From 715ec30717edb17429f75399d59b2f001848965a Mon Sep 17 00:00:00 2001 From: Ben Parees Date: Fri, 7 Sep 2018 11:38:14 -0400 Subject: [PATCH] install the registry operator automatically --- .../registry/image-registry-crd.yaml | 13 +++ .../registry/image-registry-namespace.yaml | 7 ++ .../registry/image-registry-operator.yaml | 31 +++++++ .../registry/image-registry-rbac.yaml | 85 +++++++++++++++++++ modules/tectonic/resources/tectonic.sh | 5 ++ 5 files changed, 141 insertions(+) create mode 100644 modules/tectonic/resources/manifests/registry/image-registry-crd.yaml create mode 100644 modules/tectonic/resources/manifests/registry/image-registry-namespace.yaml create mode 100644 modules/tectonic/resources/manifests/registry/image-registry-operator.yaml create mode 100644 modules/tectonic/resources/manifests/registry/image-registry-rbac.yaml diff --git a/modules/tectonic/resources/manifests/registry/image-registry-crd.yaml b/modules/tectonic/resources/manifests/registry/image-registry-crd.yaml new file mode 100644 index 00000000000..af3f57feecd --- /dev/null +++ b/modules/tectonic/resources/manifests/registry/image-registry-crd.yaml @@ -0,0 +1,13 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: openshiftdockerregistries.dockerregistry.operator.openshift.io +spec: + group: dockerregistry.operator.openshift.io + names: + kind: OpenShiftDockerRegistry + listKind: OpenShiftDockerRegistryList + plural: openshiftdockerregistries + singular: openshiftdockerregistry + scope: Namespaced + version: v1alpha1 diff --git a/modules/tectonic/resources/manifests/registry/image-registry-namespace.yaml b/modules/tectonic/resources/manifests/registry/image-registry-namespace.yaml new file mode 100644 index 00000000000..b2214c57afb --- /dev/null +++ b/modules/tectonic/resources/manifests/registry/image-registry-namespace.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-image-registry +spec: + finalizers: + - kubernetes diff --git a/modules/tectonic/resources/manifests/registry/image-registry-operator.yaml b/modules/tectonic/resources/manifests/registry/image-registry-operator.yaml new file mode 100644 index 00000000000..68ee776da67 --- /dev/null +++ b/modules/tectonic/resources/manifests/registry/image-registry-operator.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cluster-image-registry-operator + namespace: openshift-image-registry +spec: + replicas: 1 + selector: + matchLabels: + name: cluster-image-registry-operator + template: + metadata: + labels: + name: cluster-image-registry-operator + spec: + containers: + - name: cluster-image-registry-operator + image: docker.io/openshift/origin-cluster-image-registry-operator:latest + ports: + - containerPort: 60000 + name: metrics + command: + - cluster-image-registry-operator + imagePullPolicy: Always + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + value: "cluster-image-registry-operator" diff --git a/modules/tectonic/resources/manifests/registry/image-registry-rbac.yaml b/modules/tectonic/resources/manifests/registry/image-registry-rbac.yaml new file mode 100644 index 00000000000..1331d6d8dc6 --- /dev/null +++ b/modules/tectonic/resources/manifests/registry/image-registry-rbac.yaml @@ -0,0 +1,85 @@ +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: cluster-image-registry-operator +rules: +- apiGroups: + - dockerregistry.operator.openshift.io + resources: + - "*" + verbs: + - "*" +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - events + - persistentvolumeclaims + - pods + - secrets + - services + verbs: + - "*" +- apiGroups: + - apps + resources: + - daemonsets + - deploymentconfigs + - deployments + - replicasets + - statefulsets + verbs: + - "*" +- apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + verbs: + - "*" +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - "*" +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - clusterrolebindings + verbs: + - "*" +- apiGroups: + - project.openshift.io + resources: + - projects + verbs: + - get +- apiGroups: + - "" + resources: + - limitranges + - resourcequotas + verbs: + - list +- apiGroups: + - image.openshift.io + resources: + - "*" + verbs: + - "*" +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: default-account-cluster-image-registry-operator +subjects: +- kind: ServiceAccount + name: default + namespace: openshift-image-registry +roleRef: + kind: ClusterRole + name: cluster-image-registry-operator + apiGroup: rbac.authorization.k8s.io diff --git a/modules/tectonic/resources/tectonic.sh b/modules/tectonic/resources/tectonic.sh index 354fb0afdb3..667e1693603 100755 --- a/modules/tectonic/resources/tectonic.sh +++ b/modules/tectonic/resources/tectonic.sh @@ -170,6 +170,11 @@ kubectl create -f updater/app_versions/app-version-tectonic-alm.yaml kubectl create -f updater/app_versions/app-version-tectonic-utility.yaml kubectl create -f updater/app_versions/app-version-tectonic-ingress.yaml +kubectl create -f registry/image-registry-namespace.yaml +kubectl create -f registry/image-registry-crd.yaml +kubectl create -f registry/image-registry-rbac.yaml +kubectl create -f registry/image-registry-operator.yaml + # wait for Tectonic pods wait_for_pods tectonic-system asset_cleanup