implement ImageProvider

Author: daimaxiaxie

config/components/crds/karpenter.k8s.alicloud_ecsnodeclasses.yaml

@@ -46,6 +46,73 @@ spec:
               ECSNodeClassSpec is the top level specification for the AliCloud Karpenter Provider.
               This will contain configuration necessary to launch instances in AliCloud.
             properties:
+              imageSelectorTerms:
+                description: ImageSelectorTerms is a list of or image selector terms.
+                  The terms are ORed.
+                items:
+                  description: |-
+                    ImageSelectorTerm defines selection logic for an image used by Karpenter to launch nodes.
+                    If multiple fields are used for selection, the requirements are ANDed.
+                  properties:
+                    alias:
+                      description: |-
+                        Alias specifies which ACK image to select.
+                        Each alias consists of a family and an image version, specified as "family@version".
+                        Valid families include: aliyun3.
+                        Currently only supports version pinning to the latest image release, with that images version format (ex: "aliyun3@latest").
+                        Setting the version to latest will result in drift when a new Image is released. This is **not** recommended for production environments.
+                      maxLength: 30
+                      type: string
+                      x-kubernetes-validations:
+                      - message: '''alias'' is improperly formatted, must match the
+                          format ''family@version'''
+                        rule: self.matches('^[a-zA-Z0-9]*@.*$')
+                      - message: 'family is not supported, must be one of the following:
+                          ''aliyun3'''
+                        rule: self.find('^[^@]+') in ['aliyun3']
+                    id:
+                      description: ID is the image id in ECS
+                      type: string
+                    name:
+                      description: |-
+                        Name is the image name in ECS.
+                        This value is the name field, which is different from the name tag.
+                      type: string
+                    owner:
+                      description: |-
+                        Owner is the image source.
+                        Default is system | self | public. If specified, only one of the following: "self", "system", "share", "public", and "marketplace"
+                      type: string
+                    tags:
+                      additionalProperties:
+                        type: string
+                      description: |-
+                        Tags is a map of key/value tags used to select subsets
+                        Specifying '*' for a value selects all values for a given tag key.
+                      maxProperties: 20
+                      type: object
+                      x-kubernetes-validations:
+                      - message: empty tag keys aren't supported
+                        rule: self.all(k, k != '')
+                  type: object
+                maxItems: 30
+                minItems: 1
+                type: array
+                x-kubernetes-validations:
+                - message: expected at least one, got none, ['tags', 'id', 'name',
+                    'alias']
+                  rule: self.all(x, has(x.tags) || has(x.id) || has(x.name) || has(x.alias))
+                - message: '''id'' is mutually exclusive, cannot be set with a combination
+                    of other fields in imageSelectorTerms'
+                  rule: '!self.exists(x, has(x.id) && (has(x.alias) || has(x.tags)
+                    || has(x.name) || has(x.owner)))'
+                - message: '''alias'' is mutually exclusive, cannot be set with a
+                    combination of other fields in imageSelectorTerms'
+                  rule: '!self.exists(x, has(x.alias) && (has(x.id) || has(x.tags)
+                    || has(x.name) || has(x.owner)))'
+                - message: '''alias'' is mutually exclusive, cannot be set with a
+                    combination of other imageSelectorTerms'
+                  rule: '!(self.exists(x, has(x.alias)) && self.size() != 1)'
               kubeletConfiguration:
                 description: |-
                   KubeletConfiguration defines args to be used when configuring kubelet on provisioned nodes.
@@ -245,12 +312,70 @@ spec:
                     of other fields in vSwitchSelectorTerms'
                   rule: '!self.all(x, has(x.id) && has(x.tags))'
             required:
+            - imageSelectorTerms
             - securityGroupSelectorTerms
             - vSwitchSelectorTerms
             type: object
           status:
             description: ECSNodeClassStatus contains the resolved state of the ECSNodeClass
             properties:
+              conditions:
+                description: Conditions contains signals for health and readiness
+                items:
+                  description: Condition aliases the upstream type and adds additional
+                    helper methods
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
               securityGroups:
                 description: |-
                   SecurityGroups contains the current Security Groups values that are available to the

pkg/apis/v1alpha1/ecsnodeclass.go

@@ -17,6 +17,10 @@ limitations under the License.
 package v1alpha1
 
 import (
+	"log"
+	"strings"
+
+	"github.com/samber/lo"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -38,6 +42,15 @@ type ECSNodeClassSpec struct {
 	// +kubebuilder:validation:MaxItems:=30
 	// +required
 	SecurityGroupSelectorTerms []SecurityGroupSelectorTerm `json:"securityGroupSelectorTerms" hash:"ignore"`
+	// ImageSelectorTerms is a list of or image selector terms. The terms are ORed.
+	// +kubebuilder:validation:XValidation:message="expected at least one, got none, ['tags', 'id', 'name', 'alias']",rule="self.all(x, has(x.tags) || has(x.id) || has(x.name) || has(x.alias))"
+	// +kubebuilder:validation:XValidation:message="'id' is mutually exclusive, cannot be set with a combination of other fields in imageSelectorTerms",rule="!self.exists(x, has(x.id) && (has(x.alias) || has(x.tags) || has(x.name) || has(x.owner)))"
+	// +kubebuilder:validation:XValidation:message="'alias' is mutually exclusive, cannot be set with a combination of other fields in imageSelectorTerms",rule="!self.exists(x, has(x.alias) && (has(x.id) || has(x.tags) || has(x.name) || has(x.owner)))"
+	// +kubebuilder:validation:XValidation:message="'alias' is mutually exclusive, cannot be set with a combination of other imageSelectorTerms",rule="!(self.exists(x, has(x.alias)) && self.size() != 1)"
+	// +kubebuilder:validation:MinItems:=1
+	// +kubebuilder:validation:MaxItems:=30
+	// +required
+	ImageSelectorTerms []ImageSelectorTerm `json:"imageSelectorTerms" hash:"ignore"`
 	// KubeletConfiguration defines args to be used when configuring kubelet on provisioned nodes.
 	// They are a subset of the upstream types, recognizing not all options may be supported.
 	// Wherever possible, the types and names should reflect the upstream kubelet types.
@@ -80,6 +93,38 @@ type SecurityGroupSelectorTerm struct {
 	Name string `json:"name,omitempty"`
 }
 
+// ImageSelectorTerm defines selection logic for an image used by Karpenter to launch nodes.
+// If multiple fields are used for selection, the requirements are ANDed.
+type ImageSelectorTerm struct {
+	// Alias specifies which ACK image to select.
+	// Each alias consists of a family and an image version, specified as "family@version".
+	// Valid families include: aliyun3.
+	// Currently only supports version pinning to the latest image release, with that images version format (ex: "aliyun3@latest").
+	// Setting the version to latest will result in drift when a new Image is released. This is **not** recommended for production environments.
+	// +kubebuilder:validation:XValidation:message="'alias' is improperly formatted, must match the format 'family@version'",rule="self.matches('^[a-zA-Z0-9]*@.*$')"
+	// +kubebuilder:validation:XValidation:message="family is not supported, must be one of the following: 'aliyun3'",rule="self.find('^[^@]+') in ['aliyun3']"
+	// +kubebuilder:validation:MaxLength=30
+	// +optional
+	Alias string `json:"alias,omitempty"`
+	// Tags is a map of key/value tags used to select subsets
+	// Specifying '*' for a value selects all values for a given tag key.
+	// +kubebuilder:validation:XValidation:message="empty tag keys aren't supported",rule="self.all(k, k != '')"
+	// +kubebuilder:validation:MaxProperties:=20
+	// +optional
+	Tags map[string]string `json:"tags,omitempty"`
+	// ID is the image id in ECS
+	// +optional
+	ID string `json:"id,omitempty"`
+	// Name is the image name in ECS.
+	// This value is the name field, which is different from the name tag.
+	// +optional
+	Name string `json:"name,omitempty"`
+	// Owner is the image source.
+	// Default is system | self | public. If specified, only one of the following: "self", "system", "share", "public", and "marketplace"
+	// +optional
+	Owner string `json:"owner,omitempty"`
+}
+
 // KubeletConfiguration defines args to be used when configuring kubelet on provisioned nodes.
 // They are a subset of the upstream types, recognizing not all options may be supported.
 // Wherever possible, the types and names should reflect the upstream kubelet types.
@@ -161,10 +206,45 @@ type ECSNodeClass struct {
 	Status ECSNodeClassStatus `json:"status,omitempty"`
 }
 
+// ImageFamily If an alias is specified, return alias, or be 'Custom' (enforced via validation).
+func (in *ECSNodeClass) ImageFamily() string {
+	if term, ok := lo.Find(in.Spec.ImageSelectorTerms, func(t ImageSelectorTerm) bool {
+		return t.Alias != ""
+	}); ok {
+		return ImageFamilyFromAlias(term.Alias)
+	}
+	// Unreachable: validation enforces that one of the above conditions must be met
+	return ImageFamilyCustom
+}
+
 // ECSNodeClassList contains a list of ECSNodeClass
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 type ECSNodeClassList struct {
 	metav1.TypeMeta `json:",inline"`
 	metav1.ListMeta `json:"metadata,omitempty"`
 	Items           []ECSNodeClass `json:"items"`
 }
+
+func ImageFamilyFromAlias(alias string) string {
+	components := strings.Split(alias, "@")
+	if len(components) != 2 {
+		log.Fatalf("failed to parse image alias %q, invalid format", alias)
+	}
+	family, ok := lo.Find([]string{
+		ImageFamilyAliyun3,
+	}, func(family string) bool {
+		return strings.ToLower(family) == components[0]
+	})
+	if !ok {
+		log.Fatalf("%q is an invalid alias family", components[0])
+	}
+	return family
+}
+
+func ImageVersionFromAlias(alias string) string {
+	components := strings.Split(alias, "@")
+	if len(components) != 2 {
+		log.Fatalf("failed to parse image alias %q, invalid format", alias)
+	}
+	return components[1]
+}

pkg/apis/v1alpha1/labels.go

@@ -56,10 +56,10 @@ func init() {
 }
 
 var (
-	TerminationFinalizer   = apis.Group + "/termination"
-	AWSToKubeArchitectures = map[string]string{
-		"x86_64":                 karpv1.ArchitectureAmd64,
-		karpv1.ArchitectureArm64: karpv1.ArchitectureArm64,
+	TerminationFinalizer            = apis.Group + "/termination"
+	AlibabaCloudToKubeArchitectures = map[string]string{
+		"x86_64": karpv1.ArchitectureAmd64,
+		"arm64":  karpv1.ArchitectureArm64,
 	}
 	WellKnownArchitectures = sets.NewString(
 		karpv1.ArchitectureAmd64,
@@ -79,11 +79,11 @@ var (
 	}
 	AMIFamilyBottlerocket                          = "Bottlerocket"
 	AMIFamilyAL2                                   = "AL2"
-	AMIFamilyAL2023                                = "AL2023"
+	ImageFamilyAliyun3                             = "Aliyun3"
 	AMIFamilyUbuntu                                = "Ubuntu"
 	AMIFamilyWindows2019                           = "Windows2019"
 	AMIFamilyWindows2022                           = "Windows2022"
-	AMIFamilyCustom                                = "Custom"
+	ImageFamilyCustom                              = "Custom"
 	Windows2019                                    = "2019"
 	Windows2022                                    = "2022"
 	WindowsCore                                    = "Core"

pkg/providers/imagefamily/aliyun3.go

@@ -0,0 +1,27 @@
+/*
+Copyright 2024 The CloudPilot AI Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package imagefamily
+
+import "context"
+
+type Aliyun3 struct {
+}
+
+func (a Aliyun3) DescribeImageQuery(ctx context.Context, k8sVersion string, imageVersion string) ([]DescribeImageQuery, error) {
+	//TODO implement me
+	panic("implement me")
+}

pkg/providers/imagefamily/custom.go

@@ -0,0 +1,39 @@
+/*
+Copyright 2024 The CloudPilot AI Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package imagefamily
+
+import (
+	"context"
+
+	corev1 "k8s.io/api/core/v1"
+	"sigs.k8s.io/karpenter/pkg/cloudprovider"
+
+	"github.com/cloudpilot-ai/karpenter-provider-alicloud/pkg/apis/v1alpha1"
+)
+
+type Custom struct {
+}
+
+// UserData returns the default userdata script for the Image Family
+func (c Custom) UserData(_ *v1alpha1.KubeletConfiguration, _ []corev1.Taint, _ map[string]string, _ *string, _ []*cloudprovider.InstanceType, customUserData *string) {
+	//TODO implement me
+	panic("implement me")
+}
+
+func (c Custom) DescribeImageQuery(_ context.Context, _ string, _ string) ([]DescribeImageQuery, error) {
+	return []DescribeImageQuery{}, nil
+}