From d01e3ef6445e2ae67e71e83ec1da82025e9626e0 Mon Sep 17 00:00:00 2001 From: Mihai Sarbulescu Date: Thu, 30 Mar 2023 16:02:53 +0300 Subject: [PATCH 1/2] making namespace configurable for the operator Signed-off-by: Mihai Sarbulescu --- CONTRIBUTING.md | 1 + .../crd/bases/getporter.org_agentactions.yaml | 3 ++- .../crd/bases/getporter.org_agentconfigs.yaml | 4 +-- controllers/agentaction_controller.go | 10 +++++++- controllers/agentaction_controller_test.go | 2 +- controllers/installation_controller.go | 2 +- docs/content/install.md | 1 + docs/content/quickstart/_index.md | 3 ++- installer/helpers.sh | 25 +++++++++++++++++-- installer/vanilla.porter.yaml | 22 +++++++++++++++- magefiles/magefile.go | 4 +-- 11 files changed, 64 insertions(+), 13 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index c41dd019..efc8e6cb 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -136,6 +136,7 @@ It runs on the default Mongodb port (27017) and authentication is not required t With your local Porter configuration file pointed to the in-cluster mongodb server, you can use Porter to query and interact with installations created by the operator. Expose the in-cluster mongodb server on the default mongo porter: 27017. +* NOTE: Use your custom namespace if you have installed with the non-default one (porter-operator-system) ``` kubectl port-forward --namespace porter-operator-system svc/mongodb 27017:27017 >/dev/null & ``` diff --git a/config/crd/bases/getporter.org_agentactions.yaml b/config/crd/bases/getporter.org_agentactions.yaml index 018aadff..40a742bf 100644 --- a/config/crd/bases/getporter.org_agentactions.yaml +++ b/config/crd/bases/getporter.org_agentactions.yaml @@ -803,7 +803,8 @@ spec: defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation - feature gate. \n This field is immutable." + feature gate. \n This field is immutable. + It can only be set for containers." items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. diff --git a/config/crd/bases/getporter.org_agentconfigs.yaml b/config/crd/bases/getporter.org_agentconfigs.yaml index 023d218f..32a7ab58 100644 --- a/config/crd/bases/getporter.org_agentconfigs.yaml +++ b/config/crd/bases/getporter.org_agentconfigs.yaml @@ -101,9 +101,7 @@ spec: storageClassName: description: StorageClassName is the name of the storage class that Porter will request when running the Porter Agent. It is used to - determine what the storage class will be for the volume requested. - The storage class must support ReadWriteOnce and ReadOnlyMany access modes - as well as allow for 'chmod' to be executed. + determine what the storage class will be for the volume requested type: string volumeSize: description: VolumeSize is the size of the persistent volume that diff --git a/controllers/agentaction_controller.go b/controllers/agentaction_controller.go index 53dfa194..bae41041 100644 --- a/controllers/agentaction_controller.go +++ b/controllers/agentaction_controller.go @@ -483,6 +483,8 @@ func (r *AgentActionReconciler) createAgentJob(ctx context.Context, log logr.Log func (r *AgentActionReconciler) resolveAgentConfig(ctx context.Context, log logr.Logger, action *porterv1.AgentAction) (porterv1.AgentConfigSpecAdapter, error) { log.V(Log5Trace).Info("Resolving porter agent configuration") + operatorNamespace := operatorNamespaceDefault + logConfig := func(level string, config *porterv1.AgentConfig) { if config == nil || config.Name == "" { return @@ -493,6 +495,8 @@ func (r *AgentActionReconciler) resolveAgentConfig(ctx context.Context, log logr "namespace", config.Namespace, "name", config.Name, "plugin", config.Spec.PluginConfigFile) + + operatorNamespace = config.Namespace } // Read agent configuration defined at the system level @@ -550,6 +554,8 @@ func (r *AgentActionReconciler) resolveAgentConfig(ctx context.Context, log logr func (r *AgentActionReconciler) resolvePorterConfig(ctx context.Context, log logr.Logger, action *porterv1.AgentAction) (porterv1.PorterConfigSpec, error) { log.V(Log5Trace).Info("Resolving porter configuration file") + operatorNamespace := operatorNamespaceDefault + logConfig := func(level string, config *porterv1.PorterConfig) { if config == nil || config.Name == "" { return @@ -558,6 +564,8 @@ func (r *AgentActionReconciler) resolvePorterConfig(ctx context.Context, log log "level", level, "namespace", config.Namespace, "name", config.Name) + + operatorNamespace = config.Namespace } // Provide a safe default config in case nothing is defined anywhere @@ -568,7 +576,7 @@ func (r *AgentActionReconciler) resolvePorterConfig(ctx context.Context, log log {PluginConfig: porterv1.PluginConfig{ Name: "in-cluster-mongodb", PluginSubKey: "mongodb", - Config: runtime.RawExtension{Raw: []byte(`{"url":"mongodb://mongodb.porter-operator-system.svc.cluster.local"}`)}, + Config: runtime.RawExtension{Raw: []byte(`{"url":"mongodb://mongodb.` + operatorNamespace + `.svc.cluster.local"}`)}, }}, }, } diff --git a/controllers/agentaction_controller_test.go b/controllers/agentaction_controller_test.go index 1528c905..315a8d90 100644 --- a/controllers/agentaction_controller_test.go +++ b/controllers/agentaction_controller_test.go @@ -928,7 +928,7 @@ func TestAgentActionReconciler_NoPluginsSpecified(t *testing.T) { func TestAgentActionReconciler_resolveAgentConfig(t *testing.T) { systemCfg := porterv1.AgentConfig{ - ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: operatorNamespace}, + ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: operatorNamespaceDefault}, Status: porterv1.AgentConfigStatus{ Ready: true, }, diff --git a/controllers/installation_controller.go b/controllers/installation_controller.go index 22e12a1b..d48a1d09 100644 --- a/controllers/installation_controller.go +++ b/controllers/installation_controller.go @@ -18,7 +18,7 @@ import ( ) const ( - operatorNamespace = "porter-operator-system" + operatorNamespaceDefault = "porter-operator-system" ) // InstallationReconciler calls porter to execute changes made to an Installation CRD diff --git a/docs/content/install.md b/docs/content/install.md index b93bbf5d..e5de820e 100644 --- a/docs/content/install.md +++ b/docs/content/install.md @@ -95,6 +95,7 @@ porter credentials generate porterops -r ghcr.io/getporter/porter-operator:v0.8. ``` Install the operator into the porter-operator-system namespace: +* NOTE: Use your custom namespace if you want to install to a different one by adding **--param operatorNamespace=your-namespace-name** ``` porter install porterops -c porterops -r ghcr.io/getporter/porter-operator:v0.8.0 ``` diff --git a/docs/content/quickstart/_index.md b/docs/content/quickstart/_index.md index 1cf01def..e2c4d0be 100644 --- a/docs/content/quickstart/_index.md +++ b/docs/content/quickstart/_index.md @@ -40,7 +40,7 @@ The bundle includes a custom action that prepares a namespace for you: porter invoke porterops --action configureNamespace --param namespace=quickstart -c porterops ``` -The Porter Operator is now installed on your cluster in the porter-operator-system namespace, along with a Mongodb server. +The Porter Operator is now installed on your cluster in the porter-operator-system (or your custom namespace) namespace, along with a Mongodb server. This database is not secured with a username/password, so do not use this default installation configuration with production secrets! The cluster has a namespace, quickstart, where we will create resources and Porter will create jobs to run Porter. @@ -50,6 +50,7 @@ Let's update your local porter CLI to read the data from the operator's datastor This isn't necessary for the operator to work, but will allow us to see what's happening and understand how the operator works. Run the following command to expose the operator's mongodb server to your localhost: +* NOTE: Use your custom namespace if you have installed with the non-default one (porter-operator-system) ``` kubectl port-forward --namespace porter-operator-system svc/mongodb 27020:27017 >/dev/null & ``` diff --git a/installer/helpers.sh b/installer/helpers.sh index 72808900..2f3e1dcb 100755 --- a/installer/helpers.sh +++ b/installer/helpers.sh @@ -1,6 +1,23 @@ #!/usr/bin/env bash set -euo pipefail +OPNAMESPACE="porter-operator-system" + +setCustomNamespaceForOperator() { + if [ -z "$1" ]; then + echo "No namespace specified, using default $OPNAMESPACE" + else + OPNAMESPACE=$1 + echo "Using custom namespace $OPNAMESPACE" + fi + + # Replace the namespace in the operator.yaml + echo "Setting namespace to $OPNAMESPACE" + cd manifests + kustomize edit set namespace $OPNAMESPACE + kustomize build -o operator.yaml +} + setControllerImage() { # Replace the manager image with the image packaged with the bundle echo "Setting manager image to $1" @@ -46,11 +63,15 @@ configureNamespace() { } waitForDeployment() { + if [ ! -z "$1" ]; then + OPNAMESPACE=$1 + fi + set +e # allow this next command to fail - kubectl rollout status deploy/porter-operator-controller-manager --namespace porter-operator-system --timeout 30s + kubectl rollout status deploy/porter-operator-controller-manager --namespace $OPNAMESPACE --timeout 30s if [[ $? != 0 ]]; then echo "Deployment failed, retrieving logs to troubleshoot" - kubectl logs deploy/porter-operator-controller-manager --namespace porter-operator-system -c manager + kubectl logs deploy/porter-operator-controller-manager --namespace $OPNAMESPACE -c manager fi } diff --git a/installer/vanilla.porter.yaml b/installer/vanilla.porter.yaml index 3eba8175..9062c67b 100644 --- a/installer/vanilla.porter.yaml +++ b/installer/vanilla.porter.yaml @@ -68,6 +68,13 @@ parameters: default: "13.6.2" applyTo: - install + - name: operatorNamespace + description: Namespace to install the operator into + type: string + default: "porter-operator-system" + applyTo: + - install + - upgrade - name: mongodbVals description: Helm values file to use when installing the mongodb chart type: file @@ -88,6 +95,12 @@ mixins: - kubernetes install: + - exec: + description: "Set custom namespace for operator if present" + command: ./helpers.sh + arguments: + - setCustomNamespaceForOperator + - ${bundle.parameters.operatorNamespace} - exec: description: "Set manager image reference" command: ./helpers.sh @@ -101,7 +114,7 @@ install: wait: true - helm3: description: "Install a mongo database for Porter" - namespace: porter-operator-system + namespace: ${bundle.parameters.operatorNamespace} name: mongodb chart: bitnami/mongodb version: ${bundle.parameters.mongodbChartVersion} @@ -115,8 +128,15 @@ install: command: ./helpers.sh arguments: - waitForDeployment + - ${bundle.parameters.operatorNamespace} upgrade: + - exec: + description: "Set custom namespace for operator if present" + command: ./helpers.sh + arguments: + - setCustomNamespaceForOperator + - ${bundle.parameters.operatorNamespace} - exec: description: "Set manager image reference" command: ./helpers.sh diff --git a/magefiles/magefile.go b/magefiles/magefile.go index fb630a63..f874d7d2 100644 --- a/magefiles/magefile.go +++ b/magefiles/magefile.go @@ -284,7 +284,7 @@ func TestIntegration() { // are responding to the same events. // For now, it's up to the caller to use a fresh cluster with CRDs installed until we can fix it. - kubectl("delete", "deployment", "porter-operator-controller-manager", "-n=porter-operator-system").RunV() + kubectl("delete", "deployment", "porter-operator-controller-manager", "-n="+operatorNamespace).RunV() if os.Getenv("PORTER_AGENT_REPOSITORY") != "" && os.Getenv("PORTER_AGENT_VERSION") != "" { porterAgentImgRepository = os.Getenv("PORTER_AGENT_REPOSITORY") @@ -334,7 +334,7 @@ func Deploy() { buildPorterCmd("credentials", "apply", "hack/creds.yaml", "-n=operator").Must().RunV() } bundleRef := Env.BundlePrefix + meta.Version - installCmd := buildPorterCmd("install", "operator", "-r", bundleRef, "-c=kind", "--force", "-n=operator").Must() + installCmd := buildPorterCmd("install", "operator", "-r", bundleRef, "-c=kind", "--force", "-n=operator", "--param", "operatorNamespace="+operatorNamespace).Must() applyHackParameters(installCmd) installCmd.RunV() } From 4d321676b2002dbfbba4da1d1823326a940edce7 Mon Sep 17 00:00:00 2001 From: Mihai Sarbulescu Date: Thu, 30 Mar 2023 20:19:32 +0300 Subject: [PATCH 2/2] changed some stuff Signed-off-by: Mihai Sarbulescu --- controllers/agentaction_controller.go | 8 -------- controllers/agentaction_controller_test.go | 2 +- controllers/installation_controller.go | 5 +++-- docs/content/install.md | 2 +- docs/content/quickstart/_index.md | 2 +- 5 files changed, 6 insertions(+), 13 deletions(-) diff --git a/controllers/agentaction_controller.go b/controllers/agentaction_controller.go index bae41041..9c799fc6 100644 --- a/controllers/agentaction_controller.go +++ b/controllers/agentaction_controller.go @@ -483,8 +483,6 @@ func (r *AgentActionReconciler) createAgentJob(ctx context.Context, log logr.Log func (r *AgentActionReconciler) resolveAgentConfig(ctx context.Context, log logr.Logger, action *porterv1.AgentAction) (porterv1.AgentConfigSpecAdapter, error) { log.V(Log5Trace).Info("Resolving porter agent configuration") - operatorNamespace := operatorNamespaceDefault - logConfig := func(level string, config *porterv1.AgentConfig) { if config == nil || config.Name == "" { return @@ -495,8 +493,6 @@ func (r *AgentActionReconciler) resolveAgentConfig(ctx context.Context, log logr "namespace", config.Namespace, "name", config.Name, "plugin", config.Spec.PluginConfigFile) - - operatorNamespace = config.Namespace } // Read agent configuration defined at the system level @@ -554,8 +550,6 @@ func (r *AgentActionReconciler) resolveAgentConfig(ctx context.Context, log logr func (r *AgentActionReconciler) resolvePorterConfig(ctx context.Context, log logr.Logger, action *porterv1.AgentAction) (porterv1.PorterConfigSpec, error) { log.V(Log5Trace).Info("Resolving porter configuration file") - operatorNamespace := operatorNamespaceDefault - logConfig := func(level string, config *porterv1.PorterConfig) { if config == nil || config.Name == "" { return @@ -564,8 +558,6 @@ func (r *AgentActionReconciler) resolvePorterConfig(ctx context.Context, log log "level", level, "namespace", config.Namespace, "name", config.Name) - - operatorNamespace = config.Namespace } // Provide a safe default config in case nothing is defined anywhere diff --git a/controllers/agentaction_controller_test.go b/controllers/agentaction_controller_test.go index 315a8d90..1528c905 100644 --- a/controllers/agentaction_controller_test.go +++ b/controllers/agentaction_controller_test.go @@ -928,7 +928,7 @@ func TestAgentActionReconciler_NoPluginsSpecified(t *testing.T) { func TestAgentActionReconciler_resolveAgentConfig(t *testing.T) { systemCfg := porterv1.AgentConfig{ - ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: operatorNamespaceDefault}, + ObjectMeta: metav1.ObjectMeta{Name: "default", Namespace: operatorNamespace}, Status: porterv1.AgentConfigStatus{ Ready: true, }, diff --git a/controllers/installation_controller.go b/controllers/installation_controller.go index d48a1d09..6e8bd262 100644 --- a/controllers/installation_controller.go +++ b/controllers/installation_controller.go @@ -2,6 +2,7 @@ package controllers import ( "context" + "os" "reflect" porterv1 "get.porter.sh/operator/api/v1" @@ -17,8 +18,8 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" ) -const ( - operatorNamespaceDefault = "porter-operator-system" +var ( + operatorNamespace = os.Getenv("POD_NAMESPACE") ) // InstallationReconciler calls porter to execute changes made to an Installation CRD diff --git a/docs/content/install.md b/docs/content/install.md index e5de820e..359ec55d 100644 --- a/docs/content/install.md +++ b/docs/content/install.md @@ -95,7 +95,7 @@ porter credentials generate porterops -r ghcr.io/getporter/porter-operator:v0.8. ``` Install the operator into the porter-operator-system namespace: -* NOTE: Use your custom namespace if you want to install to a different one by adding **--param operatorNamespace=your-namespace-name** +* NOTE: Use your alternate namespace if you want to install to a different one by adding **--param operatorNamespace=your-namespace-name** ``` porter install porterops -c porterops -r ghcr.io/getporter/porter-operator:v0.8.0 ``` diff --git a/docs/content/quickstart/_index.md b/docs/content/quickstart/_index.md index e2c4d0be..267e155a 100644 --- a/docs/content/quickstart/_index.md +++ b/docs/content/quickstart/_index.md @@ -40,7 +40,7 @@ The bundle includes a custom action that prepares a namespace for you: porter invoke porterops --action configureNamespace --param namespace=quickstart -c porterops ``` -The Porter Operator is now installed on your cluster in the porter-operator-system (or your custom namespace) namespace, along with a Mongodb server. +The Porter Operator is now installed on your cluster in the porter-operator-system namespace, along with a Mongodb server. This database is not secured with a username/password, so do not use this default installation configuration with production secrets! The cluster has a namespace, quickstart, where we will create resources and Porter will create jobs to run Porter.