Skip to content

Commit

Permalink
Refactored OLM files to use bundle format
Browse files Browse the repository at this point in the history 
Added bundle files from Red Hat
Updated packaging documentation
  • Loading branch information
@bradfordcp
bradfordcp committed Oct 26, 2020
1 parent a757549 commit ab726d7
Show file tree
Hide file tree
Showing 34 changed files with 23,076 additions and 12 deletions.
5 changes: 5 additions & 0 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ jobs:
AWS_ACCESS_KEY_ID: ${{ secrets.ECR_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.ECR_SECRET }}
run: aws ecr get-login-password --region us-east-1 | skopeo login -u AWS --password-stdin ${ECR_REPO}
- name: Login Skopeo Red Hat
env:
REDHAT_REPO: ${{ secrets.REDHAT_REPO }}
REDHAT_SECRET: ${{ secrets.REDHAT_SECRET }}
run: docker login -u unused --password "$REDHAT_SECRET" $REDHAT_REPO
- name: Publish to Dockerhub
env:
ECR_REPO: ${{ secrets.ECR_REPO }}
Expand Down
106 changes: 106 additions & 0 deletions docs/developer/csv-description.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
## Apache Cassandra

The Apache Cassandra database is the right choice when you need scalability and
high availability without compromising performance. Linear scalability and
proven fault-tolerance on commodity hardware or cloud infrastructure make it the
perfect platform for mission-critical data. Cassandra's support for replicating
across multiple datacenters is best-in-class, providing lower latency for your
users and the peace of mind of knowing that you can survive regional outages.

## DataStax Enterprise

The most advanced distribution of Apache Cassandra™ on the market, with the
enterprise functionality needed for serious production systems and backed up and
supported by the best distributed-experts in the world. It's one platform for
all types of applications anywhere, any cloud, any model: key-value, graph,
tabular, JSON.

DataStax Enterprise is a fully integrated and optimized database, with graph,
analytics, and search included, all with a unified security model. Simply put,
it's the only database capable of meeting today's demanding requirements

## Operator Details

`cass-operator` is designed as a modular operator for Apache Cassandra and
derived distributions. Apache Cassandra is a distributed database consisting of
multiple nodes working in concert to store data and process queries along a
number of fault domains. `cass-operator` has the deployment of a Cassandra
cluster around the logical domain of a datacenter with the `CassandraDatacenter`
custom resource. Upon submission of one of these resources it handles
provisioning the underlying stateful sets (analogous to C\* logical racks),
services, and configuration. Additionally through monitoring pod state via
Kubernetes callbacks it handles day to day operations such as restarting failed
processes, scaling clusters up, and deploying configuration changes in a
rolling, non-disruptive, fashion. This operator is designed to be `Namespace`
scoped. A single Kubernetes cluster may be running multiple instances of this
operator, in separate namespaces, to support a number of C\* clusters and
environments. Configuration is simple with the usage of YAML based overrides in
the Custom Resource paired with an `init` container. In C\* clusters ordering and
timing of certain operations are important to keep the system evenly
distributed. `cass-operator` takes advantage of a sidecar process within the
main container to handle the orchestration of starting our main C* process.

## Pre-requisites

### WebHook Secret

This secret is intentionally left blank and will be filled in as the operator is
brought is started and certificates are generated.

```yaml
apiVersion: v1
data:
tls.crt: ""
tls.key: ""
kind: Secret
metadata:
name: cass-operator-webhook-config
```
### WebHook Configuration
Note the namespace _must_ be updated in the configuration below.
```yaml
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
name: "cassandradatacenter-webhook-registration"
webhooks:
- name: "cassandradatacenter-webhook.cassandra.datastax.com"
rules:
- apiGroups: ["cassandra.datastax.com"]
apiVersions: ["v1beta1"]
operations: ["CREATE", "UPDATE", "DELETE"]
resources: ["cassandradatacenters"]
scope: "*"
clientConfig:
service:
name: "cassandradatacenter-webhook-service"
namespace: "cass-operator"
path: /validate-cassandra-datastax-com-v1beta1-cassandradatacenter
admissionReviewVersions: ["v1beta1"]
failurePolicy: "Ignore"
matchPolicy: "Equivalent"
sideEffects: None
timeoutSeconds: 10
```
### WebHook Service
Note the namespace _must_ be updated in the configuration below.
```yaml
apiVersion: v1
kind: Service
metadata:
name: cassandradatacenter-webhook-service
labels:
name: cass-operator-webhook
spec:
ports:
- port: 443
targetPort: 8443
selector:
name: cass-operator
```
10 changes: 10 additions & 0 deletions docs/developer/olm/catalogsource.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
name: local
namespace: olm
spec:
displayName: Local Catalog
publisher: Developer
sourceType: grpc
image: bradfordcp/catalog-index:latest
8 changes: 8 additions & 0 deletions docs/developer/olm/operatorgroup.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
apiVersion: operators.coreos.com/v1alpha2
kind: OperatorGroup
metadata:
name: group
namespace: test-operator
spec:
targetNamespaces:
- test-operator
52 changes: 52 additions & 0 deletions docs/developer/olm/prereqs.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
---
apiVersion: v1
data:
tls.crt: ""
tls.key: ""
kind: Secret
metadata:
name: cass-operator-webhook-config
namespace: test-operator
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
name: cassandradatacenter-webhook-registration
webhooks:
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: cassandradatacenter-webhook-service
namespace: test-operator
path: /validate-cassandra-datastax-com-v1beta1-cassandradatacenter
failurePolicy: Ignore
matchPolicy: Equivalent
name: cassandradatacenter-webhook.cassandra.datastax.com
rules:
- apiGroups:
- cassandra.datastax.com
apiVersions:
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- cassandradatacenters
scope: '*'
sideEffects: None
timeoutSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
labels:
name: cass-operator-webhook
name: cassandradatacenter-webhook-service
namespace: test-operator
spec:
ports:
- port: 443
targetPort: 8443
selector:
name: cass-operator
10 changes: 10 additions & 0 deletions docs/developer/olm/subscription.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: cass-operator-subscription
namespace: test-operator
spec:
channel: stable
name: cass-operator
source: local
sourceNamespace: olm
135 changes: 135 additions & 0 deletions docs/developer/packaging.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,135 @@
# Packaging for Operator Hub / Red Hat

## Tools
* `opm`
1. Checkout a copy of [operator-framework/operator-registry](https://github.com/operator-framework/operator-registry)
2. Build with `make build`
3. Binary resides at `bin/opm`
* `k3d`

### Setup Test Cluster

Spin up local cluster for testing and install OLM

```console
k3d cluster create
kubectl create namespace test-operator
operator-sdk olm install

# Optional
kubectl delete catalogsource operatorhubio-catalog -n olm
```

### Unsupported Resource Types
The following types may not be included in the operator bundle

1. Namespace
2. Secret
3. ValidatingWebhookConfiguration
4. Service

## Common Issues
* `runAsUser` set to `999` in the deployment - OpenShift prefers to set a randomly assigned user at container start time. If this field is not left empty the user field must be set extremely high. 999 is too low.
* Prerequisite custom resources have not been included in the appropriate section of the operator metadata testing page
* The package has not been marked as published in the Red Hat repo.

# Upgrade Workflow

_Note see Red Hat's [Gitbook](https://redhat-connect.gitbook.io/partner-guide-for-red-hat-openshift-and-container/certify-your-operator/upgrading-your-operator)_

1. Copy an existing version as the base

```console
OLD_VERSION=1.4.0
NEW_VERSION=1.4.1
cd operator/bundle
cp -r $OLD_VERSION $NEW_VERSION
cp bundle-$OLD_VERSION.Dockerfile bundle-$NEW_VERSION.Dockerfile
```
2. Rename files with version numbers
```console
mv $NEW_VERSION/manifests/cass-operator.v$OLD_VERSION.clusterserviceversion.yaml $NEW_VERSION/manifests/cass-operator.v$NEW_VERSION.clusterserviceversion.yaml
```

3. Update version numbers in ClusterServiceVersion files
```console
sed s/"$OLD_VERSION"/$NEW_VERSION/g $NEW_VERSION/cass-operator.v$NEW_VERSION.clusterserviceversion.yaml
sed s/"$OLD_VERSION"/$NEW_VERSION/g bundle-$NEW_VERSION.Dockerfile
```

4. Copy in updated CRD

```console
cp ../deploy/crds/* $NEW_VERSION/manifests/
```

5. Compare the old and new CRDs for differences and update `$NEW_VERSION/manifests/cass-operator.v$NEW_VERSION.lusterserviceversion.yaml`
1. Update `metadata.annotations.containerImage` version
2. Update `metadata.annotations.createdAt` datestamp
3. Update `metadata.annotations.name` field
4. Update `spec.install.spec.deployments[0].template.spec.containers[0].image` version
5. Update `spec.customresourcedefinitions.owned[0].specDescriptors` to include any new spec fields. See [Descriptor](https://github.com/openshift/console/blob/master/frontend/packages/operator-lifecycle-manager/src/components/descriptors/reference/reference.md) [Documentation](https://github.com/openshift/console/tree/release-4.3/frontend/packages/operator-lifecycle-manager/src/components/descriptors).
6. Update `spec.customresourcedefinitions.owned[0].statusDescriptors` to include any new status fields
7. Update `spec.replaces` to replace previous version
8. Update `spec.version` with new version value
6. Build bundle container and push to staging repo
```console
docker build -t bradfordcp/cass-operator-bundle:$NEW_VERSION -f bundle-$NEW_VERSION.Dockerfile .
docker push bradfordcp/cass-operator-bundle:NEW_VERSION
```
7. Build local catalog index for testing
```console
opm index add --bundles bradfordcp/cass-operator-bundle:$NEW_VERSION --tag bradfordcp/catalog-index:latest -u docker
docker push bradfordcp/catalog-index:latest
```
8. Add index as a [`CatalogSource`](olm/catalogsource.yaml) in k8s

```console
kubectl apply -f docs/developer/olm/catalogsource.yaml
```
9. Verify packagemanifests are being pulled from index
```console
kubectl describe packagemanifests cass-operator -n olm
```
10. Create an [`OperatorGroup`](olm/operatorgroup.yaml) to tell cass-operator where to watch for CassDC instances

```console
kubectl apply -f docs/developer/olm/operatorgroup.yaml
```
11. Install prereqs that OLM doesn't handle
```console
kubectl apply -f docs/developer/olm/prereqs.yaml
```
12. Install cass-operator with OLM via a [`Subscription`](olm/subscription.yaml)

```console
kubectl apply -f docs/developer/olm/cass-operator.subscription.yaml
```
13. Check the `InstallPlan` to see the operator successfully installed

```console
kubectl describe installplan -n test-operator | less
```

If there is a failure, fix the issue locally, remove the `Subscription` and `CatalogSource`. Goto step 6 and repackage everything.
14. Check the operator is running

```console
kubectl get pods -n test-operator
```
14. Provision a sample cassdc in the default namespace
15. Push to Red Hat
```console
docker tag bradfordcp/cass-operator-bundle:$NEW_VERSION $REDHAT_REGISTRY/cass-operator-bundle:$NEW_VERSION
docker push $REDHAT_REGISTRY/cass-operator-bundle:$NEW_VERSION
```
16. Red Hat automatically runs certification tests on push. These take 1-2 hours
17. Login to the Red Hat project and verify certification results. Repeat steps 5-7 until certification passes
18. Publish certified bundle
52 changes: 52 additions & 0 deletions operator/.osdk-scorecard.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
# Note the structure below is intentional to avoid unnecessary warnings
scorecard:
bundle: deploy/olm-catalog/cass-operator
plugins:
# Basic CR Tests
- basic:
cr-manifest:
- "example-cassdc-yaml/cassandra-3.11.6/example-cassdc-scorecard.yaml"
# - basic:
# cr-manifest:
# - "example-cassdc-yaml/dse-6.8.x/example-cassdc-scorecard.yaml"

# # v1.0.0
# - olm:
# cr-manifest:
# - "example-cassdc-yaml/cassandra-3.11.6/example-cassdc-scorecard.yaml"
# csv-path: "deploy/olm-catalog/cass-operator/1.0.0/cass-operator.v1.0.0.clusterserviceversion.yaml"
# - olm:
# cr-manifest:
# - "example-cassdc-yaml/dse-6.8.x/example-cassdc-scorecard.yaml"
# csv-path: "deploy/olm-catalog/cass-operator/1.0.0/cass-operator.v1.0.0.clusterserviceversion.yaml"

# # v1.1.0
# - olm:
# cr-manifest:
# - "example-cassdc-yaml/cassandra-3.11.6/example-cassdc-scorecard.yaml"
# csv-path: "deploy/olm-catalog/cass-operator/1.1.0/cass-operator.v1.1.0.clusterserviceversion.yaml"
# - olm:
# cr-manifest:
# - "example-cassdc-yaml/dse-6.8.x/example-cassdc-scorecard.yaml"
# csv-path: "deploy/olm-catalog/cass-operator/1.1.0/cass-operator.v1.1.0.clusterserviceversion.yaml"

# v1.2.0
# - olm:
# cr-manifest:
# - "example-cassdc-yaml/cassandra-3.11.6/example-cassdc-scorecard.yaml"
# csv-path: "deploy/olm-catalog/cass-operator/1.2.0/cass-operator.v1.2.0.clusterserviceversion.yaml"
# - olm:
# cr-manifest:
# - "example-cassdc-yaml/dse-6.8.x/example-cassdc-scorecard.yaml"
# csv-path: "deploy/olm-catalog/cass-operator/1.2.0/cass-operator.v1.2.0.clusterserviceversion.yaml"

# v1.3.0
# - olm:
# cr-manifest:
# - "example-cassdc-yaml/cassandra-3.11.6/example-cassdc-scorecard.yaml"
# csv-path: "deploy/olm-catalog/cass-operator/1.3.0/cass-operator.v1.3.0.clusterserviceversion.yaml"
# - olm:
# cr-manifest:
# - "example-cassdc-yaml/dse-6.8.x/example-cassdc-scorecard.yaml"
# csv-path: "deploy/olm-catalog/cass-operator/1.3.0/cass-operator.v1.3.0.clusterserviceversion.yaml"

Loading

0 comments on commit ab726d7

Please sign in to comment.