Events Service
This project provides a service that gives access to events generated by the OCM services.
Building Locally
Cloning
There is nothing special about cloning the source. But it is good to have an additional directory level to put files that are specific for this project but that you don’t want to commit to the source code repository. For example, instead of cloning the source in the /projects/ocm-events-mgmt
directory clone it in /projects/ocm-events-mgmt/repository
:
$ mkdir -p /projects/ocm-events-mgmt $ cd /projects/ocm-events-mgmt $ git clone [email protected]:service/ocm-events-mgmt.git repository
You can then put files like .envrc
and my_config.yaml
(see the sections below) in /projects/ocm-events-mgmt
without worring about accidentally commiting them to repository, or accidentally removing them with make clean
or git clean
.
Installing Go
In order to make sure that you use the same version of Go that is used in the production environments it is recommended to install the binary release available in the Go downloads page. For example, to install version 1.16.8 in the same location used in the Jenkins environment, run the following commands as root:
# version=1.16.8 # curl -Lo /tmp/tarball https://golang.org/dl/go${version}.linux-amd64.tar.gz # mkdir /usr/local/go${version} # cd /usr/local/go${version} # tar --strip-components 1 -xf /tmp/tarball # rm -f /tmp/tarball
That will install the go
binary in the /usr/local/go1.16.8
directory, so you will have to explicitly add it to the PATH
environment variable:
export PATH="/usr/local/go1.16.8/bin:${PATH}"
Remember to add that to your .bashrc
file (or similar) so that it will be done for all sessions and not just the current one.
Alternatively, if you are going to be using multiple versions of Go in the same machine, it is very convenient to use the direnv tool to have different environment variables for different directories. Install the direnv
package and follow the instructions in the direnv
manual page to configure it. Then create an .envrc
file in your project directory with the following content:
export GOROOT="/usr/local/go1.16.8" PATH_add "${GOROOT}/bin"
That will automatically prepare your environment to use that specific version of Go when you enter into the project directory.
If you are using an additional directory level as suggested in cloning section, then it is also good to have a GOPATH
specific for the project, so you can have different versions of dependencies for different projects, and clean them without affecting other projects. Change your .envrc
file so that it looks like this:
export GOROOT="/usr/local/go1.16.8" export GOPATH="${PWD}/go" PATH_add "${GOROOT}/bin" PATH_add "${GOPATH}/bin"
That will put your dependencies, only for this project, in /projects/ocm-events-mgmt/go
.
The version of Go used in the Jenkins environments is currently 1.16.8, try to use that in your local environment as well.
Building
To build the project run the make
command.
To build the container image run the make image
command.
Running Locally
Running the Service
To run the server use the server
command with the same configuration file that you created to run the init
command (see the previous section):
./events-mgmt server ~/my_config.yml
To verify that the server is working use the curl
command:
$ curl http://localhost:8000/api/events_mgmt/v1/clusters | jq
That should return a 401 response like this, because it needs authentication:
{
"kind": "Error",
"id": "401",
"href": "/api/events_mgmt/v1/errors/401",
"code": "CLUSTERS-MGMT-401",
"reason": "Request doesn't contain the 'Authorization' header"
}
To use authentication use the ocm
tool:
$ ocm login --token=... --url=http://localhost:8000 $ ocm get /api/events_mgmt/v1/clusters
That should return a 200 response with a body like this:
{
"kind": "ClusterList",
"page": 0,
"size": 0,
"total": 0,
"items": []
}
crc
cluster
Deploying to a The recommended development environment for this project is a crc
cluster. The versions supported are CRC 1.6 or higher and OpenShift 4.3 or higher. To install it follow the instructions available here.
The first time that you do this you will also need to configure your podman
command so that it accepts the connections to the insecure internal registry of the cluster. For recent versions of podman
make sure that you have the following in the /etc/containers/registries.conf
file:
[[registry]]
location = 'default-route-openshift-image-registry.apps-crc.testing'
insecure = true
Note
|
Older versions of mixing sysregistry v1/v2 is not supported Then use the following configuration: [registries.insecure]
registries = ['default-route-openshift-image-registry.apps-crc.testing']
|
Once you have your crc
cluster up and running log-in with the kubeadmin
user:
$ oc login \
--username kubeadmin \
--password ... \
--insecure-skip-tls-verify=true \
https://api.crc.testing:6443
The crc start
command will print the password of the kubeadmin
user. If you forgot you can find it by running crc console --credentials
.
$ crc console --credentials -o json | jq -r .clusterConfig.adminCredentials.password |
oc login \
--username kubeadmin \
--insecure-skip-tls-verify=true \
https://api.crc.testing:6443
Once you are logged-in to the crc
cluster you will also have to log-in to its internal registry, as otherwise you will not be able to push images. To do so use the following command:
$ oc whoami --show-token |
podman login \
--username kubeadmin \
--password-stdin \
default-route-openshift-image-registry.apps-crc.testing
Then the deploy
target inside the Makefile
can be used to build the binaries, build the images, push them to the internal registry of the cluster and deploy the service to the ocm-${USER}
namespace.
To do that it is mandatory to use the client_id
and client_secret
Make variables. That variables should contain the credentials of the service account that the service will use to identify itself to other services, in particular to the authorization service. The credentials for client_id
and client_secret
are available in Vault for each environment. The account corresponding to that token needs to have the ClusterService
role.
Once you have the client_id
and client_secret
you can deploy the application like this:
$ make client_id=... client_secret=... deploy
$ oc get pods -n ocm-$USER
NAME READY STATUS RESTARTS AGE
events-mgmt-f6b84bd96-ng2sh 1/1 Running 0 8m35s
To undeploy the application use the undeploy
target:
$ make undeploy
The deployment of the application also creates a route that you can use to access the API of the service:
$ oc get route events-mgmt
NAME HOST/PORT ...
events-mgmt events-mgmt.apps-crc.testing ...
For example, to use the ocm
command line tool (available here) you can do the following:
$ # Log-in to the API:
$ ocm login \
--token=... \
--url=https://events-mgmt.apps-crc.testing \
--insecure
$ # Get the list of events:
$ ocm get /api/events_mgmt/v1/events