update crd

addons/controllers/antrea/antreaconfig_controller.go

@@ -184,7 +184,7 @@ func (r *AntreaConfigReconciler) ReconcileAntreaConfigNormal(
 		return err
 	}
 
-	if antreaConfig.Spec.AntreaNsx.AntreaNsxProvider != nil && antreaConfig.Spec.AntreaNsx.AntreaNsxInline != nil {
+	if antreaConfig.Spec.AntreaNsx.BootstrapFrom.ProviderRef != nil && antreaConfig.Spec.AntreaNsx.BootstrapFrom.Inline != nil {
 		err := fmt.Errorf("AntreaNsxProvider can not be used with AntreaNsxInline in antreaConfig")
 		antreaConfig.Status.Message = err.Error()
 	}

addons/controllers/antrea/antreaconfig_util.go

@@ -31,22 +31,45 @@ type antrea struct {
 }
 
 type antreaNsx struct {
-	Enable            bool               `yaml:"enable,omitempty"`
-	BootstrapFrom     string             `yaml:"bootstrapFrom,omitempty"`
-	AntreaNsxProvider *antreaNsxProvider `yaml:"provider,omitempty"`
-	AntreaNsxInline   *antreaNsxInline   `yaml:"inline,omitempty"`
-	AntreaNsxConfig   antreaNsxConfig    `yaml:"config,omitempty"`
+	Enable            bool                   `yaml:"enable,omitempty"`
+	BootstrapFrom     AntreaNsxBootstrapFrom `yaml:"bootstrapFrom,omitempty"`
+	AntreaNsxProvider *antreaNsxProvider     `yaml:"provider,omitempty"`
+	AntreaNsxInline   *antreaNsxInline       `yaml:"inline,omitempty"`
+	AntreaNsxConfig   antreaNsxConfig        `yaml:"config,omitempty"`
 }
 
 type antreaNsxProvider struct {
-	ApiGroup string `yaml:"apiGroup,omitempty"`
-	Kind     string `yaml:"kind,omitempty"`
+	ApiVersion string `yaml:"apiVersion,omitempty"`
+	Kind       string `yaml:"kind,omitempty"`
+}
+
+type AntreaNsxBootstrapFrom struct {
+	// providerRef is used with uTKG, which will be filled by NCP operator
+	ProviderRef *antreaNsxProvider `yaml:"providerRef,omitempty"`
+	// inline is used with TKGm, user need to fill in manually
+	Inline *antreaNsxInline `yaml:"inline,omitempty"`
+}
+
+type AntreaNsxProvider struct {
+	// api version for nsxServiceAccount, its value is "nsx.vmware.com/v1alpha1" now
+	ApiVersion string `yaml:"apiVersion,omitempty"`
+	// its value is NsxServiceAccount
+	Kind string `yaml:"kind,omitempty"`
+	// the name for NsxServiceAccount
+	Name string `yaml:"name,omitempty"`
+}
+
+type nsxCertRef struct {
+	// tls.crt is cert file to access nsx manager
+	TLSCert string `yaml:"tls.crt,omitempty"`
+	// tls.key is key file to access nsx manager
+	TLSKey string `yaml:"tls.key,omitempty"`
 }
 
 type antreaNsxInline struct {
-	NsxManagers []string `yaml:"nsxManagers,omitempty"`
-	ClusterName string   `yaml:"ClusterName,omitempty"`
-	NsxCertRef  string   `yaml:"NsxCertRef,omitempty"`
+	NsxManagers []string   `yaml:"nsxManagers,omitempty"`
+	ClusterName string     `yaml:"clusterName,omitempty"`
+	NsxCertRef  nsxCertRef `yaml:"NsxCert,omitempty"`
 }
 
 type antreaNsxConfig struct {
@@ -85,9 +108,9 @@ type antreaConfigDataValue struct {
 	AntreaProxy             antreaProxy         `yaml:"antreaProxy,omitempty"`
 	FlowExporter            antreaFlowExporter  `yaml:"flowExporter,omitempty"`
 	KubeAPIServerOverride   string              `yaml:"kubeAPIServerOverride,omitempty"`
-	transportInterface      string              `yaml:"transportInterface,omitempty"`
-	transportInterfaceCIDRs []string            `yaml:"transportInterfaceCIDRs,omitempty"`
-	multicastInterfaces     []string            `yaml:"multicastInterfaces,omitempty"`
+	TransportInterface      string              `yaml:"transportInterface,omitempty"`
+	TransportInterfaceCIDRs []string            `yaml:"transportInterfaceCIDRs,omitempty"`
+	MulticastInterfaces     []string            `yaml:"multicastInterfaces,omitempty"`
 	TunnelType              string              `yaml:"tunnelType,omitempty"`
 	TrafficEncryptionMode   string              `yaml:"trafficEncryptionMode,omitempty"`
 	EnableUsageReporting    bool                `yaml:"enableUsageReporting,omitempty"`
@@ -199,9 +222,9 @@ func mapAntreaConfigSpec(cluster *clusterv1beta1.Cluster, config *cniv1alpha1.An
 	configSpec.Antrea.AntreaConfigDataValue.FlowExporter.ActiveFlowTimeout = config.Spec.Antrea.AntreaConfigDataValue.AntreaFlowExporter.ActiveFlowTimeout
 	configSpec.Antrea.AntreaConfigDataValue.FlowExporter.IdleFlowTimeout = config.Spec.Antrea.AntreaConfigDataValue.AntreaFlowExporter.IdleFlowTimeout
 	configSpec.Antrea.AntreaConfigDataValue.KubeAPIServerOverride = config.Spec.Antrea.AntreaConfigDataValue.KubeAPIServerOverride
-	configSpec.Antrea.AntreaConfigDataValue.transportInterface = config.Spec.Antrea.AntreaConfigDataValue.TransportInterface
-	configSpec.Antrea.AntreaConfigDataValue.transportInterfaceCIDRs = config.Spec.Antrea.AntreaConfigDataValue.TransportInterfaceCIDRs
-	configSpec.Antrea.AntreaConfigDataValue.multicastInterfaces = config.Spec.Antrea.AntreaConfigDataValue.MulticastInterfaces
+	configSpec.Antrea.AntreaConfigDataValue.TransportInterface = config.Spec.Antrea.AntreaConfigDataValue.TransportInterface
+	configSpec.Antrea.AntreaConfigDataValue.TransportInterfaceCIDRs = config.Spec.Antrea.AntreaConfigDataValue.TransportInterfaceCIDRs
+	configSpec.Antrea.AntreaConfigDataValue.MulticastInterfaces = config.Spec.Antrea.AntreaConfigDataValue.MulticastInterfaces
 	configSpec.Antrea.AntreaConfigDataValue.TunnelType = config.Spec.Antrea.AntreaConfigDataValue.TunnelType
 	configSpec.Antrea.AntreaConfigDataValue.EnableUsageReporting = config.Spec.Antrea.AntreaConfigDataValue.EnableUsageReporting
 	configSpec.Antrea.AntreaConfigDataValue.WireGuard.Port = config.Spec.Antrea.AntreaConfigDataValue.WireGuard.Port
@@ -227,18 +250,19 @@ func mapAntreaConfigSpec(cluster *clusterv1beta1.Cluster, config *cniv1alpha1.An
 	//nsx config
 	if config.Spec.AntreaNsx.Enable {
 		configSpec.AntreaNsx.Enable = config.Spec.AntreaNsx.Enable
-		if config.Spec.AntreaNsx.AntreaNsxProvider != nil {
-			configSpec.AntreaNsx.AntreaNsxProvider.ApiGroup = config.Spec.AntreaNsx.AntreaNsxProvider.ApiGroup
-			configSpec.AntreaNsx.AntreaNsxProvider.Kind = config.Spec.AntreaNsx.AntreaNsxProvider.Kind
-		} else if config.Spec.AntreaNsx.AntreaNsxInline == nil {
+		if config.Spec.AntreaNsx.BootstrapFrom.ProviderRef != nil {
+			configSpec.AntreaNsx.AntreaNsxProvider.ApiVersion = config.Spec.AntreaNsx.BootstrapFrom.ProviderRef.ApiVersion
+			configSpec.AntreaNsx.AntreaNsxProvider.Kind = config.Spec.AntreaNsx.BootstrapFrom.ProviderRef.Kind
+		} else if config.Spec.AntreaNsx.BootstrapFrom.Inline == nil {
 			configSpec.AntreaNsx.AntreaNsxProvider = new(antreaNsxProvider)
-			configSpec.AntreaNsx.AntreaNsxProvider.ApiGroup = "nsx.vmware.com"
+			configSpec.AntreaNsx.AntreaNsxProvider.ApiVersion = "nsx.vmware.com"
 			configSpec.AntreaNsx.AntreaNsxProvider.Kind = "NSXServiceAccount"
 		}
-		if config.Spec.AntreaNsx.AntreaNsxInline != nil {
-			configSpec.AntreaNsx.AntreaNsxInline.NsxManagers = config.Spec.AntreaNsx.AntreaNsxInline.NsxManagers
-			configSpec.AntreaNsx.AntreaNsxInline.ClusterName = config.Spec.AntreaNsx.AntreaNsxInline.ClusterName
-			configSpec.AntreaNsx.AntreaNsxInline.NsxCertRef = config.Spec.AntreaNsx.AntreaNsxInline.NsxCertRef
+		if config.Spec.AntreaNsx.BootstrapFrom.Inline != nil {
+			configSpec.AntreaNsx.AntreaNsxInline.NsxManagers = config.Spec.AntreaNsx.BootstrapFrom.Inline.NsxManagers
+			configSpec.AntreaNsx.AntreaNsxInline.ClusterName = config.Spec.AntreaNsx.BootstrapFrom.Inline.ClusterName
+			configSpec.AntreaNsx.AntreaNsxInline.NsxCertRef.TLSCert = config.Spec.AntreaNsx.BootstrapFrom.Inline.NsxCert.TLSCert
+			configSpec.AntreaNsx.AntreaNsxInline.NsxCertRef.TLSKey = config.Spec.AntreaNsx.BootstrapFrom.Inline.NsxCert.TLSKey
 		}
 	}
 

apis/addonconfigs/cni/v1alpha1/antreaconfig_types.go

@@ -11,7 +11,8 @@ type AntreaProxyNodePortAddress []string
 
 // AntreaConfigSpec defines the desired state of AntreaConfig
 type AntreaConfigSpec struct {
-	Antrea    Antrea    `json:"antrea,omitempty"`
+	Antrea Antrea `json:"antrea,omitempty"`
+	// AntreaNsx defines nsxt adapter related configurations
 	AntreaNsx AntreaNsx `json:"antreaNsx,omitempty"`
 }
 
@@ -218,25 +219,51 @@ type AntreaConfigStatus struct {
 }
 
 type AntreaNsx struct {
-	Enable            bool               `json:"enable,omitempty"`
-	BootstrapFrom     string             `json:"bootstrapFrom,omitempty"`
-	AntreaNsxProvider *AntreaNsxProvider `json:"provider,omitempty"`
-	AntreaNsxInline   *AntreaNsxInline   `json:"inline,omitempty"`
-	AntreaNsxConfig   AntreaNsxConfig    `json:"config,omitempty"`
+	// enable indicates whether nsxt adapter shall be enabled in the cluster
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:default:=false
+	Enable bool `json:"enable,omitempty"`
+	// bootstrapFrom either providerRef or inline configs
+	BootstrapFrom AntreaNsxBootstrapFrom `json:"bootstrapFrom,omitempty"`
+	// config is  configuration for nsxt adapter
+	AntreaNsxConfig AntreaNsxConfig `json:"config,omitempty"`
+}
+
+type AntreaNsxBootstrapFrom struct {
+	// providerRef is used with uTKG, which will be filled by NCP operator
+	ProviderRef *AntreaNsxProvider `json:"providerRef,omitempty"`
+	// inline is used with TKGm, user need to fill in manually
+	Inline *AntreaNsxInline `json:"inline,omitempty"`
 }
 
 type AntreaNsxProvider struct {
-	ApiGroup string `json:"apiGroup,omitempty"`
-	Kind     string `json:"kind,omitempty"`
+	// api version for nsxServiceAccount, its value is "nsx.vmware.com/v1alpha1" now
+	ApiVersion string `json:"apiVersion,omitempty"`
+	// its value is NsxServiceAccount
+	Kind string `json:"kind,omitempty"`
+	// the name for NsxServiceAccount
+	Name string `json:"name,omitempty"`
 }
 
 type AntreaNsxInline struct {
+	// nsxManagers is the list for nsx managers, it can be either IP address or domain name
 	NsxManagers []string `json:"nsxManagers,omitempty"`
-	ClusterName string   `json:"ClusterName,omitempty"`
-	NsxCertRef  string   `json:"NsxCertRef,omitempty"`
+	// clusterName is the name for the created cluster
+	ClusterName string `json:"clusterName,omitempty"`
+	// nsxCert is cert files to access nsx manager
+	NsxCert NsxCertRef `json:"nsxCert,omitempty"`
+}
+
+type NsxCertRef struct {
+	// tls.crt is cert file to access nsx manager
+	TLSCert string `json:"tls.crt,omitempty"`
+	// tls.key is key file to access nsx manager
+	TLSKey string `json:"tls.key,omitempty"`
 }
 
 type AntreaNsxConfig struct {
+	// infraType is the type for infrastructure, so far it is vSphere, VMC, AWS, Azure
+	InfraType string `json:"infraType,omitempty"`
 }
 
 // +kubebuilder:object:root=true

apis/addonconfigs/config/crd/bases/cni.tanzu.vmware.com_antreaconfigs.yaml

@@ -238,31 +238,64 @@ spec:
                     type: object
                 type: object
               antreaNsx:
+                description: AntreaNsx defines nsxt adapter related configurations
                 properties:
                   bootstrapFrom:
-                    type: string
-                  config:
-                    type: object
-                  enable:
-                    type: boolean
-                  inline:
+                    description: bootstrapFrom either providerRef or inline configs
                     properties:
-                      ClusterName:
-                        type: string
-                      NsxCertRef:
-                        type: string
-                      nsxManagers:
-                        items:
-                          type: string
-                        type: array
+                      inline:
+                        description: inline is used with TKGm, user need to fill in
+                          manually
+                        properties:
+                          clusterName:
+                            description: clusterName is the name for the created cluster
+                            type: string
+                          nsxCert:
+                            description: nsxCert is cert files to access nsx manager
+                            properties:
+                              tls.crt:
+                                description: tls.crt is cert file to access nsx manager
+                                type: string
+                              tls.key:
+                                description: tls.key is key file to access nsx manager
+                                type: string
+                            type: object
+                          nsxManagers:
+                            description: nsxManagers is the list for nsx managers,
+                              it can be either IP address or domain name
+                            items:
+                              type: string
+                            type: array
+                        type: object
+                      providerRef:
+                        description: providerRef is used with uTKG, which will be
+                          filled by NCP operator
+                        properties:
+                          apiVersion:
+                            description: api version for nsxServiceAccount, its value
+                              is "nsx.vmware.com/v1alpha1" now
+                            type: string
+                          kind:
+                            description: its value is NsxServiceAccount
+                            type: string
+                          name:
+                            description: the name for NsxServiceAccount
+                            type: string
+                        type: object
                     type: object
-                  provider:
+                  config:
+                    description: config is  configuration for nsxt adapter
                     properties:
-                      apiGroup:
-                        type: string
-                      kind:
+                      infraType:
+                        description: infraType is the type for infrastructure, so
+                          far it is vSphere, VMC, AWS, Azure
                         type: string
                     type: object
+                  enable:
+                    default: false
+                    description: enable indicates whether nsxt adapter shall be enabled
+                      in the cluster
+                    type: boolean
                 type: object
             type: object
           status: