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/doc.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/doc.go deleted file mode 100644 index a66b4592246..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/doc.go deleted file mode 100644 index 5807b680f75..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go deleted file mode 100644 index 1874e5e72ed..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeOpsV1alpha1 struct { - *testing.Fake -} - -func (c *FakeOpsV1alpha1) Traceflows() v1alpha1.TraceflowInterface { - return &FakeTraceflows{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeOpsV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go deleted file mode 100644 index 7f5948a3af6..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go +++ /dev/null @@ -1,131 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeTraceflows implements TraceflowInterface -type FakeTraceflows struct { - Fake *FakeOpsV1alpha1 -} - -var traceflowsResource = schema.GroupVersionResource{Group: "ops.antrea.tanzu.vmware.com", Version: "v1alpha1", Resource: "traceflows"} - -var traceflowsKind = schema.GroupVersionKind{Group: "ops.antrea.tanzu.vmware.com", Version: "v1alpha1", Kind: "Traceflow"} - -// Get takes name of the traceflow, and returns the corresponding traceflow object, and an error if there is any. -func (c *FakeTraceflows) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Traceflow, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(traceflowsResource, name), &v1alpha1.Traceflow{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.Traceflow), err -} - -// List takes label and field selectors, and returns the list of Traceflows that match those selectors. -func (c *FakeTraceflows) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.TraceflowList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(traceflowsResource, traceflowsKind, opts), &v1alpha1.TraceflowList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.TraceflowList{ListMeta: obj.(*v1alpha1.TraceflowList).ListMeta} - for _, item := range obj.(*v1alpha1.TraceflowList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested traceflows. -func (c *FakeTraceflows) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(traceflowsResource, opts)) -} - -// Create takes the representation of a traceflow and creates it. Returns the server's representation of the traceflow, and an error, if there is any. -func (c *FakeTraceflows) Create(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.CreateOptions) (result *v1alpha1.Traceflow, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(traceflowsResource, traceflow), &v1alpha1.Traceflow{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.Traceflow), err -} - -// Update takes the representation of a traceflow and updates it. Returns the server's representation of the traceflow, and an error, if there is any. -func (c *FakeTraceflows) Update(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (result *v1alpha1.Traceflow, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(traceflowsResource, traceflow), &v1alpha1.Traceflow{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.Traceflow), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeTraceflows) UpdateStatus(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (*v1alpha1.Traceflow, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(traceflowsResource, "status", traceflow), &v1alpha1.Traceflow{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.Traceflow), err -} - -// Delete takes name of the traceflow and deletes it. Returns an error if one occurs. -func (c *FakeTraceflows) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(traceflowsResource, name), &v1alpha1.Traceflow{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeTraceflows) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(traceflowsResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.TraceflowList{}) - return err -} - -// Patch applies the patch and returns the patched traceflow. -func (c *FakeTraceflows) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Traceflow, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(traceflowsResource, name, pt, data, subresources...), &v1alpha1.Traceflow{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.Traceflow), err -} diff --git a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go deleted file mode 100644 index 5bc3edb3082..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type TraceflowExpansion interface{} diff --git a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/ops_client.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/ops_client.go deleted file mode 100644 index 02c71efa4eb..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/ops_client.go +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type OpsV1alpha1Interface interface { - RESTClient() rest.Interface - TraceflowsGetter -} - -// OpsV1alpha1Client is used to interact with features provided by the ops.antrea.tanzu.vmware.com group. -type OpsV1alpha1Client struct { - restClient rest.Interface -} - -func (c *OpsV1alpha1Client) Traceflows() TraceflowInterface { - return newTraceflows(c) -} - -// NewForConfig creates a new OpsV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*OpsV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &OpsV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new OpsV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *OpsV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new OpsV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *OpsV1alpha1Client { - return &OpsV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *OpsV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/traceflow.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/traceflow.go deleted file mode 100644 index bb801a3abb4..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/traceflow.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - scheme "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// TraceflowsGetter has a method to return a TraceflowInterface. -// A group's client should implement this interface. -type TraceflowsGetter interface { - Traceflows() TraceflowInterface -} - -// TraceflowInterface has methods to work with Traceflow resources. -type TraceflowInterface interface { - Create(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.CreateOptions) (*v1alpha1.Traceflow, error) - Update(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (*v1alpha1.Traceflow, error) - UpdateStatus(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (*v1alpha1.Traceflow, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.Traceflow, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.TraceflowList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Traceflow, err error) - TraceflowExpansion -} - -// traceflows implements TraceflowInterface -type traceflows struct { - client rest.Interface -} - -// newTraceflows returns a Traceflows -func newTraceflows(c *OpsV1alpha1Client) *traceflows { - return &traceflows{ - client: c.RESTClient(), - } -} - -// Get takes name of the traceflow, and returns the corresponding traceflow object, and an error if there is any. -func (c *traceflows) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Traceflow, err error) { - result = &v1alpha1.Traceflow{} - err = c.client.Get(). - Resource("traceflows"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Traceflows that match those selectors. -func (c *traceflows) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.TraceflowList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.TraceflowList{} - err = c.client.Get(). - Resource("traceflows"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested traceflows. -func (c *traceflows) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("traceflows"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a traceflow and creates it. Returns the server's representation of the traceflow, and an error, if there is any. -func (c *traceflows) Create(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.CreateOptions) (result *v1alpha1.Traceflow, err error) { - result = &v1alpha1.Traceflow{} - err = c.client.Post(). - Resource("traceflows"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(traceflow). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a traceflow and updates it. Returns the server's representation of the traceflow, and an error, if there is any. -func (c *traceflows) Update(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (result *v1alpha1.Traceflow, err error) { - result = &v1alpha1.Traceflow{} - err = c.client.Put(). - Resource("traceflows"). - Name(traceflow.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(traceflow). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *traceflows) UpdateStatus(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (result *v1alpha1.Traceflow, err error) { - result = &v1alpha1.Traceflow{} - err = c.client.Put(). - Resource("traceflows"). - Name(traceflow.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(traceflow). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the traceflow and deletes it. Returns an error if one occurs. -func (c *traceflows) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("traceflows"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *traceflows) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("traceflows"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched traceflow. -func (c *traceflows) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Traceflow, err error) { - result = &v1alpha1.Traceflow{} - err = c.client.Patch(pt). - Resource("traceflows"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go deleted file mode 100644 index 7eb9160139d..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go +++ /dev/null @@ -1,182 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - scheme "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ClusterNetworkPoliciesGetter has a method to return a ClusterNetworkPolicyInterface. -// A group's client should implement this interface. -type ClusterNetworkPoliciesGetter interface { - ClusterNetworkPolicies() ClusterNetworkPolicyInterface -} - -// ClusterNetworkPolicyInterface has methods to work with ClusterNetworkPolicy resources. -type ClusterNetworkPolicyInterface interface { - Create(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.CreateOptions) (*v1alpha1.ClusterNetworkPolicy, error) - Update(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.ClusterNetworkPolicy, error) - UpdateStatus(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.ClusterNetworkPolicy, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ClusterNetworkPolicy, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ClusterNetworkPolicyList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterNetworkPolicy, err error) - ClusterNetworkPolicyExpansion -} - -// clusterNetworkPolicies implements ClusterNetworkPolicyInterface -type clusterNetworkPolicies struct { - client rest.Interface -} - -// newClusterNetworkPolicies returns a ClusterNetworkPolicies -func newClusterNetworkPolicies(c *SecurityV1alpha1Client) *clusterNetworkPolicies { - return &clusterNetworkPolicies{ - client: c.RESTClient(), - } -} - -// Get takes name of the clusterNetworkPolicy, and returns the corresponding clusterNetworkPolicy object, and an error if there is any. -func (c *clusterNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { - result = &v1alpha1.ClusterNetworkPolicy{} - err = c.client.Get(). - Resource("clusternetworkpolicies"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ClusterNetworkPolicies that match those selectors. -func (c *clusterNetworkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterNetworkPolicyList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.ClusterNetworkPolicyList{} - err = c.client.Get(). - Resource("clusternetworkpolicies"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested clusterNetworkPolicies. -func (c *clusterNetworkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("clusternetworkpolicies"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a clusterNetworkPolicy and creates it. Returns the server's representation of the clusterNetworkPolicy, and an error, if there is any. -func (c *clusterNetworkPolicies) Create(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { - result = &v1alpha1.ClusterNetworkPolicy{} - err = c.client.Post(). - Resource("clusternetworkpolicies"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterNetworkPolicy). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a clusterNetworkPolicy and updates it. Returns the server's representation of the clusterNetworkPolicy, and an error, if there is any. -func (c *clusterNetworkPolicies) Update(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { - result = &v1alpha1.ClusterNetworkPolicy{} - err = c.client.Put(). - Resource("clusternetworkpolicies"). - Name(clusterNetworkPolicy.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterNetworkPolicy). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *clusterNetworkPolicies) UpdateStatus(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { - result = &v1alpha1.ClusterNetworkPolicy{} - err = c.client.Put(). - Resource("clusternetworkpolicies"). - Name(clusterNetworkPolicy.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterNetworkPolicy). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the clusterNetworkPolicy and deletes it. Returns an error if one occurs. -func (c *clusterNetworkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("clusternetworkpolicies"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *clusterNetworkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("clusternetworkpolicies"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched clusterNetworkPolicy. -func (c *clusterNetworkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterNetworkPolicy, err error) { - result = &v1alpha1.ClusterNetworkPolicy{} - err = c.client.Patch(pt). - Resource("clusternetworkpolicies"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/doc.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/doc.go deleted file mode 100644 index a66b4592246..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/doc.go deleted file mode 100644 index 5807b680f75..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go deleted file mode 100644 index 9cf29c8232c..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go +++ /dev/null @@ -1,131 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeClusterNetworkPolicies implements ClusterNetworkPolicyInterface -type FakeClusterNetworkPolicies struct { - Fake *FakeSecurityV1alpha1 -} - -var clusternetworkpoliciesResource = schema.GroupVersionResource{Group: "security.antrea.tanzu.vmware.com", Version: "v1alpha1", Resource: "clusternetworkpolicies"} - -var clusternetworkpoliciesKind = schema.GroupVersionKind{Group: "security.antrea.tanzu.vmware.com", Version: "v1alpha1", Kind: "ClusterNetworkPolicy"} - -// Get takes name of the clusterNetworkPolicy, and returns the corresponding clusterNetworkPolicy object, and an error if there is any. -func (c *FakeClusterNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(clusternetworkpoliciesResource, name), &v1alpha1.ClusterNetworkPolicy{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ClusterNetworkPolicy), err -} - -// List takes label and field selectors, and returns the list of ClusterNetworkPolicies that match those selectors. -func (c *FakeClusterNetworkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterNetworkPolicyList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(clusternetworkpoliciesResource, clusternetworkpoliciesKind, opts), &v1alpha1.ClusterNetworkPolicyList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.ClusterNetworkPolicyList{ListMeta: obj.(*v1alpha1.ClusterNetworkPolicyList).ListMeta} - for _, item := range obj.(*v1alpha1.ClusterNetworkPolicyList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested clusterNetworkPolicies. -func (c *FakeClusterNetworkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(clusternetworkpoliciesResource, opts)) -} - -// Create takes the representation of a clusterNetworkPolicy and creates it. Returns the server's representation of the clusterNetworkPolicy, and an error, if there is any. -func (c *FakeClusterNetworkPolicies) Create(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(clusternetworkpoliciesResource, clusterNetworkPolicy), &v1alpha1.ClusterNetworkPolicy{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ClusterNetworkPolicy), err -} - -// Update takes the representation of a clusterNetworkPolicy and updates it. Returns the server's representation of the clusterNetworkPolicy, and an error, if there is any. -func (c *FakeClusterNetworkPolicies) Update(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(clusternetworkpoliciesResource, clusterNetworkPolicy), &v1alpha1.ClusterNetworkPolicy{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ClusterNetworkPolicy), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeClusterNetworkPolicies) UpdateStatus(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.ClusterNetworkPolicy, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(clusternetworkpoliciesResource, "status", clusterNetworkPolicy), &v1alpha1.ClusterNetworkPolicy{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ClusterNetworkPolicy), err -} - -// Delete takes name of the clusterNetworkPolicy and deletes it. Returns an error if one occurs. -func (c *FakeClusterNetworkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(clusternetworkpoliciesResource, name), &v1alpha1.ClusterNetworkPolicy{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeClusterNetworkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(clusternetworkpoliciesResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.ClusterNetworkPolicyList{}) - return err -} - -// Patch applies the patch and returns the patched clusterNetworkPolicy. -func (c *FakeClusterNetworkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterNetworkPolicy, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(clusternetworkpoliciesResource, name, pt, data, subresources...), &v1alpha1.ClusterNetworkPolicy{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.ClusterNetworkPolicy), err -} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go deleted file mode 100644 index 2c83cb1d6c4..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go +++ /dev/null @@ -1,140 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeNetworkPolicies implements NetworkPolicyInterface -type FakeNetworkPolicies struct { - Fake *FakeSecurityV1alpha1 - ns string -} - -var networkpoliciesResource = schema.GroupVersionResource{Group: "security.antrea.tanzu.vmware.com", Version: "v1alpha1", Resource: "networkpolicies"} - -var networkpoliciesKind = schema.GroupVersionKind{Group: "security.antrea.tanzu.vmware.com", Version: "v1alpha1", Kind: "NetworkPolicy"} - -// Get takes name of the networkPolicy, and returns the corresponding networkPolicy object, and an error if there is any. -func (c *FakeNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.NetworkPolicy, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(networkpoliciesResource, c.ns, name), &v1alpha1.NetworkPolicy{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.NetworkPolicy), err -} - -// List takes label and field selectors, and returns the list of NetworkPolicies that match those selectors. -func (c *FakeNetworkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.NetworkPolicyList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(networkpoliciesResource, networkpoliciesKind, c.ns, opts), &v1alpha1.NetworkPolicyList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.NetworkPolicyList{ListMeta: obj.(*v1alpha1.NetworkPolicyList).ListMeta} - for _, item := range obj.(*v1alpha1.NetworkPolicyList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested networkPolicies. -func (c *FakeNetworkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(networkpoliciesResource, c.ns, opts)) - -} - -// Create takes the representation of a networkPolicy and creates it. Returns the server's representation of the networkPolicy, and an error, if there is any. -func (c *FakeNetworkPolicies) Create(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.NetworkPolicy, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(networkpoliciesResource, c.ns, networkPolicy), &v1alpha1.NetworkPolicy{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.NetworkPolicy), err -} - -// Update takes the representation of a networkPolicy and updates it. Returns the server's representation of the networkPolicy, and an error, if there is any. -func (c *FakeNetworkPolicies) Update(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.NetworkPolicy, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(networkpoliciesResource, c.ns, networkPolicy), &v1alpha1.NetworkPolicy{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.NetworkPolicy), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeNetworkPolicies) UpdateStatus(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.NetworkPolicy, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(networkpoliciesResource, "status", c.ns, networkPolicy), &v1alpha1.NetworkPolicy{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.NetworkPolicy), err -} - -// Delete takes name of the networkPolicy and deletes it. Returns an error if one occurs. -func (c *FakeNetworkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(networkpoliciesResource, c.ns, name), &v1alpha1.NetworkPolicy{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeNetworkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(networkpoliciesResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.NetworkPolicyList{}) - return err -} - -// Patch applies the patch and returns the patched networkPolicy. -func (c *FakeNetworkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.NetworkPolicy, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(networkpoliciesResource, c.ns, name, pt, data, subresources...), &v1alpha1.NetworkPolicy{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.NetworkPolicy), err -} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go deleted file mode 100644 index 0e29ec14419..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go +++ /dev/null @@ -1,46 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha1 "antrea.io/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeSecurityV1alpha1 struct { - *testing.Fake -} - -func (c *FakeSecurityV1alpha1) ClusterNetworkPolicies() v1alpha1.ClusterNetworkPolicyInterface { - return &FakeClusterNetworkPolicies{c} -} - -func (c *FakeSecurityV1alpha1) NetworkPolicies(namespace string) v1alpha1.NetworkPolicyInterface { - return &FakeNetworkPolicies{c, namespace} -} - -func (c *FakeSecurityV1alpha1) Tiers() v1alpha1.TierInterface { - return &FakeTiers{c} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeSecurityV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go deleted file mode 100644 index dbbb459fed6..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go +++ /dev/null @@ -1,120 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeTiers implements TierInterface -type FakeTiers struct { - Fake *FakeSecurityV1alpha1 -} - -var tiersResource = schema.GroupVersionResource{Group: "security.antrea.tanzu.vmware.com", Version: "v1alpha1", Resource: "tiers"} - -var tiersKind = schema.GroupVersionKind{Group: "security.antrea.tanzu.vmware.com", Version: "v1alpha1", Kind: "Tier"} - -// Get takes name of the tier, and returns the corresponding tier object, and an error if there is any. -func (c *FakeTiers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Tier, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(tiersResource, name), &v1alpha1.Tier{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.Tier), err -} - -// List takes label and field selectors, and returns the list of Tiers that match those selectors. -func (c *FakeTiers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.TierList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(tiersResource, tiersKind, opts), &v1alpha1.TierList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha1.TierList{ListMeta: obj.(*v1alpha1.TierList).ListMeta} - for _, item := range obj.(*v1alpha1.TierList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested tiers. -func (c *FakeTiers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(tiersResource, opts)) -} - -// Create takes the representation of a tier and creates it. Returns the server's representation of the tier, and an error, if there is any. -func (c *FakeTiers) Create(ctx context.Context, tier *v1alpha1.Tier, opts v1.CreateOptions) (result *v1alpha1.Tier, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(tiersResource, tier), &v1alpha1.Tier{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.Tier), err -} - -// Update takes the representation of a tier and updates it. Returns the server's representation of the tier, and an error, if there is any. -func (c *FakeTiers) Update(ctx context.Context, tier *v1alpha1.Tier, opts v1.UpdateOptions) (result *v1alpha1.Tier, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(tiersResource, tier), &v1alpha1.Tier{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.Tier), err -} - -// Delete takes name of the tier and deletes it. Returns an error if one occurs. -func (c *FakeTiers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(tiersResource, name), &v1alpha1.Tier{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeTiers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(tiersResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha1.TierList{}) - return err -} - -// Patch applies the patch and returns the patched tier. -func (c *FakeTiers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Tier, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(tiersResource, name, pt, data, subresources...), &v1alpha1.Tier{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha1.Tier), err -} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/generated_expansion.go deleted file mode 100644 index e9e9e192e83..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,23 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -type ClusterNetworkPolicyExpansion interface{} - -type NetworkPolicyExpansion interface{} - -type TierExpansion interface{} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/networkpolicy.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/networkpolicy.go deleted file mode 100644 index d8a3c191c9b..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/networkpolicy.go +++ /dev/null @@ -1,193 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - scheme "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// NetworkPoliciesGetter has a method to return a NetworkPolicyInterface. -// A group's client should implement this interface. -type NetworkPoliciesGetter interface { - NetworkPolicies(namespace string) NetworkPolicyInterface -} - -// NetworkPolicyInterface has methods to work with NetworkPolicy resources. -type NetworkPolicyInterface interface { - Create(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.CreateOptions) (*v1alpha1.NetworkPolicy, error) - Update(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.NetworkPolicy, error) - UpdateStatus(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.NetworkPolicy, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.NetworkPolicy, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.NetworkPolicyList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.NetworkPolicy, err error) - NetworkPolicyExpansion -} - -// networkPolicies implements NetworkPolicyInterface -type networkPolicies struct { - client rest.Interface - ns string -} - -// newNetworkPolicies returns a NetworkPolicies -func newNetworkPolicies(c *SecurityV1alpha1Client, namespace string) *networkPolicies { - return &networkPolicies{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the networkPolicy, and returns the corresponding networkPolicy object, and an error if there is any. -func (c *networkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.NetworkPolicy, err error) { - result = &v1alpha1.NetworkPolicy{} - err = c.client.Get(). - Namespace(c.ns). - Resource("networkpolicies"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of NetworkPolicies that match those selectors. -func (c *networkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.NetworkPolicyList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.NetworkPolicyList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("networkpolicies"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested networkPolicies. -func (c *networkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("networkpolicies"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a networkPolicy and creates it. Returns the server's representation of the networkPolicy, and an error, if there is any. -func (c *networkPolicies) Create(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.NetworkPolicy, err error) { - result = &v1alpha1.NetworkPolicy{} - err = c.client.Post(). - Namespace(c.ns). - Resource("networkpolicies"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(networkPolicy). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a networkPolicy and updates it. Returns the server's representation of the networkPolicy, and an error, if there is any. -func (c *networkPolicies) Update(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.NetworkPolicy, err error) { - result = &v1alpha1.NetworkPolicy{} - err = c.client.Put(). - Namespace(c.ns). - Resource("networkpolicies"). - Name(networkPolicy.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(networkPolicy). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *networkPolicies) UpdateStatus(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.NetworkPolicy, err error) { - result = &v1alpha1.NetworkPolicy{} - err = c.client.Put(). - Namespace(c.ns). - Resource("networkpolicies"). - Name(networkPolicy.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(networkPolicy). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the networkPolicy and deletes it. Returns an error if one occurs. -func (c *networkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("networkpolicies"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *networkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("networkpolicies"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched networkPolicy. -func (c *networkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.NetworkPolicy, err error) { - result = &v1alpha1.NetworkPolicy{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("networkpolicies"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/security_client.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/security_client.go deleted file mode 100644 index dcbbaa2d00c..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/security_client.go +++ /dev/null @@ -1,97 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type SecurityV1alpha1Interface interface { - RESTClient() rest.Interface - ClusterNetworkPoliciesGetter - NetworkPoliciesGetter - TiersGetter -} - -// SecurityV1alpha1Client is used to interact with features provided by the security.antrea.tanzu.vmware.com group. -type SecurityV1alpha1Client struct { - restClient rest.Interface -} - -func (c *SecurityV1alpha1Client) ClusterNetworkPolicies() ClusterNetworkPolicyInterface { - return newClusterNetworkPolicies(c) -} - -func (c *SecurityV1alpha1Client) NetworkPolicies(namespace string) NetworkPolicyInterface { - return newNetworkPolicies(c, namespace) -} - -func (c *SecurityV1alpha1Client) Tiers() TierInterface { - return newTiers(c) -} - -// NewForConfig creates a new SecurityV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*SecurityV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &SecurityV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new SecurityV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *SecurityV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new SecurityV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *SecurityV1alpha1Client { - return &SecurityV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *SecurityV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/tier.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/tier.go deleted file mode 100644 index e8eaf69791e..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/tier.go +++ /dev/null @@ -1,166 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - "time" - - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - scheme "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// TiersGetter has a method to return a TierInterface. -// A group's client should implement this interface. -type TiersGetter interface { - Tiers() TierInterface -} - -// TierInterface has methods to work with Tier resources. -type TierInterface interface { - Create(ctx context.Context, tier *v1alpha1.Tier, opts v1.CreateOptions) (*v1alpha1.Tier, error) - Update(ctx context.Context, tier *v1alpha1.Tier, opts v1.UpdateOptions) (*v1alpha1.Tier, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.Tier, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.TierList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Tier, err error) - TierExpansion -} - -// tiers implements TierInterface -type tiers struct { - client rest.Interface -} - -// newTiers returns a Tiers -func newTiers(c *SecurityV1alpha1Client) *tiers { - return &tiers{ - client: c.RESTClient(), - } -} - -// Get takes name of the tier, and returns the corresponding tier object, and an error if there is any. -func (c *tiers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Tier, err error) { - result = &v1alpha1.Tier{} - err = c.client.Get(). - Resource("tiers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Tiers that match those selectors. -func (c *tiers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.TierList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha1.TierList{} - err = c.client.Get(). - Resource("tiers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested tiers. -func (c *tiers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("tiers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a tier and creates it. Returns the server's representation of the tier, and an error, if there is any. -func (c *tiers) Create(ctx context.Context, tier *v1alpha1.Tier, opts v1.CreateOptions) (result *v1alpha1.Tier, err error) { - result = &v1alpha1.Tier{} - err = c.client.Post(). - Resource("tiers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(tier). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a tier and updates it. Returns the server's representation of the tier, and an error, if there is any. -func (c *tiers) Update(ctx context.Context, tier *v1alpha1.Tier, opts v1.UpdateOptions) (result *v1alpha1.Tier, err error) { - result = &v1alpha1.Tier{} - err = c.client.Put(). - Resource("tiers"). - Name(tier.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(tier). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the tier and deletes it. Returns an error if one occurs. -func (c *tiers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("tiers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *tiers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("tiers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched tier. -func (c *tiers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Tier, err error) { - result = &v1alpha1.Tier{} - err = c.client.Patch(pt). - Resource("tiers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/doc.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/doc.go deleted file mode 100644 index a66b4592246..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha1 diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/doc.go deleted file mode 100644 index 5807b680f75..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go deleted file mode 100644 index 7102a633802..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeStatsV1alpha1 struct { - *testing.Fake -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeStatsV1alpha1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go deleted file mode 100644 index d6c5dcbda62..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go +++ /dev/null @@ -1,17 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/stats_client.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/stats_client.go deleted file mode 100644 index fcffbe7b1a4..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/stats_client.go +++ /dev/null @@ -1,82 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "antrea.io/antrea/pkg/legacyapis/stats/v1alpha1" - "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type StatsV1alpha1Interface interface { - RESTClient() rest.Interface -} - -// StatsV1alpha1Client is used to interact with features provided by the stats.antrea.tanzu.vmware.com group. -type StatsV1alpha1Client struct { - restClient rest.Interface -} - -// NewForConfig creates a new StatsV1alpha1Client for the given config. -func NewForConfig(c *rest.Config) (*StatsV1alpha1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &StatsV1alpha1Client{client}, nil -} - -// NewForConfigOrDie creates a new StatsV1alpha1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *StatsV1alpha1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new StatsV1alpha1Client for the given RESTClient. -func New(c rest.Interface) *StatsV1alpha1Client { - return &StatsV1alpha1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *StatsV1alpha1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/doc.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/doc.go deleted file mode 100644 index c41ac51a831..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1beta1 diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/doc.go deleted file mode 100644 index 5807b680f75..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go deleted file mode 100644 index 7f30f027840..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeSystemV1beta1 struct { - *testing.Fake -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeSystemV1beta1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/generated_expansion.go deleted file mode 100644 index 54dd65ae4ae..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/generated_expansion.go +++ /dev/null @@ -1,17 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/system_client.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/system_client.go deleted file mode 100644 index bb53435b2f4..00000000000 --- a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/system_client.go +++ /dev/null @@ -1,82 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - v1beta1 "antrea.io/antrea/pkg/legacyapis/system/v1beta1" - "antrea.io/antrea/pkg/legacyclient/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type SystemV1beta1Interface interface { - RESTClient() rest.Interface -} - -// SystemV1beta1Client is used to interact with features provided by the system.antrea.tanzu.vmware.com group. -type SystemV1beta1Client struct { - restClient rest.Interface -} - -// NewForConfig creates a new SystemV1beta1Client for the given config. -func NewForConfig(c *rest.Config) (*SystemV1beta1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &SystemV1beta1Client{client}, nil -} - -// NewForConfigOrDie creates a new SystemV1beta1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *SystemV1beta1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new SystemV1beta1Client for the given RESTClient. -func New(c rest.Interface) *SystemV1beta1Client { - return &SystemV1beta1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1beta1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *SystemV1beta1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/pkg/legacyclient/informers/externalversions/clusterinformation/interface.go b/pkg/legacyclient/informers/externalversions/clusterinformation/interface.go deleted file mode 100644 index 459d1de1894..00000000000 --- a/pkg/legacyclient/informers/externalversions/clusterinformation/interface.go +++ /dev/null @@ -1,44 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package clusterinformation - -import ( - v1beta1 "antrea.io/antrea/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1beta1 provides access to shared informers for resources in V1beta1. - V1beta1() v1beta1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1beta1 returns a new v1beta1.Interface. -func (g *group) V1beta1() v1beta1.Interface { - return v1beta1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go b/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go deleted file mode 100644 index 29f23712546..00000000000 --- a/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - time "time" - - clusterinformationv1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1beta1 "antrea.io/antrea/pkg/legacyclient/listers/clusterinformation/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// AntreaAgentInfoInformer provides access to a shared informer and lister for -// AntreaAgentInfos. -type AntreaAgentInfoInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1beta1.AntreaAgentInfoLister -} - -type antreaAgentInfoInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewAntreaAgentInfoInformer constructs a new informer for AntreaAgentInfo type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewAntreaAgentInfoInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredAntreaAgentInfoInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredAntreaAgentInfoInformer constructs a new informer for AntreaAgentInfo type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredAntreaAgentInfoInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ClusterinformationV1beta1().AntreaAgentInfos().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ClusterinformationV1beta1().AntreaAgentInfos().Watch(context.TODO(), options) - }, - }, - &clusterinformationv1beta1.AntreaAgentInfo{}, - resyncPeriod, - indexers, - ) -} - -func (f *antreaAgentInfoInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredAntreaAgentInfoInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *antreaAgentInfoInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&clusterinformationv1beta1.AntreaAgentInfo{}, f.defaultInformer) -} - -func (f *antreaAgentInfoInformer) Lister() v1beta1.AntreaAgentInfoLister { - return v1beta1.NewAntreaAgentInfoLister(f.Informer().GetIndexer()) -} diff --git a/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go b/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go deleted file mode 100644 index a8e22331f1b..00000000000 --- a/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - time "time" - - clusterinformationv1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1beta1 "antrea.io/antrea/pkg/legacyclient/listers/clusterinformation/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// AntreaControllerInfoInformer provides access to a shared informer and lister for -// AntreaControllerInfos. -type AntreaControllerInfoInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1beta1.AntreaControllerInfoLister -} - -type antreaControllerInfoInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewAntreaControllerInfoInformer constructs a new informer for AntreaControllerInfo type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewAntreaControllerInfoInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredAntreaControllerInfoInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredAntreaControllerInfoInformer constructs a new informer for AntreaControllerInfo type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredAntreaControllerInfoInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ClusterinformationV1beta1().AntreaControllerInfos().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.ClusterinformationV1beta1().AntreaControllerInfos().Watch(context.TODO(), options) - }, - }, - &clusterinformationv1beta1.AntreaControllerInfo{}, - resyncPeriod, - indexers, - ) -} - -func (f *antreaControllerInfoInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredAntreaControllerInfoInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *antreaControllerInfoInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&clusterinformationv1beta1.AntreaControllerInfo{}, f.defaultInformer) -} - -func (f *antreaControllerInfoInformer) Lister() v1beta1.AntreaControllerInfoLister { - return v1beta1.NewAntreaControllerInfoLister(f.Informer().GetIndexer()) -} diff --git a/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/interface.go b/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/interface.go deleted file mode 100644 index 0a6af7eba74..00000000000 --- a/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/interface.go +++ /dev/null @@ -1,50 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1beta1 - -import ( - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // AntreaAgentInfos returns a AntreaAgentInfoInformer. - AntreaAgentInfos() AntreaAgentInfoInformer - // AntreaControllerInfos returns a AntreaControllerInfoInformer. - AntreaControllerInfos() AntreaControllerInfoInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// AntreaAgentInfos returns a AntreaAgentInfoInformer. -func (v *version) AntreaAgentInfos() AntreaAgentInfoInformer { - return &antreaAgentInfoInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} - -// AntreaControllerInfos returns a AntreaControllerInfoInformer. -func (v *version) AntreaControllerInfos() AntreaControllerInfoInformer { - return &antreaControllerInfoInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/pkg/legacyclient/informers/externalversions/core/interface.go b/pkg/legacyclient/informers/externalversions/core/interface.go deleted file mode 100644 index 833d7faa9f9..00000000000 --- a/pkg/legacyclient/informers/externalversions/core/interface.go +++ /dev/null @@ -1,44 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package core - -import ( - v1alpha2 "antrea.io/antrea/pkg/legacyclient/informers/externalversions/core/v1alpha2" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha2 provides access to shared informers for resources in V1alpha2. - V1alpha2() v1alpha2.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha2 returns a new v1alpha2.Interface. -func (g *group) V1alpha2() v1alpha2.Interface { - return v1alpha2.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/pkg/legacyclient/informers/externalversions/core/v1alpha2/clustergroup.go b/pkg/legacyclient/informers/externalversions/core/v1alpha2/clustergroup.go deleted file mode 100644 index 757005e1a02..00000000000 --- a/pkg/legacyclient/informers/externalversions/core/v1alpha2/clustergroup.go +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - time "time" - - corev1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1alpha2 "antrea.io/antrea/pkg/legacyclient/listers/core/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// ClusterGroupInformer provides access to a shared informer and lister for -// ClusterGroups. -type ClusterGroupInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha2.ClusterGroupLister -} - -type clusterGroupInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewClusterGroupInformer constructs a new informer for ClusterGroup type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewClusterGroupInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredClusterGroupInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredClusterGroupInformer constructs a new informer for ClusterGroup type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredClusterGroupInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.CoreV1alpha2().ClusterGroups().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.CoreV1alpha2().ClusterGroups().Watch(context.TODO(), options) - }, - }, - &corev1alpha2.ClusterGroup{}, - resyncPeriod, - indexers, - ) -} - -func (f *clusterGroupInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredClusterGroupInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *clusterGroupInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&corev1alpha2.ClusterGroup{}, f.defaultInformer) -} - -func (f *clusterGroupInformer) Lister() v1alpha2.ClusterGroupLister { - return v1alpha2.NewClusterGroupLister(f.Informer().GetIndexer()) -} diff --git a/pkg/legacyclient/informers/externalversions/core/v1alpha2/externalentity.go b/pkg/legacyclient/informers/externalversions/core/v1alpha2/externalentity.go deleted file mode 100644 index 56ad47b6e77..00000000000 --- a/pkg/legacyclient/informers/externalversions/core/v1alpha2/externalentity.go +++ /dev/null @@ -1,88 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - time "time" - - corev1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1alpha2 "antrea.io/antrea/pkg/legacyclient/listers/core/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// ExternalEntityInformer provides access to a shared informer and lister for -// ExternalEntities. -type ExternalEntityInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha2.ExternalEntityLister -} - -type externalEntityInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewExternalEntityInformer constructs a new informer for ExternalEntity type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewExternalEntityInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredExternalEntityInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredExternalEntityInformer constructs a new informer for ExternalEntity type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredExternalEntityInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.CoreV1alpha2().ExternalEntities(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.CoreV1alpha2().ExternalEntities(namespace).Watch(context.TODO(), options) - }, - }, - &corev1alpha2.ExternalEntity{}, - resyncPeriod, - indexers, - ) -} - -func (f *externalEntityInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredExternalEntityInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *externalEntityInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&corev1alpha2.ExternalEntity{}, f.defaultInformer) -} - -func (f *externalEntityInformer) Lister() v1alpha2.ExternalEntityLister { - return v1alpha2.NewExternalEntityLister(f.Informer().GetIndexer()) -} diff --git a/pkg/legacyclient/informers/externalversions/core/v1alpha2/interface.go b/pkg/legacyclient/informers/externalversions/core/v1alpha2/interface.go deleted file mode 100644 index 1b0f0998329..00000000000 --- a/pkg/legacyclient/informers/externalversions/core/v1alpha2/interface.go +++ /dev/null @@ -1,50 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // ClusterGroups returns a ClusterGroupInformer. - ClusterGroups() ClusterGroupInformer - // ExternalEntities returns a ExternalEntityInformer. - ExternalEntities() ExternalEntityInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// ClusterGroups returns a ClusterGroupInformer. -func (v *version) ClusterGroups() ClusterGroupInformer { - return &clusterGroupInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} - -// ExternalEntities returns a ExternalEntityInformer. -func (v *version) ExternalEntities() ExternalEntityInformer { - return &externalEntityInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} diff --git a/pkg/legacyclient/informers/externalversions/factory.go b/pkg/legacyclient/informers/externalversions/factory.go deleted file mode 100644 index 84220dd8b55..00000000000 --- a/pkg/legacyclient/informers/externalversions/factory.go +++ /dev/null @@ -1,196 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - reflect "reflect" - sync "sync" - time "time" - - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - clusterinformation "antrea.io/antrea/pkg/legacyclient/informers/externalversions/clusterinformation" - core "antrea.io/antrea/pkg/legacyclient/informers/externalversions/core" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - ops "antrea.io/antrea/pkg/legacyclient/informers/externalversions/ops" - security "antrea.io/antrea/pkg/legacyclient/informers/externalversions/security" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// SharedInformerOption defines the functional option type for SharedInformerFactory. -type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory - -type sharedInformerFactory struct { - client versioned.Interface - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc - lock sync.Mutex - defaultResync time.Duration - customResync map[reflect.Type]time.Duration - - informers map[reflect.Type]cache.SharedIndexInformer - // startedInformers is used for tracking which informers have been started. - // This allows Start() to be called multiple times safely. - startedInformers map[reflect.Type]bool -} - -// WithCustomResyncConfig sets a custom resync period for the specified informer types. -func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - for k, v := range resyncConfig { - factory.customResync[reflect.TypeOf(k)] = v - } - return factory - } -} - -// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. -func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.tweakListOptions = tweakListOptions - return factory - } -} - -// WithNamespace limits the SharedInformerFactory to the specified namespace. -func WithNamespace(namespace string) SharedInformerOption { - return func(factory *sharedInformerFactory) *sharedInformerFactory { - factory.namespace = namespace - return factory - } -} - -// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. -func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync) -} - -// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. -// Listers obtained via this SharedInformerFactory will be subject to the same filters -// as specified here. -// Deprecated: Please use NewSharedInformerFactoryWithOptions instead -func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { - return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) -} - -// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. -func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { - factory := &sharedInformerFactory{ - client: client, - namespace: v1.NamespaceAll, - defaultResync: defaultResync, - informers: make(map[reflect.Type]cache.SharedIndexInformer), - startedInformers: make(map[reflect.Type]bool), - customResync: make(map[reflect.Type]time.Duration), - } - - // Apply all options - for _, opt := range options { - factory = opt(factory) - } - - return factory -} - -// Start initializes all requested informers. -func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { - f.lock.Lock() - defer f.lock.Unlock() - - for informerType, informer := range f.informers { - if !f.startedInformers[informerType] { - go informer.Run(stopCh) - f.startedInformers[informerType] = true - } - } -} - -// WaitForCacheSync waits for all started informers' cache were synced. -func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { - informers := func() map[reflect.Type]cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informers := map[reflect.Type]cache.SharedIndexInformer{} - for informerType, informer := range f.informers { - if f.startedInformers[informerType] { - informers[informerType] = informer - } - } - return informers - }() - - res := map[reflect.Type]bool{} - for informType, informer := range informers { - res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) - } - return res -} - -// InternalInformerFor returns the SharedIndexInformer for obj using an internal -// client. -func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { - f.lock.Lock() - defer f.lock.Unlock() - - informerType := reflect.TypeOf(obj) - informer, exists := f.informers[informerType] - if exists { - return informer - } - - resyncPeriod, exists := f.customResync[informerType] - if !exists { - resyncPeriod = f.defaultResync - } - - informer = newFunc(f.client, resyncPeriod) - f.informers[informerType] = informer - - return informer -} - -// SharedInformerFactory provides shared informers for resources in all known -// API group versions. -type SharedInformerFactory interface { - internalinterfaces.SharedInformerFactory - ForResource(resource schema.GroupVersionResource) (GenericInformer, error) - WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool - - Clusterinformation() clusterinformation.Interface - Core() core.Interface - Ops() ops.Interface - Security() security.Interface -} - -func (f *sharedInformerFactory) Clusterinformation() clusterinformation.Interface { - return clusterinformation.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) Core() core.Interface { - return core.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) Ops() ops.Interface { - return ops.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) Security() security.Interface { - return security.New(f, f.namespace, f.tweakListOptions) -} diff --git a/pkg/legacyclient/informers/externalversions/generic.go b/pkg/legacyclient/informers/externalversions/generic.go deleted file mode 100644 index e485136ce47..00000000000 --- a/pkg/legacyclient/informers/externalversions/generic.go +++ /dev/null @@ -1,83 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package externalversions - -import ( - "fmt" - - v1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - v1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - v1alpha1 "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - securityv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - schema "k8s.io/apimachinery/pkg/runtime/schema" - cache "k8s.io/client-go/tools/cache" -) - -// GenericInformer is type of SharedIndexInformer which will locate and delegate to other -// sharedInformers based on type -type GenericInformer interface { - Informer() cache.SharedIndexInformer - Lister() cache.GenericLister -} - -type genericInformer struct { - informer cache.SharedIndexInformer - resource schema.GroupResource -} - -// Informer returns the SharedIndexInformer. -func (f *genericInformer) Informer() cache.SharedIndexInformer { - return f.informer -} - -// Lister returns the GenericLister. -func (f *genericInformer) Lister() cache.GenericLister { - return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) -} - -// ForResource gives generic access to a shared informer of the matching type -// TODO extend this to unknown resources with a client pool -func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { - switch resource { - // Group=clusterinformation.antrea.tanzu.vmware.com, Version=v1beta1 - case v1beta1.SchemeGroupVersion.WithResource("antreaagentinfos"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Clusterinformation().V1beta1().AntreaAgentInfos().Informer()}, nil - case v1beta1.SchemeGroupVersion.WithResource("antreacontrollerinfos"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Clusterinformation().V1beta1().AntreaControllerInfos().Informer()}, nil - - // Group=core.antrea.tanzu.vmware.com, Version=v1alpha2 - case v1alpha2.SchemeGroupVersion.WithResource("clustergroups"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Core().V1alpha2().ClusterGroups().Informer()}, nil - case v1alpha2.SchemeGroupVersion.WithResource("externalentities"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Core().V1alpha2().ExternalEntities().Informer()}, nil - - // Group=ops.antrea.tanzu.vmware.com, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("traceflows"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Ops().V1alpha1().Traceflows().Informer()}, nil - - // Group=security.antrea.tanzu.vmware.com, Version=v1alpha1 - case securityv1alpha1.SchemeGroupVersion.WithResource("clusternetworkpolicies"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Security().V1alpha1().ClusterNetworkPolicies().Informer()}, nil - case securityv1alpha1.SchemeGroupVersion.WithResource("networkpolicies"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Security().V1alpha1().NetworkPolicies().Informer()}, nil - case securityv1alpha1.SchemeGroupVersion.WithResource("tiers"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Security().V1alpha1().Tiers().Informer()}, nil - - } - - return nil, fmt.Errorf("no informer found for %v", resource) -} diff --git a/pkg/legacyclient/informers/externalversions/internalinterfaces/factory_interfaces.go b/pkg/legacyclient/informers/externalversions/internalinterfaces/factory_interfaces.go deleted file mode 100644 index 496f72fc6ef..00000000000 --- a/pkg/legacyclient/informers/externalversions/internalinterfaces/factory_interfaces.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package internalinterfaces - -import ( - time "time" - - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - cache "k8s.io/client-go/tools/cache" -) - -// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. -type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer - -// SharedInformerFactory a small interface to allow for adding an informer without an import cycle -type SharedInformerFactory interface { - Start(stopCh <-chan struct{}) - InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer -} - -// TweakListOptionsFunc is a function that transforms a v1.ListOptions. -type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/pkg/legacyclient/informers/externalversions/ops/interface.go b/pkg/legacyclient/informers/externalversions/ops/interface.go deleted file mode 100644 index 6ca17831aa4..00000000000 --- a/pkg/legacyclient/informers/externalversions/ops/interface.go +++ /dev/null @@ -1,44 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package ops - -import ( - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1alpha1 "antrea.io/antrea/pkg/legacyclient/informers/externalversions/ops/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/pkg/legacyclient/informers/externalversions/ops/v1alpha1/interface.go b/pkg/legacyclient/informers/externalversions/ops/v1alpha1/interface.go deleted file mode 100644 index 29546f6d3ea..00000000000 --- a/pkg/legacyclient/informers/externalversions/ops/v1alpha1/interface.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // Traceflows returns a TraceflowInformer. - Traceflows() TraceflowInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// Traceflows returns a TraceflowInformer. -func (v *version) Traceflows() TraceflowInformer { - return &traceflowInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/pkg/legacyclient/informers/externalversions/ops/v1alpha1/traceflow.go b/pkg/legacyclient/informers/externalversions/ops/v1alpha1/traceflow.go deleted file mode 100644 index ec8f97f463c..00000000000 --- a/pkg/legacyclient/informers/externalversions/ops/v1alpha1/traceflow.go +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - opsv1alpha1 "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1alpha1 "antrea.io/antrea/pkg/legacyclient/listers/ops/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// TraceflowInformer provides access to a shared informer and lister for -// Traceflows. -type TraceflowInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.TraceflowLister -} - -type traceflowInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewTraceflowInformer constructs a new informer for Traceflow type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewTraceflowInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredTraceflowInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredTraceflowInformer constructs a new informer for Traceflow type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredTraceflowInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.OpsV1alpha1().Traceflows().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.OpsV1alpha1().Traceflows().Watch(context.TODO(), options) - }, - }, - &opsv1alpha1.Traceflow{}, - resyncPeriod, - indexers, - ) -} - -func (f *traceflowInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredTraceflowInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *traceflowInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&opsv1alpha1.Traceflow{}, f.defaultInformer) -} - -func (f *traceflowInformer) Lister() v1alpha1.TraceflowLister { - return v1alpha1.NewTraceflowLister(f.Informer().GetIndexer()) -} diff --git a/pkg/legacyclient/informers/externalversions/security/interface.go b/pkg/legacyclient/informers/externalversions/security/interface.go deleted file mode 100644 index a37f4410f2f..00000000000 --- a/pkg/legacyclient/informers/externalversions/security/interface.go +++ /dev/null @@ -1,44 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package security - -import ( - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1alpha1 "antrea.io/antrea/pkg/legacyclient/informers/externalversions/security/v1alpha1" -) - -// Interface provides access to each of this group's versions. -type Interface interface { - // V1alpha1 provides access to shared informers for resources in V1alpha1. - V1alpha1() v1alpha1.Interface -} - -type group struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// V1alpha1 returns a new v1alpha1.Interface. -func (g *group) V1alpha1() v1alpha1.Interface { - return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) -} diff --git a/pkg/legacyclient/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go b/pkg/legacyclient/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go deleted file mode 100644 index d78dbc6e6ab..00000000000 --- a/pkg/legacyclient/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - securityv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1alpha1 "antrea.io/antrea/pkg/legacyclient/listers/security/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// ClusterNetworkPolicyInformer provides access to a shared informer and lister for -// ClusterNetworkPolicies. -type ClusterNetworkPolicyInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.ClusterNetworkPolicyLister -} - -type clusterNetworkPolicyInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewClusterNetworkPolicyInformer constructs a new informer for ClusterNetworkPolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewClusterNetworkPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredClusterNetworkPolicyInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredClusterNetworkPolicyInformer constructs a new informer for ClusterNetworkPolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredClusterNetworkPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.SecurityV1alpha1().ClusterNetworkPolicies().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.SecurityV1alpha1().ClusterNetworkPolicies().Watch(context.TODO(), options) - }, - }, - &securityv1alpha1.ClusterNetworkPolicy{}, - resyncPeriod, - indexers, - ) -} - -func (f *clusterNetworkPolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredClusterNetworkPolicyInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *clusterNetworkPolicyInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&securityv1alpha1.ClusterNetworkPolicy{}, f.defaultInformer) -} - -func (f *clusterNetworkPolicyInformer) Lister() v1alpha1.ClusterNetworkPolicyLister { - return v1alpha1.NewClusterNetworkPolicyLister(f.Informer().GetIndexer()) -} diff --git a/pkg/legacyclient/informers/externalversions/security/v1alpha1/interface.go b/pkg/legacyclient/informers/externalversions/security/v1alpha1/interface.go deleted file mode 100644 index acb3dfc9e27..00000000000 --- a/pkg/legacyclient/informers/externalversions/security/v1alpha1/interface.go +++ /dev/null @@ -1,57 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" -) - -// Interface provides access to all the informers in this group version. -type Interface interface { - // ClusterNetworkPolicies returns a ClusterNetworkPolicyInformer. - ClusterNetworkPolicies() ClusterNetworkPolicyInformer - // NetworkPolicies returns a NetworkPolicyInformer. - NetworkPolicies() NetworkPolicyInformer - // Tiers returns a TierInformer. - Tiers() TierInformer -} - -type version struct { - factory internalinterfaces.SharedInformerFactory - namespace string - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// New returns a new Interface. -func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { - return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} -} - -// ClusterNetworkPolicies returns a ClusterNetworkPolicyInformer. -func (v *version) ClusterNetworkPolicies() ClusterNetworkPolicyInformer { - return &clusterNetworkPolicyInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} - -// NetworkPolicies returns a NetworkPolicyInformer. -func (v *version) NetworkPolicies() NetworkPolicyInformer { - return &networkPolicyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} -} - -// Tiers returns a TierInformer. -func (v *version) Tiers() TierInformer { - return &tierInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} -} diff --git a/pkg/legacyclient/informers/externalversions/security/v1alpha1/networkpolicy.go b/pkg/legacyclient/informers/externalversions/security/v1alpha1/networkpolicy.go deleted file mode 100644 index 0a58800f5a2..00000000000 --- a/pkg/legacyclient/informers/externalversions/security/v1alpha1/networkpolicy.go +++ /dev/null @@ -1,88 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - securityv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1alpha1 "antrea.io/antrea/pkg/legacyclient/listers/security/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// NetworkPolicyInformer provides access to a shared informer and lister for -// NetworkPolicies. -type NetworkPolicyInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.NetworkPolicyLister -} - -type networkPolicyInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc - namespace string -} - -// NewNetworkPolicyInformer constructs a new informer for NetworkPolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewNetworkPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredNetworkPolicyInformer(client, namespace, resyncPeriod, indexers, nil) -} - -// NewFilteredNetworkPolicyInformer constructs a new informer for NetworkPolicy type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredNetworkPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.SecurityV1alpha1().NetworkPolicies(namespace).List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.SecurityV1alpha1().NetworkPolicies(namespace).Watch(context.TODO(), options) - }, - }, - &securityv1alpha1.NetworkPolicy{}, - resyncPeriod, - indexers, - ) -} - -func (f *networkPolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredNetworkPolicyInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *networkPolicyInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&securityv1alpha1.NetworkPolicy{}, f.defaultInformer) -} - -func (f *networkPolicyInformer) Lister() v1alpha1.NetworkPolicyLister { - return v1alpha1.NewNetworkPolicyLister(f.Informer().GetIndexer()) -} diff --git a/pkg/legacyclient/informers/externalversions/security/v1alpha1/tier.go b/pkg/legacyclient/informers/externalversions/security/v1alpha1/tier.go deleted file mode 100644 index c7e4621de87..00000000000 --- a/pkg/legacyclient/informers/externalversions/security/v1alpha1/tier.go +++ /dev/null @@ -1,87 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by informer-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "context" - time "time" - - securityv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - versioned "antrea.io/antrea/pkg/legacyclient/clientset/versioned" - internalinterfaces "antrea.io/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" - v1alpha1 "antrea.io/antrea/pkg/legacyclient/listers/security/v1alpha1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" - watch "k8s.io/apimachinery/pkg/watch" - cache "k8s.io/client-go/tools/cache" -) - -// TierInformer provides access to a shared informer and lister for -// Tiers. -type TierInformer interface { - Informer() cache.SharedIndexInformer - Lister() v1alpha1.TierLister -} - -type tierInformer struct { - factory internalinterfaces.SharedInformerFactory - tweakListOptions internalinterfaces.TweakListOptionsFunc -} - -// NewTierInformer constructs a new informer for Tier type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewTierInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { - return NewFilteredTierInformer(client, resyncPeriod, indexers, nil) -} - -// NewFilteredTierInformer constructs a new informer for Tier type. -// Always prefer using an informer factory to get a shared informer instead of getting an independent -// one. This reduces memory footprint and number of connections to the server. -func NewFilteredTierInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { - return cache.NewSharedIndexInformer( - &cache.ListWatch{ - ListFunc: func(options v1.ListOptions) (runtime.Object, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.SecurityV1alpha1().Tiers().List(context.TODO(), options) - }, - WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { - if tweakListOptions != nil { - tweakListOptions(&options) - } - return client.SecurityV1alpha1().Tiers().Watch(context.TODO(), options) - }, - }, - &securityv1alpha1.Tier{}, - resyncPeriod, - indexers, - ) -} - -func (f *tierInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { - return NewFilteredTierInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) -} - -func (f *tierInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&securityv1alpha1.Tier{}, f.defaultInformer) -} - -func (f *tierInformer) Lister() v1alpha1.TierLister { - return v1alpha1.NewTierLister(f.Informer().GetIndexer()) -} diff --git a/pkg/legacyclient/listers/clusterinformation/v1beta1/antreaagentinfo.go b/pkg/legacyclient/listers/clusterinformation/v1beta1/antreaagentinfo.go deleted file mode 100644 index 2f1db41b1a0..00000000000 --- a/pkg/legacyclient/listers/clusterinformation/v1beta1/antreaagentinfo.go +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1beta1 - -import ( - v1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// AntreaAgentInfoLister helps list AntreaAgentInfos. -// All objects returned here must be treated as read-only. -type AntreaAgentInfoLister interface { - // List lists all AntreaAgentInfos in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1beta1.AntreaAgentInfo, err error) - // Get retrieves the AntreaAgentInfo from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1beta1.AntreaAgentInfo, error) - AntreaAgentInfoListerExpansion -} - -// antreaAgentInfoLister implements the AntreaAgentInfoLister interface. -type antreaAgentInfoLister struct { - indexer cache.Indexer -} - -// NewAntreaAgentInfoLister returns a new AntreaAgentInfoLister. -func NewAntreaAgentInfoLister(indexer cache.Indexer) AntreaAgentInfoLister { - return &antreaAgentInfoLister{indexer: indexer} -} - -// List lists all AntreaAgentInfos in the indexer. -func (s *antreaAgentInfoLister) List(selector labels.Selector) (ret []*v1beta1.AntreaAgentInfo, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1beta1.AntreaAgentInfo)) - }) - return ret, err -} - -// Get retrieves the AntreaAgentInfo from the index for a given name. -func (s *antreaAgentInfoLister) Get(name string) (*v1beta1.AntreaAgentInfo, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1beta1.Resource("antreaagentinfo"), name) - } - return obj.(*v1beta1.AntreaAgentInfo), nil -} diff --git a/pkg/legacyclient/listers/clusterinformation/v1beta1/antreacontrollerinfo.go b/pkg/legacyclient/listers/clusterinformation/v1beta1/antreacontrollerinfo.go deleted file mode 100644 index 6fbb4185c59..00000000000 --- a/pkg/legacyclient/listers/clusterinformation/v1beta1/antreacontrollerinfo.go +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1beta1 - -import ( - v1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// AntreaControllerInfoLister helps list AntreaControllerInfos. -// All objects returned here must be treated as read-only. -type AntreaControllerInfoLister interface { - // List lists all AntreaControllerInfos in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1beta1.AntreaControllerInfo, err error) - // Get retrieves the AntreaControllerInfo from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1beta1.AntreaControllerInfo, error) - AntreaControllerInfoListerExpansion -} - -// antreaControllerInfoLister implements the AntreaControllerInfoLister interface. -type antreaControllerInfoLister struct { - indexer cache.Indexer -} - -// NewAntreaControllerInfoLister returns a new AntreaControllerInfoLister. -func NewAntreaControllerInfoLister(indexer cache.Indexer) AntreaControllerInfoLister { - return &antreaControllerInfoLister{indexer: indexer} -} - -// List lists all AntreaControllerInfos in the indexer. -func (s *antreaControllerInfoLister) List(selector labels.Selector) (ret []*v1beta1.AntreaControllerInfo, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1beta1.AntreaControllerInfo)) - }) - return ret, err -} - -// Get retrieves the AntreaControllerInfo from the index for a given name. -func (s *antreaControllerInfoLister) Get(name string) (*v1beta1.AntreaControllerInfo, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1beta1.Resource("antreacontrollerinfo"), name) - } - return obj.(*v1beta1.AntreaControllerInfo), nil -} diff --git a/pkg/legacyclient/listers/clusterinformation/v1beta1/expansion_generated.go b/pkg/legacyclient/listers/clusterinformation/v1beta1/expansion_generated.go deleted file mode 100644 index 2181551a0c7..00000000000 --- a/pkg/legacyclient/listers/clusterinformation/v1beta1/expansion_generated.go +++ /dev/null @@ -1,25 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1beta1 - -// AntreaAgentInfoListerExpansion allows custom methods to be added to -// AntreaAgentInfoLister. -type AntreaAgentInfoListerExpansion interface{} - -// AntreaControllerInfoListerExpansion allows custom methods to be added to -// AntreaControllerInfoLister. -type AntreaControllerInfoListerExpansion interface{} diff --git a/pkg/legacyclient/listers/core/v1alpha2/clustergroup.go b/pkg/legacyclient/listers/core/v1alpha2/clustergroup.go deleted file mode 100644 index fede10f3446..00000000000 --- a/pkg/legacyclient/listers/core/v1alpha2/clustergroup.go +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - v1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// ClusterGroupLister helps list ClusterGroups. -// All objects returned here must be treated as read-only. -type ClusterGroupLister interface { - // List lists all ClusterGroups in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha2.ClusterGroup, err error) - // Get retrieves the ClusterGroup from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha2.ClusterGroup, error) - ClusterGroupListerExpansion -} - -// clusterGroupLister implements the ClusterGroupLister interface. -type clusterGroupLister struct { - indexer cache.Indexer -} - -// NewClusterGroupLister returns a new ClusterGroupLister. -func NewClusterGroupLister(indexer cache.Indexer) ClusterGroupLister { - return &clusterGroupLister{indexer: indexer} -} - -// List lists all ClusterGroups in the indexer. -func (s *clusterGroupLister) List(selector labels.Selector) (ret []*v1alpha2.ClusterGroup, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha2.ClusterGroup)) - }) - return ret, err -} - -// Get retrieves the ClusterGroup from the index for a given name. -func (s *clusterGroupLister) Get(name string) (*v1alpha2.ClusterGroup, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha2.Resource("clustergroup"), name) - } - return obj.(*v1alpha2.ClusterGroup), nil -} diff --git a/pkg/legacyclient/listers/core/v1alpha2/expansion_generated.go b/pkg/legacyclient/listers/core/v1alpha2/expansion_generated.go deleted file mode 100644 index 3b0a15efa32..00000000000 --- a/pkg/legacyclient/listers/core/v1alpha2/expansion_generated.go +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha2 - -// ClusterGroupListerExpansion allows custom methods to be added to -// ClusterGroupLister. -type ClusterGroupListerExpansion interface{} - -// ExternalEntityListerExpansion allows custom methods to be added to -// ExternalEntityLister. -type ExternalEntityListerExpansion interface{} - -// ExternalEntityNamespaceListerExpansion allows custom methods to be added to -// ExternalEntityNamespaceLister. -type ExternalEntityNamespaceListerExpansion interface{} diff --git a/pkg/legacyclient/listers/core/v1alpha2/externalentity.go b/pkg/legacyclient/listers/core/v1alpha2/externalentity.go deleted file mode 100644 index 8907e6ab573..00000000000 --- a/pkg/legacyclient/listers/core/v1alpha2/externalentity.go +++ /dev/null @@ -1,97 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - v1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// ExternalEntityLister helps list ExternalEntities. -// All objects returned here must be treated as read-only. -type ExternalEntityLister interface { - // List lists all ExternalEntities in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha2.ExternalEntity, err error) - // ExternalEntities returns an object that can list and get ExternalEntities. - ExternalEntities(namespace string) ExternalEntityNamespaceLister - ExternalEntityListerExpansion -} - -// externalEntityLister implements the ExternalEntityLister interface. -type externalEntityLister struct { - indexer cache.Indexer -} - -// NewExternalEntityLister returns a new ExternalEntityLister. -func NewExternalEntityLister(indexer cache.Indexer) ExternalEntityLister { - return &externalEntityLister{indexer: indexer} -} - -// List lists all ExternalEntities in the indexer. -func (s *externalEntityLister) List(selector labels.Selector) (ret []*v1alpha2.ExternalEntity, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha2.ExternalEntity)) - }) - return ret, err -} - -// ExternalEntities returns an object that can list and get ExternalEntities. -func (s *externalEntityLister) ExternalEntities(namespace string) ExternalEntityNamespaceLister { - return externalEntityNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// ExternalEntityNamespaceLister helps list and get ExternalEntities. -// All objects returned here must be treated as read-only. -type ExternalEntityNamespaceLister interface { - // List lists all ExternalEntities in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha2.ExternalEntity, err error) - // Get retrieves the ExternalEntity from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha2.ExternalEntity, error) - ExternalEntityNamespaceListerExpansion -} - -// externalEntityNamespaceLister implements the ExternalEntityNamespaceLister -// interface. -type externalEntityNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all ExternalEntities in the indexer for a given namespace. -func (s externalEntityNamespaceLister) List(selector labels.Selector) (ret []*v1alpha2.ExternalEntity, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha2.ExternalEntity)) - }) - return ret, err -} - -// Get retrieves the ExternalEntity from the indexer for a given namespace and name. -func (s externalEntityNamespaceLister) Get(name string) (*v1alpha2.ExternalEntity, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha2.Resource("externalentity"), name) - } - return obj.(*v1alpha2.ExternalEntity), nil -} diff --git a/pkg/legacyclient/listers/ops/v1alpha1/expansion_generated.go b/pkg/legacyclient/listers/ops/v1alpha1/expansion_generated.go deleted file mode 100644 index c36688103bc..00000000000 --- a/pkg/legacyclient/listers/ops/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// TraceflowListerExpansion allows custom methods to be added to -// TraceflowLister. -type TraceflowListerExpansion interface{} diff --git a/pkg/legacyclient/listers/ops/v1alpha1/traceflow.go b/pkg/legacyclient/listers/ops/v1alpha1/traceflow.go deleted file mode 100644 index 10cfd7b7b12..00000000000 --- a/pkg/legacyclient/listers/ops/v1alpha1/traceflow.go +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "antrea.io/antrea/pkg/legacyapis/ops/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// TraceflowLister helps list Traceflows. -// All objects returned here must be treated as read-only. -type TraceflowLister interface { - // List lists all Traceflows in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.Traceflow, err error) - // Get retrieves the Traceflow from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.Traceflow, error) - TraceflowListerExpansion -} - -// traceflowLister implements the TraceflowLister interface. -type traceflowLister struct { - indexer cache.Indexer -} - -// NewTraceflowLister returns a new TraceflowLister. -func NewTraceflowLister(indexer cache.Indexer) TraceflowLister { - return &traceflowLister{indexer: indexer} -} - -// List lists all Traceflows in the indexer. -func (s *traceflowLister) List(selector labels.Selector) (ret []*v1alpha1.Traceflow, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.Traceflow)) - }) - return ret, err -} - -// Get retrieves the Traceflow from the index for a given name. -func (s *traceflowLister) Get(name string) (*v1alpha1.Traceflow, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("traceflow"), name) - } - return obj.(*v1alpha1.Traceflow), nil -} diff --git a/pkg/legacyclient/listers/security/v1alpha1/clusternetworkpolicy.go b/pkg/legacyclient/listers/security/v1alpha1/clusternetworkpolicy.go deleted file mode 100644 index c04ca5a3fe1..00000000000 --- a/pkg/legacyclient/listers/security/v1alpha1/clusternetworkpolicy.go +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// ClusterNetworkPolicyLister helps list ClusterNetworkPolicies. -// All objects returned here must be treated as read-only. -type ClusterNetworkPolicyLister interface { - // List lists all ClusterNetworkPolicies in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.ClusterNetworkPolicy, err error) - // Get retrieves the ClusterNetworkPolicy from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.ClusterNetworkPolicy, error) - ClusterNetworkPolicyListerExpansion -} - -// clusterNetworkPolicyLister implements the ClusterNetworkPolicyLister interface. -type clusterNetworkPolicyLister struct { - indexer cache.Indexer -} - -// NewClusterNetworkPolicyLister returns a new ClusterNetworkPolicyLister. -func NewClusterNetworkPolicyLister(indexer cache.Indexer) ClusterNetworkPolicyLister { - return &clusterNetworkPolicyLister{indexer: indexer} -} - -// List lists all ClusterNetworkPolicies in the indexer. -func (s *clusterNetworkPolicyLister) List(selector labels.Selector) (ret []*v1alpha1.ClusterNetworkPolicy, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.ClusterNetworkPolicy)) - }) - return ret, err -} - -// Get retrieves the ClusterNetworkPolicy from the index for a given name. -func (s *clusterNetworkPolicyLister) Get(name string) (*v1alpha1.ClusterNetworkPolicy, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("clusternetworkpolicy"), name) - } - return obj.(*v1alpha1.ClusterNetworkPolicy), nil -} diff --git a/pkg/legacyclient/listers/security/v1alpha1/expansion_generated.go b/pkg/legacyclient/listers/security/v1alpha1/expansion_generated.go deleted file mode 100644 index cb76de60c46..00000000000 --- a/pkg/legacyclient/listers/security/v1alpha1/expansion_generated.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -// ClusterNetworkPolicyListerExpansion allows custom methods to be added to -// ClusterNetworkPolicyLister. -type ClusterNetworkPolicyListerExpansion interface{} - -// NetworkPolicyListerExpansion allows custom methods to be added to -// NetworkPolicyLister. -type NetworkPolicyListerExpansion interface{} - -// NetworkPolicyNamespaceListerExpansion allows custom methods to be added to -// NetworkPolicyNamespaceLister. -type NetworkPolicyNamespaceListerExpansion interface{} - -// TierListerExpansion allows custom methods to be added to -// TierLister. -type TierListerExpansion interface{} diff --git a/pkg/legacyclient/listers/security/v1alpha1/networkpolicy.go b/pkg/legacyclient/listers/security/v1alpha1/networkpolicy.go deleted file mode 100644 index 2fed1c4d870..00000000000 --- a/pkg/legacyclient/listers/security/v1alpha1/networkpolicy.go +++ /dev/null @@ -1,97 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// NetworkPolicyLister helps list NetworkPolicies. -// All objects returned here must be treated as read-only. -type NetworkPolicyLister interface { - // List lists all NetworkPolicies in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) - // NetworkPolicies returns an object that can list and get NetworkPolicies. - NetworkPolicies(namespace string) NetworkPolicyNamespaceLister - NetworkPolicyListerExpansion -} - -// networkPolicyLister implements the NetworkPolicyLister interface. -type networkPolicyLister struct { - indexer cache.Indexer -} - -// NewNetworkPolicyLister returns a new NetworkPolicyLister. -func NewNetworkPolicyLister(indexer cache.Indexer) NetworkPolicyLister { - return &networkPolicyLister{indexer: indexer} -} - -// List lists all NetworkPolicies in the indexer. -func (s *networkPolicyLister) List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.NetworkPolicy)) - }) - return ret, err -} - -// NetworkPolicies returns an object that can list and get NetworkPolicies. -func (s *networkPolicyLister) NetworkPolicies(namespace string) NetworkPolicyNamespaceLister { - return networkPolicyNamespaceLister{indexer: s.indexer, namespace: namespace} -} - -// NetworkPolicyNamespaceLister helps list and get NetworkPolicies. -// All objects returned here must be treated as read-only. -type NetworkPolicyNamespaceLister interface { - // List lists all NetworkPolicies in the indexer for a given namespace. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) - // Get retrieves the NetworkPolicy from the indexer for a given namespace and name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.NetworkPolicy, error) - NetworkPolicyNamespaceListerExpansion -} - -// networkPolicyNamespaceLister implements the NetworkPolicyNamespaceLister -// interface. -type networkPolicyNamespaceLister struct { - indexer cache.Indexer - namespace string -} - -// List lists all NetworkPolicies in the indexer for a given namespace. -func (s networkPolicyNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) { - err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.NetworkPolicy)) - }) - return ret, err -} - -// Get retrieves the NetworkPolicy from the indexer for a given namespace and name. -func (s networkPolicyNamespaceLister) Get(name string) (*v1alpha1.NetworkPolicy, error) { - obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("networkpolicy"), name) - } - return obj.(*v1alpha1.NetworkPolicy), nil -} diff --git a/pkg/legacyclient/listers/security/v1alpha1/tier.go b/pkg/legacyclient/listers/security/v1alpha1/tier.go deleted file mode 100644 index be28dbadaf5..00000000000 --- a/pkg/legacyclient/listers/security/v1alpha1/tier.go +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by lister-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/tools/cache" -) - -// TierLister helps list Tiers. -// All objects returned here must be treated as read-only. -type TierLister interface { - // List lists all Tiers in the indexer. - // Objects returned here must be treated as read-only. - List(selector labels.Selector) (ret []*v1alpha1.Tier, err error) - // Get retrieves the Tier from the index for a given name. - // Objects returned here must be treated as read-only. - Get(name string) (*v1alpha1.Tier, error) - TierListerExpansion -} - -// tierLister implements the TierLister interface. -type tierLister struct { - indexer cache.Indexer -} - -// NewTierLister returns a new TierLister. -func NewTierLister(indexer cache.Indexer) TierLister { - return &tierLister{indexer: indexer} -} - -// List lists all Tiers in the indexer. -func (s *tierLister) List(selector labels.Selector) (ret []*v1alpha1.Tier, err error) { - err = cache.ListAll(s.indexer, selector, func(m interface{}) { - ret = append(ret, m.(*v1alpha1.Tier)) - }) - return ret, err -} - -// Get retrieves the Tier from the index for a given name. -func (s *tierLister) Get(name string) (*v1alpha1.Tier, error) { - obj, exists, err := s.indexer.GetByKey(name) - if err != nil { - return nil, err - } - if !exists { - return nil, errors.NewNotFound(v1alpha1.Resource("tier"), name) - } - return obj.(*v1alpha1.Tier), nil -} diff --git a/pkg/monitor/agent.go b/pkg/monitor/agent.go index 55f4df38365..5edd369c1f9 100644 --- a/pkg/monitor/agent.go +++ b/pkg/monitor/agent.go @@ -26,30 +26,21 @@ import ( agentquerier "antrea.io/antrea/pkg/agent/querier" "antrea.io/antrea/pkg/apis/crd/v1beta1" clientset "antrea.io/antrea/pkg/client/clientset/versioned" - legacyv1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - legacyclientset "antrea.io/antrea/pkg/legacyclient/clientset/versioned" ) type agentMonitor struct { - client clientset.Interface - legacyClient legacyclientset.Interface - querier agentquerier.AgentQuerier + client clientset.Interface + querier agentquerier.AgentQuerier // agentCRD is the desired state of agent monitoring CRD which agentMonitor expects. agentCRD *v1beta1.AntreaAgentInfo - // legacyAgentCRD is the desired state of agent monitoring CRD which agentMonitor expects. - legacyAgentCRD *legacyv1beta1.AntreaAgentInfo } // NewAgentMonitor creates a new agent monitor. -func NewAgentMonitor(client clientset.Interface, - legacyClient legacyclientset.Interface, - querier agentquerier.AgentQuerier) *agentMonitor { +func NewAgentMonitor(client clientset.Interface, querier agentquerier.AgentQuerier) *agentMonitor { return &agentMonitor{ - client: client, - legacyClient: legacyClient, - querier: querier, - agentCRD: nil, - legacyAgentCRD: nil, + client: client, + querier: querier, + agentCRD: nil, } } @@ -60,9 +51,6 @@ func (monitor *agentMonitor) Run(stopCh <-chan struct{}) { // Sync agent monitoring CRD every minute util stopCh is closed. wait.Until(monitor.syncAgentCRD, time.Minute, stopCh) - - // Sync legacy agent monitoring CRD every minute util stopCh is closed. - wait.Until(monitor.syncLegacyAgentCRD, time.Minute, stopCh) } func (monitor *agentMonitor) syncAgentCRD() { @@ -121,80 +109,3 @@ func (monitor *agentMonitor) updateAgentCRD(partial bool) (*v1beta1.AntreaAgentI klog.V(2).Infof("Updating agent monitoring CRD %+v, partial: %t", monitor.agentCRD, partial) return monitor.client.CrdV1beta1().AntreaAgentInfos().Update(context.TODO(), monitor.agentCRD, metav1.UpdateOptions{}) } - -func (monitor *agentMonitor) syncLegacyAgentCRD() { - var err error - if monitor.legacyAgentCRD != nil { - if monitor.legacyAgentCRD, err = monitor.updateLegacyAgentCRD(true); err == nil { - return - } - klog.Errorf("Failed to partially update agent monitoring CRD: %v", err) - monitor.legacyAgentCRD = nil - } - - monitor.legacyAgentCRD, err = monitor.getLegacyAgentCRD() - - if errors.IsNotFound(err) { - monitor.legacyAgentCRD, err = monitor.createLegacyAgentCRD() - if err != nil { - klog.Errorf("Failed to create agent monitoring CRD: %v", err) - monitor.legacyAgentCRD = nil - } - return - } - - if err != nil { - klog.Errorf("Failed to get agent monitoring CRD: %v", err) - monitor.legacyAgentCRD = nil - return - } - - monitor.legacyAgentCRD, err = monitor.updateLegacyAgentCRD(false) - if err != nil { - klog.Errorf("Failed to entirely update agent monitoring CRD: %v", err) - monitor.legacyAgentCRD = nil - } -} - -// getLegacyAgentCRD is used to check the existence of agent monitoring CRD. -// So when the pod restarts, it will update this monitoring CRD instead of creating a new one. -func (monitor *agentMonitor) getLegacyAgentCRD() (*legacyv1beta1.AntreaAgentInfo, error) { - crdName := monitor.querier.GetNodeConfig().Name - klog.V(2).Infof("Getting legacy agent monitoring CRD %+v", crdName) - return monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().Get(context.TODO(), crdName, metav1.GetOptions{}) -} - -// createLegacyAgentCRD creates a new agent CRD. -func (monitor *agentMonitor) createLegacyAgentCRD() (*legacyv1beta1.AntreaAgentInfo, error) { - agentCRD := new(v1beta1.AntreaAgentInfo) - monitor.querier.GetAgentInfo(agentCRD, false) - legacyAgentCRD := agentInfoDeepCopy(agentCRD) - klog.V(2).Infof("Creating legacy agent monitoring CRD %+v", legacyAgentCRD) - return monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().Create(context.TODO(), legacyAgentCRD, metav1.CreateOptions{}) -} - -// updateLegacyAgentCRD updates the monitoring CRD. -func (monitor *agentMonitor) updateLegacyAgentCRD(partial bool) (*legacyv1beta1.AntreaAgentInfo, error) { - monitor.querier.GetAgentInfo(monitor.agentCRD, partial) - monitor.legacyAgentCRD = agentInfoDeepCopy(monitor.agentCRD) - klog.V(2).Infof("Updating legacy agent monitoring CRD %+v, partial: %t", monitor.legacyAgentCRD, partial) - return monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().Update(context.TODO(), monitor.legacyAgentCRD, metav1.UpdateOptions{}) -} - -func agentInfoDeepCopy(aa *v1beta1.AntreaAgentInfo) *legacyv1beta1.AntreaAgentInfo { - laa := new(legacyv1beta1.AntreaAgentInfo) - laa.Name = aa.Name - laa.Version = aa.Version - laa.PodRef = *aa.PodRef.DeepCopy() - laa.NodeRef = *aa.NodeRef.DeepCopy() - laa.NodeSubnets = aa.NodeSubnets - laa.OVSInfo = *aa.OVSInfo.DeepCopy() - laa.NetworkPolicyControllerInfo = *aa.NetworkPolicyControllerInfo.DeepCopy() - laa.LocalPodNum = aa.LocalPodNum - laa.AgentConditions = []v1beta1.AgentCondition{} - for _, ac := range aa.AgentConditions { - laa.AgentConditions = append(laa.AgentConditions, *ac.DeepCopy()) - } - laa.APIPort = aa.APIPort - return laa -} diff --git a/pkg/monitor/controller.go b/pkg/monitor/controller.go index 674c70edae2..5a2a5a9e78d 100644 --- a/pkg/monitor/controller.go +++ b/pkg/monitor/controller.go @@ -29,8 +29,6 @@ import ( "antrea.io/antrea/pkg/apis/crd/v1beta1" clientset "antrea.io/antrea/pkg/client/clientset/versioned" controllerquerier "antrea.io/antrea/pkg/controller/querier" - legacyv1beta1 "antrea.io/antrea/pkg/legacyapis/clusterinformation/v1beta1" - legacyclientset "antrea.io/antrea/pkg/legacyclient/clientset/versioned" ) const ( @@ -40,29 +38,26 @@ const ( type controllerMonitor struct { client clientset.Interface - legacyClient legacyclientset.Interface nodeInformer coreinformers.NodeInformer // nodeListerSynced is a function which returns true if the node shared informer has been synced at least once. nodeListerSynced cache.InformerSynced querier controllerquerier.ControllerQuerier // controllerCRD is the desired state of controller monitoring CRD which controllerMonitor expects. - controllerCRD *v1beta1.AntreaControllerInfo - legacyControllerCRD *legacyv1beta1.AntreaControllerInfo + controllerCRD *v1beta1.AntreaControllerInfo } // NewControllerMonitor creates a new controller monitor. -func NewControllerMonitor(client clientset.Interface, - legacyClient legacyclientset.Interface, +func NewControllerMonitor( + client clientset.Interface, nodeInformer coreinformers.NodeInformer, - querier controllerquerier.ControllerQuerier) *controllerMonitor { + querier controllerquerier.ControllerQuerier, +) *controllerMonitor { m := &controllerMonitor{ - client: client, - legacyClient: legacyClient, - nodeInformer: nodeInformer, - nodeListerSynced: nodeInformer.Informer().HasSynced, - querier: querier, - controllerCRD: nil, - legacyControllerCRD: nil, + client: client, + nodeInformer: nodeInformer, + nodeListerSynced: nodeInformer.Informer().HasSynced, + querier: querier, + controllerCRD: nil, } nodeInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: nil, @@ -83,13 +78,9 @@ func (monitor *controllerMonitor) Run(stopCh <-chan struct{}) { } monitor.deleteStaleAgentCRDs() - monitor.deleteLegacyStaleAgentCRDs() // Sync controller monitoring CRD every minute util stopCh is closed. wait.Until(monitor.syncControllerCRD, time.Minute, stopCh) - - // Sync legacy controller monitoring CRD every minute util stopCh is closed. - wait.Until(monitor.syncLegacyControllerCRD, time.Minute, stopCh) } func (monitor *controllerMonitor) syncControllerCRD() { @@ -180,7 +171,6 @@ func (monitor *controllerMonitor) deleteStaleAgentCRD(old interface{}) { } } monitor.deleteAgentCRD(node.Name) - monitor.deleteLegacyAgentCRD(node.Name) } func (monitor *controllerMonitor) deleteAgentCRD(name string) { @@ -190,100 +180,3 @@ func (monitor *controllerMonitor) deleteAgentCRD(name string) { klog.Errorf("Failed to delete agent monitoring CRD %s: %v", name, err) } } - -func (monitor *controllerMonitor) syncLegacyControllerCRD() { - var err error - if monitor.legacyControllerCRD != nil { - if monitor.legacyControllerCRD, err = monitor.updateLegacyControllerCRD(true); err == nil { - return - } - klog.Errorf("Failed to partially update legacy controller monitoring CRD: %v", err) - monitor.legacyControllerCRD = nil - } - - monitor.legacyControllerCRD, err = monitor.getLegacyControllerCRD(crdName) - - if errors.IsNotFound(err) { - monitor.legacyControllerCRD, err = monitor.createLegacyControllerCRD(crdName) - if err != nil { - klog.Errorf("Failed to create legacy controller monitoring CRD: %v", err) - monitor.legacyControllerCRD = nil - } - return - } - - if err != nil { - klog.Errorf("Failed to get legacy controller monitoring CRD: %v", err) - monitor.legacyControllerCRD = nil - return - } - - monitor.legacyControllerCRD, err = monitor.updateLegacyControllerCRD(false) - if err != nil { - klog.Errorf("Failed to entirely update legacy controller monitoring CRD: %v", err) - monitor.legacyControllerCRD = nil - } -} - -func (monitor *controllerMonitor) getLegacyControllerCRD(crdName string) (*legacyv1beta1.AntreaControllerInfo, error) { - return monitor.legacyClient.ClusterinformationV1beta1().AntreaControllerInfos().Get(context.TODO(), crdName, metav1.GetOptions{}) -} - -func (monitor *controllerMonitor) createLegacyControllerCRD(crdName string) (*legacyv1beta1.AntreaControllerInfo, error) { - controllerCRD := new(v1beta1.AntreaControllerInfo) - controllerCRD.Name = crdName - monitor.querier.GetControllerInfo(controllerCRD, false) - legacyControllerCRD := controllerInfoDeepCopy(controllerCRD) - klog.V(2).Infof("Creating legacy controller monitoring CRD %+v", legacyControllerCRD) - return monitor.legacyClient.ClusterinformationV1beta1().AntreaControllerInfos().Create(context.TODO(), legacyControllerCRD, metav1.CreateOptions{}) -} - -func (monitor *controllerMonitor) updateLegacyControllerCRD(partial bool) (*legacyv1beta1.AntreaControllerInfo, error) { - monitor.querier.GetControllerInfo(monitor.controllerCRD, partial) - monitor.legacyControllerCRD = controllerInfoDeepCopy(monitor.controllerCRD) - klog.V(2).Infof("Updating controller monitoring CRD %+v, partial: %t", monitor.legacyControllerCRD, partial) - return monitor.legacyClient.ClusterinformationV1beta1().AntreaControllerInfos().Update(context.TODO(), monitor.legacyControllerCRD, metav1.UpdateOptions{}) -} - -func (monitor *controllerMonitor) deleteLegacyStaleAgentCRDs() { - crds, err := monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().List(context.TODO(), metav1.ListOptions{ - ResourceVersion: "0", - }) - if err != nil { - klog.Errorf("Failed to list legacy agent monitoring CRDs: %v", err) - return - } - - nodeLister := monitor.nodeInformer.Lister() - for _, crd := range crds.Items { - _, err := nodeLister.Get(crd.Name) - if errors.IsNotFound(err) { - monitor.deleteLegacyAgentCRD(crd.Name) - } - } -} - -func (monitor *controllerMonitor) deleteLegacyAgentCRD(name string) { - klog.Infof("Deleting legacy agent monitoring CRD %s", name) - err := monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - klog.Errorf("Failed to delete legacy agent monitoring CRD %s: %v", name, err) - } -} - -func controllerInfoDeepCopy(ac *v1beta1.AntreaControllerInfo) *legacyv1beta1.AntreaControllerInfo { - lac := new(legacyv1beta1.AntreaControllerInfo) - lac.Name = ac.Name - lac.Version = ac.Version - lac.PodRef = *ac.PodRef.DeepCopy() - lac.NodeRef = *ac.NodeRef.DeepCopy() - lac.ServiceRef = *ac.ServiceRef.DeepCopy() - lac.NetworkPolicyControllerInfo = *ac.NetworkPolicyControllerInfo.DeepCopy() - lac.ConnectedAgentNum = ac.ConnectedAgentNum - lac.ControllerConditions = []v1beta1.ControllerCondition{} - for _, cc := range ac.ControllerConditions { - lac.ControllerConditions = append(lac.ControllerConditions, *cc.DeepCopy()) - } - lac.APIPort = ac.APIPort - return lac -} diff --git a/pkg/util/k8s/client.go b/pkg/util/k8s/client.go index 4f28a650902..3c2e53674c3 100644 --- a/pkg/util/k8s/client.go +++ b/pkg/util/k8s/client.go @@ -24,7 +24,6 @@ import ( aggregatorclientset "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset" crdclientset "antrea.io/antrea/pkg/client/clientset/versioned" - legacycrdclientset "antrea.io/antrea/pkg/legacyclient/clientset/versioned" netdefclient "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/client/clientset/versioned/typed/k8s.cni.cncf.io/v1" ) @@ -59,20 +58,6 @@ func CreateClients(config componentbaseconfig.ClientConnectionConfiguration, kub return client, aggregatorClient, crdClient, apiExtensionClient, nil } -// CreateLegacyCRDClient creates legacyCRD client from the given config. -func CreateLegacyCRDClient(config componentbaseconfig.ClientConnectionConfiguration, kubeAPIServerOverride string) (legacycrdclientset.Interface, error) { - kubeConfig, err := createRestConfig(config, kubeAPIServerOverride) - if err != nil { - return nil, err - } - - legacyCrdClient, err := legacycrdclientset.NewForConfig(kubeConfig) - if err != nil { - return nil, err - } - return legacyCrdClient, nil -} - // CreateNetworkAttachDefClient creates net-attach-def client handle from the given config. func CreateNetworkAttachDefClient(config componentbaseconfig.ClientConnectionConfiguration, kubeAPIServerOverride string) (netdefclient.K8sCniCncfIoV1Interface, error) { kubeConfig, err := createRestConfig(config, kubeAPIServerOverride) diff --git a/test/e2e/antreapolicy_test.go b/test/e2e/antreapolicy_test.go index ff10af7d3cc..9665a3df667 100644 --- a/test/e2e/antreapolicy_test.go +++ b/test/e2e/antreapolicy_test.go @@ -38,8 +38,6 @@ import ( crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" "antrea.io/antrea/pkg/features" - legacycorev1a2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - legacysecv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" . "antrea.io/antrea/test/e2e/utils" ) @@ -105,13 +103,6 @@ func failOnError(err error, t *testing.T) { } } -func warningOnTimeoutError(err error, t *testing.T) { - if err != nil { - log.Warningf("Timeout for getting expected status and the tests may get unexpted results.") - t.Fatalf("test warned: %v", err) - } -} - // TestCase is a collection of TestSteps to be tested against. type TestCase struct { Name string @@ -2723,14 +2714,6 @@ func waitForResourceReady(obj metav1.Object, timeout time.Duration) error { defer timeCost()("ready") if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { switch p := obj.(type) { - case *legacysecv1alpha1.ClusterNetworkPolicy: - _, err = k8sUtils.GetACNP(p.Name) - case *legacysecv1alpha1.NetworkPolicy: - _, err = k8sUtils.GetANP(p.Namespace, p.Name) - case *legacysecv1alpha1.Tier: - _, err = k8sUtils.GetTier(p.Name) - case *legacycorev1a2.ClusterGroup: - _, err = k8sUtils.GetV1Alpha2CG(p.Name) case *crdv1alpha1.ClusterNetworkPolicy: _, err = k8sUtils.GetACNP(p.Name) case *crdv1alpha1.NetworkPolicy: diff --git a/test/e2e/framework.go b/test/e2e/framework.go index 7df6b4fe458..8cfd12ca835 100644 --- a/test/e2e/framework.go +++ b/test/e2e/framework.go @@ -57,7 +57,6 @@ import ( controllerconfig "antrea.io/antrea/pkg/config/controller" flowaggregatorconfig "antrea.io/antrea/pkg/config/flowaggregator" "antrea.io/antrea/pkg/features" - legacycrdclientset "antrea.io/antrea/pkg/legacyclient/clientset/versioned" "antrea.io/antrea/test/e2e/providers" ) @@ -202,7 +201,6 @@ type TestData struct { clientset kubernetes.Interface aggregatorClient aggregatorclientset.Interface crdClient crdclientset.Interface - legacyCrdClient legacycrdclientset.Interface logsDirForTestCase string } @@ -941,15 +939,10 @@ func (data *TestData) createClient() error { if err != nil { return fmt.Errorf("error when creating CRD client: %v", err) } - legacyCrdClient, err := legacycrdclientset.NewForConfig(kubeConfig) - if err != nil { - return fmt.Errorf("error when creating legacy CRD client: %v", err) - } data.kubeConfig = kubeConfig data.clientset = clientset data.aggregatorClient = aggregatorClient data.crdClient = crdClient - data.legacyCrdClient = legacyCrdClient return nil } diff --git a/test/e2e/k8s_util.go b/test/e2e/k8s_util.go index d8d6b9ba705..7ce94a6d79f 100644 --- a/test/e2e/k8s_util.go +++ b/test/e2e/k8s_util.go @@ -32,8 +32,6 @@ import ( crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" - legacycorev1a2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - legacysecv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" ) type KubernetesUtils struct { @@ -899,219 +897,3 @@ func (k *KubernetesUtils) Cleanup(namespaces []string) { } } } - -// CreateOrUpdateANP is a convenience function for updating/creating Antrea NetworkPolicies. -func (k *KubernetesUtils) CreateOrUpdateLegacyANP(anp *legacysecv1alpha1.NetworkPolicy) (*legacysecv1alpha1.NetworkPolicy, error) { - log.Infof("Creating/updating legacy Antrea NetworkPolicy %s/%s", anp.Namespace, anp.Name) - cnpReturned, err := k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Get(context.TODO(), anp.Name, metav1.GetOptions{}) - if err != nil { - log.Debugf("Creating legacy Antrea NetworkPolicy %s", anp.Name) - anp, err = k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Create(context.TODO(), anp, metav1.CreateOptions{}) - if err != nil { - log.Debugf("Unable to create legacy Antrea NetworkPolicy: %s", err) - } - return anp, err - } else if cnpReturned.Name != "" { - log.Debugf("Legacy Antrea NetworkPolicy with name %s already exists, updating", anp.Name) - anp, err = k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Update(context.TODO(), anp, metav1.UpdateOptions{}) - return anp, err - } - return nil, fmt.Errorf("error occurred in creating/updating legacy Antrea NetworkPolicy %s", anp.Name) -} - -// DeleteLegacyANP is a convenience function for deleting ANP by name and Namespace. -func (k *KubernetesUtils) DeleteLegacyANP(ns, name string) error { - log.Infof("Deleting legacy Antrea NetworkPolicy '%s/%s'", ns, name) - err := k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(ns).Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return errors.Wrapf(err, "unable to delete legacy Antrea NetworkPolicy %s", name) - } - return nil -} - -// CleanLegacyANPs is a convenience function for deleting all Antrea NetworkPolicies in provided namespaces. -func (k *KubernetesUtils) CleanLegacyANPs(namespaces []string) error { - for _, ns := range namespaces { - l, err := k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(ns).List(context.TODO(), metav1.ListOptions{}) - if err != nil { - return errors.Wrapf(err, "unable to list legacy Antrea NetworkPolicies in ns %s", ns) - } - for _, anp := range l.Items { - if err = k.DeleteLegacyANP(anp.Namespace, anp.Name); err != nil { - return err - } - } - } - return nil -} - -// CreateLegacyTier is a convenience function for creating a legacy Antrea Policy Tier by name and priority. -func (k *KubernetesUtils) CreateNewLegacyTier(name string, tierPriority int32) (*legacysecv1alpha1.Tier, error) { - log.Infof("Creating legacy tier %s", name) - _, err := k.legacyCrdClient.SecurityV1alpha1().Tiers().Get(context.TODO(), name, metav1.GetOptions{}) - if err != nil { - tr := &legacysecv1alpha1.Tier{ - ObjectMeta: metav1.ObjectMeta{Name: name}, - Spec: crdv1alpha1.TierSpec{Priority: tierPriority}, - } - tr, err = k.legacyCrdClient.SecurityV1alpha1().Tiers().Create(context.TODO(), tr, metav1.CreateOptions{}) - if err != nil { - log.Debugf("Unable to create legacy tier %s: %s", name, err) - } - return tr, err - } - return nil, fmt.Errorf("legacy tier with name %s already exists", name) -} - -// UpdateLegacyTier is a convenience function for updating a legacy Antrea Policy Tier. -func (k *KubernetesUtils) UpdateLegacyTier(tier *legacysecv1alpha1.Tier) (*legacysecv1alpha1.Tier, error) { - log.Infof("Updating legacy tier %s", tier.Name) - updatedTier, err := k.legacyCrdClient.SecurityV1alpha1().Tiers().Update(context.TODO(), tier, metav1.UpdateOptions{}) - return updatedTier, err -} - -// DeleteLegacyTier is a convenience function for deleting a legacy Antrea Policy Tier with specific name. -func (k *KubernetesUtils) DeleteLegacyTier(name string) error { - _, err := k.legacyCrdClient.SecurityV1alpha1().Tiers().Get(context.TODO(), name, metav1.GetOptions{}) - if err != nil { - return errors.Wrapf(err, "unable to get legacy tier %s", name) - } - log.Infof("Deleting legacy tier %s", name) - if err = k.legacyCrdClient.SecurityV1alpha1().Tiers().Delete(context.TODO(), name, metav1.DeleteOptions{}); err != nil { - return errors.Wrapf(err, "unable to delete legacy tier %s", name) - } - return nil -} - -// CreateLegacyCG is a convenience function for creating a legacy Antrea ClusterGroup by name and selector. -func (k *KubernetesUtils) CreateLegacyCG(name string, pSelector, nSelector *metav1.LabelSelector, ipBlock *crdv1alpha1.IPBlock) (*legacycorev1a2.ClusterGroup, error) { - log.Infof("Creating legacy clustergroup %s", name) - _, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Get(context.TODO(), name, metav1.GetOptions{}) - if err != nil { - cg := &legacycorev1a2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - }, - } - if pSelector != nil { - cg.Spec.PodSelector = pSelector - } - if nSelector != nil { - cg.Spec.NamespaceSelector = nSelector - } - if ipBlock != nil { - cg.Spec.IPBlock = ipBlock - } - cg, err = k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) - if err != nil { - log.Debugf("Unable to create legacy ClusterGroup %s: %s", name, err) - } - return cg, err - } - return nil, fmt.Errorf("legacy ClusterGroup with name %s already exists", name) -} - -// CreateOrUpdateLegacyCG is a convenience function for idempotent setup of legacy ClusterGroups -func (k *KubernetesUtils) CreateOrUpdateLegacyCG(cg *legacycorev1a2.ClusterGroup) (*legacycorev1a2.ClusterGroup, error) { - log.Infof("Creating/updating legacy ClusterGroup %s", cg.Name) - cgReturned, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Get(context.TODO(), cg.Name, metav1.GetOptions{}) - if err != nil { - cgr, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) - if err != nil { - log.Infof("Unable to create legacy ClusterGroup %s: %v", cg.Name, err) - return nil, err - } - return cgr, nil - } else if cgReturned.Name != "" { - log.Debugf("Legacy ClusterGroup with name %s already exists, updating", cg.Name) - cgReturned.Spec = cg.Spec - cgr, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Update(context.TODO(), cgReturned, metav1.UpdateOptions{}) - return cgr, err - } - return nil, fmt.Errorf("error occurred in creating/updating legacy ClusterGroup %s", cg.Name) -} - -// DeleteLegacyCG is a convenience function for deleting legacy ClusterGroup by name. -func (k *KubernetesUtils) DeleteLegacyCG(name string) error { - log.Infof("Deleting ClusterGroup %s", name) - err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return errors.Wrapf(err, "unable to delete legacy ClusterGroup %s", name) - } - return nil -} - -// CleanCGs is a convenience function for deleting all ClusterGroups in the cluster. -func (k *KubernetesUtils) CleanLegacyCGs() error { - l, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().List(context.TODO(), metav1.ListOptions{}) - if err != nil { - return errors.Wrapf(err, "unable to list legacy ClusterGroups") - } - for _, cg := range l.Items { - if err := k.DeleteLegacyCG(cg.Name); err != nil { - return err - } - } - return nil -} - -// CreateOrUpdateLegacyACNP is a convenience function for updating/creating AntreaClusterNetworkPolicies. -func (k *KubernetesUtils) CreateOrUpdateLegacyACNP(cnp *legacysecv1alpha1.ClusterNetworkPolicy) (*legacysecv1alpha1.ClusterNetworkPolicy, error) { - log.Infof("Creating/updating legacy ClusterNetworkPolicy %s", cnp.Name) - cnpReturned, err := k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Get(context.TODO(), cnp.Name, metav1.GetOptions{}) - if err != nil { - log.Debugf("Creating legacy ClusterNetworkPolicy %s", cnp.Name) - cnp, err = k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Create(context.TODO(), cnp, metav1.CreateOptions{}) - if err != nil { - log.Debugf("Unable to create legacy ClusterNetworkPolicy: %s", err) - } - return cnp, err - } else if cnpReturned.Name != "" { - log.Debugf("Legacy ClusterNetworkPolicy with name %s already exists, updating", cnp.Name) - cnpReturned.Spec = cnp.Spec - cnp, err = k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Update(context.TODO(), cnpReturned, metav1.UpdateOptions{}) - return cnp, err - } - return nil, fmt.Errorf("error occurred in creating/updating legacy ClusterNetworkPolicy %s", cnp.Name) -} - -// DeleteLegacyACNP is a convenience function for deleting ACNP by name. -func (k *KubernetesUtils) DeleteLegacyACNP(name string) error { - log.Infof("Deleting AntreaClusterNetworkPolicies %s", name) - err := k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), name, metav1.DeleteOptions{}) - if err != nil { - return errors.Wrapf(err, "unable to delete legacy ClusterNetworkPolicy %s", name) - } - return nil -} - -// CleanLegacyACNPs is a convenience function for deleting all Antrea ClusterNetworkPolicies in the cluster. -func (k *KubernetesUtils) CleanLegacyACNPs() error { - l, err := k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().List(context.TODO(), metav1.ListOptions{}) - if err != nil { - return errors.Wrapf(err, "unable to list legacy AntreaClusterNetworkPolicies") - } - for _, cnp := range l.Items { - if err = k.DeleteLegacyACNP(cnp.Name); err != nil { - return err - } - } - return nil -} - -func (k *KubernetesUtils) LegacyCleanup(namespaces []string) { - // Cleanup any cluster-scoped resources. - if err := k.CleanLegacyACNPs(); err != nil { - log.Errorf("Error when cleaning-up ACNPs: %v", err) - } - if err := k.CleanLegacyCGs(); err != nil { - log.Errorf("Error when cleaning-up CGs: %v", err) - } - - for _, ns := range namespaces { - log.Infof("Deleting test Namespace %s", ns) - if err := k.clientset.CoreV1().Namespaces().Delete(context.TODO(), ns, metav1.DeleteOptions{}); err != nil { - log.Errorf("Error when deleting Namespace '%s': %v", ns, err) - } - } -} diff --git a/test/e2e/legacyantreapolicy_test.go b/test/e2e/legacyantreapolicy_test.go deleted file mode 100644 index dfb48d7bf37..00000000000 --- a/test/e2e/legacyantreapolicy_test.go +++ /dev/null @@ -1,2496 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package e2e - -import ( - "context" - "fmt" - "strings" - "sync" - "testing" - "time" - - log "github.com/sirupsen/logrus" - "github.com/stretchr/testify/assert" - v1 "k8s.io/api/core/v1" - v1net "k8s.io/api/networking/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/util/intstr" - "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/wait" - - crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - legacycorev1a2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" - legacysecv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" - . "antrea.io/antrea/test/e2e/utils" -) - -const ( - mockWait = 900 * time.Millisecond -) - -// TestLegacyAntreaPolicyStats is the top-level test which contains all subtests for -// LegacyAntreaPolicyStats related test cases so they can share setup, teardown. -func TestLegacyAntreaPolicyStats(t *testing.T) { - skipIfProviderIs(t, "kind", "This test is for legacy API groups and is almost the same as new API groups'.") - skipIfHasWindowsNodes(t) - skipIfAntreaPolicyDisabled(t) - - data, err := setupTest(t) - if err != nil { - t.Fatalf("Error when setting up test: %v", err) - } - defer teardownTest(t, data) - - t.Run("testLegacyANPNetworkPolicyStatsWithDropAction", func(t *testing.T) { - skipIfNetworkPolicyStatsDisabled(t) - testLegacyANPNetworkPolicyStatsWithDropAction(t, data) - }) - t.Run("testLegacyAntreaClusterNetworkPolicyStats", func(t *testing.T) { - skipIfNetworkPolicyStatsDisabled(t) - testLegacyAntreaClusterNetworkPolicyStats(t, data) - }) -} - -func testLegacyMutateACNPNoTier(t *testing.T) { - invalidNpErr := fmt.Errorf("ACNP tier not mutated to default tier") - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-no-tier"). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - SetPriority(10.0) - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - acnp, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp) - if err != nil { - failOnError(fmt.Errorf("ACNP create failed %v", err), t) - } - if acnp.Spec.Tier != defaultTierName { - failOnError(invalidNpErr, t) - } - failOnError(k8sUtils.CleanLegacyACNPs(), t) -} - -func testLegacyMutateANPNoTier(t *testing.T) { - invalidNpErr := fmt.Errorf("ANP tier not mutated to default tier") - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("x", "anp-no-tier"). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - SetPriority(10.0) - anp := builder.GetLegacy() - log.Debugf("creating ANP %v", anp.Name) - anp, err := k8sUtils.CreateOrUpdateLegacyANP(anp) - if err != nil { - failOnError(fmt.Errorf("ANP create failed %v", err), t) - } - if anp.Spec.Tier != defaultTierName { - failOnError(invalidNpErr, t) - } - failOnError(k8sUtils.CleanLegacyANPs([]string{anp.Namespace}), t) -} - -func testLegacyMutateACNPNoRuleName(t *testing.T) { - mutateErr := fmt.Errorf("ACNP Rule name not mutated automatically") - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-no-rule-name"). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - SetPriority(10.0). - AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - acnp, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp) - if err != nil { - failOnError(fmt.Errorf("ACNP create failed %v", err), t) - } - ir := acnp.Spec.Ingress - if len(ir) != 1 { - failOnError(fmt.Errorf("unexpected number of rules present in ACNP: %d rules present instead of 1", len(ir)), t) - } - // Here we created a single rule - if ir[0].Name == "" { - failOnError(mutateErr, t) - } - failOnError(k8sUtils.CleanLegacyACNPs(), t) -} - -func testLegacyMutateANPNoRuleName(t *testing.T) { - mutateErr := fmt.Errorf("ANP Rule name not mutated automatically") - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("x", "anp-no-rule-name"). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - SetPriority(10.0). - AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, crdv1alpha1.RuleActionAllow, "") - anp := builder.GetLegacy() - log.Debugf("creating ANP %v", anp.Name) - anp, err := k8sUtils.CreateOrUpdateLegacyANP(anp) - if err != nil { - failOnError(fmt.Errorf("ANP create failed %v", err), t) - } - ir := anp.Spec.Ingress - if len(ir) != 1 { - failOnError(fmt.Errorf("unexpected number of rules present in ANP: %d rules present instead of 1", len(ir)), t) - } - // Here we created a single rule - if ir[0].Name == "" { - failOnError(mutateErr, t) - } - failOnError(k8sUtils.CleanLegacyANPs([]string{anp.Namespace}), t) -} - -func testLegacyInvalidACNPNoPriority(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy without a priority accepted") - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-no-priority"). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidACNPRuleNameNotUnique(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy without unique rule names accepted") - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-rule-name-not-unique"). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "not-unique"). - AddIngress(v1.ProtocolTCP, &p81, nil, nil, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "not-unique") - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidACNPTierDoesNotExist(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy without existing Tier accepted") - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-tier-not-exist"). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - SetTier("i-dont-exist") - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidACNPPortRangePortUnset(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy egress rule with endPort but no port accepted") - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-egress-port-range-port-unset"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) - builder.AddEgress(v1.ProtocolTCP, nil, nil, &p8085, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "acnp-port-range") - - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidACNPPortRangeEndPortSmall(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy egress rule with endPort smaller than port accepted") - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-egress-port-range-endport-small"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) - builder.AddEgress(v1.ProtocolTCP, &p8082, nil, &p8081, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "acnp-port-range") - - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidACNPSpecAppliedToRuleAppliedToSet(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with spec appliedTo and rules appliedTo set") - ruleAppTo := ACNPAppliedToSpec{ - PodSelector: map[string]string{"pod": "b"}, - } - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-spec-appto-and-rules-appto"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) - builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, []ACNPAppliedToSpec{ruleAppTo}, crdv1alpha1.RuleActionAllow, "", "") - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidACNPAppliedToNotSetInAllRules(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with appliedTo not set in all rules") - ruleAppTo := ACNPAppliedToSpec{ - PodSelector: map[string]string{"pod": "b"}, - } - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-appto-not-set-in-all-rules"). - SetPriority(1.0) - builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, []ACNPAppliedToSpec{ruleAppTo}, crdv1alpha1.RuleActionAllow, "", ""). - AddIngress(v1.ProtocolTCP, &p81, nil, nil, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidACNPIngressPeerCGSetWithPodSelector(t *testing.T) { - cgA := "cgA" - selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} - ruleAppTo := ACNPAppliedToSpec{ - PodSelector: map[string]string{"pod": "b"}, - } - k8sUtils.CreateLegacyCG(cgA, &selectorA, nil, nil) - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with group and podSelector in NetworkPolicyPeer set") - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-ingress-group-podselector-set"). - SetPriority(1.0) - builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, nil, - nil, nil, false, []ACNPAppliedToSpec{ruleAppTo}, crdv1alpha1.RuleActionAllow, "cgA", "") - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } - failOnError(k8sUtils.CleanCGs(), t) -} - -func testLegacyInvalidACNPIngressPeerCGSetWithNSSelector(t *testing.T) { - cgA := "cgA" - selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} - k8sUtils.CreateLegacyCG(cgA, &selectorA, nil, nil) - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with group and namespaceSelector in NetworkPolicyPeer set") - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-ingress-group-nsselector-set"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) - builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "cgA", "") - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } - failOnError(k8sUtils.CleanCGs(), t) -} - -func testLegacyInvalidACNPIngressPeerCGSetWithIPBlock(t *testing.T) { - cgA := "cgA" - selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} - k8sUtils.CreateLegacyCG(cgA, &selectorA, nil, nil) - invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with group and ipBlock in NetworkPolicyPeer set") - cidr := "10.0.0.10/32" - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-ingress-group-ipblock-set"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{Group: "cgA"}}) - builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, &cidr, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, []ACNPAppliedToSpec{{Group: "cgB"}}, crdv1alpha1.RuleActionAllow, "", "") - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { - // Above creation of ACNP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidANPNoPriority(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy without a priority accepted") - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("x", "anp-no-priority"). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - anp := builder.GetLegacy() - log.Debugf("creating ANP %v", anp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { - // Above creation of ANP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidANPRuleNameNotUnique(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy without unique rule names accepted") - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("x", "anp-rule-name-not-unique"). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, crdv1alpha1.RuleActionAllow, "not-unique"). - AddIngress(v1.ProtocolTCP, &p81, nil, nil, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, crdv1alpha1.RuleActionAllow, "not-unique") - anp := builder.GetLegacy() - log.Debugf("creating ANP %v", anp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { - // Above creation of ANP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidANPTierDoesNotExist(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy without existing Tier accepted") - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("x", "anp-tier-not-exist"). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - SetTier("i-dont-exist") - anp := builder.GetLegacy() - log.Debugf("creating ANP %v", anp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { - // Above creation of ANP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidANPPortRangePortUnset(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy egress rule with endPort but no port accepted") - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("y", "anp-egress-port-range-port-unset"). - SetPriority(1.0). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) - builder.AddEgress(v1.ProtocolTCP, nil, nil, &p8085, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, crdv1alpha1.RuleActionDrop, "anp-port-range") - - anp := builder.GetLegacy() - log.Debugf("creating ANP %v", anp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { - // Above creation of ANP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidANPPortRangeEndPortSmall(t *testing.T) { - invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy egress rule with endPort smaller than port accepted") - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("y", "anp-egress-port-range-endport-small"). - SetPriority(1.0). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) - builder.AddEgress(v1.ProtocolTCP, &p8082, nil, &p8081, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, crdv1alpha1.RuleActionDrop, "anp-port-range") - - anp := builder.GetLegacy() - log.Debugf("creating ANP %v", anp.Name) - if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { - // Above creation of ANP must fail as it is an invalid spec. - failOnError(invalidNpErr, t) - } -} - -func testLegacyInvalidTierReservedDelete(t *testing.T) { - invalidErr := fmt.Errorf("reserved Tier deleted") - if err := k8sUtils.DeleteLegacyTier("emergency"); err == nil { - // Above deletion of reserved Tier must fail. - failOnError(invalidErr, t) - } -} - -func testLegacyInvalidTierPriorityUpdate(t *testing.T) { - invalidErr := fmt.Errorf("tier priority updated") - oldTier, err := k8sUtils.CreateNewLegacyTier("prio-updated-tier", 21) - if err != nil { - failOnError(fmt.Errorf("create Tier failed for tier prio-updated-tier: %v", err), t) - } - // Update this tier with new priority - newTier := legacysecv1alpha1.Tier{ - ObjectMeta: oldTier.ObjectMeta, - Spec: oldTier.Spec, - } - // Attempt to update Tier's priority - newTier.Spec.Priority = 31 - // Above update of Tier must fail as it is an invalid case. - if _, err = k8sUtils.UpdateLegacyTier(&newTier); err == nil { - failOnError(invalidErr, t) - } - failOnError(k8sUtils.DeleteLegacyTier(oldTier.Name), t) -} - -func testLegacyInvalidTierPriorityOverlap(t *testing.T) { - invalidErr := fmt.Errorf("tiers created with overlapping priorities") - tr, err := k8sUtils.CreateNewLegacyTier("tier-prio-20", 20) - if err != nil { - failOnError(fmt.Errorf("create Tier failed for tier tier-prio-20: %v", err), t) - } - time.Sleep(mockWait) - // Attempt to create Tier with same priority. - if _, err = k8sUtils.CreateNewLegacyTier("another-tier-prio-20", 20); err == nil { - // Above creation of Tier must fail as it is an invalid spec. - failOnError(invalidErr, t) - } - failOnError(k8sUtils.DeleteLegacyTier(tr.Name), t) -} - -func testLegacyInvalidTierReservedPriority(t *testing.T) { - invalidErr := fmt.Errorf("tier created with reserved priority") - if _, err := k8sUtils.CreateNewLegacyTier("tier-reserved-prio", 251); err == nil { - // Above creation of Tier must fail as it is an invalid spec. - failOnError(invalidErr, t) - } -} - -func testLegacyInvalidTierACNPRefDelete(t *testing.T) { - invalidErr := fmt.Errorf("tier deleted with referenced ACNPs") - tr, err := k8sUtils.CreateNewLegacyTier("tier-acnp", 10) - if err != nil { - failOnError(fmt.Errorf("create Tier failed for tier tier-acnp: %v", err), t) - } - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-for-tier"). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - SetTier("tier-acnp"). - SetPriority(13.0) - acnp := builder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - if _, err = k8sUtils.CreateOrUpdateLegacyACNP(acnp); err != nil { - failOnError(fmt.Errorf("create ACNP failed for ACNP %s: %v", acnp.Name, err), t) - } - // Deleting this Tier must fail as it has referenced ACNP - if err = k8sUtils.DeleteLegacyTier(tr.Name); err == nil { - failOnError(invalidErr, t) - } - failOnError(k8sUtils.CleanLegacyACNPs(), t) - failOnError(k8sUtils.DeleteLegacyTier(tr.Name), t) -} - -func testLegacyInvalidTierANPRefDelete(t *testing.T) { - invalidErr := fmt.Errorf("tier deleted with referenced ANPs") - tr, err := k8sUtils.CreateNewLegacyTier("tier-anp", 10) - if err != nil { - failOnError(fmt.Errorf("create Tier failed for tier tier-anp: %v", err), t) - } - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("x", "anp-for-tier"). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). - SetTier("tier-anp"). - SetPriority(13.0) - anp := builder.GetLegacy() - log.Debugf("creating ANP %v", anp.Name) - if _, err = k8sUtils.CreateOrUpdateLegacyANP(anp); err != nil { - failOnError(fmt.Errorf("create ANP failed for ANP %s: %v", anp.Name, err), t) - } - // Deleting this Tier must fail as it has referenced ANP - if err = k8sUtils.DeleteLegacyTier(tr.Name); err == nil { - failOnError(invalidErr, t) - } - failOnError(k8sUtils.CleanLegacyANPs([]string{anp.Namespace}), t) - failOnError(k8sUtils.DeleteLegacyTier(tr.Name), t) -} - -// testACNPAllowXBtoA tests traffic from X/B to pods with label A, after applying the default deny -// k8s NetworkPolicies in all namespaces and ACNP to allow X/B to A. -func testLegacyACNPAllowXBtoA(t *testing.T) { - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-allow-xb-to-a"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - - reachability := NewReachability(allPods, Dropped) - reachability.Expect(Pod("x/b"), Pod("x/a"), Connected) - reachability.Expect(Pod("x/b"), Pod("y/a"), Connected) - reachability.Expect(Pod("x/b"), Pod("z/a"), Connected) - reachability.ExpectSelf(allPods, Connected) - - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Allow X/B to A", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testACNPAllowXBtoYA tests traffic from X/B to Y/A on named port 81, after applying the default deny -// k8s NetworkPolicies in all namespaces and ACNP to allow X/B to Y/A. -func testLegacyACNPAllowXBtoYA(t *testing.T) { - port81Name := "serve-81" - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-allow-xb-to-ya"). - SetPriority(2.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "y"}}}) - builder.AddIngress(v1.ProtocolTCP, nil, &port81Name, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - - reachability := NewReachability(allPods, Dropped) - reachability.Expect(Pod("x/b"), Pod("y/a"), Connected) - reachability.ExpectSelf(allPods, Connected) - - testStep := []*TestStep{ - { - "NamedPort 81", - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{81}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Allow X/B to Y/A", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testACNPPriorityOverrideDefaultDeny tests priority override in ACNP. It applies a higher priority ACNP to drop -// traffic from namespace Z to X/A, and in the meantime applies a lower priority ACNP to allow traffic from Z to X. -// It is tested with default deny k8s NetworkPolicies in all namespaces. -func testLegacyACNPPriorityOverrideDefaultDeny(t *testing.T) { - builder1 := &ClusterNetworkPolicySpecBuilder{} - builder1 = builder1.SetName("acnp-priority2"). - SetPriority(2). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - - builder2 := &ClusterNetworkPolicySpecBuilder{} - builder2 = builder2.SetName("acnp-priority1"). - SetPriority(1). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) - builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - // Ingress from ns:z to x/a will be dropped since acnp-priority1 has higher precedence. - reachabilityBothACNP := NewReachability(allPods, Dropped) - reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/b"), Connected) - reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/c"), Connected) - reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/b"), Connected) - reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/c"), Connected) - reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/b"), Connected) - reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/c"), Connected) - reachabilityBothACNP.ExpectSelf(allPods, Connected) - - testStep := []*TestStep{ - { - "Both ACNP", - reachabilityBothACNP, - []metav1.Object{builder1.GetLegacy(), builder2.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP PriorityOverride Default Deny", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testLegacyACNPAllowNoDefaultIsolation tests that no default isolation rules are created for Policies. -func testLegacyACNPAllowNoDefaultIsolation(t *testing.T, protocol v1.Protocol) { - if protocol == v1.ProtocolSCTP { - skipIfProviderIs(t, "kind", "OVS userspace conntrack does not have the SCTP support for now.") - // SCTP testing is failing on our IPv6 CI testbeds at the moment. This seems to be - // related to an issue with ESX networking for SCTPv6 traffic when the Pods are on - // different Node VMs which are themselves on different ESX hosts. We are - // investigating the issue and disabling the tests for IPv6 clusters in the - // meantime. - skipIfIPv6Cluster(t) - } - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-allow-x-ingress-y-egress-z"). - SetPriority(1.1). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - builder.AddIngress(protocol, &p81, nil, nil, nil, nil, map[string]string{"ns": "y"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - builder.AddEgress(protocol, &p81, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - - reachability := NewReachability(allPods, Connected) - testStep := []*TestStep{ - { - "Port 81", - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{81}, - protocol, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Allow No Default Isolation", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testLegacyACNPDropEgress tests that a ACNP is able to drop egress traffic from pods labelled A to namespace Z. -func testLegacyACNPDropEgress(t *testing.T, protocol v1.Protocol) { - if protocol == v1.ProtocolSCTP { - skipIfProviderIs(t, "kind", "OVS userspace conntrack does not have the SCTP support for now.") - // SCTP testing is failing on our IPv6 CI testbeds at the moment. This seems to be - // related to an issue with ESX networking for SCTPv6 traffic when the Pods are on - // different Node VMs which are themselves on different ESX hosts. We are - // investigating the issue and disabling the tests for IPv6 clusters in the - // meantime. - skipIfIPv6Cluster(t) - } - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-a-to-z-egress"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - builder.AddEgress(protocol, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) - - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{80}, - protocol, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Drop Egress From All Pod:a to NS:z", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testLegacyACNPNoEffectOnOtherProtocols tests that a ACNP which drops TCP traffic won't affect other protocols (e.g. UDP). -func testLegacyACNPNoEffectOnOtherProtocols(t *testing.T) { - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-a-to-z-ingress"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - reachability1 := NewReachability(allPods, Connected) - reachability1.Expect(Pod("z/a"), Pod("x/a"), Dropped) - reachability1.Expect(Pod("z/b"), Pod("x/a"), Dropped) - reachability1.Expect(Pod("z/c"), Pod("x/a"), Dropped) - reachability1.Expect(Pod("z/a"), Pod("y/a"), Dropped) - reachability1.Expect(Pod("z/b"), Pod("y/a"), Dropped) - reachability1.Expect(Pod("z/c"), Pod("y/a"), Dropped) - reachability1.Expect(Pod("z/b"), Pod("z/a"), Dropped) - reachability1.Expect(Pod("z/c"), Pod("z/a"), Dropped) - - reachability2 := NewReachability(allPods, Connected) - - testStep := []*TestStep{ - { - "Port 80", - reachability1, - []metav1.Object{builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - { - "Port 80", - reachability2, - []metav1.Object{builder.GetLegacy()}, - []int32{80}, - v1.ProtocolUDP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Drop Ingress From All Pod:a to NS:z TCP Not UDP", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testACNPAppliedToDenyXBtoCGWithYA tests traffic from X/B to ClusterGroup Y/A on named port 81 is dropped. -func testLegacyACNPAppliedToDenyXBtoCGWithYA(t *testing.T) { - cgName := "cg-pods-ya" - cgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder = cgBuilder.SetName(cgName) - cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "y"}, nil) - cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "a"}, nil) - port81Name := "serve-81" - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-cg-with-ya-from-xb"). - SetPriority(2.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cgName}}) - builder.AddIngress(v1.ProtocolTCP, nil, &port81Name, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) - reachability.ExpectSelf(allPods, Connected) - - testStep := []*TestStep{ - { - "NamedPort 81", - reachability, - []metav1.Object{cgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{81}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Deny ClusterGroup Y/A from X/B", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testACNPIngressRuleDenyCGWithXBtoYA tests traffic from ClusterGroup with X/B to Y/A on named port 81 is dropped. -func testLegacyACNPIngressRuleDenyCGWithXBtoYA(t *testing.T) { - cgName := "cg-pods-xb" - cgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder = cgBuilder.SetName(cgName) - cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "x"}, nil) - cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "b"}, nil) - port81Name := "serve-81" - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-cg-with-xb-to-ya"). - SetPriority(2.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "y"}}}) - builder.AddIngress(v1.ProtocolTCP, nil, &port81Name, nil, nil, nil, nil, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, cgName, "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) - reachability.ExpectSelf(allPods, Connected) - - testStep := []*TestStep{ - { - "NamedPort 81", - reachability, - []metav1.Object{cgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{81}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Deny ClusterGroup X/B to Y/A", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testACNPAppliedToRuleCGWithPodsAToNsZ tests that a ACNP is able to drop egress traffic from CG with pods labelled A namespace Z. -func testLegacyACNPAppliedToRuleCGWithPodsAToNsZ(t *testing.T) { - cgName := "cg-pods-a" - cgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder = cgBuilder.SetName(cgName) - cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "a"}, nil) - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-cg-with-a-to-z"). - SetPriority(1.0) - builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, []ACNPAppliedToSpec{{Group: cgName}}, crdv1alpha1.RuleActionDrop, "", "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) - - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{cgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Drop Egress From ClusterGroup with All Pod:a to NS:z", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testACNPEgressRulePodsAToCGWithNsZ tests that a ACNP is able to drop egress traffic from pods labelled A to a CG with namespace Z. -func testLegacyACNPEgressRulePodsAToCGWithNsZ(t *testing.T) { - cgName := "cg-ns-z" - cgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder = cgBuilder.SetName(cgName) - cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "z"}, nil) - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-a-to-cg-with-z-egress"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, cgName, "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) - - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{cgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Drop Egress From All Pod:a to ClusterGroup with NS:z", testStep}, - } - executeLegacyTests(t, testCase) -} - -func testLegacyACNPClusterGroupUpdateAppliedTo(t *testing.T) { - cgName := "cg-pods-a-then-c" - cgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder = cgBuilder.SetName(cgName) - cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "a"}, nil) - // Update CG Pod selector to group Pods C - updatedCgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - updatedCgBuilder = updatedCgBuilder.SetName(cgName) - updatedCgBuilder = updatedCgBuilder.SetPodSelector(map[string]string{"pod": "c"}, nil) - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-cg-with-a-to-z-egress"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cgName}}) - builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) - - updatedReachability := NewReachability(allPods, Connected) - updatedReachability.Expect(Pod("x/c"), Pod("z/a"), Dropped) - updatedReachability.Expect(Pod("x/c"), Pod("z/b"), Dropped) - updatedReachability.Expect(Pod("x/c"), Pod("z/c"), Dropped) - updatedReachability.Expect(Pod("y/c"), Pod("z/a"), Dropped) - updatedReachability.Expect(Pod("y/c"), Pod("z/b"), Dropped) - updatedReachability.Expect(Pod("y/c"), Pod("z/c"), Dropped) - updatedReachability.Expect(Pod("z/c"), Pod("z/a"), Dropped) - updatedReachability.Expect(Pod("z/c"), Pod("z/b"), Dropped) - testStep := []*TestStep{ - { - "CG Pods A", - reachability, - []metav1.Object{cgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - { - "CG Pods C - update", - updatedReachability, - []metav1.Object{updatedCgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Drop Egress From CG Pod:a to NS:z updated to ClusterGroup with Pod:c", testStep}, - } - executeLegacyTests(t, testCase) -} - -func testLegacyACNPClusterGroupUpdate(t *testing.T) { - cgName := "cg-ns-z-then-y" - cgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder = cgBuilder.SetName(cgName) - cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "z"}, nil) - // Update CG NS selector to group Pods from Namespace Y - updatedCgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - updatedCgBuilder = updatedCgBuilder.SetName(cgName) - updatedCgBuilder = updatedCgBuilder.SetNamespaceSelector(map[string]string{"ns": "y"}, nil) - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-a-to-cg-with-z-egress"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, cgName, "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) - - updatedReachability := NewReachability(allPods, Connected) - updatedReachability.Expect(Pod("x/a"), Pod("y/a"), Dropped) - updatedReachability.Expect(Pod("x/a"), Pod("y/b"), Dropped) - updatedReachability.Expect(Pod("x/a"), Pod("y/c"), Dropped) - updatedReachability.Expect(Pod("y/a"), Pod("y/b"), Dropped) - updatedReachability.Expect(Pod("y/a"), Pod("y/c"), Dropped) - updatedReachability.Expect(Pod("z/a"), Pod("y/a"), Dropped) - updatedReachability.Expect(Pod("z/a"), Pod("y/b"), Dropped) - updatedReachability.Expect(Pod("z/a"), Pod("y/c"), Dropped) - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{cgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - { - "Port 80 - update", - updatedReachability, - []metav1.Object{updatedCgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Drop Egress From All Pod:a to ClusterGroup with NS:z updated to ClusterGroup with NS:y", testStep}, - } - executeLegacyTests(t, testCase) -} - -func testLegacyACNPClusterGroupAppliedToPodAdd(t *testing.T, data *TestData) { - cgName := "cg-pod-custom-pod-zj" - cgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder = cgBuilder.SetName(cgName) - cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "z"}, nil) - cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "j"}, nil) - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-cg-with-zj-to-xj-egress"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cgName}}) - builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "j"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - cp := []*CustomProbe{ - { - SourcePod: CustomPod{ - Pod: NewPod("z", "j"), - Labels: map[string]string{"pod": "j"}, - }, - DestPod: CustomPod{ - Pod: NewPod("x", "j"), - Labels: map[string]string{"pod": "j"}, - }, - ExpectConnectivity: Dropped, - Port: p80, - }, - } - testStep := []*TestStep{ - { - "Port 80", - nil, - []metav1.Object{cgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - cp, - }, - } - testCase := []*TestCase{ - {"ACNP Drop Egress From ClusterGroup with Pod: z/j to Pod: x/j for Pod ADD events", testStep}, - } - executeLegacyTestsWithData(t, testCase, data) -} - -func testLegacyACNPClusterGroupRefRulePodAdd(t *testing.T, data *TestData) { - cgName := "cg-pod-custom-pod-zk" - cgBuilder := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder = cgBuilder.SetName(cgName) - cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "z"}, nil) - cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "k"}, nil) - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-xk-to-cg-with-zk-egress"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "k"}, - NSSelector: map[string]string{"ns": "x"}}}) - builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, cgName, "") - cp := []*CustomProbe{ - { - SourcePod: CustomPod{ - Pod: NewPod("x", "k"), - Labels: map[string]string{"pod": "k"}, - }, - DestPod: CustomPod{ - Pod: NewPod("z", "k"), - Labels: map[string]string{"pod": "k"}, - }, - ExpectConnectivity: Dropped, - Port: p80, - }, - } - testStep := []*TestStep{ - { - "Port 80", - nil, - []metav1.Object{cgBuilder.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - cp, - }, - } - testCase := []*TestCase{ - {"ACNP Drop Egress From Pod: x/k to ClusterGroup with Pod: z/k for Pod ADD event", testStep}, - } - executeLegacyTestsWithData(t, testCase, data) -} - -// testBaselineNamespaceIsolation tests that a ACNP in the baseline Tier is able to enforce default namespace isolation, -// which can be later overridden by developer K8s NetworkPolicies. -func testLegacyBaselineNamespaceIsolation(t *testing.T) { - builder := &ClusterNetworkPolicySpecBuilder{} - nsExpOtherThanX := metav1.LabelSelectorRequirement{ - Key: "ns", - Operator: metav1.LabelSelectorOpNotIn, - Values: []string{"x"}, - } - builder = builder.SetName("acnp-baseline-isolate-ns-x"). - SetTier("baseline"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, - nil, []metav1.LabelSelectorRequirement{nsExpOtherThanX}, - false, nil, crdv1alpha1.RuleActionDrop, "", "") - - // create a K8s NetworkPolicy for Pods in namespace x to allow ingress traffic from Pods in the same namespace, - // as well as from the y/a Pod. It should open up ingress from y/a since it's evaluated before the baseline tier. - k8sNPBuilder := &NetworkPolicySpecBuilder{} - k8sNPBuilder = k8sNPBuilder.SetName("x", "allow-ns-x-and-y-a"). - SetTypeIngress(). - AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, - nil, map[string]string{"ns": "x"}, nil, nil). - AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, - map[string]string{"pod": "a"}, map[string]string{"ns": "y"}, nil, nil) - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("y/b"), Pod("x/a"), Dropped) - reachability.Expect(Pod("y/c"), Pod("x/a"), Dropped) - reachability.Expect(Pod("z/a"), Pod("x/a"), Dropped) - reachability.Expect(Pod("z/b"), Pod("x/a"), Dropped) - reachability.Expect(Pod("z/c"), Pod("x/a"), Dropped) - reachability.Expect(Pod("y/b"), Pod("x/b"), Dropped) - reachability.Expect(Pod("y/c"), Pod("x/b"), Dropped) - reachability.Expect(Pod("z/a"), Pod("x/b"), Dropped) - reachability.Expect(Pod("z/b"), Pod("x/b"), Dropped) - reachability.Expect(Pod("z/c"), Pod("x/b"), Dropped) - reachability.Expect(Pod("y/b"), Pod("x/c"), Dropped) - reachability.Expect(Pod("y/c"), Pod("x/c"), Dropped) - reachability.Expect(Pod("z/a"), Pod("x/c"), Dropped) - reachability.Expect(Pod("z/b"), Pod("x/c"), Dropped) - reachability.Expect(Pod("z/c"), Pod("x/c"), Dropped) - - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{builder.GetLegacy(), k8sNPBuilder.Get()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP baseline tier namespace isolation", testStep}, - } - executeLegacyTests(t, testCase) - // Cleanup the K8s NetworkPolicy created for this test. - failOnError(k8sUtils.CleanNetworkPolicies([]string{"x"}), t) - time.Sleep(networkPolicyDelay) -} - -// testACNPPriorityOverride tests priority overriding in three Policies. Those three Policies are applied in a specific order to -// test priority reassignment, and each controls a smaller set of traffic patterns as priority increases. -func testLegacyACNPPriorityOverride(t *testing.T) { - builder1 := &ClusterNetworkPolicySpecBuilder{} - builder1 = builder1.SetName("acnp-priority1"). - SetPriority(1.001). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) - // Highest priority. Drops traffic from z/b to x/a. - builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - builder2 := &ClusterNetworkPolicySpecBuilder{} - builder2 = builder2.SetName("acnp-priority2"). - SetPriority(1.002). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) - // Medium priority. Allows traffic from z to x/a. - builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - - builder3 := &ClusterNetworkPolicySpecBuilder{} - builder3 = builder3.SetName("acnp-priority3"). - SetPriority(1.003). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - // Lowest priority. Drops traffic from z to x. - builder3.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - reachabilityTwoACNPs := NewReachability(allPods, Connected) - reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) - - reachabilityAllACNPs := NewReachability(allPods, Connected) - reachabilityAllACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/a"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) - - testStepTwoACNP := []*TestStep{ - { - "Two Policies with different priorities", - reachabilityTwoACNPs, - []metav1.Object{builder3.GetLegacy(), builder2.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - // Create the Policies in specific order to make sure that priority re-assignments work as expected. - testStepAll := []*TestStep{ - { - "All three Policies", - reachabilityAllACNPs, - []metav1.Object{builder3.GetLegacy(), builder1.GetLegacy(), builder2.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP PriorityOverride Intermediate", testStepTwoACNP}, - {"ACNP PriorityOverride All", testStepAll}, - } - executeLegacyTests(t, testCase) -} - -// testACNPTierOverride tests tier priority overriding in three Policies. -// Each ACNP controls a smaller set of traffic patterns as tier priority increases. -func testLegacyACNPTierOverride(t *testing.T) { - builder1 := &ClusterNetworkPolicySpecBuilder{} - builder1 = builder1.SetName("acnp-tier-emergency"). - SetTier("emergency"). - SetPriority(100). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) - // Highest priority. Drops traffic from z/b to x/a. - builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - builder2 := &ClusterNetworkPolicySpecBuilder{} - builder2 = builder2.SetName("acnp-tier-securityops"). - SetTier("securityops"). - SetPriority(10). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) - // Medium priority tier. Allows traffic from z to x/a. - builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - - builder3 := &ClusterNetworkPolicySpecBuilder{} - builder3 = builder3.SetName("acnp-tier-application"). - SetTier("application"). - SetPriority(1). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - // Lowest priority tier. Drops traffic from z to x. - builder3.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - reachabilityTwoACNPs := NewReachability(allPods, Connected) - reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) - - reachabilityAllACNPs := NewReachability(allPods, Connected) - reachabilityAllACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/a"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) - reachabilityAllACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) - - testStepTwoACNP := []*TestStep{ - { - "Two Policies in different tiers", - reachabilityTwoACNPs, - []metav1.Object{builder3.GetLegacy(), builder2.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testStepAll := []*TestStep{ - { - "All three Policies in different tiers", - reachabilityAllACNPs, - []metav1.Object{builder3.GetLegacy(), builder1.GetLegacy(), builder2.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP TierOverride Intermediate", testStepTwoACNP}, - {"ACNP TierOverride All", testStepAll}, - } - executeLegacyTests(t, testCase) -} - -// testACNPTierOverride tests tier priority overriding in three Policies with custom created tiers. -// Each ACNP controls a smaller set of traffic patterns as tier priority increases. -func testLegacyACNPCustomTiers(t *testing.T) { - k8sUtils.DeleteLegacyTier("high-priority") - k8sUtils.DeleteLegacyTier("low-priority") - // Create two custom tiers with tier priority immediately next to each other. - _, err := k8sUtils.CreateNewLegacyTier("high-priority", 245) - failOnError(err, t) - _, err = k8sUtils.CreateNewLegacyTier("low-priority", 246) - failOnError(err, t) - - builder1 := &ClusterNetworkPolicySpecBuilder{} - builder1 = builder1.SetName("acnp-tier-high"). - SetTier("high-priority"). - SetPriority(100). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) - // Medium priority tier. Allows traffic from z to x/a. - builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - - time.Sleep(mockWait) - builder2 := &ClusterNetworkPolicySpecBuilder{} - builder2 = builder2.SetName("acnp-tier-low"). - SetTier("low-priority"). - SetPriority(1). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - // Lowest priority tier. Drops traffic from z to x. - builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - reachabilityTwoACNPs := NewReachability(allPods, Connected) - reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) - reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) - testStepTwoACNP := []*TestStep{ - { - "Two Policies in different tiers", - reachabilityTwoACNPs, - []metav1.Object{builder2.GetLegacy(), builder1.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Custom Tier priority", testStepTwoACNP}, - } - executeLegacyTests(t, testCase) - // Cleanup customed tiers. ACNPs created in those tiers need to be deleted first. - failOnError(k8sUtils.CleanLegacyACNPs(), t) - failOnError(k8sUtils.DeleteLegacyTier("high-priority"), t) - failOnError(k8sUtils.DeleteLegacyTier("low-priority"), t) -} - -// testACNPPriorityConflictingRule tests that if there are two Policies in the cluster with rules that conflicts with -// each other, the ACNP with higher priority will prevail. -func testLegacyACNPPriorityConflictingRule(t *testing.T) { - builder1 := &ClusterNetworkPolicySpecBuilder{} - builder1 = builder1.SetName("acnp-drop"). - SetPriority(1). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - builder2 := &ClusterNetworkPolicySpecBuilder{} - builder2 = builder2.SetName("acnp-allow"). - SetPriority(2). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - // The following ingress rule will take no effect as it is exactly the same as ingress rule of cnp-drop, - // but cnp-allow has lower priority. - builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - - reachabilityBothACNP := NewReachability(allPods, Connected) - reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/a"), Dropped) - reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/b"), Dropped) - reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/c"), Dropped) - reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/a"), Dropped) - reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/b"), Dropped) - reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/c"), Dropped) - reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/a"), Dropped) - reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/b"), Dropped) - reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/c"), Dropped) - - testStep := []*TestStep{ - { - "Both ACNP", - reachabilityBothACNP, - []metav1.Object{builder1.GetLegacy(), builder2.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Priority Conflicting Rule", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testACNPPriorityConflictingRule tests that if there are two rules in the cluster that conflicts with -// each other, the rule with higher precedence will prevail. -func testLegacyACNPRulePrioirty(t *testing.T) { - builder1 := &ClusterNetworkPolicySpecBuilder{} - // acnp-deny will apply to all pods in namespace x - builder1 = builder1.SetName("acnp-deny"). - SetPriority(5). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - builder1.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "y"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - // This rule should take no effect as it will be overridden by the first rule of cnp-allow - builder1.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - builder2 := &ClusterNetworkPolicySpecBuilder{} - // acnp-allow will also apply to all pods in namespace x - builder2 = builder2.SetName("acnp-allow"). - SetPriority(5). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) - builder2.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - // This rule should take no effect as it will be overridden by the first rule of cnp-drop - builder2.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "y"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - - // Only egress from pods in namespace x to namespace y should be denied - reachabilityBothACNP := NewReachability(allPods, Connected) - reachabilityBothACNP.Expect(Pod("x/a"), Pod("y/a"), Dropped) - reachabilityBothACNP.Expect(Pod("x/b"), Pod("y/a"), Dropped) - reachabilityBothACNP.Expect(Pod("x/c"), Pod("y/a"), Dropped) - reachabilityBothACNP.Expect(Pod("x/a"), Pod("y/b"), Dropped) - reachabilityBothACNP.Expect(Pod("x/b"), Pod("y/b"), Dropped) - reachabilityBothACNP.Expect(Pod("x/c"), Pod("y/b"), Dropped) - reachabilityBothACNP.Expect(Pod("x/a"), Pod("y/c"), Dropped) - reachabilityBothACNP.Expect(Pod("x/b"), Pod("y/c"), Dropped) - reachabilityBothACNP.Expect(Pod("x/c"), Pod("y/c"), Dropped) - - testStep := []*TestStep{ - { - "Both ACNP", - reachabilityBothACNP, - []metav1.Object{builder2.GetLegacy(), builder1.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Rule Priority", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testACNPPortRange tests the port range in a ACNP can work. -func testLegacyACNPPortRange(t *testing.T) { - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-deny-a-to-z-egress-port-range"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - builder.AddEgress(v1.ProtocolTCP, &p8080, nil, &p8085, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "acnp-port-range") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) - - var testSteps []*TestStep - testSteps = append(testSteps, &TestStep{ - fmt.Sprint("ACNP Drop Ports 8080:8085"), - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{8080, 8081, 8082, 8083, 8084, 8085}, - v1.ProtocolTCP, - 0, - nil, - }) - - testCase := []*TestCase{ - {"ACNP Drop Egress From All Pod:a to NS:z with a portRange", testSteps}, - } - executeLegacyTests(t, testCase) -} - -// testACNPRejectEgress tests that a ACNP is able to reject egress traffic from pods labelled A to namespace Z. -func testLegacyACNPRejectEgress(t *testing.T) { - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-reject-a-to-z-egress"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionReject, "", "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/a"), Pod("z/a"), Rejected) - reachability.Expect(Pod("x/a"), Pod("z/b"), Rejected) - reachability.Expect(Pod("x/a"), Pod("z/c"), Rejected) - reachability.Expect(Pod("y/a"), Pod("z/a"), Rejected) - reachability.Expect(Pod("y/a"), Pod("z/b"), Rejected) - reachability.Expect(Pod("y/a"), Pod("z/c"), Rejected) - reachability.Expect(Pod("z/a"), Pod("z/b"), Rejected) - reachability.Expect(Pod("z/a"), Pod("z/c"), Rejected) - - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Reject egress From All Pod:a to NS:z", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testLegacyACNPRejectIngress tests that a ACNP is able to reject egress traffic from pods labelled A to namespace Z. -func testLegacyACNPRejectIngress(t *testing.T, protocol v1.Protocol) { - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("acnp-reject-a-from-z-ingress"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - builder.AddIngress(protocol, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionReject, "", "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("z/a"), Pod("x/a"), Rejected) - reachability.Expect(Pod("z/b"), Pod("x/a"), Rejected) - reachability.Expect(Pod("z/c"), Pod("x/a"), Rejected) - reachability.Expect(Pod("z/a"), Pod("y/a"), Rejected) - reachability.Expect(Pod("z/b"), Pod("y/a"), Rejected) - reachability.Expect(Pod("z/c"), Pod("y/a"), Rejected) - reachability.Expect(Pod("z/b"), Pod("z/a"), Rejected) - reachability.Expect(Pod("z/c"), Pod("z/a"), Rejected) - - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{80}, - protocol, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ACNP Reject ingress from NS:z to All Pod:a", testStep}, - } - executeLegacyTests(t, testCase) -} - -// testANPPortRange tests the port range in a ANP can work. -func testLegacyANPPortRange(t *testing.T) { - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("y", "anp-deny-yb-to-xc-egress-port-range"). - SetPriority(1.0). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) - builder.AddEgress(v1.ProtocolTCP, &p8080, nil, &p8085, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, crdv1alpha1.RuleActionDrop, "anp-port-range") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("y/b"), Pod("x/c"), Dropped) - - var testSteps []*TestStep - testSteps = append(testSteps, &TestStep{ - fmt.Sprint("ANP Drop Ports 8080:8085"), - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{8080, 8081, 8082, 8083, 8084, 8085}, - v1.ProtocolTCP, - 0, - nil, - }) - - testCase := []*TestCase{ - {"ANP Drop Egress y/b to x/c with a portRange", testSteps}, - } - executeLegacyTests(t, testCase) -} - -// testANPBasic tests traffic from X/B to Y/A on port 80 will be dropped, after applying Antrea NetworkPolicy -// that specifies that. Also it tests that a K8s NetworkPolicy with same appliedTo will not affect its behavior. -func testLegacyANPBasic(t *testing.T) { - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("y", "np-same-name"). - SetPriority(1.0). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) - builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, crdv1alpha1.RuleActionDrop, "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - // build a K8s NetworkPolicy that has the same appliedTo but allows all traffic. - k8sNPBuilder := &NetworkPolicySpecBuilder{} - k8sNPBuilder = k8sNPBuilder.SetName("y", "np-same-name"). - SetPodSelector(map[string]string{"pod": "a"}) - k8sNPBuilder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, - nil, nil, nil, nil) - testStep2 := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{builder.GetLegacy(), k8sNPBuilder.Get()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - testCase := []*TestCase{ - {"ANP Drop X/B to Y/A", testStep}, - {"With K8s NetworkPolicy of the same name", testStep2}, - } - executeLegacyTests(t, testCase) -} - -// testAuditLoggingBasic tests that a audit log is generated when egress drop applied -func testLegacyAuditLoggingBasic(t *testing.T, data *TestData) { - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("test-log-acnp-deny"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) - builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - builder.AddEgressLogging() - - _, err := k8sUtils.CreateOrUpdateLegacyACNP(builder.GetLegacy()) - failOnError(err, t) - time.Sleep(networkPolicyDelay) - - // generate some traffic that will be dropped by test-log-acnp-deny - k8sUtils.Probe("x", "a", "z", "a", p80, v1.ProtocolTCP) - k8sUtils.Probe("x", "a", "z", "b", p80, v1.ProtocolTCP) - k8sUtils.Probe("x", "a", "z", "c", p80, v1.ProtocolTCP) - time.Sleep(networkPolicyDelay) - - podXA, err := k8sUtils.GetPodByLabel("x", "a") - if err != nil { - t.Errorf("Failed to get Pod in Namespace x with label 'pod=a': %v", err) - } - // nodeName is guaranteed to be set at this stage, since the framework waits for all Pods to be in Running phase - nodeName := podXA.Spec.NodeName - antreaPodName, err := data.getAntreaPodOnNode(nodeName) - if err != nil { - t.Errorf("error occurred when trying to get the Antrea Agent pod running on node %s: %v", nodeName, err) - } - cmd := []string{"cat", logDir + logfileName} - stdout, stderr, err := data.runCommandFromPod(antreaNamespace, antreaPodName, "antrea-agent", cmd) - if err != nil || stderr != "" { - t.Errorf("error occurred when inspecting the audit log file. err: %v, stderr: %v", err, stderr) - } - assert.Equalf(t, true, strings.Contains(stdout, "test-log-acnp-deny"), "audit log does not contain entries for test-log-acnp-deny") - - destinations := []string{"z/a", "z/b", "z/c"} - srcIPs := podIPs["x/a"] - for _, d := range destinations { - dstIPs := podIPs[d] - for i := 0; i < len(srcIPs); i++ { - for j := 0; j < len(dstIPs); j++ { - if strings.Contains(srcIPs[i], ".") == strings.Contains(dstIPs[j], ".") { - // The audit log should contain log entry `... Drop ...` - pattern := `Drop [0-9]+ ` + srcIPs[i] + ` ` + dstIPs[j] - assert.Regexp(t, pattern, stdout, "audit log does not contain expected entry for x/a to %s", d) - break - } - } - } - } - failOnError(k8sUtils.CleanLegacyACNPs(), t) -} - -func testLegacyAppliedToPerRule(t *testing.T) { - builder := &AntreaNetworkPolicySpecBuilder{} - builder = builder.SetName("y", "np1").SetPriority(1.0) - anpATGrp1 := ANPAppliedToSpec{PodSelector: map[string]string{"pod": "a"}, PodSelectorMatchExp: nil} - anpATGrp2 := ANPAppliedToSpec{PodSelector: map[string]string{"pod": "b"}, PodSelectorMatchExp: nil} - builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, []ANPAppliedToSpec{anpATGrp1}, crdv1alpha1.RuleActionDrop, "") - builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "z"}, - nil, nil, []ANPAppliedToSpec{anpATGrp2}, crdv1alpha1.RuleActionDrop, "") - - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) - reachability.Expect(Pod("z/b"), Pod("y/b"), Dropped) - testStep := []*TestStep{ - { - "Port 80", - reachability, - []metav1.Object{builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - - builder2 := &ClusterNetworkPolicySpecBuilder{} - builder2 = builder2.SetName("cnp1").SetPriority(1.0) - cnpATGrp1 := ACNPAppliedToSpec{PodSelector: map[string]string{"pod": "a"}, PodSelectorMatchExp: nil} - cnpATGrp2 := ACNPAppliedToSpec{ - PodSelector: map[string]string{"pod": "b"}, NSSelector: map[string]string{"ns": "y"}, - PodSelectorMatchExp: nil, NSSelectorMatchExp: nil} - builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, []ACNPAppliedToSpec{cnpATGrp1}, crdv1alpha1.RuleActionDrop, "", "") - builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "z"}, - nil, nil, false, []ACNPAppliedToSpec{cnpATGrp2}, crdv1alpha1.RuleActionDrop, "", "") - - reachability2 := NewReachability(allPods, Connected) - reachability2.Expect(Pod("x/b"), Pod("x/a"), Dropped) - reachability2.Expect(Pod("x/b"), Pod("y/a"), Dropped) - reachability2.Expect(Pod("x/b"), Pod("z/a"), Dropped) - reachability2.Expect(Pod("z/b"), Pod("y/b"), Dropped) - testStep2 := []*TestStep{ - { - "Port 80", - reachability2, - []metav1.Object{builder2.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - }, - } - - testCase := []*TestCase{ - {"ANP AppliedTo per rule", testStep}, - {"ACNP AppliedTo per rule", testStep2}, - } - executeLegacyTests(t, testCase) -} - -func testLegacyACNPClusterGroupServiceRefCreateAndUpdate(t *testing.T, data *TestData) { - svc1 := k8sUtils.BuildService("svc1", "x", 80, 80, map[string]string{"app": "a"}, nil) - svc2 := k8sUtils.BuildService("svc2", "y", 80, 80, map[string]string{"app": "b"}, nil) - - cg1Name, cg2Name := "cg-svc1", "cg-svc2" - cgBuilder1 := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder1 = cgBuilder1.SetName(cg1Name).SetServiceReference("x", "svc1") - cgBuilder2 := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder2 = cgBuilder2.SetName(cg2Name).SetServiceReference("y", "svc2") - - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("cnp-cg-svc-ref").SetPriority(1.0).SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cg1Name}}) - builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, nil, nil, - false, nil, crdv1alpha1.RuleActionDrop, cg2Name, "") - - // Pods backing svc1 (label pod=a) in Namespace x should not allow ingress from Pods backing svc2 (label pod=b) in Namespace y. - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("y/b"), Pod("x/a"), Dropped) - testStep1 := &TestStep{ - "Port 80", - reachability, - []metav1.Object{svc1, svc2, cgBuilder1.GetLegacy(), cgBuilder2.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - } - - // Test update selector of Service referred in cg-svc1, and update serviceReference of cg-svc2. - svc1Updated := k8sUtils.BuildService("svc1", "x", 80, 80, map[string]string{"app": "b"}, nil) - svc3 := k8sUtils.BuildService("svc3", "y", 80, 80, map[string]string{"app": "a"}, nil) - cgBuilder2Updated := cgBuilder2.SetServiceReference("y", "svc3") - cp := []*CustomProbe{ - { - SourcePod: CustomPod{ - Pod: NewPod("y", "test-add-pod-svc3"), - Labels: map[string]string{"pod": "test-add-pod-svc3", "app": "a"}, - }, - DestPod: CustomPod{ - Pod: NewPod("x", "test-add-pod-svc1"), - Labels: map[string]string{"pod": "test-add-pod-svc1", "app": "b"}, - }, - ExpectConnectivity: Dropped, - Port: p80, - }, - } - - // Pods backing svc1 (label pod=b) in namespace x should not allow ingress from Pods backing svc3 (label pod=a) in namespace y. - reachability2 := NewReachability(allPods, Connected) - reachability2.Expect(Pod("y/a"), Pod("x/b"), Dropped) - testStep2 := &TestStep{ - "Port 80 updated", - reachability2, - []metav1.Object{svc1Updated, svc3, cgBuilder1.GetLegacy(), cgBuilder2Updated.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - cp, - } - - builderUpdated := &ClusterNetworkPolicySpecBuilder{} - builderUpdated = builderUpdated.SetName("cnp-cg-svc-ref").SetPriority(1.0) - builderUpdated.SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) - builderUpdated.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "y"}, - nil, nil, false, nil, crdv1alpha1.RuleActionDrop, "", "") - - // Pod x/a should not allow ingress from y/b per the updated ACNP spec. - testStep3 := &TestStep{ - "Port 80 ACNP spec updated to selector", - reachability, - []metav1.Object{builderUpdated.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - } - - testSteps := []*TestStep{testStep1, testStep2, testStep3} - testCase := []*TestCase{ - {"ACNP ClusterGroup Service Reference create and update", testSteps}, - } - executeLegacyTestsWithData(t, testCase, data) -} - -func testLegacyACNPNestedClusterGroupCreateAndUpdate(t *testing.T, data *TestData) { - svc1 := k8sUtils.BuildService("svc1", "x", 80, 80, map[string]string{"app": "a"}, nil) - cg1Name, cg2Name := "cg-svc-x-a", "cg-select-y-b" - cgBuilder1 := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder1 = cgBuilder1.SetName(cg1Name).SetServiceReference("x", "svc1") - cgBuilder2 := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilder2 = cgBuilder2.SetName(cg2Name). - SetNamespaceSelector(map[string]string{"ns": "y"}, nil). - SetPodSelector(map[string]string{"pod": "b"}, nil) - cgNestedName := "cg-nested" - cgBuilderNested := &ClusterGroupV1Alpha2SpecBuilder{} - cgBuilderNested = cgBuilderNested.SetName(cgNestedName).SetChildGroups([]string{cg1Name}) - - builder := &ClusterNetworkPolicySpecBuilder{} - builder = builder.SetName("cnp-nested-cg").SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "z"}}}). - AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, nil, nil, - false, nil, crdv1alpha1.RuleActionDrop, cgNestedName, "") - - // Pods in Namespace z should not allow ingress from Pods backing svc1 (label pod=a) in Namespace x. - reachability := NewReachability(allPods, Connected) - reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) - reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) - - testStep1 := &TestStep{ - "Port 80", - reachability, - []metav1.Object{svc1, cgBuilder1.GetLegacy(), cgBuilderNested.GetLegacy(), builder.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - nil, - } - - // Test update "cg-nested" to include "cg-select-y-b" as well. - cgBuilderNested = cgBuilderNested.SetChildGroups([]string{cg1Name, cg2Name}) - // In addition to x/a, all traffic from y/b to Namespace z should also be denied. - reachability2 := NewReachability(allPods, Connected) - reachability2.Expect(Pod("x/a"), Pod("z/a"), Dropped) - reachability2.Expect(Pod("x/a"), Pod("z/b"), Dropped) - reachability2.Expect(Pod("x/a"), Pod("z/c"), Dropped) - reachability2.Expect(Pod("y/b"), Pod("z/a"), Dropped) - reachability2.Expect(Pod("y/b"), Pod("z/b"), Dropped) - reachability2.Expect(Pod("y/b"), Pod("z/c"), Dropped) - // New member in cg-svc-x-a should be reflected in cg-nested as well. - cp := []*CustomProbe{ - { - SourcePod: CustomPod{ - Pod: NewPod("x", "test-add-pod-svc1"), - Labels: map[string]string{"pod": "test-add-pod-svc1", "app": "a"}, - }, - DestPod: CustomPod{ - Pod: NewPod("z", "test-add-pod-ns-z"), - Labels: map[string]string{"pod": "test-add-pod-ns-z"}, - }, - ExpectConnectivity: Dropped, - Port: p80, - }, - } - testStep2 := &TestStep{ - "Port 80 updated", - reachability2, - []metav1.Object{cgBuilder2.GetLegacy(), cgBuilderNested.GetLegacy()}, - []int32{80}, - v1.ProtocolTCP, - 0, - cp, - } - - testSteps := []*TestStep{testStep1, testStep2} - testCase := []*TestCase{ - {"ACNP nested ClusterGroup create and update", testSteps}, - } - executeLegacyTestsWithData(t, testCase, data) -} - -// executeTests runs all the tests in testList and prints results -func executeLegacyTests(t *testing.T, testList []*TestCase) { - executeLegacyTestsWithData(t, testList, nil) -} - -func executeLegacyTestsWithData(t *testing.T, testList []*TestCase, data *TestData) { - for _, testCase := range testList { - log.Infof("running test case %s", testCase.Name) - for _, step := range testCase.Steps { - log.Infof("running step %s of test case %s", step.Name, testCase.Name) - applyLegacyTestStepResources(t, step) - time.Sleep(networkPolicyDelay) - - reachability := step.Reachability - if reachability != nil { - start := time.Now() - k8sUtils.Validate(allPods, reachability, step.Ports, step.Protocol) - step.Duration = time.Since(start) - - _, wrong, _ := step.Reachability.Summary() - if wrong != 0 { - t.Errorf("failure -- %d wrong results", wrong) - reachability.PrintSummary(true, true, true) - } - } - if len(step.CustomProbes) > 0 && data == nil { - t.Errorf("test case %s with custom probe must set test data", testCase.Name) - continue - } - for _, p := range step.CustomProbes { - doProbe(t, data, p, step.Protocol) - } - } - cleanupLegacyTestCaseResources(t, testCase) - time.Sleep(networkPolicyDelay) - } - allTestList = append(allTestList, testList...) -} - -// applyLegacyTestStepResources creates in the resources of a testStep in specified order. -// The ordering can be used to test different scenarios, like creating an ACNP before -// creating its referred ClusterGroup, and vice versa. -func applyLegacyTestStepResources(t *testing.T, step *TestStep) { - for _, r := range step.TestResources { - switch o := r.(type) { - case *legacysecv1alpha1.ClusterNetworkPolicy: - _, err := k8sUtils.CreateOrUpdateLegacyACNP(o) - failOnError(err, t) - case *legacysecv1alpha1.NetworkPolicy: - _, err := k8sUtils.CreateOrUpdateLegacyANP(o) - failOnError(err, t) - case *v1net.NetworkPolicy: - _, err := k8sUtils.CreateOrUpdateNetworkPolicy(o) - failOnError(err, t) - case *legacycorev1a2.ClusterGroup: - _, err := k8sUtils.CreateOrUpdateLegacyCG(o) - failOnError(err, t) - case *v1.Service: - _, err := k8sUtils.CreateOrUpdateService(o) - failOnError(err, t) - } - warningOnTimeoutError(waitForResourceReady(r, timeout), t) - } - if len(step.TestResources) > 0 { - log.Debugf("Sleeping for %v for all policies to take effect", networkPolicyDelay) - time.Sleep(networkPolicyDelay) - } -} - -func cleanupLegacyTestCaseResources(t *testing.T, c *TestCase) { - // TestSteps in a TestCase may first create and then update the same resource. - // Use sets to avoid duplicates. - acnpsToDelete, anpsToDelete, npsToDelete := sets.String{}, sets.String{}, sets.String{} - svcsToDelete, groupsToDelete := sets.String{}, sets.String{} - for _, step := range c.Steps { - for _, r := range step.TestResources { - switch o := r.(type) { - case *legacysecv1alpha1.ClusterNetworkPolicy: - acnpsToDelete.Insert(o.Name) - case *legacysecv1alpha1.NetworkPolicy: - anpsToDelete.Insert(o.Namespace + "/" + o.Name) - case *v1net.NetworkPolicy: - npsToDelete.Insert(o.Namespace + "/" + o.Name) - case *legacycorev1a2.ClusterGroup: - groupsToDelete.Insert(o.Name) - case *v1.Service: - svcsToDelete.Insert(o.Namespace + "/" + o.Name) - } - } - } - for acnp := range acnpsToDelete { - failOnError(k8sUtils.DeleteLegacyACNP(acnp), t) - warningOnTimeoutError(waitForResourceDelete("", acnp, resourceACNP, timeout), t) - } - for anp := range anpsToDelete { - namespace := strings.Split(anp, "/")[0] - name := strings.Split(anp, "/")[1] - failOnError(k8sUtils.DeleteLegacyANP(namespace, name), t) - warningOnTimeoutError(waitForResourceDelete(namespace, name, resourceANP, timeout), t) - } - for np := range npsToDelete { - namespace := strings.Split(np, "/")[0] - name := strings.Split(np, "/")[1] - failOnError(k8sUtils.DeleteNetworkPolicy(namespace, name), t) - warningOnTimeoutError(waitForResourceDelete(namespace, name, resourceNetworkPolicy, timeout), t) - } - for cg := range groupsToDelete { - failOnError(k8sUtils.DeleteLegacyCG(cg), t) - warningOnTimeoutError(waitForResourceDelete("", cg, resourceCG, timeout), t) - } - for svc := range svcsToDelete { - namespace := strings.Split(svc, "/")[0] - name := strings.Split(svc, "/")[1] - failOnError(k8sUtils.DeleteService(namespace, name), t) - warningOnTimeoutError(waitForResourceDelete(namespace, name, resourceSVC, timeout), t) - } - if acnpsToDelete.Len()+anpsToDelete.Len()+npsToDelete.Len() > 0 { - log.Debugf("Sleeping for %v for all policy deletions to take effect", networkPolicyDelay) - time.Sleep(networkPolicyDelay) - } -} - -func TestLegacyAntreaPolicy(t *testing.T) { - skipIfProviderIs(t, "kind", "This test is for legacy API groups and is almost the same as new API groups'.") - skipIfHasWindowsNodes(t) - skipIfAntreaPolicyDisabled(t) - - data, err := setupTest(t) - if err != nil { - t.Fatalf("Error when setting up test: %v", err) - } - defer teardownTest(t, data) - - initialize(t, data) - - t.Run("TestGroupValidateAntreaNativePolicies", func(t *testing.T) { - t.Run("Case=LegacyACNPNoPriority", func(t *testing.T) { testLegacyInvalidACNPNoPriority(t) }) - t.Run("Case=LegacyACNPRuleNameNotUniqueDenied", func(t *testing.T) { testLegacyInvalidACNPRuleNameNotUnique(t) }) - t.Run("Case=LegacyACNPTierDoesNotExistDenied", func(t *testing.T) { testLegacyInvalidACNPTierDoesNotExist(t) }) - t.Run("Case=LegacyACNPPortRangePortUnsetDenied", func(t *testing.T) { testLegacyInvalidACNPPortRangePortUnset(t) }) - t.Run("Case=LegacyACNPPortRangePortEndPortSmallDenied", func(t *testing.T) { testLegacyInvalidACNPPortRangeEndPortSmall(t) }) - t.Run("Case=LegacyACNPIngressPeerCGSetWithIPBlock", func(t *testing.T) { testLegacyInvalidACNPIngressPeerCGSetWithIPBlock(t) }) - t.Run("Case=LegacyACNPIngressPeerCGSetWithPodSelector", func(t *testing.T) { testLegacyInvalidACNPIngressPeerCGSetWithPodSelector(t) }) - t.Run("Case=LegacyACNPIngressPeerCGSetWithNSSelector", func(t *testing.T) { testLegacyInvalidACNPIngressPeerCGSetWithNSSelector(t) }) - t.Run("Case=LegacyACNPSpecAppliedToRuleAppliedToSet", func(t *testing.T) { testLegacyInvalidACNPSpecAppliedToRuleAppliedToSet(t) }) - t.Run("Case=LegacyACNPAppliedToNotSetInAllRules", func(t *testing.T) { testLegacyInvalidACNPAppliedToNotSetInAllRules(t) }) - t.Run("Case=LegacyANPNoPriority", func(t *testing.T) { testLegacyInvalidANPNoPriority(t) }) - t.Run("Case=LegacyANPRuleNameNotUniqueDenied", func(t *testing.T) { testLegacyInvalidANPRuleNameNotUnique(t) }) - t.Run("Case=LegacyANPTierDoesNotExistDenied", func(t *testing.T) { testLegacyInvalidANPTierDoesNotExist(t) }) - t.Run("Case=LegacyANPPortRangePortUnsetDenied", func(t *testing.T) { testLegacyInvalidANPPortRangePortUnset(t) }) - t.Run("Case=LegacyANPPortRangePortEndPortSmallDenied", func(t *testing.T) { testLegacyInvalidANPPortRangeEndPortSmall(t) }) - }) - - t.Run("TestGroupValidateTiers", func(t *testing.T) { - t.Run("Case=LegacyTierOverlapPriorityDenied", func(t *testing.T) { testLegacyInvalidTierPriorityOverlap(t) }) - t.Run("Case=LegacyTierOverlapReservedTierPriorityDenied", func(t *testing.T) { testLegacyInvalidTierReservedPriority(t) }) - t.Run("Case=LegacyTierPriorityUpdateDenied", func(t *testing.T) { testLegacyInvalidTierPriorityUpdate(t) }) - t.Run("Case=LegacyTierACNPReferencedDeleteDenied", func(t *testing.T) { testLegacyInvalidTierACNPRefDelete(t) }) - t.Run("Case=LegacyTierANPRefDeleteDenied", func(t *testing.T) { testLegacyInvalidTierANPRefDelete(t) }) - t.Run("Case=LegacyTierReservedDeleteDenied", func(t *testing.T) { testLegacyInvalidTierReservedDelete(t) }) - }) - - t.Run("TestGroupMutateAntreaNativePolicies", func(t *testing.T) { - t.Run("Case=LegacyACNPNoTierSetDefaultTier", func(t *testing.T) { testLegacyMutateACNPNoTier(t) }) - t.Run("Case=LegacyANPNoTierSetDefaultTier", func(t *testing.T) { testLegacyMutateANPNoTier(t) }) - t.Run("Case=LegacyANPNoRuleNameSetRuleName", func(t *testing.T) { testLegacyMutateANPNoRuleName(t) }) - t.Run("Case=LegacyACNPNoRuleNameSetRuleName", func(t *testing.T) { testLegacyMutateACNPNoRuleName(t) }) - }) - - t.Run("TestGroupDefaultDENY", func(t *testing.T) { - // testcases below require default-deny k8s NetworkPolicies to work - applyDefaultDenyToAllNamespaces(k8sUtils, namespaces) - t.Run("Case=LegacyACNPAllowXBtoA", func(t *testing.T) { testLegacyACNPAllowXBtoA(t) }) - t.Run("Case=LegacyACNPAllowXBtoYA", func(t *testing.T) { testLegacyACNPAllowXBtoYA(t) }) - t.Run("Case=LegacyACNPPriorityOverrideDefaultDeny", func(t *testing.T) { testLegacyACNPPriorityOverrideDefaultDeny(t) }) - cleanupDefaultDenyNPs(k8sUtils, namespaces) - }) - - t.Run("TestGroupNoK8sNP", func(t *testing.T) { - // testcases below do not depend on underlying default-deny K8s NetworkPolicies. - t.Run("Case=LegacyACNPAllowNoDefaultIsolationTCP", func(t *testing.T) { testLegacyACNPAllowNoDefaultIsolation(t, v1.ProtocolTCP) }) - t.Run("Case=LegacyACNPAllowNoDefaultIsolationUDP", func(t *testing.T) { testLegacyACNPAllowNoDefaultIsolation(t, v1.ProtocolUDP) }) - t.Run("Case=LegacyACNPAllowNoDefaultIsolationSCTP", func(t *testing.T) { testLegacyACNPAllowNoDefaultIsolation(t, v1.ProtocolSCTP) }) - t.Run("Case=LegacyACNPDropEgress", func(t *testing.T) { testLegacyACNPDropEgress(t, v1.ProtocolTCP) }) - t.Run("Case=LegacyACNPDropEgressUDP", func(t *testing.T) { testLegacyACNPDropEgress(t, v1.ProtocolUDP) }) - t.Run("Case=LegacyACNPDropEgressSCTP", func(t *testing.T) { testLegacyACNPDropEgress(t, v1.ProtocolSCTP) }) - t.Run("Case=LegacyACNPPortRange", func(t *testing.T) { testLegacyACNPPortRange(t) }) - t.Run("Case=LegacyACNPRejectEgress", func(t *testing.T) { testLegacyACNPRejectEgress(t) }) - t.Run("Case=LegacyACNPRejectIngress", func(t *testing.T) { testLegacyACNPRejectIngress(t, v1.ProtocolTCP) }) - t.Run("Case=LegacyACNPRejectIngressUDP", func(t *testing.T) { testLegacyACNPRejectIngress(t, v1.ProtocolUDP) }) - t.Run("Case=LegacyACNPNoEffectOnOtherProtocols", func(t *testing.T) { testLegacyACNPNoEffectOnOtherProtocols(t) }) - t.Run("Case=LegacyACNPBaselinePolicy", func(t *testing.T) { testLegacyBaselineNamespaceIsolation(t) }) - t.Run("Case=LegacyACNPPrioirtyOverride", func(t *testing.T) { testLegacyACNPPriorityOverride(t) }) - t.Run("Case=LegacyACNPTierOverride", func(t *testing.T) { testLegacyACNPTierOverride(t) }) - t.Run("Case=LegacyACNPCustomTiers", func(t *testing.T) { testLegacyACNPCustomTiers(t) }) - t.Run("Case=LegacyACNPPriorityConflictingRule", func(t *testing.T) { testLegacyACNPPriorityConflictingRule(t) }) - t.Run("Case=LegacyACNPRulePriority", func(t *testing.T) { testLegacyACNPRulePrioirty(t) }) - t.Run("Case=LegacyANPPortRange", func(t *testing.T) { testLegacyANPPortRange(t) }) - t.Run("Case=LegacyANPBasic", func(t *testing.T) { testLegacyANPBasic(t) }) - t.Run("Case=LegacyAppliedToPerRule", func(t *testing.T) { testLegacyAppliedToPerRule(t) }) - t.Run("Case=LegacyACNPClusterGroupEgressRulePodsAToCGWithNsZ", func(t *testing.T) { testLegacyACNPEgressRulePodsAToCGWithNsZ(t) }) - t.Run("Case=LegacyACNPClusterGroupUpdate", func(t *testing.T) { testLegacyACNPClusterGroupUpdate(t) }) - t.Run("Case=LegacyACNPClusterGroupAppliedToDenyXBToCGWithYA", func(t *testing.T) { testLegacyACNPAppliedToDenyXBtoCGWithYA(t) }) - t.Run("Case=LegacyACNPClusterGroupAppliedToRuleCGWithPodsAToNsZ", func(t *testing.T) { testLegacyACNPAppliedToRuleCGWithPodsAToNsZ(t) }) - t.Run("Case=LegacyACNPClusterGroupUpdateAppliedTo", func(t *testing.T) { testLegacyACNPClusterGroupUpdateAppliedTo(t) }) - t.Run("Case=LegacyACNPClusterGroupAppliedToPodAdd", func(t *testing.T) { testLegacyACNPClusterGroupAppliedToPodAdd(t, data) }) - t.Run("Case=LegacyACNPClusterGroupRefRulePodAdd", func(t *testing.T) { testLegacyACNPClusterGroupRefRulePodAdd(t, data) }) - t.Run("Case=LegacyACNPClusterGroupIngressRuleDenyCGWithXBtoYA", func(t *testing.T) { testLegacyACNPIngressRuleDenyCGWithXBtoYA(t) }) - t.Run("Case=LegacyACNPClusterGroupServiceRef", func(t *testing.T) { testLegacyACNPClusterGroupServiceRefCreateAndUpdate(t, data) }) - t.Run("Case=LegacyACNPNestedClusterGroup", func(t *testing.T) { testLegacyACNPNestedClusterGroupCreateAndUpdate(t, data) }) - }) - // print results for reachability tests - printResults() - - t.Run("TestGroupAuditLogging", func(t *testing.T) { - t.Run("Case=LegacyAuditLoggingBasic", func(t *testing.T) { testLegacyAuditLoggingBasic(t, data) }) - }) - k8sUtils.LegacyCleanup(namespaces) -} - -func TestLegacyAntreaPolicyStatus(t *testing.T) { - skipIfProviderIs(t, "kind", "This test is for legacy API groups and is almost the same as new API groups'.") - skipIfHasWindowsNodes(t) - skipIfAntreaPolicyDisabled(t) - - data, err := setupTest(t) - if err != nil { - t.Fatalf("Error when setting up test: %v", err) - } - defer teardownTest(t, data) - - _, _, cleanupFunc := createAndWaitForPod(t, data, data.createNginxPodOnNode, "server-0", controlPlaneNodeName(), testNamespace, false) - defer cleanupFunc() - _, _, cleanupFunc = createAndWaitForPod(t, data, data.createNginxPodOnNode, "server-1", workerNodeName(1), testNamespace, false) - defer cleanupFunc() - - anpBuilder := &AntreaNetworkPolicySpecBuilder{} - anpBuilder = anpBuilder.SetName(testNamespace, "anp-applied-to-two-nodes"). - SetPriority(1.0). - SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"app": "nginx"}}}) - anpBuilder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, crdv1alpha1.RuleActionAllow, "") - anp := anpBuilder.GetLegacy() - log.Debugf("creating ANP %v", anp.Name) - _, err = data.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Create(context.TODO(), anp, metav1.CreateOptions{}) - assert.NoError(t, err) - defer data.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Delete(context.TODO(), anp.Name, metav1.DeleteOptions{}) - - acnpBuilder := &ClusterNetworkPolicySpecBuilder{} - acnpBuilder = acnpBuilder.SetName("acnp-applied-to-two-nodes"). - SetPriority(1.0). - SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"app": "nginx"}}}) - acnpBuilder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, false, nil, crdv1alpha1.RuleActionAllow, "", "") - acnp := acnpBuilder.GetLegacy() - log.Debugf("creating ACNP %v", acnp.Name) - _, err = data.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Create(context.TODO(), acnp, metav1.CreateOptions{}) - assert.NoError(t, err) - defer data.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), acnp.Name, metav1.DeleteOptions{}) - - expectedStatus := crdv1alpha1.NetworkPolicyStatus{ - Phase: crdv1alpha1.NetworkPolicyRealized, - ObservedGeneration: 1, - CurrentNodesRealized: 2, - DesiredNodesRealized: 2, - } - err = wait.Poll(100*time.Millisecond, 3*time.Second, func() (bool, error) { - anp, err := data.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Get(context.TODO(), anp.Name, metav1.GetOptions{}) - if err != nil { - return false, err - } - return anp.Status == expectedStatus, nil - }) - assert.NoError(t, err, "Antrea NetworkPolicy failed to reach expected status") - err = wait.Poll(100*time.Millisecond, 3*time.Second, func() (bool, error) { - anp, err := data.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Get(context.TODO(), acnp.Name, metav1.GetOptions{}) - if err != nil { - return false, err - } - return anp.Status == expectedStatus, nil - }) - assert.NoError(t, err, "Antrea ClusterNetworkPolicy failed to reach expected status") -} - -// testLegacyANPNetworkPolicyStatsWithDropAction tests antreanetworkpolicystats can correctly collect dropped packets stats from ANP if -// networkpolicystats feature is enabled -func testLegacyANPNetworkPolicyStatsWithDropAction(t *testing.T, data *TestData) { - serverName, serverIPs, cleanupFunc := createAndWaitForPod(t, data, data.createNginxPodOnNode, "test-server-", "", testNamespace, false) - defer cleanupFunc() - - clientName, _, cleanupFunc := createAndWaitForPod(t, data, data.createBusyboxPodOnNode, "test-client-", "", testNamespace, false) - defer cleanupFunc() - var err error - k8sUtils, err = NewKubernetesUtils(data) - failOnError(err, t) - p10 := float64(10) - intstr80 := intstr.FromInt(80) - intstr443 := intstr.FromInt(443) - dropAction := crdv1alpha1.RuleActionDrop - allowAction := crdv1alpha1.RuleActionAllow - selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": clientName}} - selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": serverName}} - protocol := v1.ProtocolUDP - - // When using the userspace OVS datapath and tunneling, - // the first IP packet sent on a tunnel is always dropped because of a missing ARP entry. - // So we need to "warm-up" the tunnel. - if clusterInfo.podV4NetworkCIDR != "" { - cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv4.String())} - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) - } - if clusterInfo.podV6NetworkCIDR != "" { - cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv6.String())} - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) - } - var anp = &legacysecv1alpha1.NetworkPolicy{ - ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "np1", Labels: map[string]string{"antrea-e2e": "np1"}}, - Spec: crdv1alpha1.NetworkPolicySpec{ - AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ - {PodSelector: &selectorC}, - }, - Priority: p10, - Ingress: []crdv1alpha1.Rule{ - { - Ports: []crdv1alpha1.NetworkPolicyPort{ - { - Port: &intstr80, - Protocol: &protocol, - }, - }, - From: []crdv1alpha1.NetworkPolicyPeer{ - { - PodSelector: &selectorB, - }, - }, - Action: &dropAction, - }, - { - Ports: []crdv1alpha1.NetworkPolicyPort{ - { - Port: &intstr443, - Protocol: &protocol, - }, - }, - From: []crdv1alpha1.NetworkPolicyPeer{ - { - PodSelector: &selectorB, - }, - }, - Action: &allowAction, - }, - }, - Egress: []crdv1alpha1.Rule{}, - }, - } - - if _, err = k8sUtils.CreateOrUpdateLegacyANP(anp); err != nil { - failOnError(fmt.Errorf("create ANP failed for ANP %s: %v", anp.Name, err), t) - } - - // Wait for a few seconds in case that connections are established before policies are enforced. - time.Sleep(networkPolicyDelay) - - sessionsPerAddressFamily := 10 - var wg sync.WaitGroup - for i := 0; i < sessionsPerAddressFamily; i++ { - wg.Add(1) - go func() { - if clusterInfo.podV4NetworkCIDR != "" { - cmd := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 80", serverIPs.ipv4.String())} - cmd2 := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 443", serverIPs.ipv4.String())} - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd2) - } - if clusterInfo.podV6NetworkCIDR != "" { - cmd := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 80", serverIPs.ipv6.String())} - cmd2 := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 443", serverIPs.ipv6.String())} - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd2) - } - wg.Done() - }() - } - wg.Wait() - - totalSessionsPerRule := 0 - if clusterInfo.podV4NetworkCIDR != "" { - totalSessionsPerRule += sessionsPerAddressFamily - } - if clusterInfo.podV6NetworkCIDR != "" { - totalSessionsPerRule += sessionsPerAddressFamily - } - - if err := wait.Poll(5*time.Second, defaultTimeout, func() (bool, error) { - stats, err := data.crdClient.StatsV1alpha1().AntreaNetworkPolicyStats(testNamespace).Get(context.TODO(), "np1", metav1.GetOptions{}) - if err != nil { - return false, err - } - t.Logf("Got AntreaNetworkPolicy stats: %v", stats) - if len(stats.RuleTrafficStats) != 2 { - return false, nil - } - if stats.RuleTrafficStats[0].TrafficStats.Sessions != int64(totalSessionsPerRule) { - return false, nil - } - if stats.RuleTrafficStats[1].TrafficStats.Sessions != int64(totalSessionsPerRule) { - return false, nil - } - if stats.TrafficStats.Sessions != stats.RuleTrafficStats[1].TrafficStats.Sessions+stats.RuleTrafficStats[0].TrafficStats.Sessions { - return false, fmt.Errorf("the rules stats under one policy should sum up to its total policy") - } - if stats.TrafficStats.Packets < stats.TrafficStats.Sessions || stats.TrafficStats.Bytes < stats.TrafficStats.Sessions { - return false, fmt.Errorf("neither 'Packets' nor 'Bytes' should be smaller than 'Sessions'") - } - return true, nil - }); err != nil { - failOnError(err, t) - } - k8sUtils.LegacyCleanup(namespaces) -} - -func testLegacyAntreaClusterNetworkPolicyStats(t *testing.T, data *TestData) { - serverName, serverIPs, cleanupFunc := createAndWaitForPod(t, data, data.createNginxPodOnNode, "test-server-", "", testNamespace, false) - defer cleanupFunc() - - clientName, _, cleanupFunc := createAndWaitForPod(t, data, data.createBusyboxPodOnNode, "test-client-", "", testNamespace, false) - defer cleanupFunc() - var err error - k8sUtils, err = NewKubernetesUtils(data) - failOnError(err, t) - p10 := float64(10) - intstr800 := intstr.FromInt(800) - intstr4430 := intstr.FromInt(4430) - dropAction := crdv1alpha1.RuleActionDrop - allowAction := crdv1alpha1.RuleActionAllow - selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": clientName}} - selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": serverName}} - protocol := v1.ProtocolUDP - - // When using the userspace OVS datapath and tunneling, - // the first IP packet sent on a tunnel is always dropped because of a missing ARP entry. - // So we need to "warm-up" the tunnel. - if clusterInfo.podV4NetworkCIDR != "" { - cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv4.String())} - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) - } - if clusterInfo.podV6NetworkCIDR != "" { - cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv6.String())} - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) - } - var acnp = &legacysecv1alpha1.ClusterNetworkPolicy{ - ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "cnp1", Labels: map[string]string{"antrea-e2e": "cnp1"}}, - Spec: crdv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ - {PodSelector: &selectorC}, - }, - Priority: p10, - Ingress: []crdv1alpha1.Rule{ - { - Ports: []crdv1alpha1.NetworkPolicyPort{ - { - Port: &intstr800, - Protocol: &protocol, - }, - }, - From: []crdv1alpha1.NetworkPolicyPeer{ - { - PodSelector: &selectorB, - }, - }, - Action: &allowAction, - }, - { - Ports: []crdv1alpha1.NetworkPolicyPort{ - { - Port: &intstr4430, - Protocol: &protocol, - }, - }, - From: []crdv1alpha1.NetworkPolicyPeer{ - { - PodSelector: &selectorB, - }, - }, - Action: &dropAction, - }, - }, - Egress: []crdv1alpha1.Rule{}, - }, - } - - if _, err = k8sUtils.CreateOrUpdateLegacyACNP(acnp); err != nil { - failOnError(fmt.Errorf("create ACNP failed for ACNP %s: %v", acnp.Name, err), t) - } - - // Wait for a few seconds in case that connections are established before policies are enforced. - time.Sleep(networkPolicyDelay) - - sessionsPerAddressFamily := 10 - var wg sync.WaitGroup - for i := 0; i < sessionsPerAddressFamily; i++ { - wg.Add(1) - go func() { - if clusterInfo.podV4NetworkCIDR != "" { - cmd := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 800", serverIPs.ipv4.String())} - cmd2 := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 4430", serverIPs.ipv4.String())} - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd2) - } - if clusterInfo.podV6NetworkCIDR != "" { - cmd := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 800", serverIPs.ipv6.String())} - cmd2 := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 4430", serverIPs.ipv6.String())} - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) - data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd2) - } - wg.Done() - }() - } - wg.Wait() - - totalSessionsPerRule := 0 - if clusterInfo.podV4NetworkCIDR != "" { - totalSessionsPerRule += sessionsPerAddressFamily - } - if clusterInfo.podV6NetworkCIDR != "" { - totalSessionsPerRule += sessionsPerAddressFamily - } - - if err := wait.Poll(5*time.Second, defaultTimeout, func() (bool, error) { - stats, err := data.crdClient.StatsV1alpha1().AntreaClusterNetworkPolicyStats().Get(context.TODO(), "cnp1", metav1.GetOptions{}) - if err != nil { - return false, err - } - t.Logf("Got AntreaNetworkPolicy stats: %v", stats) - if len(stats.RuleTrafficStats) != 2 { - return false, nil - } - if stats.RuleTrafficStats[0].TrafficStats.Sessions != int64(totalSessionsPerRule) { - return false, nil - } - if stats.RuleTrafficStats[1].TrafficStats.Sessions != int64(totalSessionsPerRule) { - return false, nil - } - if stats.TrafficStats.Sessions != stats.RuleTrafficStats[1].TrafficStats.Sessions+stats.RuleTrafficStats[0].TrafficStats.Sessions { - return false, fmt.Errorf("the rules stats under one policy should sum up to its total policy") - } - if stats.TrafficStats.Packets < stats.TrafficStats.Sessions || stats.TrafficStats.Bytes < stats.TrafficStats.Sessions { - return false, fmt.Errorf("neither 'Packets' nor 'Bytes' should be smaller than 'Sessions'") - } - return true, nil - }); err != nil { - failOnError(err, t) - } - k8sUtils.LegacyCleanup(namespaces) -} diff --git a/test/e2e/legacyclustergroup_test.go b/test/e2e/legacyclustergroup_test.go deleted file mode 100644 index 90ce62730a1..00000000000 --- a/test/e2e/legacyclustergroup_test.go +++ /dev/null @@ -1,261 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package e2e - -import ( - "fmt" - "testing" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" - legacycorev1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" -) - -func testLegacyInvalidCGIPBlockWithPodSelector(t *testing.T) { - invalidErr := fmt.Errorf("clustergroup created with ipblock and podSelector") - cgName := "ipb-pod" - pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} - cidr := "10.0.0.10/32" - ipb := &crdv1alpha1.IPBlock{CIDR: cidr} - cg := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: cgName, - }, - Spec: crdv1alpha2.GroupSpec{ - PodSelector: pSel, - IPBlock: ipb, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { - // Above creation of CG must fail as it is an invalid spec. - failOnError(invalidErr, t) - } -} - -func testLegacyInvalidCGIPBlockWithNSSelector(t *testing.T) { - invalidErr := fmt.Errorf("clustergroup created with ipblock and namespaceSelector") - cgName := "ipb-ns" - nSel := &metav1.LabelSelector{MatchLabels: map[string]string{"ns": "y"}} - cidr := "10.0.0.10/32" - ipb := &crdv1alpha1.IPBlock{CIDR: cidr} - cg := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: cgName, - }, - Spec: crdv1alpha2.GroupSpec{ - NamespaceSelector: nSel, - IPBlock: ipb, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { - // Above creation of CG must fail as it is an invalid spec. - failOnError(invalidErr, t) - } -} - -func testLegacyInvalidCGServiceRefWithPodSelector(t *testing.T) { - invalidErr := fmt.Errorf("clustergroup created with serviceReference and podSelector") - cgName := "svcref-pod-selector" - pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} - svcRef := &crdv1alpha2.ServiceReference{ - Namespace: "y", - Name: "test-svc", - } - cg := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: cgName, - }, - Spec: crdv1alpha2.GroupSpec{ - PodSelector: pSel, - ServiceReference: svcRef, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { - // Above creation of CG must fail as it is an invalid spec. - failOnError(invalidErr, t) - } -} - -func testLegacyInvalidCGServiceRefWithNSSelector(t *testing.T) { - invalidErr := fmt.Errorf("clustergroup created with serviceReference and namespaceSelector") - cgName := "svcref-ns-selector" - nSel := &metav1.LabelSelector{MatchLabels: map[string]string{"ns": "y"}} - svcRef := &crdv1alpha2.ServiceReference{ - Namespace: "y", - Name: "test-svc", - } - cg := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: cgName, - }, - Spec: crdv1alpha2.GroupSpec{ - NamespaceSelector: nSel, - ServiceReference: svcRef, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { - // Above creation of CG must fail as it is an invalid spec. - failOnError(invalidErr, t) - } -} - -func testLegacyInvalidCGServiceRefWithIPBlock(t *testing.T) { - invalidErr := fmt.Errorf("clustergroup created with ipblock and namespaceSelector") - cgName := "ipb-svcref" - cidr := "10.0.0.10/32" - ipb := &crdv1alpha1.IPBlock{CIDR: cidr} - svcRef := &crdv1alpha2.ServiceReference{ - Namespace: "y", - Name: "test-svc", - } - cg := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: cgName, - }, - Spec: crdv1alpha2.GroupSpec{ - ServiceReference: svcRef, - IPBlock: ipb, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { - // Above creation of CG must fail as it is an invalid spec. - failOnError(invalidErr, t) - } -} - -func createLegacyChildCGForTest(t *testing.T) { - cg := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: testChildCGName, - }, - Spec: crdv1alpha2.GroupSpec{ - PodSelector: &metav1.LabelSelector{}, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err != nil { - failOnError(err, t) - } -} - -func cleanupLegacyChildCGForTest(t *testing.T) { - if err := k8sUtils.DeleteLegacyCG(testChildCGName); err != nil { - failOnError(err, t) - } -} - -func testLegacyInvalidCGChildGroupWithPodSelector(t *testing.T) { - invalidErr := fmt.Errorf("clustergroup created with childGroups and podSelector") - cgName := "child-group-pod-selector" - pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} - cg := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: cgName, - }, - Spec: crdv1alpha2.GroupSpec{ - PodSelector: pSel, - ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(testChildCGName)}, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { - // Above creation of CG must fail as it is an invalid spec. - failOnError(invalidErr, t) - } -} - -func testLegacyInvalidCGChildGroupWithServiceReference(t *testing.T) { - invalidErr := fmt.Errorf("clustergroup created with childGroups and ServiceReference") - cgName := "child-group-svcref" - svcRef := &crdv1alpha2.ServiceReference{ - Namespace: "y", - Name: "test-svc", - } - cg := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: cgName, - }, - Spec: crdv1alpha2.GroupSpec{ - ServiceReference: svcRef, - ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(testChildCGName)}, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { - // Above creation of CG must fail as it is an invalid spec. - failOnError(invalidErr, t) - } -} - -func testLegacyInvalidCGMaxNestedLevel(t *testing.T) { - invalidErr := fmt.Errorf("clustergroup created with childGroup which has childGroups itself") - cgName1, cgName2 := "cg-nested-1", "cg-nested-2" - cg1 := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{Name: cgName1}, - Spec: crdv1alpha2.GroupSpec{ - ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(testChildCGName)}, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg1); err != nil { - // Above creation of CG must succeed as it is a valid spec. - failOnError(err, t) - } - cg2 := &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{Name: cgName2}, - Spec: crdv1alpha2.GroupSpec{ - ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(cgName1)}, - }, - } - if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg2); err == nil { - // Above creation of CG must fail as it is an invalid spec. - failOnError(invalidErr, t) - } - // cleanup cg-nested-1 - if err := k8sUtils.DeleteLegacyCG(cgName1); err != nil { - failOnError(err, t) - } -} - -// TestLegacyClusterGroup is the top-level test which contains all subtests for -// LegacyClusterGroup related test cases so they can share setup, teardown. -func TestLegacyClusterGroup(t *testing.T) { - skipIfProviderIs(t, "kind", "This test is for legacy API groups and is almost the same as new API groups'.") - skipIfHasWindowsNodes(t) - skipIfAntreaPolicyDisabled(t) - - data, err := setupTest(t) - if err != nil { - t.Fatalf("Error when setting up test: %v", err) - } - defer teardownTest(t, data) - initialize(t, data) - - t.Run("TestLegacyGroupClusterGroupValidate", func(t *testing.T) { - t.Run("Case=LegacyIPBlockWithPodSelectorDenied", func(t *testing.T) { testLegacyInvalidCGIPBlockWithPodSelector(t) }) - t.Run("Case=LegacyIPBlockWithNamespaceSelectorDenied", func(t *testing.T) { testLegacyInvalidCGIPBlockWithNSSelector(t) }) - t.Run("Case=LegacyServiceRefWithPodSelectorDenied", func(t *testing.T) { testLegacyInvalidCGServiceRefWithPodSelector(t) }) - t.Run("Case=LegacyServiceRefWithNamespaceSelectorDenied", func(t *testing.T) { testLegacyInvalidCGServiceRefWithNSSelector(t) }) - t.Run("Case=LegacyServiceRefWithIPBlockDenied", func(t *testing.T) { testLegacyInvalidCGServiceRefWithIPBlock(t) }) - }) - - t.Run("TestLegacyGroupClusterGroupValidateChildGroup", func(t *testing.T) { - createLegacyChildCGForTest(t) - t.Run("Case=LegacyChildGroupWithPodSelectorDenied", func(t *testing.T) { testLegacyInvalidCGChildGroupWithPodSelector(t) }) - t.Run("Case=LegacyChildGroupWithPodServiceReferenceDenied", func(t *testing.T) { testLegacyInvalidCGChildGroupWithServiceReference(t) }) - t.Run("Case=LegacyChildGroupExceedMaxNestedLevel", func(t *testing.T) { testLegacyInvalidCGMaxNestedLevel(t) }) - cleanupLegacyChildCGForTest(t) - }) - - k8sUtils.LegacyCleanup(namespaces) // clean up all cluster-scope resources, including CGs -} diff --git a/test/e2e/utils/anpspecbuilder.go b/test/e2e/utils/anpspecbuilder.go index f33feb2bf7d..f209ac9b9e5 100644 --- a/test/e2e/utils/anpspecbuilder.go +++ b/test/e2e/utils/anpspecbuilder.go @@ -20,7 +20,6 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - legacysecv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" ) type AntreaNetworkPolicySpecBuilder struct { @@ -50,22 +49,6 @@ func (b *AntreaNetworkPolicySpecBuilder) Get() *crdv1alpha1.NetworkPolicy { } } -func (b *AntreaNetworkPolicySpecBuilder) GetLegacy() *legacysecv1alpha1.NetworkPolicy { - if b.Spec.Ingress == nil { - b.Spec.Ingress = []crdv1alpha1.Rule{} - } - if b.Spec.Egress == nil { - b.Spec.Egress = []crdv1alpha1.Rule{} - } - return &legacysecv1alpha1.NetworkPolicy{ - ObjectMeta: metav1.ObjectMeta{ - Name: b.Name, - Namespace: b.Namespace, - }, - Spec: b.Spec, - } -} - func (b *AntreaNetworkPolicySpecBuilder) SetName(namespace string, name string) *AntreaNetworkPolicySpecBuilder { b.Name = name b.Namespace = namespace diff --git a/test/e2e/utils/cgspecbuilder.go b/test/e2e/utils/cgspecbuilder.go index fde8ddaf88e..b4b651a9727 100644 --- a/test/e2e/utils/cgspecbuilder.go +++ b/test/e2e/utils/cgspecbuilder.go @@ -20,7 +20,6 @@ import ( crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" - legacycorev1alpha2 "antrea.io/antrea/pkg/legacyapis/core/v1alpha2" ) type ClusterGroupV1Alpha2SpecBuilder struct { @@ -37,15 +36,6 @@ func (b *ClusterGroupV1Alpha2SpecBuilder) Get() *crdv1alpha2.ClusterGroup { } } -func (b *ClusterGroupV1Alpha2SpecBuilder) GetLegacy() *legacycorev1alpha2.ClusterGroup { - return &legacycorev1alpha2.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: b.Name, - }, - Spec: b.Spec, - } -} - func (b *ClusterGroupV1Alpha2SpecBuilder) SetName(name string) *ClusterGroupV1Alpha2SpecBuilder { b.Name = name return b diff --git a/test/e2e/utils/cnpspecbuilder.go b/test/e2e/utils/cnpspecbuilder.go index 91788dec02b..1d9839c4729 100644 --- a/test/e2e/utils/cnpspecbuilder.go +++ b/test/e2e/utils/cnpspecbuilder.go @@ -20,7 +20,6 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - legacysecv1alpha1 "antrea.io/antrea/pkg/legacyapis/security/v1alpha1" ) type ClusterNetworkPolicySpecBuilder struct { @@ -51,21 +50,6 @@ func (b *ClusterNetworkPolicySpecBuilder) Get() *crdv1alpha1.ClusterNetworkPolic } } -func (b *ClusterNetworkPolicySpecBuilder) GetLegacy() *legacysecv1alpha1.ClusterNetworkPolicy { - if b.Spec.Ingress == nil { - b.Spec.Ingress = []crdv1alpha1.Rule{} - } - if b.Spec.Egress == nil { - b.Spec.Egress = []crdv1alpha1.Rule{} - } - return &legacysecv1alpha1.ClusterNetworkPolicy{ - ObjectMeta: metav1.ObjectMeta{ - Name: b.Name, - }, - Spec: b.Spec, - } -} - func (b *ClusterNetworkPolicySpecBuilder) SetName(name string) *ClusterNetworkPolicySpecBuilder { b.Name = name return b