search

upbound / up

The @upbound CLI
Apache License 2.0
51 stars 41 forks source link

MCP Connector support for Spaces #395

Closed tnthornton closed 10 months ago

tnthornton commented 10 months ago

Description of your changes

We'd like to enable operators to install the mcp-connector into App Clusters pointing to a Space control plane. In order to accomplish that, we needed to slightly extend what the current up ctp connector install command is doing and allow passing in:

--control-plane-secret={secret name}

so that an operator can supply the control plane secret.

In addition, we wanted to make it easier to uninstall the mcp-connector. To accomplish this a new subcommand up ctp connector uninstall was introduced.

I have:

How has this code been tested

  1. Verify commands exist 
    
./_output/bin/darwin_arm64/up ctp connector --help
Usage: up controlplane (ctp) connector <command>

Connect an App Cluster to a managed control plane.

Flags: -h, --help Show context-sensitive help. --format="default" Format for get/list commands. Can be: json, yaml, default -v, --version Print version and exit. -q, --quiet Suppress all output. --pretty Pretty print output.

  --domain=https://upbound.io    Root Upbound domain ($UP_DOMAIN).
  --profile=STRING               Profile used to execute command ($UP_PROFILE).

-a, --account=STRING Account used to execute command ($UP_ACCOUNT). --insecure-skip-tls-verify [INSECURE] Skip verifying TLS certificates ($UP_INSECURE_SKIP_TLS_VERIFY). -d, --debug=INT [INSECURE] Run with debug logging. Repeat to increase verbosity. Output might contain confidential data like tokens ($UP_DEBUG).

Commands: controlplane (ctp) connector install Install mcp-connector into an App Cluster. controlplane (ctp) connector uninstall Uninstall mcp-connector from an App Cluster.


2. Installing mcp-connector
```bash
./_output/bin/darwin_arm64/up ctp connector install ctp1 default --control-plane-secret=test

kubectl -n kube-system get pods -o custom-columns="POD_NAME":".metadata.name"
POD_NAME
coredns-565d847f94-5tld8
coredns-565d847f94-92fc9
etcd-kind-control-plane
kindnet-fwmqk
kube-apiserver-kind-control-plane
kube-controller-manager-kind-control-plane
kube-proxy-jztks
kube-scheduler-kind-control-plane
mcp-connector-b88847fb7-mljm8

  1. Check the volume has 'test' as the secretName:

    kubectl -n kube-system get deploy mcp-connector -o yaml
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: "1"
meta.helm.sh/release-name: mcp-connector
meta.helm.sh/release-namespace: kube-system
creationTimestamp: "2023-10-12T17:16:15Z"
generation: 1
labels:
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: mcp-connector
name: mcp-connector
namespace: kube-system
resourceVersion: "4063"
uid: 476f5c46-df37-4a30-af8b-d760e0d48f29
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
  app.kubernetes.io/name: mcp-connector
strategy:
rollingUpdate:
  maxSurge: 25%
  maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
  creationTimestamp: null
  labels:
    app.kubernetes.io/name: mcp-connector
spec:
  containers:
  - args:
    - serve
    - --mcp-kubeconfig=/etc/mcp/kubeconfig
    - --mcp-namespace=default
    - --debug
    image: upbound/mcp-connector:v0.3.4
    imagePullPolicy: IfNotPresent
    name: apiserver
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /etc/mcp
      name: mcp-kubeconfig
      readOnly: true
  - args:
    - bind
    - --mcp-kubeconfig=/etc/mcp/kubeconfig
    - --service-name=mcp-connector
    - --service-namespace=kube-system
    - --service-port=443
    - --debug
    image: upbound/mcp-connector:v0.3.4
    imagePullPolicy: IfNotPresent
    name: binder
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /etc/mcp
      name: mcp-kubeconfig
      readOnly: true
  dnsPolicy: ClusterFirst
  initContainers:
  - args:
    - init
    - default
    - --mcp-kubeconfig=/etc/mcp/kubeconfig
    - --debug
    image: upbound/mcp-connector:v0.3.4
    imagePullPolicy: IfNotPresent
    name: init
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /etc/mcp
      name: mcp-kubeconfig
      readOnly: true
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: mcp-connector
  serviceAccountName: mcp-connector
  terminationGracePeriodSeconds: 30
  volumes:
  - name: mcp-kubeconfig
    secret:
      defaultMode: 420
      secretName: test                                                 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<,
status:
conditions:
- lastTransitionTime: "2023-10-12T17:16:15Z"
lastUpdateTime: "2023-10-12T17:16:15Z"
message: Deployment does not have minimum availability.
reason: MinimumReplicasUnavailable
status: "False"
type: Available
- lastTransitionTime: "2023-10-12T17:16:15Z"
lastUpdateTime: "2023-10-12T17:16:15Z"
message: ReplicaSet "mcp-connector-b88847fb7" is progressing.
reason: ReplicaSetUpdated
status: "True"
type: Progressing
observedGeneration: 1
replicas: 1
unavailableReplicas: 1
updatedReplicas: 1

  2. Uninstall mcp-connector

    
./_output/bin/darwin_arm64/up ctp connector uninstall default
MCP Connector uninstalled

kubectl -n kube-system get pods -o custom-columns="POD_NAME":".metadata.name" POD_NAME coredns-565d847f94-5tld8 coredns-565d847f94-92fc9 etcd-kind-control-plane kindnet-fwmqk kube-apiserver-kind-control-plane kube-controller-manager-kind-control-plane kube-proxy-jztks kube-scheduler-kind-control-plane