Skip to content
This repository was archived by the owner on Dec 3, 2024. It is now read-only.

Refactor Kustomize deployment #26

Merged
merged 6 commits into from
Dec 17, 2020
Merged

Refactor Kustomize deployment #26

merged 6 commits into from
Dec 17, 2020

Conversation

NicolasT
Copy link
Contributor

First stab at some of the changes suggested in container-object-storage-interface/cosi-controller-manager#9:

  • Add some standard labels to all deployed object
  • Split out a base layer and a fullstack layer on top of it
  • Don't force IfNotPresent imagePullPolicy which one potentially doesn't want for latest images (we could patch this in a dev layer?)
  • Don't override image names with the image that's already hard-coded in the basic manifest

See: #23
See: #21
See: #11

@NicolasT
Move kustomization.yaml into its layer, deploy/base
7f1fc71
@NicolasT
deploy: don't override images
2a599bb 
The images names/tags are properly encoded in the base manifests, no
need to override them through a Kustomization.
@NicolasT
deploy: don't use IfNotPresent imagePullPolicy for latest images
912611a
@NicolasT
deploy: create fullstack Kustomize layer
b5e4dc3 
This deploys the controller (base layer) as well as the provisioner. End
result remains the same.
@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Dec 17, 2020
@k8s-ci-robot
Copy link
Contributor

Welcome @NicolasT!

It looks like this is your first PR to kubernetes-sigs/container-object-storage-interface-controller 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/container-object-storage-interface-controller has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

@k8s-ci-robot
Copy link
Contributor

Hi @NicolasT. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Dec 17, 2020
@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Dec 17, 2020
@NicolasT
Copy link
Contributor Author

Looks like I can't add this PR to a specific (GitHub) Milestone or Project myself, so this won't show up in the project planning boards for now.

@NicolasT
Copy link
Contributor Author

The original deployment manifests use two namespaces to deploy the stack, one for the controller (objectstorage-system), one for the provisioner (objectstorage-provisioner-ns). Is this a separation we want to keep? I get how in production clusters one may want to run them in separate namespaces, though for the fullstack layer, which includes the controller as well as the sample-provisioner, I'd suggest to keep things together.

@NicolasT
Copy link
Contributor Author

NicolasT commented Dec 17, 2020
edited
Loading

For reference, here's a diff between a rendering of the manifest as found in the master branch at this point in time, and the deploy/fullstack layer as introduced by this PR:

--- master      2020-12-17 18:34:13.137046719 +0000                                                                                                                                                                                                                                                                           
+++ refactor-kustomize-deployment       2020-12-17 18:34:25.455373200 +0000                                                                                                                                                                                                                                                   
@@ -1,6 +1,11 @@                                                                                                                                                                                                                                                                                                              
 apiVersion: v1                                                                                                                                                                                                                                                                                                               
 kind: Namespace                                                                                                                                                                                                                                                                                                              
 metadata:                                                                                                                                                                                                                                                                                                                    
+  name: objectstorage-provisioner-ns                                                                                                                                                                                                                                                                                         
+---                                                                                                                                                                                                                                                                                                                          
+apiVersion: v1                                                                                                                                                                                                                                                                                                               
+kind: Namespace                                                                                                                                                                                                                                                                                                              
+metadata:                                                                                                                                                                                                                                                                                                                    
   name: objectstorage-system                                                                                                                                                                                                                                                                                                 
 ---                                                                                                                                                                                                                                                                                                                          
 apiVersion: apiextensions.k8s.io/v1                                                                                                                                                                                                                                                                                          
@@ -554,12 +559,22 @@                                                                                                                                                                                                                                                                                                         
 apiVersion: v1                                                                                                                                                                                                                                                                                                               
 kind: ServiceAccount                                                                                                                                                                                                                                                                                                         
 metadata:                                                                                                                                                                                                                                                                                                                    
+  labels:                                                                                                                                                                                                                                                                                                                    
+    app.kubernetes.io/component: controller                                                                                                                                                                                                                                                                                  
+    app.kubernetes.io/name: container-object-storage-interface-controller                                                                                                                                                                                                                                                    
+    app.kubernetes.io/part-of: container-object-storage-interface                                                                                                                                                                                                                                                            
+    app.kubernetes.io/version: main                                                                                                                                                                                                                                                                                          
   name: objectstorage-controller-sa                                                                                                                                                                                                                                                                                          
   namespace: objectstorage-system                                                                                                                                                                                                                                                                                            
 ---                                                                                                                                                                                                                                                                                                                          
 apiVersion: rbac.authorization.k8s.io/v1                                                                                                                                                                                                                                                                                     
 kind: Role                                                                                                                                                                                                                                                                                                                   
 metadata:                                                                                                                                                                                                                                                                                                                    
+  labels:                                                                                                                                                                                                                                                                                                                    
+    app.kubernetes.io/component: controller                                                                                                                                                                                                                                                                                  
+    app.kubernetes.io/name: container-object-storage-interface-controller                                                                                                                                                                                                                                                    
+    app.kubernetes.io/part-of: container-object-storage-interface                                                                                                                                                                                                                                                            
+    app.kubernetes.io/version: main                                                                                                                                                                                                                                                                                          
   name: objectstorage-controller                                                                                                                                                                                                                                                                                             
   namespace: objectstorage-system                                                                                                                                                                                                                                                                                            
 rules:
@@ -578,6 +593,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: container-object-storage-interface-controller
+    app.kubernetes.io/part-of: container-object-storage-interface
+    app.kubernetes.io/version: main
   name: objectstorage-controller-role
 rules:
 - apiGroups:
@@ -623,6 +643,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: container-object-storage-interface-controller
+    app.kubernetes.io/part-of: container-object-storage-interface
+    app.kubernetes.io/version: main
   name: objectstorage-controller
   namespace: objectstorage-system
 roleRef:
@@ -637,6 +662,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: container-object-storage-interface-controller
+    app.kubernetes.io/part-of: container-object-storage-interface
+    app.kubernetes.io/version: main
   name: system:objectstorage-controller
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -703,13 +733,20 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: container-object-storage-interface-controller
+    app.kubernetes.io/part-of: container-object-storage-interface
+    app.kubernetes.io/version: main
   name: objectstorage-controller
   namespace: objectstorage-system
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: objectstorage-controller
+      app.kubernetes.io/component: controller
+      app.kubernetes.io/name: container-object-storage-interface-controller
+      app.kubernetes.io/part-of: container-object-storage-interface
   strategy:
     rollingUpdate:
       maxSurge: 1
@@ -717,10 +754,12 @@
   template:
     metadata:
       labels:
-        app: objectstorage-controller
+        app.kubernetes.io/component: controller
+        app.kubernetes.io/name: container-object-storage-interface-controller
+        app.kubernetes.io/part-of: container-object-storage-interface
+        app.kubernetes.io/version: main
     spec:
       containers:
       - image: quay.io/containerobjectstorage/objectstorage-controller:latest
-        imagePullPolicy: IfNotPresent
         name: objectstorage-controller
       serviceAccountName: objectstorage-controller-sa

@NicolasT
deploy: add some common labels to all objects
e8242ea 
Closes: kubernetes-retired#23
See: https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/#labels
@NicolasT
deploy: restore namespace handling in fullstack overlay
6d19b49 
This patch removes hard-coded namespaces from the `base` layer, then
creates the `objectstorage-system` and `objectstorage-provisioner-ns`
Namespaces in the `fullstack` overlay, and uses them accordingly.

Closes: kubernetes-retired#22
@NicolasT NicolasT mentioned this pull request Dec 17, 2020
Closed
@tparikh
Copy link
Contributor

tparikh commented Dec 17, 2020

/lgtm

@wlan0 and @brahmaroutu thoughts on namespace changes?

@k8s-ci-robot
Copy link
Contributor

@tparikh: changing LGTM is restricted to collaborators

In response to this:

/lgtm

@wlan0 and @brahmaroutu thoughts on namespace changes?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@NicolasT
Copy link
Contributor Author

@wlan0 and @brahmaroutu thoughts on namespace changes?

Note current PR doesn't make any changes to namespaces being used (except for creating the one the sample provisioner wants to be deployed in, though one could argue that one should get its own Kustomize in its repo which we can then reference...).

@NicolasT NicolasT force-pushed the refactor-kustomize-deployment branch from dbef78e to 6d19b49 Compare December 17, 2020 20:07
@wlan0
Copy link
Contributor

wlan0 commented Dec 17, 2020

Yeah you’ve just removed the hard coded namespace.

@wlan0
Copy link
Contributor

wlan0 commented Dec 17, 2020

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Dec 17, 2020
@wlan0
Copy link
Contributor

wlan0 commented Dec 17, 2020

/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Dec 17, 2020
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: NicolasT, wlan0

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 17, 2020
@k8s-ci-robot k8s-ci-robot merged commit f6867a0 into kubernetes-retired:master Dec 17, 2020
@NicolasT NicolasT mentioned this pull request Dec 22, 2020
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@wlan0 wlan0 wlan0 approved these changes

@saad-ali saad-ali Awaiting requested review from saad-ali

@xing-yang xing-yang Awaiting requested review from xing-yang

Assignees

@wlan0 wlan0

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@NicolasT @k8s-ci-robot @tparikh @wlan0