From bb80759d5ab67b49432405cf92fe2de6e6402db6 Mon Sep 17 00:00:00 2001 From: Tomas Nozicka Date: Thu, 9 Nov 2023 08:11:25 +0100 Subject: [PATCH 1/4] Move deploy manifest generation to deploy folder and enhance it --- Makefile | 45 ++++++++++++++------------------------------- 1 file changed, 14 insertions(+), 31 deletions(-) diff --git a/Makefile b/Makefile index 7e5aed09ff0..0ba9ec045f4 100644 --- a/Makefile +++ b/Makefile @@ -456,9 +456,12 @@ verify-helm-charts: update-deploy: tmp_dir:=$(shell mktemp -d) update-deploy: - $(call generate-operator-manifests,helm/deploy/operator.yaml,deploy/operator,$(tmp_dir)) - $(call generate-manager-manifests-prod,helm/deploy/manager_prod.yaml,deploy/manager/prod,$(tmp_dir)) - $(call generate-manager-manifests-dev,deploy/manager/dev) + $(call generate-operator-manifests,helm/deploy/operator.yaml,./deploy/operator,$(tmp_dir)) + $(call concat-manifests,$(sort $(wildcard deploy/operator/*.yaml)),./deploy/operator.yaml) + $(call generate-manager-manifests-prod,helm/deploy/manager_prod.yaml,./deploy/manager/prod,$(tmp_dir)) + $(call concat-manifests,$(sort $(wildcard ./deploy/manager/prod/*.yaml)),./deploy/manager-prod.yaml) + $(call generate-manager-manifests-dev,./deploy/manager/dev) + $(call concat-manifests,$(sort $(wildcard ./deploy/manager/dev/*.yaml)),./deploy/manager-dev.yaml) .PHONY: update-deploy verify-deploy: tmp_dir :=$(shell mktemp -d) @@ -469,42 +472,22 @@ verify-deploy: cp -r deploy/operator/. $(tmp_dir)/operator/. $(call generate-operator-manifests,helm/deploy/operator.yaml,$(tmp_dir)/operator,$(tmp_dir_generate)) $(diff) -r '$(tmp_dir)'/operator deploy/operator + $(call concat-manifests,$(sort $(wildcard ./deploy/operator/*.yaml)),'$(tmp_dir)'/operator.yaml) + $(diff) '$(tmp_dir)'/operator.yaml deploy/operator.yaml cp -r deploy/manager/prod/. $(tmp_dir)/manager/prod/. $(call generate-manager-manifests-prod,helm/deploy/manager_prod.yaml,$(tmp_dir)/manager/prod,$(tmp_dir_generate)) $(diff) -r '$(tmp_dir)'/manager/prod deploy/manager/prod + $(call concat-manifests,$(sort $(wildcard ./deploy/manager/prod/*.yaml)),'$(tmp_dir)'/manager-prod.yaml) + $(diff) '$(tmp_dir)'/manager-prod.yaml deploy/manager-prod.yaml $(call generate-manager-manifests-dev,$(tmp_dir)/manager/dev) $(diff) -r '$(tmp_dir)'/manager/dev deploy/manager/dev + $(call concat-manifests,$(sort $(wildcard ./deploy/manager/dev/*.yaml)),'$(tmp_dir)'/manager-dev.yaml) + $(diff) '$(tmp_dir)'/manager-dev.yaml deploy/manager-dev.yaml .PHONY: verify-deploy -update-examples-operator: - $(call concat-manifests,$(sort $(wildcard deploy/operator/*.yaml)),examples/common/operator.yaml) -.PHONY: update-examples-operator - -verify-example-operator: tmp_file := $(shell mktemp) -verify-example-operator: - $(call concat-manifests,$(sort $(wildcard deploy/operator/*.yaml)),$(tmp_file)) - $(diff) '$(tmp_file)' examples/common/operator.yaml || (echo 'Operator example is not up-to date. Please run `make update-examples-operator` to update it.' && false) -.PHONY: verify-example-operator - -update-examples-manager: - $(call concat-manifests,$(sort $(wildcard deploy/manager/prod/*.yaml)),examples/common/manager.yaml) -.PHONY: update-examples-manager - -verify-example-manager: tmp_file :=$(shell mktemp) -verify-example-manager: - $(call concat-manifests,$(sort $(wildcard deploy/manager/prod/*.yaml)),$(tmp_file)) - $(diff) '$(tmp_file)' examples/common/manager.yaml || (echo 'Manager example is not up-to date. Please run `make update-examples-manager` to update it.' && false) -.PHONY: verify-example-manager - -update-examples: update-examples-manager update-examples-operator -.PHONY: update-examples - -verify-examples: verify-example-manager verify-example-operator -.PHONY: verify-examples - verify-links: @set -euEo pipefail; broken_links=( $$( find . -type l ! -exec test -e {} \; -print ) ); \ if [[ -n "$${broken_links[@]}" ]]; then \ @@ -514,10 +497,10 @@ verify-links: fi; .PHONY: verify-links -verify: verify-gofmt verify-codegen verify-crds verify-helm-schemas verify-helm-charts verify-deploy verify-examples verify-govet verify-helm-lint verify-links +verify: verify-gofmt verify-codegen verify-crds verify-helm-schemas verify-helm-charts verify-deploy verify-govet verify-helm-lint verify-links .PHONY: verify -update: update-gofmt update-codegen update-crds update-helm-schemas update-helm-charts update-deploy update-examples +update: update-gofmt update-codegen update-crds update-helm-schemas update-helm-charts update-deploy .PHONY: update test-unit: From da84e12bc41b6097f4b86c403a8e27cb76c62a28 Mon Sep 17 00:00:00 2001 From: Tomas Nozicka Date: Thu, 9 Nov 2023 09:37:37 +0100 Subject: [PATCH 2/4] Move deploy manifest to deploy folder --- examples/common/manager.yaml => deploy/manager-prod.yaml | 0 {examples/common => deploy}/operator.yaml | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename examples/common/manager.yaml => deploy/manager-prod.yaml (100%) rename {examples/common => deploy}/operator.yaml (100%) diff --git a/examples/common/manager.yaml b/deploy/manager-prod.yaml similarity index 100% rename from examples/common/manager.yaml rename to deploy/manager-prod.yaml diff --git a/examples/common/operator.yaml b/deploy/operator.yaml similarity index 100% rename from examples/common/operator.yaml rename to deploy/operator.yaml From 3ad1ed270e7e4ed0f7eeca48392222d22a945e90 Mon Sep 17 00:00:00 2001 From: Tomas Nozicka Date: Thu, 9 Nov 2023 09:41:07 +0100 Subject: [PATCH 3/4] Update generated --- deploy/manager-dev.yaml | 306 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 306 insertions(+) create mode 100644 deploy/manager-dev.yaml diff --git a/deploy/manager-dev.yaml b/deploy/manager-dev.yaml new file mode 100644 index 00000000000..399bef8ada6 --- /dev/null +++ b/deploy/manager-dev.yaml @@ -0,0 +1,306 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: scylladb:controller:manager-controller +aggregationRule: + clusterRoleSelectors: + - matchLabels: + rbac.operator.scylladb.com/aggregate-to-scylla-manager-controller: "true" + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: scylladb:controller:aggregate-to-manager-controller + labels: + rbac.operator.scylladb.com/aggregate-to-scylla-manager-controller: "true" +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - update +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list +- apiGroups: + - scylla.scylladb.com + resources: + - scyllaclusters + verbs: + - get + - list + - watch +- apiGroups: + - scylla.scylladb.com + resources: + - scyllaclusters/status + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: scylla-manager + +--- +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: scylla-manager-controller + namespace: scylla-manager +spec: + minAvailable: 1 + selector: + matchLabels: + app.kubernetes.io/name: scylla-manager-controller + app.kubernetes.io/instance: scylla-manager + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: scylla-manager-controller + namespace: scylla-manager + labels: + app.kubernetes.io/name: scylla-manager-controller + app.kubernetes.io/instance: scylla-manager + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: scylla-manager-config + namespace: scylla-manager +data: + scylla-manager.yaml: |- + http: :5080 + logger: + level: info + database: + hosts: + - scylla-manager-cluster-manager-dc-manager-rack-0 + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: scylla-manager + app.kubernetes.io/instance: scylla-manager + name: scylla-manager + namespace: scylla-manager +spec: + ports: + - name: api + port: 80 + protocol: TCP + targetPort: 5080 + - name: metrics + port: 5090 + protocol: TCP + targetPort: 5090 + selector: + app.kubernetes.io/name: scylla-manager + app.kubernetes.io/instance: scylla-manager + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: scylla-manager + namespace: scylla-manager + labels: + app.kubernetes.io/name: scylla-manager + app.kubernetes.io/instance: scylla-manager + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: scylladb:controller:manager-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: scylladb:controller:manager-controller +subjects: +- kind: ServiceAccount + name: scylla-manager-controller + namespace: scylla-manager + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: scylla-manager-controller + namespace: scylla-manager + labels: + app.kubernetes.io/name: scylla-manager-controller + app.kubernetes.io/instance: scylla-manager +spec: + replicas: 2 + selector: + matchLabels: + app.kubernetes.io/name: scylla-manager-controller + app.kubernetes.io/instance: scylla-manager + strategy: + type: RollingUpdate + template: + metadata: + labels: + app.kubernetes.io/name: scylla-manager-controller + app.kubernetes.io/instance: scylla-manager + spec: + serviceAccountName: scylla-manager-controller + containers: + - name: scylla-manager-controller + image: docker.io/scylladb/scylla-operator:latest + imagePullPolicy: IfNotPresent + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + args: + - manager-controller + - --loglevel=2 + resources: + requests: + cpu: 10m + memory: 20Mi + terminationGracePeriodSeconds: 10 + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: scylla-manager + namespace: scylla-manager + labels: + app.kubernetes.io/name: scylla-manager + app.kubernetes.io/instance: scylla-manager +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: scylla-manager + app.kubernetes.io/instance: scylla-manager + strategy: + type: RollingUpdate + template: + metadata: + labels: + app.kubernetes.io/name: scylla-manager + app.kubernetes.io/instance: scylla-manager + spec: + serviceAccountName: scylla-manager + containers: + - name: scylla-manager + image: docker.io/scylladb/scylla-manager:3.1.2 + imagePullPolicy: IfNotPresent + command: + - /usr/bin/scylla-manager + args: + - --config-file=/mnt/etc/scylla-manager/scylla-manager.yaml + resources: + requests: + cpu: 10m + memory: 20Mi + volumeMounts: + - mountPath: /mnt/etc/scylla-manager + name: scylla-manager-config + readinessProbe: + httpGet: + path: /api/v1/clusters + port: 5080 + periodSeconds: 10 + timeoutSeconds: 3 + volumes: + - configMap: + name: scylla-manager-config + name: scylla-manager-config + +--- +apiVersion: scylla.scylladb.com/v1 +kind: ScyllaCluster +metadata: + name: scylla-manager-cluster + namespace: scylla-manager +spec: + version: 5.2.7 + agentVersion: 3.1.2 + repository: docker.io/scylladb/scylla + agentRepository: docker.io/scylladb/scylla-manager-agent + developerMode: true + cpuset: false + datacenter: + name: manager-dc + racks: + - name: manager-rack + members: 1 + storage: + capacity: 5Gi + resources: + limits: + cpu: 200m + memory: 200Mi + requests: + cpu: 10m + memory: 100Mi + +--- From ea6cba11e697d53c39a149b87aa35b81a0cdcdf2 Mon Sep 17 00:00:00 2001 From: Tomas Nozicka Date: Thu, 9 Nov 2023 09:45:51 +0100 Subject: [PATCH 4/4] Update deploy manifest paths in docs --- docs/source/generic.md | 4 ++-- docs/source/manager.md | 6 +++--- docs/source/migration.md | 4 ++-- docs/source/upgrade.md | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/source/generic.md b/docs/source/generic.md index 42380466a93..6657ec24f2f 100644 --- a/docs/source/generic.md +++ b/docs/source/generic.md @@ -56,7 +56,7 @@ kubectl -n cert-manager rollout status deployment.apps/cert-manager-webhook Deploy the Scylla Operator using the following commands: ```console -kubectl apply -f examples/common/operator.yaml +kubectl apply -f deploy/operator.yaml ``` This will install the operator in namespace `scylla-operator`. @@ -368,7 +368,7 @@ To clean up all resources associated with this walk-through, you can run the com ```console kubectl delete -f examples/generic/cluster.yaml -kubectl delete -f examples/common/operator.yaml +kubectl delete -f deploy/operator.yaml kubectl delete -f examples/common/cert-manager.yaml ``` diff --git a/docs/source/manager.md b/docs/source/manager.md index ce39f6812a5..d98a1afd485 100644 --- a/docs/source/manager.md +++ b/docs/source/manager.md @@ -44,7 +44,7 @@ Controller also supports task updates and unscheduling. Deploy the Scylla Manager using the following commands: ```console -kubectl apply -f examples/common/manager.yaml +kubectl apply -f deploy/manager-prod.yaml ``` This will install the Scylla Manager in the `scylla-manager` namespace. @@ -211,7 +211,7 @@ To clean up all resources associated with Scylla Manager, you can run the comman **NOTE:** this will destroy your Scylla Manager database and delete all of its associated data. ```console -kubectl delete -f examples/common/manager.yaml +kubectl delete -f deploy/manager-prod.yaml ``` ## Troubleshooting @@ -255,4 +255,4 @@ Status: ``` Because Controller is infinitely retrying to schedule each defined task, once permission issues will be resolved, -task should appear in task listing and Cluster status. \ No newline at end of file +task should appear in task listing and Cluster status. diff --git a/docs/source/migration.md b/docs/source/migration.md index cdd7a7e8522..9a846ce36d7 100644 --- a/docs/source/migration.md +++ b/docs/source/migration.md @@ -37,7 +37,7 @@ on #kubernetes channel. kubectl apply -f examples/common/cert-manager.yaml ``` If your `cert-manager` was installed in another way, follow official instructions on `cert-manager` website. -1. `examples/common/operator.yaml` file contains multiple resources. Extract **only** `CustomResourceDefinition` to separate file. +1. `deploy/operator.yaml` file contains multiple resources. Extract **only** `CustomResourceDefinition` to separate file. 1. Install v1.0.0 CRD definition from file created in the previous step: ``` kubectl apply -f examples/common/crd.yaml @@ -121,7 +121,7 @@ on #kubernetes channel. 1. Checkout `v1.0.0`, and install upgraded Scylla Operator: ``` git checkout v1.0.0 - kubectl apply -f examples/common/operator.yaml + kubectl apply -f deploy/operator.yaml ``` 1. Wait until Scylla Operator boots up: ``` diff --git a/docs/source/upgrade.md b/docs/source/upgrade.md index ab14157256b..bc458be7c3d 100644 --- a/docs/source/upgrade.md +++ b/docs/source/upgrade.md @@ -169,7 +169,7 @@ In case you need to preserve your data, refer to backup and restore guide. ``` 1. Install new CRD and Scylla Operator ``` - kubectl apply -f examples/common/operator.yaml + kubectl apply -f deploy/operator.yaml ``` 1. Migrate your existing Scylla Cluster definition. Change `apiVersion` and `kind` from: ```