Add persist shoot function state

api/v1/runtime_types.go

@@ -18,6 +18,7 @@ package v1
 
 import (
 	gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1"
+	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -27,6 +28,53 @@ import (
 //+kubebuilder:printcolumn:name="SHOOT-NAME",type=string,JSONPath=`.metadata.labels.kyma-project\.io/shoot-name`
 //+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 
+const Finalizer = "runtime-controller.infrastructure-manager.kyma-project.io/deletion-hook"
+
+const (
+	RuntimeStateReady      = "Ready"
+	RuntimeStateError      = "Error"
+	RuntimeStateCreating   = "Creating"
+	RuntimeStateProcessing = "Processing"
+	RuntimeStateDeleting   = "Deleting"
+)
+
+type RuntimeConditionType string
+
+const (
+	ConditionTypeRuntimeProvisioning   RuntimeConditionType = "RuntimeProvisioning"
+	ConditionTypeRuntimeDeprovisioning RuntimeConditionType = "RuntimeDeprovisioning"
+	ConditionTypeRuntimeUpdate         RuntimeConditionType = "RuntimeUpgrade"
+)
+
+type RuntimeConditionReason string
+
+const (
+	ConditionReasonProcessing          = RuntimeConditionReason("Processing")
+	ConditionReasonProcessingErr       = RuntimeConditionReason("ProcessingErr")
+	ConditionReasonProcessingCompleted = RuntimeConditionReason("ProcessingCompleted")
+
+	ConditionReasonInitialized            = RuntimeConditionReason("Initialised")
+	ConditionReasonShootCreationPending   = RuntimeConditionReason("Pending")
+	ConditionReasonShootCreationCompleted = RuntimeConditionReason("ShootCreationCompleted")
+	ConditionReasonConfigurationStarted   = RuntimeConditionReason("ConfigurationStarted")
+	ConditionReasonConfigurationCompleted = RuntimeConditionReason("ConfigurationCompleted")
+	ConditionReasonConfigurationErr       = RuntimeConditionReason("ConfigurationError")
+
+	ConditionReasonDeletion        = RuntimeConditionReason("Deletion")
+	ConditionReasonDeletionErr     = RuntimeConditionReason("DeletionErr")
+	ConditionReasonConversionError = RuntimeConditionReason("ConversionErr")
+	ConditionReasonCreationError   = RuntimeConditionReason("CreationErr")
+	ConditionReasonGardenerError   = RuntimeConditionReason("GardenerErr")
+	ConditionReasonDeleted         = RuntimeConditionReason("Deleted")
+)
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+//+kubebuilder:printcolumn:name="Provider",type="string",JSONPath=".spec.shoot.provider.type"
+//+kubebuilder:printcolumn:name="Region",type="string",JSONPath=".spec.shoot.region"
+//+kubebuilder:printcolumn:name="STATE",type=string,JSONPath=`.status.state`
+//+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
+
 // Runtime is the Schema for the runtimes API
 type Runtime struct {
 	metav1.TypeMeta   `json:",inline"`
@@ -55,7 +103,7 @@ type RuntimeSpec struct {
 type RuntimeStatus struct {
 	// State signifies current state of Runtime
 	// +kubebuilder:validation:Required
-	// +kubebuilder:validation:Enum=Processing;Deleting;Ready;Error
+	// +kubebuilder:validation:Enum=Creating;Processing;Deleting;Ready;Error
 	State State `json:"state,omitempty"`
 
 	// List of status conditions to indicate the status of a ServiceInstance.
@@ -87,6 +135,7 @@ type APIServer struct {
 }
 
 type Provider struct {
+	//+kubebuilder:validation:Enum=aws;azure;gcp;openstack
 	Type    string            `json:"type"`
 	Workers []gardener.Worker `json:"workers"`
 }
@@ -123,3 +172,75 @@ type Egress struct {
 func init() {
 	SchemeBuilder.Register(&Runtime{}, &RuntimeList{})
 }
+
+func (k *Runtime) UpdateStateProcessing(c RuntimeConditionType, r RuntimeConditionReason, msg string) {
+	k.Status.State = RuntimeStateProcessing
+	condition := metav1.Condition{
+		Type:               string(c),
+		Status:             "Unknown",
+		LastTransitionTime: metav1.Now(),
+		Reason:             string(r),
+		Message:            msg,
+	}
+	meta.SetStatusCondition(&k.Status.Conditions, condition)
+}
+
+func (k *Runtime) UpdateStateReady(c RuntimeConditionType, r RuntimeConditionReason, msg string) {
+	k.Status.State = RuntimeStateReady
+	condition := metav1.Condition{
+		Type:               string(c),
+		Status:             "True",
+		LastTransitionTime: metav1.Now(),
+		Reason:             string(r),
+		Message:            msg,
+	}
+	meta.SetStatusCondition(&k.Status.Conditions, condition)
+}
+
+func (k *Runtime) UpdateStateDeletion(c RuntimeConditionType, r RuntimeConditionReason, msg string) {
+	k.Status.State = RuntimeStateDeleting
+	condition := metav1.Condition{
+		Type:               string(c),
+		Status:             "True",
+		LastTransitionTime: metav1.Now(),
+		Reason:             string(r),
+		Message:            msg,
+	}
+	meta.SetStatusCondition(&k.Status.Conditions, condition)
+}
+
+func (k *Runtime) UpdateStateCreating(c RuntimeConditionType, r RuntimeConditionReason, msg string) {
+	k.Status.State = RuntimeStateCreating
+	condition := metav1.Condition{
+		Type:               string(c),
+		Status:             "True",
+		LastTransitionTime: metav1.Now(),
+		Reason:             string(r),
+		Message:            msg,
+	}
+	meta.SetStatusCondition(&k.Status.Conditions, condition)
+}
+
+func (k *Runtime) UpdateStateError(c RuntimeConditionType, r RuntimeConditionReason, msg string) {
+	k.Status.State = RuntimeStateError
+	condition := metav1.Condition{
+		Type:               string(c),
+		Status:             "True",
+		LastTransitionTime: metav1.Now(),
+		Reason:             string(r),
+		Message:            msg,
+	}
+	meta.SetStatusCondition(&k.Status.Conditions, condition)
+}
+
+func (k *Runtime) IsRuntimeStateSet(runtimeState State, c RuntimeConditionType, r RuntimeConditionReason) bool {
+	if k.Status.State != runtimeState {
+		return false
+	}
+
+	condition := meta.FindStatusCondition(k.Status.Conditions, string(c))
+	if condition != nil && condition.Reason == string(r) {
+		return true
+	}
+	return false
+}

cmd/main.go

@@ -22,10 +22,13 @@ import (
 	"os"
 	"time"
 
+	kubeconfig_controller "github.com/kyma-project/infrastructure-manager/internal/controller/kubeconfig"
+	runtime_controller "github.com/kyma-project/infrastructure-manager/internal/controller/runtime"
+	"github.com/kyma-project/infrastructure-manager/internal/controller/runtime/fsm"
+
 	"github.com/gardener/gardener/pkg/apis/core/v1beta1"
 	gardener_apis "github.com/gardener/gardener/pkg/client/core/clientset/versioned/typed/core/v1beta1"
 	infrastructuremanagerv1 "github.com/kyma-project/infrastructure-manager/api/v1"
-	"github.com/kyma-project/infrastructure-manager/internal/controller"
 	"github.com/kyma-project/infrastructure-manager/internal/controller/metrics"
 	"github.com/kyma-project/infrastructure-manager/internal/gardener"
 	"github.com/kyma-project/infrastructure-manager/internal/gardener/kubeconfig"
@@ -65,6 +68,7 @@ func main() {
 	var minimalRotationTimeRatio float64
 	var expirationTime time.Duration
 	var enableRuntimeReconciler bool
+	var persistShoot bool
 
 	flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
 	flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
@@ -76,6 +80,7 @@ func main() {
 	flag.Float64Var(&minimalRotationTimeRatio, "minimal-rotation-time", defaultMinimalRotationTimeRatio, "The ratio determines what is the minimal time that needs to pass to rotate certificate.")
 	flag.DurationVar(&expirationTime, "kubeconfig-expiration-time", defaultExpirationTime, "Dynamic kubeconfig expiration time")
 	flag.BoolVar(&enableRuntimeReconciler, "runtime-reconciler-enabled", defaultRuntimeReconcilerEnabled, "Feature flag for all runtime reconciler functionalities")
+	flag.BoolVar(&persistShoot, "persist-shoot", false, "Feature flag to allow persisting created shoots")
 
 	opts := zap.Options{
 		Development: true,
@@ -128,7 +133,7 @@ func main() {
 
 	rotationPeriod := time.Duration(minimalRotationTimeRatio*expirationTime.Minutes()) * time.Minute
 	metrics := metrics.NewMetrics()
-	if err = controller.NewGardenerClusterController(
+	if err = kubeconfig_controller.NewGardenerClusterController(
 		mgr,
 		kubeconfigProvider,
 		logger,
@@ -140,12 +145,19 @@ func main() {
 		os.Exit(1)
 	}
 
+	cfg := fsm.RCCfg{Finalizer: infrastructuremanagerv1.Finalizer}
+	if persistShoot {
+		cfg.PVCPath = "/testdata/kim"
+	}
+
 	if enableRuntimeReconciler {
-		if err = (&controller.RuntimeReconciler{
-			Client:      mgr.GetClient(),
-			Scheme:      mgr.GetScheme(),
-			ShootClient: shootClient,
-			Log:         logger,
+		if err = (&runtime_controller.RuntimeReconciler{
+			Client:        mgr.GetClient(),
+			Scheme:        mgr.GetScheme(),
+			ShootClient:   shootClient,
+			Log:           logger,
+			Cfg:           cfg,
+			EventRecorder: mgr.GetEventRecorderFor("runtime-controller"),
 		}).SetupWithManager(mgr); err != nil {
 			setupLog.Error(err, "unable to create controller", "controller", "Runtime")
 			os.Exit(1)

config/crd/bases/infrastructuremanager.kyma-project.io_runtimes.yaml

@@ -15,12 +15,15 @@ spec:
   scope: Namespaced
   versions:
   - additionalPrinterColumns:
+    - jsonPath: .spec.shoot.provider.type
+      name: Provider
+      type: string
+    - jsonPath: .spec.shoot.region
+      name: Region
+      type: string
     - jsonPath: .status.state
       name: STATE
       type: string
-    - jsonPath: .metadata.labels.kyma-project\.io/shoot-name
-      name: SHOOT-NAME
-      type: string
     - jsonPath: .metadata.creationTimestamp
       name: Age
       type: date
@@ -304,6 +307,11 @@ spec:
                   provider:
                     properties:
                       type:
+                        enum:
+                        - aws
+                        - azure
+                        - gcp
+                        - openstack
                         type: string
                       workers:
                         items:
@@ -1102,6 +1110,7 @@ spec:
               state:
                 description: State signifies current state of Runtime
                 enum:
+                - Creating
                 - Processing
                 - Deleting
                 - Ready

config/manager/kustomization.yaml

@@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 images:
 - name: controller
-  newName: custom-im
-  newTag: 2.2.7
+  newName: controller
+  newTag: latest

config/samples/infrastructuremanager_v1_runtime.yaml

@@ -1,48 +1,108 @@
-apiVersion: infrastructuremanager.kyma-project.io/v1alpha1
+apiVersion: infrastructuremanager.kyma-project.io/v1
 kind: Runtime
 metadata:
+  labels:
+    kyma-project.io/instance-id: instance-id
+    kyma-project.io/runtime-id: runtime-id
+    kyma-project.io/broker-plan-id: plan-id
+    kyma-project.io/broker-plan-name: plan-name
+    kyma-project.io/global-account-id: global-account-id
+    kyma-project.io/subaccount-id: subAccount-id
+    kyma-project.io/shoot-name: shoot-name
+    kyma-project.io/region: region
+    operator.kyma-project.io/kyma-name: kymaName
   name: runtime-id
   namespace: kcp-system
 spec:
   shoot:
+    # spec.shoot.name is required
     name: shoot-name
+    # spec.shoot.purpose is required
     purpose: production
+    # spec.shoot.region is required
+    region: eu-central-1
+    # spec.shoot.platformRegion is required
+    platformRegion: "cd-eu11"
+    # spec.shoot.secretBindingName is required
+    secretBindingName: "hyperscaler secret"
+    # spec.shoot.enforceSeedLocation is optional ; it allows to make sure the seed cluster will be located in the same region as the runtime
+    enforceSeedLocation: true
     kubernetes:
+      # spec.shoot.kubernetes.version is optional, when not provided default will be used
+      # Will be modified by the SRE
+      version: "1.28.7"
       kubeAPIServer:
+        # spec.shoot.kubernetes.kubeAPIServer.oidcConfig is required
         oidcConfig:
           clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
           groupsClaim: groups
           issuerURL: https://my.cool.tokens.com
           signingAlgs:
             - RS256
           usernameClaim: sub
+        # spec.shoot.kubernetes.kubeAPIServer.additionalOidcConfig is optional, not implemented in the first KIM release
+        additionalOidcConfig:
+          - clientID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
+            groupsClaim: groups
+            issuerURL: https://some.others.tokens.com
+            signingAlgs:
+              - RS256
+            usernameClaim: sub
+            usernamePrefix: 'someother'
     provider:
+      # spec.shoot.provider.type is required
       type: aws
-      region: eu-central-1
-      secretBindingName: "hypersaler secret"
+      # spec.shoot.provider.workers is required
+      workers:
+        - machine:
+            # spec.shoot.workers.machine.type is required
+            type: m6i.large
+            # spec.shoot.workers.machine.image is optional, when not provider default will be used
+            # Will be modified by the SRE
+            image:
+              name: gardenlinux
+              version: 1312.3.0
+          # spec.shoot.workers.volume is required for the first release
+          # Probably can be moved into KIM, as it is hardcoded in KEB, and not dependent on plan
+          volume:
+            type: gp2
+            size: 50Gi
+          # spec.shoot.workers.zones is required
+          zones:
+            - eu-central-1a
+            - eu-central-1b
+            - eu-central-1c
+          # spec.shoot.workers.name is optional, if not provided default will be used
+          name: cpu-worker-0
+          # spec.shoot.workers.minimum is required
+          minimum: 3
+          # spec.shoot.workers.maximum is required
+          maximum: 20
+          # spec.shoot.workers.maxSurge is required in the first release.
+          # It can be optional in the future, as it equals to zone count
+          maxSurge: 3
+          # spec.shoot.workers.maxUnavailable is required in the first release.
+          # It can be optional in the future, as it is always set to 0
+          maxUnavailable: 0
+    # spec.shoot.Networking is required
     networking:
       pods: 100.64.0.0/12
       nodes: 10.250.0.0/16
       services: 100.104.0.0/13
+    # spec.shoot.controlPlane is required
     controlPlane:
       highAvailability:
         failureTolerance:
-          type: node
-    workers:
-      - machine:
-          type: m6i.large
-        zones:
-          - eu-central-1a
-          - eu-central-1b
-          - eu-central-1c
-        minimum: 3
-        maximum: 20
-        maxSurge: 3
-        maxUnavailable:  0
+          type: zone
   security:
     networking:
-      filtering:
+      filter:
+        # spec.security.networking.filter.egress.enabled is required
         egress:
           enabled: false
+        # spec.security.networking.filter.ingress.enabled is optional (default=false), not implemented in the first KIM release
+        ingress:
+          enabled: true
+    # spec.security.administrators is required
     administrators:
-      - test.me@plz
+      - admin@myorg.com