From f0ec946bd141c61bcff0297782ed449d56e49bac Mon Sep 17 00:00:00 2001 From: Danil-Grigorev Date: Mon, 18 Jan 2021 11:02:31 +0100 Subject: [PATCH 1/4] Add Deployment for operator --- ...roller-manager-operator_11_deployment.yaml | 48 +++++++++++++++++++ manifests/image-references | 8 ++++ 2 files changed, 56 insertions(+) create mode 100644 manifests/0000_26_cloud-controller-manager-operator_11_deployment.yaml create mode 100644 manifests/image-references diff --git a/manifests/0000_26_cloud-controller-manager-operator_11_deployment.yaml b/manifests/0000_26_cloud-controller-manager-operator_11_deployment.yaml new file mode 100644 index 000000000..55b0d1bd1 --- /dev/null +++ b/manifests/0000_26_cloud-controller-manager-operator_11_deployment.yaml @@ -0,0 +1,48 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cluster-cloud-controller-manager + namespace: openshift-cloud-controller-manager-operator + labels: + k8s-app: cloud-manager-operator +spec: + selector: + matchLabels: + k8s-app: cloud-manager-operator + replicas: 1 + template: + metadata: + labels: + k8s-app: cloud-manager-operator + spec: + priorityClassName: system-node-critical + serviceAccountName: cluster-cloud-controller-manager + containers: + - name: cluster-cloud-controller-manager + image: registry.svc.ci.openshift.org/openshift:cluster-cloud-controller-manager + command: + - "/cluster-controller-manager-operator" + args: + - --leader-elect + env: + - name: RELEASE_VERSION + value: "0.0.1-snapshot" + resources: + requests: + cpu: 10m + memory: 50Mi + nodeSelector: + node-role.kubernetes.io/master: "" + restartPolicy: Always + tolerations: + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + - key: "node.kubernetes.io/unreachable" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 120 + - key: "node.kubernetes.io/not-ready" + operator: "Exists" + effect: "NoExecute" + tolerationSeconds: 120 diff --git a/manifests/image-references b/manifests/image-references new file mode 100644 index 000000000..64b9b13c4 --- /dev/null +++ b/manifests/image-references @@ -0,0 +1,8 @@ +kind: ImageStream +apiVersion: image.openshift.io/v1 +spec: + tags: + - name: cluster-cloud-controller-manager-operator + from: + kind: DockerImage + name: registry.svc.ci.openshift.org/openshift:cluster-cloud-controller-manager From 949f5cd51f6b5b8c1e6db855d80169aec6d27939 Mon Sep 17 00:00:00 2001 From: Danil-Grigorev Date: Mon, 18 Jan 2021 12:09:48 +0100 Subject: [PATCH 2/4] Simplify make image task for CI image builds --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 65b463f83..87c5311a4 100644 --- a/Makefile +++ b/Makefile @@ -55,7 +55,7 @@ generate: controller-gen # Build the docker image .PHONY: image -image: test +image: docker build -t ${IMG} . # Push the docker image From b6fb41e1be6abe42389b28d4401cc9b273ca47fe Mon Sep 17 00:00:00 2001 From: Danil-Grigorev Date: Mon, 18 Jan 2021 12:11:34 +0100 Subject: [PATCH 3/4] Make sure Dockerfile is passing binary at correct location --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index 12ebb3bc4..6a37ef531 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,3 +2,6 @@ FROM registry.svc.ci.openshift.org/openshift/release:golang-1.15 AS builder WORKDIR /go/src/github.com/openshift/cluster-cloud-controller-manager-operator COPY . . RUN make build + +FROM registry.svc.ci.openshift.org/openshift/origin-v4.0:base +COPY --from=builder /go/src/github.com/openshift/cluster-cloud-controller-manager-operator/bin/cluster-controller-manager-operator . From be6a55c90dd946b9b0b2c9da968c705051f436de Mon Sep 17 00:00:00 2001 From: Danil-Grigorev Date: Mon, 18 Jan 2021 12:56:49 +0100 Subject: [PATCH 4/4] Add role for operator pod allowing leader election --- ...d-controller-manager-operator_02_rbac.yaml | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/manifests/0000_26_cloud-controller-manager-operator_02_rbac.yaml b/manifests/0000_26_cloud-controller-manager-operator_02_rbac.yaml index 4d5bb1df0..9d2b7b877 100644 --- a/manifests/0000_26_cloud-controller-manager-operator_02_rbac.yaml +++ b/manifests/0000_26_cloud-controller-manager-operator_02_rbac.yaml @@ -35,6 +35,38 @@ rules: verbs: - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cluster-cloud-controller-manager + namespace: openshift-cloud-controller-manager-operator + annotations: + include.release.openshift.io/self-managed-high-availability: "true" +rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - create + - update + --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -51,3 +83,20 @@ subjects: - kind: ServiceAccount namespace: openshift-cloud-controller-manager-operator name: cluster-cloud-controller-manager + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cluster-cloud-controller-manager + namespace: openshift-cloud-controller-manager-operator + annotations: + include.release.openshift.io/self-managed-high-availability: "true" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cluster-cloud-controller-manager +subjects: + - kind: ServiceAccount + namespace: openshift-cloud-controller-manager-operator + name: cluster-cloud-controller-manager