From fa1611ade8d75cd94c1c10a74c262f9d10b2c499 Mon Sep 17 00:00:00 2001 From: Leo Christy Jesuraj Date: Mon, 28 Oct 2019 20:45:57 -0400 Subject: [PATCH] Release v0.2.1 (#171) * Release v0.2.1 * Add version to readme --- build/Dockerfile | 2 +- .../0.2.1/appsody-app-cluster-rbac.yaml | 82 +++++ deploy/releases/0.2.1/appsody-app-crd.yaml | 340 ++++++++++++++++++ .../releases/0.2.1/appsody-app-operator.yaml | 116 ++++++ deploy/releases/0.2.1/readme.md | 69 ++++ 5 files changed, 608 insertions(+), 1 deletion(-) create mode 100644 deploy/releases/0.2.1/appsody-app-cluster-rbac.yaml create mode 100644 deploy/releases/0.2.1/appsody-app-crd.yaml create mode 100644 deploy/releases/0.2.1/appsody-app-operator.yaml create mode 100644 deploy/releases/0.2.1/readme.md diff --git a/build/Dockerfile b/build/Dockerfile index f0330bd..059456c 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -2,7 +2,7 @@ FROM registry.access.redhat.com/ubi7/ubi-minimal:latest LABEL vendor="Appsody" \ name="Appsody Application Operator" \ - version="0.2.0" \ + version="0.2.1" \ summary="Image for Appsody Application Operator" \ description="This image contains the controller for Appsody Application Operator. See https://github.com/appsody/appsody-operator#appsody-application-operator" diff --git a/deploy/releases/0.2.1/appsody-app-cluster-rbac.yaml b/deploy/releases/0.2.1/appsody-app-cluster-rbac.yaml new file mode 100644 index 0000000..1427c26 --- /dev/null +++ b/deploy/releases/0.2.1/appsody-app-cluster-rbac.yaml @@ -0,0 +1,82 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: appsody-operator-APPSODY_OPERATOR_NAMESPACE +rules: +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - appsody-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - appsody.dev + resources: + - '*' + verbs: + - '*' +- apiGroups: + - route.openshift.io + attributeRestrictions: null + resources: + - routes + verbs: + - '*' +- apiGroups: + - serving.knative.dev + attributeRestrictions: null + resources: + - services + verbs: + - '*' +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: appsody-operator-APPSODY_OPERATOR_NAMESPACE +subjects: +- kind: ServiceAccount + name: appsody-operator + namespace: APPSODY_OPERATOR_NAMESPACE +roleRef: + kind: ClusterRole + name: appsody-operator-APPSODY_OPERATOR_NAMESPACE + apiGroup: rbac.authorization.k8s.io \ No newline at end of file diff --git a/deploy/releases/0.2.1/appsody-app-crd.yaml b/deploy/releases/0.2.1/appsody-app-crd.yaml new file mode 100644 index 0000000..b6f4c63 --- /dev/null +++ b/deploy/releases/0.2.1/appsody-app-crd.yaml @@ -0,0 +1,340 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: appsodyapplications.appsody.dev +spec: + additionalPrinterColumns: + - JSONPath: .spec.applicationImage + description: Absolute name of the deployed image containing registry and tag + name: Image + type: string + - JSONPath: .spec.expose + description: Specifies whether deployment is exposed externally via default Route + name: Exposed + type: boolean + - JSONPath: .status.conditions[?(@.type=='Reconciled')].status + description: Status of the reconcile condition + name: Reconciled + type: string + - JSONPath: .status.conditions[?(@.type=='Reconciled')].reason + description: Reason for the failure of reconcile condition + name: Reason + priority: 1 + type: string + - JSONPath: .status.conditions[?(@.type=='Reconciled')].message + description: Failure message from reconcile condition + name: Message + priority: 1 + type: string + - JSONPath: .metadata.creationTimestamp + description: Age of the resource + name: Age + type: date + group: appsody.dev + names: + kind: AppsodyApplication + listKind: AppsodyApplicationList + plural: appsodyapplications + singular: appsodyapplication + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + applicationImage: + type: string + architecture: + items: + type: string + type: array + autoscaling: + properties: + maxReplicas: + format: int32 + minimum: 1 + type: integer + minReplicas: + format: int32 + type: integer + targetCPUUtilizationPercentage: + format: int32 + type: integer + type: object + createAppDefinition: + type: boolean + createKnativeService: + type: boolean + env: + items: + type: object + type: array + envFrom: + items: + type: object + type: array + expose: + type: boolean + livenessProbe: + type: object + monitoring: + properties: + endpoints: + items: + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate + over basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: The secret that contains the password for + authenticate + type: object + username: + description: The secret that contains the username for + authenticate + type: object + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before + ingestion. + items: + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex + replace is performed if the regular expression matches. + Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular + expression for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers + to. Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelings: + description: 'RelabelConfigs to apply to samples before ingestion. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. defailt is '(.*)' + type: string + replacement: + description: Replacement value against which a regex + replace is performed if the regular expression matches. + Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular + expression for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: string + - type: integer + description: Name or number of the target port of the endpoint. + Mutually exclusive with port. + tlsConfig: + description: TLS configuration to use when scraping the endpoint + properties: + caFile: + description: The CA cert to use for the targets. + type: string + certFile: + description: The client cert file for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: The client key file for the targets. + type: string + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + type: object + type: array + labels: + additionalProperties: + type: string + type: object + type: object + pullPolicy: + type: string + pullSecret: + type: string + readinessProbe: + type: object + replicas: + format: int32 + type: integer + resourceConstraints: + type: object + service: + properties: + annotations: + additionalProperties: + type: string + type: object + port: + format: int32 + maximum: 65536 + minimum: 1 + type: integer + type: + type: string + type: object + serviceAccountName: + type: string + stack: + type: string + storage: + properties: + mountPath: + type: string + size: + pattern: ^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$ + type: string + volumeClaimTemplate: + type: object + type: object + version: + type: string + volumeMounts: + items: + type: object + type: array + volumes: + items: + type: object + type: array + required: + - applicationImage + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + format: date-time + type: string + lastUpdateTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true diff --git a/deploy/releases/0.2.1/appsody-app-operator.yaml b/deploy/releases/0.2.1/appsody-app-operator.yaml new file mode 100644 index 0000000..c99ef69 --- /dev/null +++ b/deploy/releases/0.2.1/appsody-app-operator.yaml @@ -0,0 +1,116 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: appsody-operator +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: appsody-operator +rules: +- apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - '*' +- apiGroups: + - apps + resourceNames: + - appsody-operator + resources: + - deployments/finalizers + verbs: + - update +- apiGroups: + - appsody.dev + resources: + - '*' + verbs: + - '*' +- apiGroups: + - route.openshift.io + attributeRestrictions: null + resources: + - routes + verbs: + - '*' +- apiGroups: + - serving.knative.dev + attributeRestrictions: null + resources: + - services + verbs: + - '*' +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: appsody-operator +subjects: +- kind: ServiceAccount + name: appsody-operator +roleRef: + kind: Role + name: appsody-operator + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: appsody-operator +spec: + replicas: 1 + selector: + matchLabels: + name: appsody-operator + template: + metadata: + labels: + name: appsody-operator + spec: + serviceAccountName: appsody-operator + containers: + - name: appsody-operator + image: appsody/application-operator:0.2.1 + command: + - appsody-operator + imagePullPolicy: Always + env: + - name: WATCH_NAMESPACE + value: APPSODY_WATCH_NAMESPACE + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "appsody-operator" diff --git a/deploy/releases/0.2.1/readme.md b/deploy/releases/0.2.1/readme.md new file mode 100644 index 0000000..0396f4b --- /dev/null +++ b/deploy/releases/0.2.1/readme.md @@ -0,0 +1,69 @@ +# Appsody Operator v0.2.1 + +## Changelog + +All notable changes are documented in the [Changelog](/CHANGELOG.md#0.2.1). + +## Installation + +The Appsody Operator can be installed to: + +- watch own namespace +- watch another namespace +- watch multiple namespaces +- watch all namespaces in the cluster + +Appropriate cluster role and binding are required to watch another namespace, watch multiple namespaces or watch all namespaces. + +--- + +1. Install `AppsodyApplication` Custom Resource Definition (CRD). This needs to be done only ONCE per cluster: + + ```console + kubectl apply -f https://raw.githubusercontent.com/appsody/appsody-operator/master/deploy/releases/0.2.1/appsody-app-crd.yaml + ``` + +2. Install the Appsody Operator: + + **Important: In Step 2.1, ensure that you replace `` and `` with proper values:** + + 2.1. Set operator namespace and the namespace to watch: + + - To watch all namespaces in the cluster, set `WATCH_NAMESPACE='""'` + - To watch multiple namespaces in the cluster, set `WATCH_NAMESPACE` to a comma-separated list of namespaces e.g. `WATCH_NAMESPACE=my-appsody-ns-1,my-appsody-ns-2,my-appsody-ns-3` + + ```console + OPERATOR_NAMESPACE= + WATCH_NAMESPACE= + ``` + + 2.2. _Optional_: Install cluster-level role-based access. This step can be skipped if the operator is only watching own namespace: + + ```console + curl -L https://raw.githubusercontent.com/appsody/appsody-operator/master/deploy/releases/0.2.1/appsody-app-cluster-rbac.yaml \ + | sed -e "s/APPSODY_OPERATOR_NAMESPACE/${OPERATOR_NAMESPACE}/" \ + | kubectl apply -f - + ``` + + 2.3. Install the operator: + + ```console + curl -L https://raw.githubusercontent.com/appsody/appsody-operator/master/deploy/releases/0.2.1/appsody-app-operator.yaml \ + | sed -e "s/APPSODY_WATCH_NAMESPACE/${WATCH_NAMESPACE}/" \ + | kubectl apply -n ${OPERATOR_NAMESPACE} -f - + ``` + +## Uninstallation + +To uninstall the operator, run commands from Step 2.3 first and then Step 2.2 (if applicable), but after replacing `kubectl apply` with `kubectl delete`. + +To delete the CRD, run command from Step 1, but after replacing `kubectl apply` with `kubectl delete`. + +_Deleting the CRD will also delete all `AppsodyApplication` in the cluster_ + +## Current Limitations + +- Knative support is limited. Values specified for `autoscaling`, `resources` and `replicas` parameters would not apply for Knative when enabled using `createKnativeService` parameter. +- The auto-creation of an application definition by kAppNav is not supported when Knative is enabled. +- Monitoring feature does not support integration with Knative Service. Prometheus Operator is required to use ServiceMonitor. +- After the initial deployment of `AppsodyApplication`, any changes to its labels would be applied only when one of the parameters from `spec` is updated. \ No newline at end of file