Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deploy limitador authorino and kuadrant-controller #18

Merged
merged 12 commits into from
May 26, 2022
Merged

Deploy limitador authorino and kuadrant-controller #18

merged 12 commits into from
May 26, 2022

Conversation

eguzki
Copy link
Contributor

@eguzki eguzki commented May 23, 2022
edited
Loading

What

Fixes Kuadrant/kuadrant-controller#148

  • Deploy Limitador in the same namespace as the kuadrant CR
  • kuadrant controller and kuadrant API (AuthPolicy and RatelimitPolocy CRDs) are no longer deployed as part of the operator deployment. A kuadrant CR is required to deploy the kuadrant control plane and kuadrant API.
  • Deploy authorino in the same namespace as the kuadrant CR
  • Kuadrant CR status conditions
  • Clean up when Kuadrant CR is deleted

Verification Steps

  • Deploy kuadrant operator (and operator dependencies) manually
make kind-create-kuadrant-cluster
  • Deploy empty kuadrant CR
kubectl apply -f - <<EOF
---
apiVersion: kuadrant.kuadrant.io/v1beta1
kind: Kuadrant
metadata:
  name: kuadrant-sample
spec: {}
EOF

wait until kuadrant CR status reports it is ready

k wait --for=condition=ready kuadrant/kuadrant-sample --timeout=-1s
kuadrant.kuadrant.kuadrant.io/kuadrant-sample condition met

k get kuadrant kuadrant-sample -o yaml | yq_k8s_clean 
apiVersion: kuadrant.kuadrant.io/v1beta1
kind: Kuadrant
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"kuadrant.kuadrant.io/v1beta1","kind":"Kuadrant","metadata":{"annotations":{},"name":"kuadrant-sample","namespace":"default"},"spec":{}}
  creationTimestamp: "2022-05-23T19:38:38Z"
  finalizers:
    - kuadrant.kuadrant.io/finalizer
  generation: 1
  name: kuadrant-sample
  namespace: default
  resourceVersion: "1670"
  uid: f6f0e2c8-824a-4053-8891-adeea22d26a3
spec: {}
status:
  conditions:
    - lastTransitionTime: "2022-05-23T19:38:59Z"
      message: Kuadrant is ready
      reason: Ready
      status: "True"
      type: Ready
  observedGeneration: 1

Check limitador, authorino and the kuadrant controller are running in the namespace where the kuadrant CR was deployed

k get pods 
NAME                                           READY   STATUS    RESTARTS   AGE
authorino-897fb4b87-5m77m                      1/1     Running   0          3m2s
kuadrant-controller-manager-7f59f745c5-6v8d6   1/1     Running   0          3m3s
limitador-6c89f69875-wf2bn                     1/1     Running   0          3m4s

Check that the CRDs have also been deployed:

k get crds | grep apim.kuadrant.io
authpolicies.apim.kuadrant.io                 2022-05-23T19:38:38Z
ratelimitpolicies.apim.kuadrant.io            2022-05-23T19:38:38Z

Dev Notes:

  • Followed same approach as the Istio operator. With the just the operator deployed, the control plane (istiod) and Istio API are not available. The control plane and the API are available after a istio installation via the IstioOperator CR

@eguzki eguzki requested a review from a team May 23, 2022 08:30
@eguzki eguzki changed the title Deploy limitador authorino Deploy limitador authorino and kuadrant-controller May 23, 2022
@eguzki eguzki marked this pull request as ready for review May 23, 2022 19:47
@guicassolato guicassolato mentioned this pull request May 25, 2022
Merged
guicassolato
guicassolato reviewed May 26, 2022
View reviewed changes
Copy link
Contributor

@guicassolato guicassolato left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor thing...

After make kind-create-kuadrant-cluster, because the image exported is quay.io/kuadrant/kuadrant-operator:dev, the following uncommitted change remains:

diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml
index b038c37..2550fb7 100644
--- a/config/manager/kustomization.yaml
+++ b/config/manager/kustomization.yaml
@@ -13,4 +13,4 @@ kind: Kustomization
 images:
 - name: controller
   newName: quay.io/kuadrant/kuadrant-operator
-  newTag: latest
+  newTag: dev

Maybe the deploy target could roll back the image tag to the default latest after kustomize build?

deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
	$(KUSTOMIZE) build config/deploy | kubectl apply -f -
	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMAGE_TAG_BASE}:latest

@eguzki
Copy link
Contributor Author

eguzki commented May 26, 2022

Maybe the deploy target could roll back the image tag to the default latest after kustomize build?

deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
	$(KUSTOMIZE) build config/deploy | kubectl apply -f -
	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMAGE_TAG_BASE}:latest

Thanks for the tip! I will add the image restore statement

@eguzki eguzki force-pushed the deploy-limitador-authorino branch from cd26c6f to 4e20f82 Compare May 26, 2022 12:43
@eguzki eguzki merged commit cd03aa9 into main May 26, 2022
@eguzki eguzki deleted the deploy-limitador-authorino branch May 26, 2022 14:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@guicassolato guicassolato guicassolato approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Kuadrant Operator should create the Limitador and Authorino CR to configure Authorino and Limitador
2 participants
@eguzki @guicassolato