Skip to content

Commit

Permalink
Improved Kuadrant installation via Olm and kustomize (#1075)
Browse files Browse the repository at this point in the history
* add simple installation

Signed-off-by: craig <[email protected]>

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

more detailed installation guide and examples

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

* add default limitador and authorino resources

Signed-off-by: craig <[email protected]>

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

* standard authorino

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

* add ns

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

* install

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

* add authorino and limitador patches

Signed-off-by: craig <[email protected]>

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

* final version

Signed-off-by: craig <[email protected]>

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

* update full example dir

Signed-off-by: craig <[email protected]>

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

* Update config/install/README.md

Co-authored-by: David Martin <[email protected]>

* Update config/install/README.md

Co-authored-by: David Martin <[email protected]>

* Update config/install/README.md

Co-authored-by: David Martin <[email protected]>

* Update config/install/README.md

Co-authored-by: David Martin <[email protected]>

* add new installation guide covering resilient deployment

Signed-off-by: craig <[email protected]>

rh-pre-commit.version: 2.2.0
rh-pre-commit.check-secrets: ENABLED

---------

Co-authored-by: David Martin <[email protected]>
  • Loading branch information
maleck13 and david-martin authored Dec 20, 2024
1 parent ad4a4a8 commit a4876c5
Show file tree
Hide file tree
Showing 17 changed files with 713 additions and 63 deletions.
572 changes: 535 additions & 37 deletions config/install/README.md

Large diffs are not rendered by default.

5 changes: 3 additions & 2 deletions config/install/configure/aws/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ kind: Kustomization
# You can start by copying `aws-credentials.env.sample` and customising it as needed.

resources:
- ../standard
- https://github.com/Kuadrant/kuadrant-operator//config/install/standard
# - https://github.com/Kuadrant/kuadrant-operator//config/install/openshift # use this one if installing on OCP
- cluster-issuer.yaml

generatorOptions:
Expand All @@ -18,7 +19,7 @@ secretGenerator:
- name: aws-provider-credentials
namespace: cert-manager
envs:
- aws-credentials.env
- aws-credentials.env # you will need to setup this file locally
type: 'kuadrant.io/aws'
- name: aws-provider-credentials
namespace: gateway-system
Expand Down
9 changes: 0 additions & 9 deletions config/install/configure/kitchen-sink/kustomization.yaml

This file was deleted.

2 changes: 1 addition & 1 deletion config/install/configure/redis-storage/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,4 @@ secretGenerator:
namespace: kuadrant-system
envs:
- redis-credentials.env
type: 'kuadrant.io/aws'
type: 'kuadrant.io/redis'
17 changes: 17 additions & 0 deletions config/install/configure/standard/authorino.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: operator.authorino.kuadrant.io/v1beta1
kind: Authorino
metadata:
name: authorino
namespace: kuadrant-system
spec:
clusterWide: true
listener:
tls:
enabled: false
oidcServer:
tls:
enabled: false
supersedingHostSubsets: true
tracing:
endpoint: ''
replicas: 1
2 changes: 2 additions & 0 deletions config/install/configure/standard/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- limitador.yaml
- authorino.yaml
- sail.yaml
- kuadrant.yaml
6 changes: 6 additions & 0 deletions config/install/configure/standard/limitador.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
apiVersion: limitador.kuadrant.io/v1alpha1
kind: Limitador
metadata:
name: limitador
namespace: kuadrant-system
spec: {}
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# If using this you will need to rename the file and remove the .sample suffix and remove this comment

KUADRANT_AWS_ACCESS_KEY_ID=xxx
KUADRANT_AWS_SECRET_ACCESS_KEY=xxx
KUADRANT_AWS_REGION=eu-west-1
19 changes: 19 additions & 0 deletions config/install/full-example-aws/configure/cluster-issuer.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: lets-encrypt-aws
spec:
acme:
privateKeySecretRef:
name: le-secret
server: https://acme-v02.api.letsencrypt.org/directory
solvers:
- dns01:
route53:
accessKeyIDSecretRef:
key: AWS_ACCESS_KEY_ID
name: aws-provider-credentials #notice this matches the name of the secret we created.
region: us-east-1 #override if needed
secretAccessKeySecretRef:
key: AWS_SECRET_ACCESS_KEY
name: aws-provider-credentials
56 changes: 56 additions & 0 deletions config/install/full-example-aws/configure/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- https://github.com/Kuadrant/kuadrant-operator//config/install/configure/standard?ref=v1.0.1 #change this version as needed (see https://github.com/Kuadrant/kuadrant-operator/releases)
- cluster-issuer.yaml #(comment if you dont want to use it. The issuer yaml is defined below).

generatorOptions:
disableNameSuffixHash: true
labels:
app.kubernetes.io/part-of: kuadrant
app.kubernetes.io/managed-by: kustomize

secretGenerator:
- name: aws-provider-credentials
namespace: cert-manager # assumes cert-manager namespace exists.
envs:
- aws-credentials.env # notice this matches the .env file above. You will need to setup this file locally
type: 'kuadrant.io/aws'
- name: aws-provider-credentials
namespace: gateway-system # this is the namespace where your gateway will be provisioned
envs:
- aws-credentials.env #notice this matches the .env file above. you need to set up this file locally first.
type: 'kuadrant.io/aws'
- name: redis-credentials
namespace: kuadrant-system
envs:
- redis-credentials.env
type: 'kuadrant.io/redis'

patches:
- patch: |-
apiVersion: limitador.kuadrant.io/v1alpha1
kind: Limitador
metadata:
name: limitador
namespace: kuadrant-system
spec:
pdb:
maxUnavailable: 1
replicas: 2
resourceRequirements:
requests:
cpu: 10m
memory: 10Mi # set these based on your own needs.
storage:
redis:
configSecretRef:
name: redis-credentials
- patch: |-
apiVersion: operator.authorino.kuadrant.io/v1beta1
kind: Authorino
metadata:
name: authorino
namespace: kuadrant-system
spec:
replicas: 2
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
spec:
template:
spec:
containers:
- name: authorino
resources:
requests:
cpu: 10m # set your own needed limits here
memory: 10Mi # set your own needed limits here
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
authorino-resource: authorino
- maxSkew: 1
topologyKey: kubernetes.io/zone
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
authorino-resource: authorino
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
spec:
template:
spec:
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
limitador-resource: limitador
- maxSkew: 1
topologyKey: kubernetes.io/zone
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
limitador-resource: limitador
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# If using this you will need to rename the file and remove the .sample suffix and remove this comment

URL=redis://xxxx
17 changes: 17 additions & 0 deletions config/install/full-example-aws/install/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- https://github.com/Kuadrant/kuadrant-operator//config/install/standard?ref=v1.0.1 #change this version as needed (see https://github.com/Kuadrant/kuadrant-operator/releases)
#- https://github.com/Kuadrant/kuadrant-operator//config/install/openshift?ref=v1.0.1 #use if targeting an OCP cluster. Change this version as needed (see https://github.com/Kuadrant/kuadrant-operator/releases).

patches: # remove the subscription patch if you are installing a development version. It will then use the "preview" channel
- patch: |-
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: kuadrant
spec:
source: kuadrant-operator-catalog
sourceNamespace: kuadrant-system
name: kuadrant-operator
channel: 'stable' #set to preview if not using a release (for example if using main)
9 changes: 9 additions & 0 deletions config/install/no-gateway-provider/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

# note by default this will install the version of kuadrant you checkout from v1 onwards
# if you want to install a different released version you can use the patch options below.
# If you want to install the latest development tag, remove the subscription patch
resources:
- https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml
- ../../deploy/olm
6 changes: 0 additions & 6 deletions config/install/standard/kuadrant-version.yaml

This file was deleted.

10 changes: 2 additions & 8 deletions config/install/standard/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,9 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

# note by default this will install the version of kuadrant you checkout from v1 onwards
# if you want to install a different version you can use the patch option below
# if you want to install a different released version you can use the patch options below.
# If you want to install the latest development tag, remove the subscription patch
resources:
- https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml
- sail-operator.yaml
- ../../deploy/olm
# patches:
# - target:
# group: operators.coreos.com
# version: v1alpha1
# kind: CatalogSource
# name: kuadrant-operator-catalog
# path: kuadrant-version.yaml

0 comments on commit a4876c5

Please sign in to comment.