-
Notifications
You must be signed in to change notification settings - Fork 33
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Improved Kuadrant installation via Olm and kustomize (#1075)
* add simple installation Signed-off-by: craig <[email protected]> rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED more detailed installation guide and examples rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED * add default limitador and authorino resources Signed-off-by: craig <[email protected]> rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED * standard authorino rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED * add ns rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED * install rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED * add authorino and limitador patches Signed-off-by: craig <[email protected]> rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED * final version Signed-off-by: craig <[email protected]> rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED * update full example dir Signed-off-by: craig <[email protected]> rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED * Update config/install/README.md Co-authored-by: David Martin <[email protected]> * Update config/install/README.md Co-authored-by: David Martin <[email protected]> * Update config/install/README.md Co-authored-by: David Martin <[email protected]> * Update config/install/README.md Co-authored-by: David Martin <[email protected]> * add new installation guide covering resilient deployment Signed-off-by: craig <[email protected]> rh-pre-commit.version: 2.2.0 rh-pre-commit.check-secrets: ENABLED --------- Co-authored-by: David Martin <[email protected]>
- Loading branch information
1 parent
ad4a4a8
commit a4876c5
Showing
17 changed files
with
713 additions
and
63 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
apiVersion: operator.authorino.kuadrant.io/v1beta1 | ||
kind: Authorino | ||
metadata: | ||
name: authorino | ||
namespace: kuadrant-system | ||
spec: | ||
clusterWide: true | ||
listener: | ||
tls: | ||
enabled: false | ||
oidcServer: | ||
tls: | ||
enabled: false | ||
supersedingHostSubsets: true | ||
tracing: | ||
endpoint: '' | ||
replicas: 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,7 @@ | ||
apiVersion: kustomize.config.k8s.io/v1beta1 | ||
kind: Kustomization | ||
resources: | ||
- limitador.yaml | ||
- authorino.yaml | ||
- sail.yaml | ||
- kuadrant.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
apiVersion: limitador.kuadrant.io/v1alpha1 | ||
kind: Limitador | ||
metadata: | ||
name: limitador | ||
namespace: kuadrant-system | ||
spec: {} |
5 changes: 5 additions & 0 deletions
5
config/install/full-example-aws/configure/aws-credentials.env.sample
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
# If using this you will need to rename the file and remove the .sample suffix and remove this comment | ||
|
||
KUADRANT_AWS_ACCESS_KEY_ID=xxx | ||
KUADRANT_AWS_SECRET_ACCESS_KEY=xxx | ||
KUADRANT_AWS_REGION=eu-west-1 |
19 changes: 19 additions & 0 deletions
19
config/install/full-example-aws/configure/cluster-issuer.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
apiVersion: cert-manager.io/v1 | ||
kind: ClusterIssuer | ||
metadata: | ||
name: lets-encrypt-aws | ||
spec: | ||
acme: | ||
privateKeySecretRef: | ||
name: le-secret | ||
server: https://acme-v02.api.letsencrypt.org/directory | ||
solvers: | ||
- dns01: | ||
route53: | ||
accessKeyIDSecretRef: | ||
key: AWS_ACCESS_KEY_ID | ||
name: aws-provider-credentials #notice this matches the name of the secret we created. | ||
region: us-east-1 #override if needed | ||
secretAccessKeySecretRef: | ||
key: AWS_SECRET_ACCESS_KEY | ||
name: aws-provider-credentials |
56 changes: 56 additions & 0 deletions
56
config/install/full-example-aws/configure/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
apiVersion: kustomize.config.k8s.io/v1beta1 | ||
kind: Kustomization | ||
resources: | ||
- https://github.com/Kuadrant/kuadrant-operator//config/install/configure/standard?ref=v1.0.1 #change this version as needed (see https://github.com/Kuadrant/kuadrant-operator/releases) | ||
- cluster-issuer.yaml #(comment if you dont want to use it. The issuer yaml is defined below). | ||
|
||
generatorOptions: | ||
disableNameSuffixHash: true | ||
labels: | ||
app.kubernetes.io/part-of: kuadrant | ||
app.kubernetes.io/managed-by: kustomize | ||
|
||
secretGenerator: | ||
- name: aws-provider-credentials | ||
namespace: cert-manager # assumes cert-manager namespace exists. | ||
envs: | ||
- aws-credentials.env # notice this matches the .env file above. You will need to setup this file locally | ||
type: 'kuadrant.io/aws' | ||
- name: aws-provider-credentials | ||
namespace: gateway-system # this is the namespace where your gateway will be provisioned | ||
envs: | ||
- aws-credentials.env #notice this matches the .env file above. you need to set up this file locally first. | ||
type: 'kuadrant.io/aws' | ||
- name: redis-credentials | ||
namespace: kuadrant-system | ||
envs: | ||
- redis-credentials.env | ||
type: 'kuadrant.io/redis' | ||
|
||
patches: | ||
- patch: |- | ||
apiVersion: limitador.kuadrant.io/v1alpha1 | ||
kind: Limitador | ||
metadata: | ||
name: limitador | ||
namespace: kuadrant-system | ||
spec: | ||
pdb: | ||
maxUnavailable: 1 | ||
replicas: 2 | ||
resourceRequirements: | ||
requests: | ||
cpu: 10m | ||
memory: 10Mi # set these based on your own needs. | ||
storage: | ||
redis: | ||
configSecretRef: | ||
name: redis-credentials | ||
- patch: |- | ||
apiVersion: operator.authorino.kuadrant.io/v1beta1 | ||
kind: Authorino | ||
metadata: | ||
name: authorino | ||
namespace: kuadrant-system | ||
spec: | ||
replicas: 2 |
22 changes: 22 additions & 0 deletions
22
config/install/full-example-aws/configure/patches/authorino-topoloy-patch.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
spec: | ||
template: | ||
spec: | ||
containers: | ||
- name: authorino | ||
resources: | ||
requests: | ||
cpu: 10m # set your own needed limits here | ||
memory: 10Mi # set your own needed limits here | ||
topologySpreadConstraints: | ||
- maxSkew: 1 | ||
topologyKey: kubernetes.io/hostname | ||
whenUnsatisfiable: ScheduleAnyway | ||
labelSelector: | ||
matchLabels: | ||
authorino-resource: authorino | ||
- maxSkew: 1 | ||
topologyKey: kubernetes.io/zone | ||
whenUnsatisfiable: ScheduleAnyway | ||
labelSelector: | ||
matchLabels: | ||
authorino-resource: authorino |
16 changes: 16 additions & 0 deletions
16
config/install/full-example-aws/configure/patches/limitador-topology-patch.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
spec: | ||
template: | ||
spec: | ||
topologySpreadConstraints: | ||
- maxSkew: 1 | ||
topologyKey: kubernetes.io/hostname | ||
whenUnsatisfiable: ScheduleAnyway | ||
labelSelector: | ||
matchLabels: | ||
limitador-resource: limitador | ||
- maxSkew: 1 | ||
topologyKey: kubernetes.io/zone | ||
whenUnsatisfiable: ScheduleAnyway | ||
labelSelector: | ||
matchLabels: | ||
limitador-resource: limitador |
3 changes: 3 additions & 0 deletions
3
config/install/full-example-aws/configure/redis-credentials.env.sample
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# If using this you will need to rename the file and remove the .sample suffix and remove this comment | ||
|
||
URL=redis://xxxx |
17 changes: 17 additions & 0 deletions
17
config/install/full-example-aws/install/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
apiVersion: kustomize.config.k8s.io/v1beta1 | ||
kind: Kustomization | ||
resources: | ||
- https://github.com/Kuadrant/kuadrant-operator//config/install/standard?ref=v1.0.1 #change this version as needed (see https://github.com/Kuadrant/kuadrant-operator/releases) | ||
#- https://github.com/Kuadrant/kuadrant-operator//config/install/openshift?ref=v1.0.1 #use if targeting an OCP cluster. Change this version as needed (see https://github.com/Kuadrant/kuadrant-operator/releases). | ||
|
||
patches: # remove the subscription patch if you are installing a development version. It will then use the "preview" channel | ||
- patch: |- | ||
apiVersion: operators.coreos.com/v1alpha1 | ||
kind: Subscription | ||
metadata: | ||
name: kuadrant | ||
spec: | ||
source: kuadrant-operator-catalog | ||
sourceNamespace: kuadrant-system | ||
name: kuadrant-operator | ||
channel: 'stable' #set to preview if not using a release (for example if using main) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
apiVersion: kustomize.config.k8s.io/v1beta1 | ||
kind: Kustomization | ||
|
||
# note by default this will install the version of kuadrant you checkout from v1 onwards | ||
# if you want to install a different released version you can use the patch options below. | ||
# If you want to install the latest development tag, remove the subscription patch | ||
resources: | ||
- https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.1.0/standard-install.yaml | ||
- ../../deploy/olm |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters