From 13983d5297d697b777900d10ecc0447485de96a3 Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Mon, 3 Jul 2023 12:43:29 +0200 Subject: [PATCH 01/10] added helm chart --- deploy/.helmignore | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 deploy/.helmignore diff --git a/deploy/.helmignore b/deploy/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/deploy/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ From 4b7948d600f60c2682459b9fa70f0577f79e6403 Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Wed, 5 Jul 2023 13:54:08 +0200 Subject: [PATCH 02/10] update .gitignore to allow helm directory push --- deploy/.helmignore | 1 + deploy/charts/k8s-operator-hpcr/Chart.yaml | 18 + deploy/charts/k8s-operator-hpcr/README.md | 5 + .../charts/k8s-operator-hpcr/crds/bundle.yaml | 418 ++++++++++++++++++ .../k8s-operator-hpcr/templates/_helpers.tpl | 63 +++ .../templates/deployment.yaml | 54 +++ .../k8s-operator-hpcr/templates/service.yaml | 16 + .../templates/serviceaccount.yaml | 13 + deploy/charts/k8s-operator-hpcr/values.yaml | 64 +++ 9 files changed, 652 insertions(+) create mode 100644 deploy/charts/k8s-operator-hpcr/Chart.yaml create mode 100644 deploy/charts/k8s-operator-hpcr/README.md create mode 100644 deploy/charts/k8s-operator-hpcr/crds/bundle.yaml create mode 100644 deploy/charts/k8s-operator-hpcr/templates/_helpers.tpl create mode 100644 deploy/charts/k8s-operator-hpcr/templates/deployment.yaml create mode 100644 deploy/charts/k8s-operator-hpcr/templates/service.yaml create mode 100644 deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml create mode 100644 deploy/charts/k8s-operator-hpcr/values.yaml diff --git a/deploy/.helmignore b/deploy/.helmignore index 0e8a0eb3..96a2c56e 100644 --- a/deploy/.helmignore +++ b/deploy/.helmignore @@ -10,6 +10,7 @@ .hg/ .hgignore .svn/ +.helmignore # Common backup files *.swp *.bak diff --git a/deploy/charts/k8s-operator-hpcr/Chart.yaml b/deploy/charts/k8s-operator-hpcr/Chart.yaml new file mode 100644 index 00000000..0b9e3f64 --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/Chart.yaml @@ -0,0 +1,18 @@ +apiVersion: v2 +name: k8s-operator-hpcr +description: A Kubernetes operator for managing VPC and onprem HPCR images +type: application + +version: 0.1.0 +appVersion: "1.16.0" +kubeVersion: ">= 1.19.0-0" +keywords: + - kubernetes-hpcr + - hpcr + - onprem + - vpc +home: https://github.com/ibm-hyper-protect/k8s-operator-hpcr + +maintainers: + - name: Carsten Leue + email: test@gmail.com diff --git a/deploy/charts/k8s-operator-hpcr/README.md b/deploy/charts/k8s-operator-hpcr/README.md new file mode 100644 index 00000000..81a0eec5 --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/README.md @@ -0,0 +1,5 @@ +# Hyper Protect Virtual Servers Kubernetes Operator + +To deploy the operator via helm: +Set `$NAMESPACE` in your terminal +`helm install helm-hpcr-deployment charts/k8s-operator-hpcr --namespace=$NAMESPACE --create-namespace` \ No newline at end of file diff --git a/deploy/charts/k8s-operator-hpcr/crds/bundle.yaml b/deploy/charts/k8s-operator-hpcr/crds/bundle.yaml new file mode 100644 index 00000000..74d03a28 --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/crds/bundle.yaml @@ -0,0 +1,418 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: vpc-hpcrs.hpse.ibm.com +spec: + group: hpse.ibm.com + names: + kind: HyperProtectContainerRuntimeVPC + plural: vpc-hpcrs + singular: vpc-hpcr + scope: Namespaced + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + contract: + type: string + subnetID: + type: string + profileName: + type: string + selector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + targetSelector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + status: + type: object + properties: + status: + type: integer + description: + type: string + metadata: + type: object + additionalProperties: true + additionalProperties: true + required: + - spec +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: onprem-hpcrs.hpse.ibm.com +spec: + group: hpse.ibm.com + names: + kind: HyperProtectContainerRuntimeOnPrem + plural: onprem-hpcrs + singular: onprem-hpcr + scope: Namespaced + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + contract: + type: string + imageURL: + type: string + storagePool: + type: string + selector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + targetSelector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + diskSelector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + networkSelector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + status: + type: object + properties: + status: + type: integer + description: + type: string + metadata: + type: object + additionalProperties: true + additionalProperties: true + required: + - spec +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: onprem-datadisks.hpse.ibm.com +spec: + group: hpse.ibm.com + names: + kind: HyperProtectContainerRuntimeOnPremDataDisk + plural: onprem-datadisks + singular: onprem-datadisk + scope: Namespaced + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + size: + type: integer + storagePool: + type: string + selector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + targetSelector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + status: + type: object + properties: + status: + type: integer + description: + type: string + metadata: + type: object + additionalProperties: true + additionalProperties: true + required: + - spec +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: onprem-datadiskrefs.hpse.ibm.com +spec: + group: hpse.ibm.com + names: + kind: HyperProtectContainerRuntimeOnPremDataDiskRef + plural: onprem-datadiskrefs + singular: onprem-datadiskref + scope: Namespaced + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + volumeName: + type: string + storagePool: + type: string + targetSelector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + required: + - volumeName + - targetSelector + status: + type: object + properties: + status: + type: integer + description: + type: string + metadata: + type: object + additionalProperties: true + additionalProperties: true + required: + - spec +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: onprem-networkrefs.hpse.ibm.com +spec: + group: hpse.ibm.com + names: + kind: HyperProtectContainerRuntimeOnPremNetworkRef + plural: onprem-networkrefs + singular: onprem-networkref + scope: Namespaced + versions: + - name: v1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + networkName: + type: string + targetSelector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + type: string + value: + type: array + items: + type: string + required: + - networkName + - targetSelector + status: + type: object + properties: + status: + type: integer + description: + type: string + metadata: + type: object + additionalProperties: true + additionalProperties: true + required: + - spec diff --git a/deploy/charts/k8s-operator-hpcr/templates/_helpers.tpl b/deploy/charts/k8s-operator-hpcr/templates/_helpers.tpl new file mode 100644 index 00000000..6d1c007a --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/templates/_helpers.tpl @@ -0,0 +1,63 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "k8s-operator-hpcr.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "k8s-operator-hpcr.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "k8s-operator-hpcr.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "k8s-operator-hpcr.labels" -}} +helm.sh/chart: {{ include "k8s-operator-hpcr.chart" . }} +{{ include "k8s-operator-hpcr.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "k8s-operator-hpcr.selectorLabels" -}} +app.kubernetes.io/name: {{ include "k8s-operator-hpcr.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app: {{ include "k8s-operator-hpcr.name" . }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "k8s-operator-hpcr.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "k8s-operator-hpcr.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml b/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml new file mode 100644 index 00000000..531d7bad --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml @@ -0,0 +1,54 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "k8s-operator-hpcr.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "k8s-operator-hpcr.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "k8s-operator-hpcr.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "k8s-operator-hpcr.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "k8s-operator-hpcr.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/deploy/charts/k8s-operator-hpcr/templates/service.yaml b/deploy/charts/k8s-operator-hpcr/templates/service.yaml new file mode 100644 index 00000000..ac090f2f --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/templates/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "k8s-operator-hpcr.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "k8s-operator-hpcr.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "k8s-operator-hpcr.selectorLabels" . | nindent 4 }} diff --git a/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml b/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml new file mode 100644 index 00000000..3ee713c7 --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "k8s-operator-hpcr.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "k8s-operator-hpcr.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/deploy/charts/k8s-operator-hpcr/values.yaml b/deploy/charts/k8s-operator-hpcr/values.yaml new file mode 100644 index 00000000..cebb6643 --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/values.yaml @@ -0,0 +1,64 @@ +# Default values for k8s-operator-hpcr. + +replicaCount: 1 + +image: + repository: ghcr.io/ibm-hyper-protect/k8s-operator-hpcr + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + tag: latest + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 8080 + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + memory: 512Mi + cpu: "1" + requests: + memory: 256Mi + cpu: "0.2" + +autoscaling: {} + # enabled: false + # minReplicas: 1 + # maxReplicas: 100 + # targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} From 80db6a1c360e390383e03044f233f5a2c2a0ce73 Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Wed, 5 Jul 2023 23:48:30 +0200 Subject: [PATCH 03/10] restructure to install via helm --- .gitignore | 1 - README.md | 4 +- deploy/README.md | 50 +++++++++ .../templates/deployment.yaml | 26 +---- .../templates/meta_composite_controller.yaml | 102 ++++++++++++++++++ .../k8s-operator-hpcr/templates/service.yaml | 2 +- .../templates/serviceaccount.yaml | 2 +- deploy/charts/k8s-operator-hpcr/values.yaml | 41 +------ deploy/manifests/Makefile | 3 + deploy/manifests/README.md | 14 +++ deploy/manifests/helm-values.yaml | 10 ++ 11 files changed, 184 insertions(+), 71 deletions(-) create mode 100644 deploy/README.md create mode 100644 deploy/charts/k8s-operator-hpcr/templates/meta_composite_controller.yaml create mode 100644 deploy/manifests/Makefile create mode 100644 deploy/manifests/README.md create mode 100644 deploy/manifests/helm-values.yaml diff --git a/.gitignore b/.gitignore index bd4986e9..34e4d8e7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,5 @@ build k8s-operator-hpcr.exe -k8s-operator-hpcr .env samples/apikey.yaml main.exe diff --git a/README.md b/README.md index dc9d5b57..42dda3ee 100644 --- a/README.md +++ b/README.md @@ -30,9 +30,7 @@ You need a Kubernetes cluster with Internet connectivity. ### 2. Install the Hyper Protect Virtual Servers Kubernetes Operator -```bash -kubectl apply -k https://github.com/ibm-hyper-protect/k8s-operator-hpcr/manifests -``` +The `deploy` directory contains installation information. ### 3. Verify your installation by checking for the existence of the custom resources diff --git a/deploy/README.md b/deploy/README.md new file mode 100644 index 00000000..d1f9c72e --- /dev/null +++ b/deploy/README.md @@ -0,0 +1,50 @@ +## Installing the Controller + +You need a Kubernetes cluster with Internet connectivity. + +### 1. Install [Metacontroller](https://metacontroller.github.io/metacontroller/guide/install.html): + + ```bash + kubectl apply -k https://github.com/metacontroller/metacontroller/manifests/production + ``` + +### 2. Install the Hyper Protect Virtual Servers Kubernetes Operator + Generate the manifest files from the manifest diecrtory + + ```bash + kubectl apply https://github.com/ibm-hyper-protect/k8s-operator-hpcr/deploy/manifests + ``` + +### 3. Verify your installation by checking for the existence of the custom resources + +```bash +kubectl get crds + +NAME CREATED AT +compositecontrollers.metacontroller.k8s.io 2023-03-15T21:32:11Z +controllerrevisions.metacontroller.k8s.io 2023-03-15T21:32:11Z +decoratorcontrollers.metacontroller.k8s.io 2023-03-15T21:32:11Z +onprem-hpcrs.hpse.ibm.com 2023-03-17T12:44:30Z +vpc-hpcrs.hpse.ibm.com 2023-03-17T12:44:30Z +``` + +```bash +kubectl get compositecontrollers + +NAME AGE +k8s-operator-hpcr-onprem 5m37s +k8s-operator-hpcr-vpc 5m37s +``` + +```bash +kubectl get deployments + +NAME READY UP-TO-DATE AVAILABLE AGE +k8s-operator-hpcr 1/1 1 1 6m35s +``` + +### Show Logs + +```bash +kubectl logs -l app=k8s-operator-hpcr +``` diff --git a/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml b/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml index 531d7bad..890942de 100644 --- a/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml +++ b/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml @@ -2,36 +2,24 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "k8s-operator-hpcr.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "k8s-operator-hpcr.labels" . | nindent 4 }} spec: - {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} - {{- end }} selector: matchLabels: {{- include "k8s-operator-hpcr.selectorLabels" . | nindent 6 }} template: metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} labels: {{- include "k8s-operator-hpcr.selectorLabels" . | nindent 8 }} spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} serviceAccountName: {{ include "k8s-operator-hpcr.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: @@ -40,15 +28,3 @@ spec: protocol: TCP resources: {{- toYaml .Values.resources | nindent 12 }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/deploy/charts/k8s-operator-hpcr/templates/meta_composite_controller.yaml b/deploy/charts/k8s-operator-hpcr/templates/meta_composite_controller.yaml new file mode 100644 index 00000000..4581fee0 --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/templates/meta_composite_controller.yaml @@ -0,0 +1,102 @@ +--- +{{- $serviceBaseUrl := "http://k8s-operator-hpcr" -}} +{{- $servicePort := "8080" -}} + +apiVersion: metacontroller.k8s.io/v1alpha1 +kind: CompositeController +metadata: + name: k8s-operator-hpcr-vpc +spec: + generateSelector: true + parentResource: + apiVersion: hpse.ibm.com/v1 + resource: vpc-hpcrs + resyncPeriodSeconds: 60 + hooks: + sync: + webhook: + url: {{ printf "%s.%s:%s/vpc/sync" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} + finalize: + webhook: + url: {{ printf "%s.%s:%s/vpc/finalize" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} + customize: + webhook: + url: {{ printf "%s.%s:%s/vpc/customize" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} +--- +apiVersion: metacontroller.k8s.io/v1alpha1 +kind: CompositeController +metadata: + name: k8s-operator-hpcr-onprem +spec: + generateSelector: true + parentResource: + apiVersion: hpse.ibm.com/v1 + resource: onprem-hpcrs + resyncPeriodSeconds: 60 + hooks: + sync: + webhook: + url: {{ printf "%s.%s:%s/onprem/sync" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} + finalize: + webhook: + url: {{ printf "%s.%s:%s/onprem/finalize" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} + customize: + webhook: + url: {{ printf "%s.%s:%s/onprem/customize" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} +--- +apiVersion: metacontroller.k8s.io/v1alpha1 +kind: CompositeController +metadata: + name: k8s-operator-hpcr-datadisk +spec: + generateSelector: true + parentResource: + apiVersion: hpse.ibm.com/v1 + resource: onprem-datadisks + resyncPeriodSeconds: 120 + hooks: + sync: + webhook: + url: {{ printf "%s.%s:%s/datadisk/sync" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} + finalize: + webhook: + url: {{ printf "%s.%s:%s/datadisk/finalize" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} + customize: + webhook: + url: {{ printf "%s.%s:%s/datadisk/customize" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} +--- +apiVersion: metacontroller.k8s.io/v1alpha1 +kind: CompositeController +metadata: + name: k8s-operator-hpcr-datadiskref +spec: + generateSelector: true + parentResource: + apiVersion: hpse.ibm.com/v1 + resource: onprem-datadiskrefs + resyncPeriodSeconds: 120 + hooks: + sync: + webhook: + url: {{ printf "%s.%s:%s/datadiskref/sync" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} + customize: + webhook: + url: {{ printf "%s.%s:%s/datadiskref/customize" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} +--- +apiVersion: metacontroller.k8s.io/v1alpha1 +kind: CompositeController +metadata: + name: k8s-operator-hpcr-networkref +spec: + generateSelector: true + parentResource: + apiVersion: hpse.ibm.com/v1 + resource: onprem-networkrefs + resyncPeriodSeconds: 120 + hooks: + sync: + webhook: + url: {{ printf "%s.%s:%s/networkref/sync" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} + customize: + webhook: + url: {{ printf "%s.%s:%s/networkref/customize" $serviceBaseUrl (.Values.namespace | default .Release.Namespace) $servicePort }} diff --git a/deploy/charts/k8s-operator-hpcr/templates/service.yaml b/deploy/charts/k8s-operator-hpcr/templates/service.yaml index ac090f2f..76efd523 100644 --- a/deploy/charts/k8s-operator-hpcr/templates/service.yaml +++ b/deploy/charts/k8s-operator-hpcr/templates/service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "k8s-operator-hpcr.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "k8s-operator-hpcr.labels" . | nindent 4 }} spec: diff --git a/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml b/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml index 3ee713c7..503d269f 100644 --- a/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml +++ b/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "k8s-operator-hpcr.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "k8s-operator-hpcr.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} diff --git a/deploy/charts/k8s-operator-hpcr/values.yaml b/deploy/charts/k8s-operator-hpcr/values.yaml index cebb6643..78e00c50 100644 --- a/deploy/charts/k8s-operator-hpcr/values.yaml +++ b/deploy/charts/k8s-operator-hpcr/values.yaml @@ -8,57 +8,18 @@ image: # Overrides the image tag whose default is the chart appVersion. tag: latest -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - serviceAccount: - # Specifies whether a service account should be created create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 + name: k8s-operator-hpcr service: type: ClusterIP port: 8080 resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: memory: 512Mi cpu: "1" requests: memory: 256Mi cpu: "0.2" - -autoscaling: {} - # enabled: false - # minReplicas: 1 - # maxReplicas: 100 - # targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/deploy/manifests/Makefile b/deploy/manifests/Makefile new file mode 100644 index 00000000..117a160f --- /dev/null +++ b/deploy/manifests/Makefile @@ -0,0 +1,3 @@ +.PHONY: manifests +manifests: + helm install k8s-operator-hpcr-deployment ../charts/k8s-operator-hpcr -f helm-values.yaml --create-namespace --dry-run diff --git a/deploy/manifests/README.md b/deploy/manifests/README.md new file mode 100644 index 00000000..a3e0e409 --- /dev/null +++ b/deploy/manifests/README.md @@ -0,0 +1,14 @@ +# Deployment files + +The static deployment manifests would be generated from the helm chart and bundled as part of a release on github. + +## Generate my own Manifest files +You can generate your own static deployment manifests on your local workstation, using helm and make. +```bash +make manifests +``` + +### 2. To install on your cluster +```bash +kubectl apply -k https://github.com/ibm-hyper-protect/k8s-operator-hpcr/manifests +``` \ No newline at end of file diff --git a/deploy/manifests/helm-values.yaml b/deploy/manifests/helm-values.yaml new file mode 100644 index 00000000..e0fdab0a --- /dev/null +++ b/deploy/manifests/helm-values.yaml @@ -0,0 +1,10 @@ +fullnameOverride: k8s-operator-hpcr +namespace: k8s-operator-hpcr222 + +resources: + limits: + memory: 512Mi + cpu: "1" + requests: + memory: 256Mi + cpu: "0.2" \ No newline at end of file From e2ccb78ec6d822d88350afbeb9593eda89305145 Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Thu, 6 Jul 2023 16:36:45 +0200 Subject: [PATCH 04/10] update readme for deployment --- deploy/{manifests => }/Makefile | 0 deploy/README.md | 45 ++- deploy/{manifests => }/helm-values.yaml | 0 deploy/manifests/README.md | 14 - manifests/controller.yaml | 99 ------ manifests/crd.yaml | 418 ------------------------ manifests/kustomization.yaml | 4 - manifests/webhook.yaml | 37 --- 8 files changed, 31 insertions(+), 586 deletions(-) rename deploy/{manifests => }/Makefile (100%) rename deploy/{manifests => }/helm-values.yaml (100%) delete mode 100644 deploy/manifests/README.md delete mode 100644 manifests/controller.yaml delete mode 100644 manifests/crd.yaml delete mode 100644 manifests/kustomization.yaml delete mode 100644 manifests/webhook.yaml diff --git a/deploy/manifests/Makefile b/deploy/Makefile similarity index 100% rename from deploy/manifests/Makefile rename to deploy/Makefile diff --git a/deploy/README.md b/deploy/README.md index d1f9c72e..3aa2abeb 100644 --- a/deploy/README.md +++ b/deploy/README.md @@ -1,21 +1,30 @@ -## Installing the Controller +# Installing the Controller You need a Kubernetes cluster with Internet connectivity. -### 1. Install [Metacontroller](https://metacontroller.github.io/metacontroller/guide/install.html): +## 1. Install [Metacontroller](https://metacontroller.github.io/metacontroller/guide/install.html): ```bash kubectl apply -k https://github.com/metacontroller/metacontroller/manifests/production ``` -### 2. Install the Hyper Protect Virtual Servers Kubernetes Operator - Generate the manifest files from the manifest diecrtory - - ```bash - kubectl apply https://github.com/ibm-hyper-protect/k8s-operator-hpcr/deploy/manifests - ``` +## 2. Install the Hyper Protect Virtual Servers Kubernetes Operator +The operator is installed via its helm chart. +To install the chart with the release name `k8s-hpcr-operator`: + ``` bash + helm repo add k8s-hpcr-operator https://github.io/ibm-hyper-protect/k8s-operator-hpcr/deploy/charts/k8s-hpcr-operator + helm install k8s-hpcr-operator k8s-hpcr-operator/k8s-hpcr-operator + ``` + +### Generate my own Manifest files +The static deployment manifests would be generated from the helm chart and bundled as part of a release on github. +You can generate your own static deployment manifests on your local workstation, using helm and make. +Teh default deployment values can be overwrtitten by customizing the `helm-values.yaml` file. + ```bash + make manifests + ``` -### 3. Verify your installation by checking for the existence of the custom resources +## 3. Verify your installation by checking for the existence of the custom resources ```bash kubectl get crds @@ -37,14 +46,22 @@ k8s-operator-hpcr-vpc 5m37s ``` ```bash -kubectl get deployments +kubectl get deployments -n k8s-hpcr-operator NAME READY UP-TO-DATE AVAILABLE AGE k8s-operator-hpcr 1/1 1 1 6m35s ``` -### Show Logs +## Show Logs -```bash -kubectl logs -l app=k8s-operator-hpcr -``` + ```bash + kubectl logs -l app=k8s-operator-hpcr -n k8s-hpcr-operator + ``` + + +## 4. Uninstalling the Chart +To uninstall the k8s-operator-hpcr deployment via helm: + ```bash + helm uninstall k8s-operator-hpcr + ``` +The command removes all the Kubernetes components associated with the chart and deletes the helm release. \ No newline at end of file diff --git a/deploy/manifests/helm-values.yaml b/deploy/helm-values.yaml similarity index 100% rename from deploy/manifests/helm-values.yaml rename to deploy/helm-values.yaml diff --git a/deploy/manifests/README.md b/deploy/manifests/README.md deleted file mode 100644 index a3e0e409..00000000 --- a/deploy/manifests/README.md +++ /dev/null @@ -1,14 +0,0 @@ -# Deployment files - -The static deployment manifests would be generated from the helm chart and bundled as part of a release on github. - -## Generate my own Manifest files -You can generate your own static deployment manifests on your local workstation, using helm and make. -```bash -make manifests -``` - -### 2. To install on your cluster -```bash -kubectl apply -k https://github.com/ibm-hyper-protect/k8s-operator-hpcr/manifests -``` \ No newline at end of file diff --git a/manifests/controller.yaml b/manifests/controller.yaml deleted file mode 100644 index 06889789..00000000 --- a/manifests/controller.yaml +++ /dev/null @@ -1,99 +0,0 @@ ---- -apiVersion: metacontroller.k8s.io/v1alpha1 -kind: CompositeController -metadata: - name: k8s-operator-hpcr-vpc -spec: - generateSelector: true - parentResource: - apiVersion: hpse.ibm.com/v1 - resource: vpc-hpcrs - resyncPeriodSeconds: 60 - hooks: - sync: - webhook: - url: http://k8s-operator-hpcr.default:8080/vpc/sync - finalize: - webhook: - url: http://k8s-operator-hpcr.default:8080/vpc/finalize - customize: - webhook: - url: http://k8s-operator-hpcr.default:8080/vpc/customize ---- -apiVersion: metacontroller.k8s.io/v1alpha1 -kind: CompositeController -metadata: - name: k8s-operator-hpcr-onprem -spec: - generateSelector: true - parentResource: - apiVersion: hpse.ibm.com/v1 - resource: onprem-hpcrs - resyncPeriodSeconds: 60 - hooks: - sync: - webhook: - url: http://k8s-operator-hpcr.default:8080/onprem/sync - finalize: - webhook: - url: http://k8s-operator-hpcr.default:8080/onprem/finalize - customize: - webhook: - url: http://k8s-operator-hpcr.default:8080/onprem/customize ---- -apiVersion: metacontroller.k8s.io/v1alpha1 -kind: CompositeController -metadata: - name: k8s-operator-hpcr-datadisk -spec: - generateSelector: true - parentResource: - apiVersion: hpse.ibm.com/v1 - resource: onprem-datadisks - resyncPeriodSeconds: 120 - hooks: - sync: - webhook: - url: http://k8s-operator-hpcr.default:8080/datadisk/sync - finalize: - webhook: - url: http://k8s-operator-hpcr.default:8080/datadisk/finalize - customize: - webhook: - url: http://k8s-operator-hpcr.default:8080/datadisk/customize ---- -apiVersion: metacontroller.k8s.io/v1alpha1 -kind: CompositeController -metadata: - name: k8s-operator-hpcr-datadiskref -spec: - generateSelector: true - parentResource: - apiVersion: hpse.ibm.com/v1 - resource: onprem-datadiskrefs - resyncPeriodSeconds: 120 - hooks: - sync: - webhook: - url: http://k8s-operator-hpcr.default:8080/datadiskref/sync - customize: - webhook: - url: http://k8s-operator-hpcr.default:8080/datadiskref/customize ---- -apiVersion: metacontroller.k8s.io/v1alpha1 -kind: CompositeController -metadata: - name: k8s-operator-hpcr-networkref -spec: - generateSelector: true - parentResource: - apiVersion: hpse.ibm.com/v1 - resource: onprem-networkrefs - resyncPeriodSeconds: 120 - hooks: - sync: - webhook: - url: http://k8s-operator-hpcr.default:8080/networkref/sync - customize: - webhook: - url: http://k8s-operator-hpcr.default:8080/networkref/customize diff --git a/manifests/crd.yaml b/manifests/crd.yaml deleted file mode 100644 index 74d03a28..00000000 --- a/manifests/crd.yaml +++ /dev/null @@ -1,418 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: vpc-hpcrs.hpse.ibm.com -spec: - group: hpse.ibm.com - names: - kind: HyperProtectContainerRuntimeVPC - plural: vpc-hpcrs - singular: vpc-hpcr - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - contract: - type: string - subnetID: - type: string - profileName: - type: string - selector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - targetSelector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - status: - type: object - properties: - status: - type: integer - description: - type: string - metadata: - type: object - additionalProperties: true - additionalProperties: true - required: - - spec ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: onprem-hpcrs.hpse.ibm.com -spec: - group: hpse.ibm.com - names: - kind: HyperProtectContainerRuntimeOnPrem - plural: onprem-hpcrs - singular: onprem-hpcr - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - contract: - type: string - imageURL: - type: string - storagePool: - type: string - selector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - targetSelector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - diskSelector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - networkSelector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - status: - type: object - properties: - status: - type: integer - description: - type: string - metadata: - type: object - additionalProperties: true - additionalProperties: true - required: - - spec ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: onprem-datadisks.hpse.ibm.com -spec: - group: hpse.ibm.com - names: - kind: HyperProtectContainerRuntimeOnPremDataDisk - plural: onprem-datadisks - singular: onprem-datadisk - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - size: - type: integer - storagePool: - type: string - selector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - targetSelector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - status: - type: object - properties: - status: - type: integer - description: - type: string - metadata: - type: object - additionalProperties: true - additionalProperties: true - required: - - spec ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: onprem-datadiskrefs.hpse.ibm.com -spec: - group: hpse.ibm.com - names: - kind: HyperProtectContainerRuntimeOnPremDataDiskRef - plural: onprem-datadiskrefs - singular: onprem-datadiskref - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - volumeName: - type: string - storagePool: - type: string - targetSelector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - required: - - volumeName - - targetSelector - status: - type: object - properties: - status: - type: integer - description: - type: string - metadata: - type: object - additionalProperties: true - additionalProperties: true - required: - - spec ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: onprem-networkrefs.hpse.ibm.com -spec: - group: hpse.ibm.com - names: - kind: HyperProtectContainerRuntimeOnPremNetworkRef - plural: onprem-networkrefs - singular: onprem-networkref - scope: Namespaced - versions: - - name: v1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - networkName: - type: string - targetSelector: - type: object - properties: - matchLabels: - type: object - additionalProperties: - type: string - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - type: string - value: - type: array - items: - type: string - required: - - networkName - - targetSelector - status: - type: object - properties: - status: - type: integer - description: - type: string - metadata: - type: object - additionalProperties: true - additionalProperties: true - required: - - spec diff --git a/manifests/kustomization.yaml b/manifests/kustomization.yaml deleted file mode 100644 index 44681296..00000000 --- a/manifests/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -resources: -- controller.yaml -- crd.yaml -- webhook.yaml \ No newline at end of file diff --git a/manifests/webhook.yaml b/manifests/webhook.yaml deleted file mode 100644 index b4b31e34..00000000 --- a/manifests/webhook.yaml +++ /dev/null @@ -1,37 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: k8s-operator-hpcr - labels: - hpcr: pod -spec: - replicas: 1 - selector: - matchLabels: - app: k8s-operator-hpcr - template: - metadata: - labels: - app: k8s-operator-hpcr - spec: - containers: - - name: controller - image: ghcr.io/ibm-hyper-protect/k8s-operator-hpcr:latest - resources: - limits: - memory: 512Mi - cpu: "1" - requests: - memory: 256Mi - cpu: "0.2" ---- -apiVersion: v1 -kind: Service -metadata: - name: k8s-operator-hpcr -spec: - selector: - app: k8s-operator-hpcr - ports: - - port: 8080 \ No newline at end of file From 2a8bbc01cba0829435fcd83709361ab42609ce71 Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Thu, 6 Jul 2023 18:36:57 +0200 Subject: [PATCH 05/10] update installation readme --- README.md | 48 ++---------------------------------------------- deploy/README.md | 10 ++++++---- 2 files changed, 8 insertions(+), 50 deletions(-) diff --git a/README.md b/README.md index 42dda3ee..630be19a 100644 --- a/README.md +++ b/README.md @@ -18,50 +18,6 @@ To get started, see [how to setup the controller in your cluster](#installing-th - all disks for the onprem case are created on the same storage pool - IBM Hyper Protect Virtual Servers v1 and IBM Cloud® Hyper Protect Virtual Servers v1 are not supported. -## Installing the Controller +## Installation & Deployment -You need a Kubernetes cluster with Internet connectivity. - -### 1. Install [Metacontroller](https://metacontroller.github.io/metacontroller/guide/install.html): - - ```bash - kubectl apply -k https://github.com/metacontroller/metacontroller/manifests/production - ``` - -### 2. Install the Hyper Protect Virtual Servers Kubernetes Operator - -The `deploy` directory contains installation information. - -### 3. Verify your installation by checking for the existence of the custom resources - -```bash -kubectl get crds - -NAME CREATED AT -compositecontrollers.metacontroller.k8s.io 2023-03-15T21:32:11Z -controllerrevisions.metacontroller.k8s.io 2023-03-15T21:32:11Z -decoratorcontrollers.metacontroller.k8s.io 2023-03-15T21:32:11Z -onprem-hpcrs.hpse.ibm.com 2023-03-17T12:44:30Z -vpc-hpcrs.hpse.ibm.com 2023-03-17T12:44:30Z -``` - -```bash -kubectl get compositecontrollers - -NAME AGE -k8s-operator-hpcr-onprem 5m37s -k8s-operator-hpcr-vpc 5m37s -``` - -```bash -kubectl get deployments - -NAME READY UP-TO-DATE AVAILABLE AGE -k8s-operator-hpcr 1/1 1 1 6m35s -``` - -### Show Logs - -```bash -kubectl logs -l app=k8s-operator-hpcr -``` +Follow the instructions in the [deploy](https://github.com/ibm-hyper-protect/k8s-operator-hpcr/deploy) directory to install the operator on your cluster. \ No newline at end of file diff --git a/deploy/README.md b/deploy/README.md index 3aa2abeb..f7ccc15c 100644 --- a/deploy/README.md +++ b/deploy/README.md @@ -10,16 +10,19 @@ You need a Kubernetes cluster with Internet connectivity. ## 2. Install the Hyper Protect Virtual Servers Kubernetes Operator The operator is installed via its helm chart. -To install the chart with the release name `k8s-hpcr-operator`: +Add the operator's helm chart to your local helm repository list as `k8s-hpcr-operator`. ``` bash helm repo add k8s-hpcr-operator https://github.io/ibm-hyper-protect/k8s-operator-hpcr/deploy/charts/k8s-hpcr-operator + ``` +Install the chart with the release name `k8s-hpcr-operator`: + ``` bash helm install k8s-hpcr-operator k8s-hpcr-operator/k8s-hpcr-operator ``` ### Generate my own Manifest files The static deployment manifests would be generated from the helm chart and bundled as part of a release on github. -You can generate your own static deployment manifests on your local workstation, using helm and make. -Teh default deployment values can be overwrtitten by customizing the `helm-values.yaml` file. +You can also generate your own static deployment manifests on your local workstation, using helm and make. +The default deployment values can be overwrtitten by customizing the `helm-values.yaml` file. ```bash make manifests ``` @@ -58,7 +61,6 @@ k8s-operator-hpcr 1/1 1 1 6m35s kubectl logs -l app=k8s-operator-hpcr -n k8s-hpcr-operator ``` - ## 4. Uninstalling the Chart To uninstall the k8s-operator-hpcr deployment via helm: ```bash From 1c41320336385973356ea8d72406c41c9892ec31 Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Thu, 6 Jul 2023 18:45:06 +0200 Subject: [PATCH 06/10] update helm chart url --- deploy/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/README.md b/deploy/README.md index f7ccc15c..83961062 100644 --- a/deploy/README.md +++ b/deploy/README.md @@ -12,7 +12,7 @@ You need a Kubernetes cluster with Internet connectivity. The operator is installed via its helm chart. Add the operator's helm chart to your local helm repository list as `k8s-hpcr-operator`. ``` bash - helm repo add k8s-hpcr-operator https://github.io/ibm-hyper-protect/k8s-operator-hpcr/deploy/charts/k8s-hpcr-operator + helm repo add k8s-hpcr-operator https://charts.k8s-hpcr-operator.io ``` Install the chart with the release name `k8s-hpcr-operator`: ``` bash From 4cb068184bd9e81e3c25b7f3a360d601ec8382d4 Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Thu, 6 Jul 2023 19:03:09 +0200 Subject: [PATCH 07/10] update helm chart readme for display on Artifacthub --- deploy/charts/k8s-operator-hpcr/README.md | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/deploy/charts/k8s-operator-hpcr/README.md b/deploy/charts/k8s-operator-hpcr/README.md index 81a0eec5..3b10bba2 100644 --- a/deploy/charts/k8s-operator-hpcr/README.md +++ b/deploy/charts/k8s-operator-hpcr/README.md @@ -1,5 +1,19 @@ # Hyper Protect Virtual Servers Kubernetes Operator -To deploy the operator via helm: -Set `$NAMESPACE` in your terminal -`helm install helm-hpcr-deployment charts/k8s-operator-hpcr --namespace=$NAMESPACE --create-namespace` \ No newline at end of file +## Installing the chart + +To add the operator's helm chart to your local helm repository list as `k8s-hpcr-operator`. + ``` bash + helm repo add k8s-hpcr-operator https://charts.k8s-hpcr-operator.io + ``` +Install the chart with the release name `k8s-hpcr-operator`: + ``` bash + helm install k8s-hpcr-operator k8s-hpcr-operator/k8s-hpcr-operator + ``` + +## 4. Uninstalling the Chart +To uninstall `k8s-operator-hpcr` deployment: + ```bash + helm uninstall k8s-operator-hpcr + ``` +The command removes all the Kubernetes components associated with the chart and deletes the helm release. \ No newline at end of file From dd9571a3087e3be3c95004b0ff0fd19f5dabe4d2 Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Thu, 6 Jul 2023 21:14:01 +0200 Subject: [PATCH 08/10] add index.yaml to enable pushing to artifacthub.io --- deploy/charts/k8s-operator-hpcr/index.yaml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 deploy/charts/k8s-operator-hpcr/index.yaml diff --git a/deploy/charts/k8s-operator-hpcr/index.yaml b/deploy/charts/k8s-operator-hpcr/index.yaml new file mode 100644 index 00000000..b68f5672 --- /dev/null +++ b/deploy/charts/k8s-operator-hpcr/index.yaml @@ -0,0 +1,3 @@ +apiVersion: v1 +entries: {} +generated: "2023-07-06T21:13:17.517976+02:00" From eb768af64e91db6a5d515674fa9ce9cccd65f324 Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Fri, 7 Jul 2023 12:18:16 +0200 Subject: [PATCH 09/10] re-enable operator installation via kustomize --- deploy/Makefile | 6 +++++- deploy/README.md | 16 ++++++++++------ .../k8s-operator-hpcr/templates/deployment.yaml | 1 - .../templates/serviceaccount.yaml | 13 ------------- deploy/charts/k8s-operator-hpcr/values.yaml | 4 ---- deploy/manifests/kustomization.yaml | 2 ++ 6 files changed, 17 insertions(+), 25 deletions(-) delete mode 100644 deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml create mode 100644 deploy/manifests/kustomization.yaml diff --git a/deploy/Makefile b/deploy/Makefile index 117a160f..79fe38a7 100644 --- a/deploy/Makefile +++ b/deploy/Makefile @@ -1,3 +1,7 @@ .PHONY: manifests manifests: - helm install k8s-operator-hpcr-deployment ../charts/k8s-operator-hpcr -f helm-values.yaml --create-namespace --dry-run + helm template k8s-operator-hpcr-deployment charts/k8s-operator-hpcr -f helm-values.yaml > manifests/manifests.yaml + +.PHONY: kustomize-install +kustomize-install: + kubectl apply -k manifests diff --git a/deploy/README.md b/deploy/README.md index 83961062..921761b9 100644 --- a/deploy/README.md +++ b/deploy/README.md @@ -10,13 +10,13 @@ You need a Kubernetes cluster with Internet connectivity. ## 2. Install the Hyper Protect Virtual Servers Kubernetes Operator The operator is installed via its helm chart. -Add the operator's helm chart to your local helm repository list as `k8s-hpcr-operator`. +Add the operator's helm chart to your local helm repository list as `k8s-operator-hpcr`. ``` bash - helm repo add k8s-hpcr-operator https://charts.k8s-hpcr-operator.io + helm repo add k8s-operator-hpcr https://charts.k8s-operator-hpcr.io ``` -Install the chart with the release name `k8s-hpcr-operator`: +Install the chart with the release name `k8s-operator-hpcr`: ``` bash - helm install k8s-hpcr-operator k8s-hpcr-operator/k8s-hpcr-operator + helm install k8s-operator-hpcr k8s-operator-hpcr/k8s-operator-hpcr ``` ### Generate my own Manifest files @@ -26,6 +26,10 @@ The default deployment values can be overwrtitten by customizing the `helm-value ```bash make manifests ``` +Then install the operator on your cluster via kubectl and kustomize. Be sure to have created the namespace for the operator's namespace on your cluster before apply the manifests: + ```bash + make kustomize-install + ``` ## 3. Verify your installation by checking for the existence of the custom resources @@ -49,7 +53,7 @@ k8s-operator-hpcr-vpc 5m37s ``` ```bash -kubectl get deployments -n k8s-hpcr-operator +kubectl get deployments -n k8s-operator-hpcr NAME READY UP-TO-DATE AVAILABLE AGE k8s-operator-hpcr 1/1 1 1 6m35s @@ -58,7 +62,7 @@ k8s-operator-hpcr 1/1 1 1 6m35s ## Show Logs ```bash - kubectl logs -l app=k8s-operator-hpcr -n k8s-hpcr-operator + kubectl logs -l app=k8s-operator-hpcr -n k8s-operator-hpcr ``` ## 4. Uninstalling the Chart diff --git a/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml b/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml index 890942de..94732201 100644 --- a/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml +++ b/deploy/charts/k8s-operator-hpcr/templates/deployment.yaml @@ -15,7 +15,6 @@ spec: labels: {{- include "k8s-operator-hpcr.selectorLabels" . | nindent 8 }} spec: - serviceAccountName: {{ include "k8s-operator-hpcr.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: diff --git a/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml b/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml deleted file mode 100644 index 503d269f..00000000 --- a/deploy/charts/k8s-operator-hpcr/templates/serviceaccount.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "k8s-operator-hpcr.serviceAccountName" . }} - namespace: {{ .Values.namespace | default .Release.Namespace }} - labels: - {{- include "k8s-operator-hpcr.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/deploy/charts/k8s-operator-hpcr/values.yaml b/deploy/charts/k8s-operator-hpcr/values.yaml index 78e00c50..4b41c3c9 100644 --- a/deploy/charts/k8s-operator-hpcr/values.yaml +++ b/deploy/charts/k8s-operator-hpcr/values.yaml @@ -8,10 +8,6 @@ image: # Overrides the image tag whose default is the chart appVersion. tag: latest -serviceAccount: - create: true - name: k8s-operator-hpcr - service: type: ClusterIP port: 8080 diff --git a/deploy/manifests/kustomization.yaml b/deploy/manifests/kustomization.yaml new file mode 100644 index 00000000..5966c489 --- /dev/null +++ b/deploy/manifests/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- manifests.yaml \ No newline at end of file From cc51a85a7e2825f22e9e0db96f6be796dc4eed6b Mon Sep 17 00:00:00 2001 From: Obed Tetteh Date: Fri, 7 Jul 2023 12:34:17 +0200 Subject: [PATCH 10/10] clean up --- deploy/charts/k8s-operator-hpcr/Chart.yaml | 2 +- deploy/helm-values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/charts/k8s-operator-hpcr/Chart.yaml b/deploy/charts/k8s-operator-hpcr/Chart.yaml index 0b9e3f64..bed9ba19 100644 --- a/deploy/charts/k8s-operator-hpcr/Chart.yaml +++ b/deploy/charts/k8s-operator-hpcr/Chart.yaml @@ -4,7 +4,7 @@ description: A Kubernetes operator for managing VPC and onprem HPCR images type: application version: 0.1.0 -appVersion: "1.16.0" +appVersion: "v0.1.0" kubeVersion: ">= 1.19.0-0" keywords: - kubernetes-hpcr diff --git a/deploy/helm-values.yaml b/deploy/helm-values.yaml index e0fdab0a..91cfdc86 100644 --- a/deploy/helm-values.yaml +++ b/deploy/helm-values.yaml @@ -1,5 +1,5 @@ fullnameOverride: k8s-operator-hpcr -namespace: k8s-operator-hpcr222 +namespace: k8s-operator-hpcr resources: limits: