From 901b2dde2fbff1963813f2a42071c3ccb6c5d759 Mon Sep 17 00:00:00 2001 From: Diego Rodriguez Date: Tue, 9 Jun 2020 11:56:39 +0200 Subject: [PATCH 1/2] config: use centrally configured k8s namespace * Use the Helm release namespace as the namespace where REANA will be running. Passes this configuration down to REANA-Workflow-Controller which will take care of creating all runtime pods so they run on the desired namespace (addresses reanahub/reana#274). --- CHANGES.rst | 1 + Makefile | 3 ++- helm/reana/README.md | 1 - helm/reana/templates/announcement-config.yaml | 1 + helm/reana/templates/cronjobs.yaml | 1 + helm/reana/templates/ingress.yaml | 1 + helm/reana/templates/kerberos-config.yaml | 1 + helm/reana/templates/reana-cache.yaml | 2 ++ helm/reana/templates/reana-db.yaml | 2 ++ helm/reana/templates/reana-mail.yaml | 2 ++ helm/reana/templates/reana-message-broker.yaml | 2 ++ helm/reana/templates/reana-server.yaml | 2 ++ helm/reana/templates/reana-shared-persistent-volume.yaml | 2 ++ helm/reana/templates/reana-ui.yaml | 2 ++ helm/reana/templates/reana-wdb.yaml | 2 ++ helm/reana/templates/reana-workflow-controller.yaml | 6 ++++++ helm/reana/templates/roles.yaml | 5 +++-- helm/reana/templates/secrets.yaml | 5 +++++ helm/reana/templates/serviceaccount.yaml | 2 +- helm/reana/templates/uwsgi-config.yaml | 1 + helm/reana/values.yaml | 5 ----- 21 files changed, 39 insertions(+), 10 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst index 8389bd7f..096dc675 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -4,6 +4,7 @@ Changes Version master (UNRELEASED) --------------------------- +- Adds possibility to install REANA in different namespaces than default. - Moves to Helm deployment. - Adds command to bump common packages versions. - Supports prefixing by Helm release name. diff --git a/Makefile b/Makefile index 4e93eb40..477603d5 100644 --- a/Makefile +++ b/Makefile @@ -194,7 +194,8 @@ deploy: # Deploy/redeploy previously built REANA cluster. if [ $$(docker images | grep -c '') -gt 0 ]; then \ docker images | grep '' | awk '{print $$3;}' | xargs docker rmi; \ fi && \ - helm install ${TRUNC_INSTANCE_NAME} helm/reana $(addprefix --set , ${CLUSTER_FLAGS}) $(addprefix -f , ${VALUES_YAML_PATH}) --wait && \ + helm install ${TRUNC_INSTANCE_NAME} helm/reana $(addprefix --set , ${CLUSTER_FLAGS}) $(addprefix -f , ${VALUES_YAML_PATH}) --wait --namespace ${INSTANCE_NAME} --create-namespace && \ + kubectl config set-context --current --namespace=${INSTANCE_NAME} && \ waited=0 && while true; do \ waited=$$(($$waited+${TIMECHECK})); \ if [ $$waited -gt ${TIMEOUT} ];then \ diff --git a/helm/reana/README.md b/helm/reana/README.md index 6750cec2..5e34a2c8 100644 --- a/helm/reana/README.md +++ b/helm/reana/README.md @@ -51,7 +51,6 @@ This Helm automatically prefixes all names using the release name to avoid colli | `secrets.reana.REANA_SECRET_KEY` | **[Do not use in production, use secrets instead]** REANA encryption secret key | None | | `serviceAccount.create` | Create a service account for the REANA system user | true | | `serviceAccount.name` | Service account name | reana | -| `serviceAccount.namespace` | Service account namespace | default | | `shared_storage.access_modes` | Shared volume access mode | ReadWriteMany | | `shared_storage.backend` | Shared volume storage backend | hostpath | | `shared_storage.cephfs.availability_zone` | **[CERN only]** OpenStack Availability zone | nova | diff --git a/helm/reana/templates/announcement-config.yaml b/helm/reana/templates/announcement-config.yaml index b86c19f3..e09c96c5 100644 --- a/helm/reana/templates/announcement-config.yaml +++ b/helm/reana/templates/announcement-config.yaml @@ -3,5 +3,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: announcement-config + namespace: {{ .Release.Namespace }} data: announcement: "" diff --git a/helm/reana/templates/cronjobs.yaml b/helm/reana/templates/cronjobs.yaml index c26595b4..811bc834 100644 --- a/helm/reana/templates/cronjobs.yaml +++ b/helm/reana/templates/cronjobs.yaml @@ -4,6 +4,7 @@ apiVersion: batch/v1beta1 kind: CronJob metadata: name: {{ include "reana.prefix" . }}-system-status + namespace: {{ .Release.Namespace }} spec: schedule: "{{ .Values.notifications.system_status }}" jobTemplate: diff --git a/helm/reana/templates/ingress.yaml b/helm/reana/templates/ingress.yaml index 32a422aa..bc68482c 100644 --- a/helm/reana/templates/ingress.yaml +++ b/helm/reana/templates/ingress.yaml @@ -7,6 +7,7 @@ apiVersion: extensions/v1beta1 kind: Ingress metadata: name: {{ include "reana.prefix" . }}-ingress + namespace: {{ .Release.Namespace }} {{- with .Values.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/helm/reana/templates/kerberos-config.yaml b/helm/reana/templates/kerberos-config.yaml index 8347cf5d..52a1459e 100644 --- a/helm/reana/templates/kerberos-config.yaml +++ b/helm/reana/templates/kerberos-config.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "reana.prefix" . }}-krb5-conf + namespace: {{ .Release.Namespace }} data: krb5.conf: | [libdefaults] diff --git a/helm/reana/templates/reana-cache.yaml b/helm/reana/templates/reana-cache.yaml index f81707ee..059d69eb 100644 --- a/helm/reana/templates/reana-cache.yaml +++ b/helm/reana/templates/reana-cache.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "reana.prefix" . }}-cache + namespace: {{ .Release.Namespace }} spec: type: NodePort selector: @@ -16,6 +17,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "reana.prefix" . }}-cache + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: diff --git a/helm/reana/templates/reana-db.yaml b/helm/reana/templates/reana-db.yaml index 283ba2ca..4b7fb97b 100644 --- a/helm/reana/templates/reana-db.yaml +++ b/helm/reana/templates/reana-db.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "reana.prefix" . }}-db + namespace: {{ .Release.Namespace }} spec: type: NodePort selector: @@ -17,6 +18,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "reana.prefix" . }}-db + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: diff --git a/helm/reana/templates/reana-mail.yaml b/helm/reana/templates/reana-mail.yaml index 032b0298..53c3b2c8 100644 --- a/helm/reana/templates/reana-mail.yaml +++ b/helm/reana/templates/reana-mail.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "reana.prefix" . }}-mail + namespace: {{ .Release.Namespace }} spec: type: "NodePort" ports: @@ -24,6 +25,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "reana.prefix" . }}-mail + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: diff --git a/helm/reana/templates/reana-message-broker.yaml b/helm/reana/templates/reana-message-broker.yaml index 8b40f65f..82c23e70 100644 --- a/helm/reana/templates/reana-message-broker.yaml +++ b/helm/reana/templates/reana-message-broker.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "reana.prefix" . }}-message-broker + namespace: {{ .Release.Namespace }} spec: ports: - port: 5672 @@ -20,6 +21,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "reana.prefix" . }}-message-broker + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: diff --git a/helm/reana/templates/reana-server.yaml b/helm/reana/templates/reana-server.yaml index d143fb68..97170379 100644 --- a/helm/reana/templates/reana-server.yaml +++ b/helm/reana/templates/reana-server.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "reana.prefix" . }}-server + namespace: {{ .Release.Namespace }} spec: type: "NodePort" ports: @@ -17,6 +18,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "reana.prefix" . }}-server + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: diff --git a/helm/reana/templates/reana-shared-persistent-volume.yaml b/helm/reana/templates/reana-shared-persistent-volume.yaml index 857c84f7..1dfc162b 100644 --- a/helm/reana/templates/reana-shared-persistent-volume.yaml +++ b/helm/reana/templates/reana-shared-persistent-volume.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ include "reana.prefix" . }}-shared-persistent-volume + namespace: {{ .Release.Namespace }} spec: accessModes: - {{ .Values.shared_storage.access_modes }} @@ -18,6 +19,7 @@ apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: {{ include "reana.prefix" . }}-shared-volume-storage-class + namespace: {{ .Release.Namespace }} provisioner: {{ .Values.shared_storage.cephfs.provisioner }} parameters: type: {{ .Values.shared_storage.cephfs.type }} diff --git a/helm/reana/templates/reana-ui.yaml b/helm/reana/templates/reana-ui.yaml index 19c0f7c3..16c357de 100644 --- a/helm/reana/templates/reana-ui.yaml +++ b/helm/reana/templates/reana-ui.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "reana.prefix" . }}-ui + namespace: {{ .Release.Namespace }} spec: type: "NodePort" ports: @@ -18,6 +19,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "reana.prefix" . }}-ui + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: diff --git a/helm/reana/templates/reana-wdb.yaml b/helm/reana/templates/reana-wdb.yaml index 4df69b53..3b3712a2 100644 --- a/helm/reana/templates/reana-wdb.yaml +++ b/helm/reana/templates/reana-wdb.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "reana.prefix" . }}-wdb + namespace: {{ .Release.Namespace }} spec: type: "NodePort" ports: @@ -23,6 +24,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "reana.prefix" . }}-wdb + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: diff --git a/helm/reana/templates/reana-workflow-controller.yaml b/helm/reana/templates/reana-workflow-controller.yaml index ad0149ae..1c9dbb95 100644 --- a/helm/reana/templates/reana-workflow-controller.yaml +++ b/helm/reana/templates/reana-workflow-controller.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "reana.prefix" . }}-workflow-controller + namespace: {{ .Release.Namespace }} spec: type: "NodePort" ports: @@ -17,6 +18,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "reana.prefix" . }}-workflow-controller + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: @@ -51,6 +53,8 @@ spec: env: - name: REANA_COMPONENT_PREFIX value: {{ include "reana.prefix" . }} + - name: REANA_KUBERNETES_NAMESPACE + value: {{ .Release.Namespace }} {{- if .Values.naming_scheme }} - name: REANA_COMPONENT_NAMING_SCHEME value: {{ .Values.naming_scheme }} @@ -133,6 +137,8 @@ spec: env: - name: REANA_COMPONENT_PREFIX value: {{ include "reana.prefix" . }} + - name: REANA_KUBERNETES_NAMESPACE + value: {{ .Release.Namespace }} {{- range $key, $value := .Values.db_env_config }} - name: {{ $key }} value: {{ $value | quote }} diff --git a/helm/reana/templates/roles.yaml b/helm/reana/templates/roles.yaml index 879b26ce..b162f7ba 100644 --- a/helm/reana/templates/roles.yaml +++ b/helm/reana/templates/roles.yaml @@ -2,8 +2,8 @@ kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: - namespace: default name: {{ include "reana.prefix" . }}-deployment-manager + namespace: {{ .Release.Namespace }} rules: - apiGroups: [""] # "" indicates the core API group resources: ["nodes", "nodes/status", "pods", "pods/log", "secrets", "persistentvolumeclaims", "configmaps"] @@ -23,6 +23,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ include "reana.prefix" . }}-manage-deployments + namespace: {{ .Release.Namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -30,4 +31,4 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "reana.prefixed_svaccount_name" . }} - namespace: default + namespace: {{ .Release.Namespace }} diff --git a/helm/reana/templates/secrets.yaml b/helm/reana/templates/secrets.yaml index cf9eaafc..ef946ade 100644 --- a/helm/reana/templates/secrets.yaml +++ b/helm/reana/templates/secrets.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "reana.prefix" . }}-db-secrets + namespace: {{ .Release.Namespace }} annotations: "helm.sh/resource-policy": keep type: Opaque @@ -14,6 +15,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "reana.prefix" . }}-cern-sso-secrets + namespace: {{ .Release.Namespace }} annotations: "helm.sh/resource-policy": keep type: Opaque @@ -25,6 +27,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "reana.prefix" . }}-cern-gitlab-secrets + namespace: {{ .Release.Namespace }} annotations: "helm.sh/resource-policy": keep type: Opaque @@ -37,6 +40,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "reana.prefix" . }}-secrets + namespace: {{ .Release.Namespace }} annotations: "helm.sh/resource-policy": keep type: Opaque @@ -48,6 +52,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "reana.prefix" . }}-mail-notification-sender-password + namespace: {{ .Release.Namespace }} annotations: "helm.sh/resource-policy": keep type: Opaque diff --git a/helm/reana/templates/serviceaccount.yaml b/helm/reana/templates/serviceaccount.yaml index 2dc5498e..1245840a 100644 --- a/helm/reana/templates/serviceaccount.yaml +++ b/helm/reana/templates/serviceaccount.yaml @@ -2,4 +2,4 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "reana.prefixed_svaccount_name" . }} - namespace: {{ .Values.serviceAccount.namespace }} + namespace: {{ .Release.Namespace }} diff --git a/helm/reana/templates/uwsgi-config.yaml b/helm/reana/templates/uwsgi-config.yaml index b1a89869..e927632c 100644 --- a/helm/reana/templates/uwsgi-config.yaml +++ b/helm/reana/templates/uwsgi-config.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: uwsgi-config + namespace: {{ .Release.Namespace }} data: uwsgi.ini: | [uwsgi] diff --git a/helm/reana/values.yaml b/helm/reana/values.yaml index 12429978..cede7d77 100644 --- a/helm/reana/values.yaml +++ b/helm/reana/values.yaml @@ -96,7 +96,6 @@ ingress: serviceAccount: create: true name: reana - namespace: default # Traefik's chart values.yaml traefik: @@ -105,10 +104,6 @@ traefik: enabled: true dashboard: enabled: true - kubernetes: - namespaces: - - default - - kube-system serviceType: NodePort service: nodePorts: From 0d5a31dcfcac65215b36616a6b6cd90cc63deace Mon Sep 17 00:00:00 2001 From: Diego Rodriguez Date: Wed, 10 Jun 2020 10:03:28 +0200 Subject: [PATCH 2/2] cli: do not install eggs for non python components --- reana/cli.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/reana/cli.py b/reana/cli.py index 9f4b476e..d465afe1 100644 --- a/reana/cli.py +++ b/reana/cli.py @@ -1869,12 +1869,12 @@ def kubectl_delete_pod(component): # noqa: D301 @cli.command(name="python-install-eggs") def python_install_eggs(): """Create eggs-info/ in all REANA infrastructure and runtime components.""" - python_cluster_components = [c for c in REPO_LIST_CLUSTER if c != "reana-ui"] - for component in python_cluster_components: - for cmd in [ - "python setup.py bdist_egg", - ]: - run_command(cmd, component) + for component in REPO_LIST_CLUSTER: + if is_component_python_package(component): + for cmd in [ + "python setup.py bdist_egg", + ]: + run_command(cmd, component) @cli.command(name="python-unit-tests")