feat: add cordon nodes gvk

Signed-off-by: r3drun3 <simone.ragonesi@sighup.io>

PROJECT

@@ -98,4 +98,13 @@ resources:
   kind: ConsumeNamespaceResources
   path: stackzoo.io/khaos/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: stackzoo.io
+  group: khaos
+  kind: CordonNode
+  path: stackzoo.io/khaos/api/v1alpha1
+  version: v1alpha1
 version: "3"

README.md

@@ -21,6 +21,7 @@ Currently, Khaos does not implement *cronjobs*; any scheduling of Khaos Custom R
 - [x] Delete cluster nodes
 - [X] Delete secrets
 - [X] Delete configmaps
+- [X] Cordon nodes
 - [X] Inject resource constraints in pods
 - [X] Add o remove labels in pods
 - [X] Flood api server with calls
@@ -87,17 +88,17 @@ Install and list all the available operator's CRDs with the following command:
 make install && kubectl get crds
 
 NAME                                       CREATED AT
-apiserveroverloads.khaos.stackzoo.io          2023-11-30T12:51:02Z
-commandinjections.khaos.stackzoo.io           2023-11-30T12:51:02Z
-configmapdestroyers.khaos.stackzoo.io         2023-11-30T12:51:02Z
-consumenamespaceresources.khaos.stackzoo.io   2023-11-30T13:58:09Z
-containerresourcechaos.khaos.stackzoo.io      2023-11-30T12:51:02Z
-eventsentropies.khaos.stackzoo.io             2023-11-30T12:51:02Z
-nodedestroyers.khaos.stackzoo.io              2023-11-30T12:51:02Z
-poddestroyers.khaos.stackzoo.io               2023-11-30T12:51:02Z
-podlabelchaos.khaos.stackzoo.io               2023-11-30T12:51:02Z
-secretdestroyers.khaos.stackzoo.io            2023-11-30T12:51:02Z
-serviceaccountremovers.khaos.stackzoo.io      2023-11-30T12:51:02Z
+apiserveroverloads.khaos.stackzoo.io          2023-12-06T13:20:49Z
+commandinjections.khaos.stackzoo.io           2023-12-06T13:20:49Z
+configmapdestroyers.khaos.stackzoo.io         2023-12-06T13:20:49Z
+consumenamespaceresources.khaos.stackzoo.io   2023-12-06T13:20:49Z
+containerresourcechaos.khaos.stackzoo.io      2023-12-06T13:20:49Z
+cordonnodes.khaos.stackzoo.io                 2023-12-06T13:20:49Z
+eventsentropies.khaos.stackzoo.io             2023-12-06T13:20:49Z
+nodedestroyers.khaos.stackzoo.io              2023-12-06T13:20:49Z
+poddestroyers.khaos.stackzoo.io               2023-12-06T13:20:49Z
+podlabelchaos.khaos.stackzoo.io               2023-12-06T13:20:49Z
+secretdestroyers.khaos.stackzoo.io            2023-12-06T13:20:49Z
 ```  
 
 In order to run the operator on your cluster (current context - i.e. whatever cluster `kubectl cluster-info` shows) run:  
@@ -616,11 +617,52 @@ kubectl get events | grep gibberish
 
 
 
+<details>
+  <summary>CORDON NODES</summary>  
 
+Apply the following `CordonNodes` manifest:  
 
+```yaml
+apiVersion: khaos.stackzoo.io/v1alpha1
+kind: CordonNode
+metadata:
+  name: example-cordon-node
+spec:
+  nodesToCordon:
+    - test-operator-cluster-worker
+    - test-operator-cluster-worker2
+    - test-operator-cluster-worker3
 
+```  
+
+```console
+kubectl apply -f examples/cordon-nodes.yaml
+```  
+
+Now check the status of the resource:  
 
+```console
+kubectl describe cordonnodes.khaos.stackzoo.io example-cordon-node | grep "Nodes Cordoned"
 
+Nodes Cordoned:  3
+```   
+
+
+Now run a busybox pod:  
+```console
+kubectl apply -f examples/test-node-cordon-pod.yaml
+
+pod/busybox-pod created
+```   
+
+Let's check that pod:  
+```console
+kubectl -n default describe pod busybox-pod | grep Warning
+
+Warning  FailedScheduling  63s   default-scheduler  0/4 nodes are available: 1 node(s) had untolerated taint {node-role.kubernetes.io/control-plane: }, 3 node(s) were unschedulable. preemption: 0/4 nodes are available: 4 Preemption is not helpful for scheduling..
+```  
+
+</details>  
 
 
 <br/>  

api/v1alpha1/cordonnode_types.go

@@ -0,0 +1,58 @@
+/*
+Copyright 2023.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// CordonNodeSpec defines the desired state of CordonNode
+type CordonNodeSpec struct {
+	// NodesToCordon is a list of node names to cordon
+	NodesToCordon []string `json:"nodesToCordon,omitempty"`
+}
+
+// CordonNodeStatus defines the observed state of CordonNode
+type CordonNodeStatus struct {
+	// NodesCordoned is the number of nodes successfully cordoned
+	NodesCordoned int `json:"nodesCordoned,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// CordonNode is the Schema for the cordonnodes API
+type CordonNode struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   CordonNodeSpec   `json:"spec,omitempty"`
+	Status CordonNodeStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// CordonNodeList contains a list of CordonNode
+type CordonNodeList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []CordonNode `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&CordonNode{}, &CordonNodeList{})
+}

cmd/main.go

@@ -159,6 +159,13 @@ func main() {
 		setupLog.Error(err, "unable to create controller", "controller", "ConsumeNamespaceResources")
 		os.Exit(1)
 	}
+	if err = (&controller.CordonNodeReconciler{
+		Client: mgr.GetClient(),
+		Scheme: mgr.GetScheme(),
+	}).SetupWithManager(mgr); err != nil {
+		setupLog.Error(err, "unable to create controller", "controller", "CordonNode")
+		os.Exit(1)
+	}
 	//+kubebuilder:scaffold:builder
 
 	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {

config/crd/bases/khaos.stackzoo.io_cordonnodes.yaml

@@ -0,0 +1,54 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.13.0
+  name: cordonnodes.khaos.stackzoo.io
+spec:
+  group: khaos.stackzoo.io
+  names:
+    kind: CordonNode
+    listKind: CordonNodeList
+    plural: cordonnodes
+    singular: cordonnode
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: CordonNode is the Schema for the cordonnodes API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: CordonNodeSpec defines the desired state of CordonNode
+            properties:
+              nodesToCordon:
+                description: NodesToCordon is a list of node names to cordon
+                items:
+                  type: string
+                type: array
+            type: object
+          status:
+            description: CordonNodeStatus defines the observed state of CordonNode
+            properties:
+              nodesCordoned:
+                description: NodesCordoned is the number of nodes successfully cordoned
+                type: integer
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}

config/crd/kustomization.yaml

@@ -12,6 +12,7 @@ resources:
 - bases/khaos.stackzoo.io_apiserveroverloads.yaml
 - bases/khaos.stackzoo.io_eventsentropies.yaml
 - bases/khaos.stackzoo.io_consumenamespaceresources.yaml
+- bases/khaos.stackzoo.io_cordonnodes.yaml
 #+kubebuilder:scaffold:crdkustomizeresource
 
 patches:
@@ -27,6 +28,7 @@ patches:
 #- path: patches/webhook_in_apiserveroverloads.yaml
 #- path: patches/webhook_in_eventsentropies.yaml
 #- path: patches/webhook_in_consumenamespaceresources.yaml
+#- path: patches/webhook_in_cordonnodes.yaml
 #+kubebuilder:scaffold:crdkustomizewebhookpatch
 
 # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
@@ -41,6 +43,7 @@ patches:
 #- path: patches/cainjection_in_apiserveroverloads.yaml
 #- path: patches/cainjection_in_eventsentropies.yaml
 #- path: patches/cainjection_in_consumenamespaceresources.yaml
+#- path: patches/cainjection_in_cordonnodes.yaml
 #+kubebuilder:scaffold:crdkustomizecainjectionpatch
 
 # [WEBHOOK] To enable webhook, uncomment the following section

config/rbac/cordonnode_editor_role.yaml

@@ -0,0 +1,31 @@
+# permissions for end users to edit cordonnodes.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: clusterrole
+    app.kubernetes.io/instance: cordonnode-editor-role
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: khaos
+    app.kubernetes.io/part-of: khaos
+    app.kubernetes.io/managed-by: kustomize
+  name: cordonnode-editor-role
+rules:
+- apiGroups:
+  - khaos.stackzoo.io
+  resources:
+  - cordonnodes
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - khaos.stackzoo.io
+  resources:
+  - cordonnodes/status
+  verbs:
+  - get