Addon Operator
Addon Operator coordinates the lifecycle of Addons in managed OpenShift.
dev tools
- setup pre-commit hooks:
make pre-commit-install
- global requirements:
- golang
- kubectl/oc
- make
- either docker or podman
Signed-off-by: Yashvardhan Kukreja [email protected]
Why not directly configure the existing metrics server to be TLS-terminated? Because the existing metrics server isn't setup by us but by controller-runtime, behind the scenes, while the manager gets bootstrapped and it is currently hardcoded to be http-exposed. Hence, this PR adds a relay server (a sidecar to our metrics-server) which acts as the TLS-terminated front-end to our clients (Prometheus scraper, ServiceMonitors) masking the insecure http-exposed server.
The addon-operator-metrics.addon-operator.svc
(service) exposes the metrics at /metrics at the following hosts:
https://addon-operator-metrics.addon-operator.svc:8443/metrics
and http://addon-operator-metrics.addon-operator.svc:8080/metrics
.
With https://github.com/openshift/addon-operator/pull/32 AllNamespaces
and OwnNamespace
install types have gained OLM specific parameters. This PR prefixes those options and config stanzas with OLM
to reflect that.
Signed-off-by: Mayank Shah [email protected]
To get started with this operator, I have reviewed and did some minor refactors. I have not reviewed everything, as I feel this is already large enough for a PR and to get us started.
Out-of-scope
Phase 4
of the Reconcile
loopmake test-unit
+ make lint
+ pre-commit-hooks
work (counting on CI to run integration tests)// TODO ...
comments directly inline. This is not ideal so I tried to avoid it as much as possible.k8sApiErrors
to apierrors
to mimic kubebuilder/controller-runtimemanager
(healthz + readyz)Reconcile
if err := myFunc(...); err != nil {
return err
}
log := r.Log.WithName("mrbean")
parseAddonInstallConfig
is what I would call 'defensive' programming, but the comment acknowledges this and suggests migrating to Defaulting/Validating webhooks. Also, returning more than two values is always a red flag from my perspective, maybe we can refactor this?Signed-off-by: Ankit Kurmi [email protected]
Updating preferredDuringSchedulingIgnoredDuringExecution
to requiredDuringSchedulingIgnoredDuringExecution
.
This PR introduces the testify/suite
library for integration tests. This mechanism allows us to group theses tests into a common integrationTestSuite
and add proper setup and teardown for it.
SetupSuite
and TeardownSuite
methods for the test suitecatalog_source_test.go
, namespaces_test.go
, and subscription_test.go
into a single test with each of them as a subtest in addon_test.go
integration/
package to adapt to the suite
libraryAddon
object declarations into re-usable fixtures in fixtures_test.go
, thereby removing redundant Addon
object initializationsThis PR also removes parallel execution of tests becausetestify/suite
has poor support for parallel test execution - https://github.com/stretchr/testify/issues/187 . Running tests within a test suite in parallel causes the following problems:
Disable for cache for CSV resource
Add OnlyMetadata
option to ClusterServiceVersion watch setup
Replace the use of operatorsv1alpha1.ClusterServiceVersion
type
with unstructured.Unstructured
in the get
CSV operation. This
ensures that Get operations on CSV resource are not cached as
unstructured.Unstructured based client operations are not cached
by default in the manager default client.
Ref: https://github.com/kubernetes-sigs/controller-runtime/blob/cd0058ad295c268da1e7233e609a9a18dd60b5f6/pkg/client/split.go#L115
Upgrade go version, controller-runtime and k8s libraries
Signed-off-by: Ankit Kurmi [email protected]
Prerequisites
, Unit test
, Releasing
and Deployment
into the Index
section.Unit test
section into the README file.Signed-off-by: Ankit Kurmi [email protected]
Changing variable name for better code readability for webhook_test.go
under internal/webhooks
and to make it consistent.
Signed-off-by: Ankit Kurmi [email protected]
Adding unit test for HasAdoptAllStrategy
function under internal/controllers/addon/utils.go
which checks if an addon has ResourceAdoptionAdoptAll
strategy.
This is the final refactor left for https://issues.redhat.com/browse/MTSRE-298
This PR refactors the Addon Reconciler code to have consistent exit handling and a single place where the Addon Status is updated via the kube-api.
Signed-off-by: Mayank Shah [email protected]
Adding a way to track all addons being reconciled by the addon-operator and expose metrics with prometheus.
What it looks like at the end of running tests make test-integration-short
(addons go from Pending to Ready to Terminating):
Update what metrics output looks like: https://pastebin.com/2N5gHNRc
addon_operator_addons_phase_total{phase="Terminating"} 6
will effectively be a counter never going down. Is that OK?localhost:8080/metrics
exposes this metricPhasePending
. Is it worth refactoring this?Make addon reconciler watch operatorv1/Operator
instead of operatorv1alpha1/ClusterServiceVersion
Replace CSV based addon install succes validation with operator
resource based install success validation
Signed-off-by: Nikhil Thomas [email protected]
Note: the current code might be deleting the csvKey to AddonKey
mappings of addons other than the one being reconciled at a given moment.
This patch ensures that only the mappings of the current Addon, which are obsolete are removed
Signed-off-by: Nikhil Thomas [email protected]
Helm Operator Helm Operator is designed to install and manage Helm charts with Kubernetes CRD resource. Helm Operator does not create the Helm release
OpenShift-Ordeal Scan your Openshift cluster !! OpenShift-Ordeal is an open source audit scanner who perform audit check on OpenShift Cluster and outp
oc-clusteroperator OpenShift CLI plugin to change the state of ClusterOperators
add-operator Basic Kubernetes operator that have multiple versions in CRD. This operator can be used to experiment and understand Operator/CRD behavio
Grafana Complementary Operator A grafana which complements grafana-operator for custom features which are not feasible to be merged into core operator
Ensemble Ensemble is a simple and modular Kubernetes Operator to manage the lifecycle of a wide range of databases. Infrastructure as code with Kubern
cortex-operator The cortex-operator is a project to manage the lifecycle of Cortex in Kubernetes. Project status: alpha Not all planned features are c
Elastalert Operator for Kubernetes The Elastalert Operator is an implementation of a Kubernetes Operator. Getting started Firstly, learn How to use el
test-operator Test Operator using operator-sdk 1.15 operator-sdk init --domain rbt.com --repo github.com/ravitri/test-operator Writing kustomize manif
Minecraft Operator A Kubernetes operator for dedicated servers of the video game
Kubernetes Network operator Will add more to the readme later :D Operations The
helloworld-operator a k8s operator 、operator-sdk Operator 参考 https://jicki.cn/kubernetes-operator/ https://learnku.com/articles/60683 https://opensour
Terraform Operator The Terraform Operator provides support to run Terraform modu
Pulumi GitOps Example OpenGitOps Compliant Pulumi Kubernetes Operator Example Pr
Operator Permissions Advisor is a CLI tool that will take a catalog image and statically parse it to determine what permissions an Operator will request of OLM during an install. The permissions are aggregated from the following sources:
Kubernetes Operator Patterns and Best Practises This project contains Kubernetes operator samples that demonstrate best practices how to develop opera
route-to-ingress-operator A controller to create corresponding ingress.networking.k8s.io/v1 resources for route.openshift.io/v1 TODO int port string p
Microshift Microshift is OpenShift1 Kubernetes in a small form factor and optimized for edge computing. Edge devices deployed out in the field pose ve
MGR "Must Gather Reader" MGR "not the final name" is a simple TUI interface to navigate and view OpenShift 4 must-gather files. How to run it: Downloa