From 56e5199a8d7b654c068452ef5f2371f4c7b0a129 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Sun, 13 Oct 2024 12:19:36 +0300 Subject: [PATCH 01/19] K8SPXC-1342_bundle_generation --- .gitignore | 5 + Makefile | 47 +- config/bundle/kustomization.yaml | 10 + config/community/kustomization.yaml | 6 + config/examples/kustomization.yaml | 18 + config/examples/pxccluster.example.yaml | 712 +++++++++++++++++++ config/manager/cluster/kustomization.yaml | 12 + config/manager/cluster/manager-target.yaml | 13 + config/manager/default/kustomization.yaml | 13 + config/manager/default/manager.yaml | 68 ++ config/manager/kustomization.yaml | 5 + config/manager/manager.yaml | 48 ++ config/manager/namespace/kustomization.yaml | 13 + config/manager/namespace/manager-target.yaml | 13 + config/operator/kustomization.yaml | 6 + config/rbac/cluster/kustomization.yaml | 7 + config/rbac/cluster/role.yaml | 130 ++++ config/rbac/cluster/role_binding.yaml | 13 + config/rbac/cluster/service_account.yaml | 5 + config/rbac/namespace/kustomization.yaml | 7 + config/rbac/namespace/role.yaml | 118 +++ config/rbac/namespace/role_binding.yaml | 12 + config/rbac/namespace/service_account.yaml | 5 + installers/olm/bundle.Dockerfile | 16 + installers/olm/bundle.annotations.yaml | 10 + installers/olm/bundle.csv.yaml | 270 +++++++ installers/olm/generate.sh | 133 ++++ 27 files changed, 1714 insertions(+), 1 deletion(-) create mode 100644 config/bundle/kustomization.yaml create mode 100644 config/community/kustomization.yaml create mode 100644 config/examples/kustomization.yaml create mode 100644 config/examples/pxccluster.example.yaml create mode 100644 config/manager/cluster/kustomization.yaml create mode 100644 config/manager/cluster/manager-target.yaml create mode 100644 config/manager/default/kustomization.yaml create mode 100644 config/manager/default/manager.yaml create mode 100644 config/manager/kustomization.yaml create mode 100644 config/manager/manager.yaml create mode 100644 config/manager/namespace/kustomization.yaml create mode 100644 config/manager/namespace/manager-target.yaml create mode 100644 config/operator/kustomization.yaml create mode 100644 config/rbac/cluster/kustomization.yaml create mode 100644 config/rbac/cluster/role.yaml create mode 100644 config/rbac/cluster/role_binding.yaml create mode 100644 config/rbac/cluster/service_account.yaml create mode 100644 config/rbac/namespace/kustomization.yaml create mode 100644 config/rbac/namespace/role.yaml create mode 100644 config/rbac/namespace/role_binding.yaml create mode 100644 config/rbac/namespace/service_account.yaml create mode 100644 installers/olm/bundle.Dockerfile create mode 100644 installers/olm/bundle.annotations.yaml create mode 100644 installers/olm/bundle.csv.yaml create mode 100755 installers/olm/generate.sh diff --git a/.gitignore b/.gitignore index 9a4b4a6633..41a54b66ba 100644 --- a/.gitignore +++ b/.gitignore @@ -85,3 +85,8 @@ e2e-tests/init-deploy/smallrun deploy/crds .editorconfig +projects/ +installers/olm/operator_*.yaml +installers/olm/bundles + + diff --git a/Makefile b/Makefile index e5a10c6eb4..7cf834c620 100644 --- a/Makefile +++ b/Makefile @@ -2,12 +2,57 @@ NAME ?= percona-xtradb-cluster-operator IMAGE_TAG_OWNER ?= perconalab IMAGE_TAG_BASE ?= $(IMAGE_TAG_OWNER)/$(NAME) SED := $(shell which gsed || which sed) -VERSION ?= $(shell git rev-parse --abbrev-ref HEAD | $(SED) -e 's^/^-^g; s^[.]^-^g;' | tr '[:upper:]' '[:lower:]') +VERSION ?= 1.15.0 +#$(shell git rev-parse --abbrev-ref HEAD | $(SED) -e 's^/^-^g; s^[.]^-^g;' | tr '[:upper:]' '[:lower:]') IMAGE ?= $(IMAGE_TAG_BASE):$(VERSION) DEPLOYDIR = ./deploy +BUNDLEDIR = $(DEPLOYDIR)/csv/redhat +BUNDLE_CHANNELS := --channels=stable +BUNDLE_DEFAULT_CHANNEL := --default-channel=stable +BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) + # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.23 +.DEFAULT_GOAL := help +.SUFFIXES: + +CONTAINER ?= docker +OPENSHIFT_VERSIONS ?= v4.12-v4.15 +PACKAGE_CHANNEL ?= stable +MIN_KUBE_VERSION ?= 1.24.0 +DOCKER_DEFAULT_PLATFORM ?= linux/amd64 +SHELL := /bin/bash +REPO_ROOT = $(shell git rev-parse --show-toplevel) +distros = community + +export VERSION +export BUNDLE_REPO +export OPENSHIFT_VERSIONS +export PACKAGE_CHANNEL +export MIN_KUBE_VERSION +export DOCKER_DEFAULT_PLATFORM + +check-version: +ifndef VERSION + $(error VERSION is not set) +endif + +KUSTOMIZE = $(REPO_ROOT)/bin/kustomize +kustomize: ## Download kustomize locally if necessary. + $(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v4@v4.5.3) + +.PHONY: bundles +bundles: ## Build OLM bundles +bundles: check-version $(distros:%=bundles/%) + +# https://olm.operatorframework.io/docs/tasks/creating-operator-bundle/#validating-your-bundle +# https://github.com/operator-framework/community-operators/blob/8a36a33/docs/packaging-required-criteria-ocp.md +.PHONY: bundles/community +bundles/community: + cd config/manager/default/ && $(KUSTOMIZE) edit set image percona-xtradb-cluster-operator=$(IMAGE) + ./installers/olm/generate.sh community + all: build diff --git a/config/bundle/kustomization.yaml b/config/bundle/kustomization.yaml new file mode 100644 index 0000000000..2c38e6d572 --- /dev/null +++ b/config/bundle/kustomization.yaml @@ -0,0 +1,10 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../crd +- ../rbac/namespace +- ../manager/namespace +images: +- name: percona-xtradb-cluster-operator + newName: perconalab/percona-xtradb-cluster-operator + newTag: main diff --git a/config/community/kustomization.yaml b/config/community/kustomization.yaml new file mode 100644 index 0000000000..a34c7b4844 --- /dev/null +++ b/config/community/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- ../operator +- ../examples diff --git a/config/examples/kustomization.yaml b/config/examples/kustomization.yaml new file mode 100644 index 0000000000..5002edb476 --- /dev/null +++ b/config/examples/kustomization.yaml @@ -0,0 +1,18 @@ +# Custom resources that are imported into the ClusterServiceVersion. +# +# The first for each GVK appears in the "Custom Resource Definitions" section on +# the details page at OperatorHub.io: https://operatorhub.io/operator/percona-xtradb-cluster-operator +# +# The "metadata.name" fields should be unique so they can be given a description +# that is presented by compatible UIs. +# https://github.com/operator-framework/operator-lifecycle-manager/blob/v0.18.2/doc/design/building-your-csv.md#crd-templates +# +# The "image" fields should be omitted so the defaults are used. +# https://redhat-connect.gitbook.io/certified-operator-guide/troubleshooting-and-resources/offline-enabled-operators + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- pxccluster.example.yaml + diff --git a/config/examples/pxccluster.example.yaml b/config/examples/pxccluster.example.yaml new file mode 100644 index 0000000000..549b3137b5 --- /dev/null +++ b/config/examples/pxccluster.example.yaml @@ -0,0 +1,712 @@ +apiVersion: pxc.percona.com/v1 +kind: PerconaXtraDBCluster +metadata: + name: cluster1 + finalizers: + - percona.com/delete-pxc-pods-in-order +# - percona.com/delete-ssl +# - percona.com/delete-proxysql-pvc +# - percona.com/delete-pxc-pvc +# annotations: +# percona.com/issue-vault-token: "true" +spec: + crVersion: 1.16.0 + # enableVolumeExpansion: true + # ignoreAnnotations: + # - iam.amazonaws.com/role + # ignoreLabels: + # - rack + # secretsName: cluster1-secrets + # vaultSecretName: keyring-secret-vault + # sslSecretName: cluster1-ssl + # sslInternalSecretName: cluster1-ssl-internal + # logCollectorSecretName: cluster1-log-collector-secrets + # initContainer: + # image: perconalab/percona-xtradb-cluster-operator:main + # containerSecurityContext: + # privileged: false + # runAsUser: 1001 + # runAsGroup: 1001 + # resources: + # requests: + # memory: 100M + # cpu: 100m + # limits: + # memory: 200M + # cpu: 200m + # enableCRValidationWebhook: true + tls: + enabled: true + # SANs: + # - pxc-1.example.com + # - pxc-2.example.com + # - pxc-3.example.com + # issuerConf: + # name: special-selfsigned-issuer + # kind: ClusterIssuer + # group: cert-manager.io + # unsafeFlags: + # tls: false + # pxcSize: false + # proxySize: false + # backupIfUnhealthy: false + # pause: false + updateStrategy: SmartUpdate + upgradeOptions: + versionServiceEndpoint: https://check.percona.com + apply: disabled + schedule: "0 4 * * *" + pxc: + size: 3 + image: perconalab/percona-xtradb-cluster-operator:main-pxc8.0 + autoRecovery: true + # expose: + # enabled: true + # type: LoadBalancer + # externalTrafficPolicy: Local + # internalTrafficPolicy: Local + # loadBalancerSourceRanges: + # - 10.0.0.0/8 + # loadBalancerIP: 127.0.0.1 + # annotations: + # networking.gke.io/load-balancer-type: "Internal" + # labels: + # rack: rack-22 + # replicationChannels: + # - name: pxc1_to_pxc2 + # isSource: true + # - name: pxc2_to_pxc1 + # isSource: false + # configuration: + # sourceRetryCount: 3 + # sourceConnectRetry: 60 + # ssl: false + # sslSkipVerify: true + # ca: '/etc/mysql/ssl/ca.crt' + # sourcesList: + # - host: 10.95.251.101 + # port: 3306 + # weight: 100 + # schedulerName: mycustom-scheduler + # readinessDelaySec: 15 + # livenessDelaySec: 600 + # configuration: | + # [mysqld] + # wsrep_debug=CLIENT + # wsrep_provider_options="gcache.size=1G; gcache.recover=yes" + # [sst] + # xbstream-opts=--decompress + # [xtrabackup] + # compress=lz4 + # for PXC 5.7 + # [xtrabackup] + # compress + # imagePullSecrets: + # - name: private-registry-credentials + # priorityClassName: high-priority + # annotations: + # iam.amazonaws.com/role: role-arn + # labels: + # rack: rack-22 + # readinessProbes: + # initialDelaySeconds: 15 + # timeoutSeconds: 15 + # periodSeconds: 30 + # successThreshold: 1 + # failureThreshold: 5 + # livenessProbes: + # initialDelaySeconds: 300 + # timeoutSeconds: 5 + # periodSeconds: 10 + # successThreshold: 1 + # failureThreshold: 3 + # containerSecurityContext: + # privileged: false + # podSecurityContext: + # runAsUser: 1001 + # runAsGroup: 1001 + # supplementalGroups: [1001] + # serviceAccountName: percona-xtradb-cluster-operator-workload + # imagePullPolicy: Always + # runtimeClassName: image-rc + # sidecars: + # - image: busybox + # command: ["/bin/sh"] + # args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"] + # name: my-sidecar-1 + # resources: + # requests: + # memory: 100M + # cpu: 100m + # limits: + # memory: 200M + # cpu: 200m + # envVarsSecret: my-env-var-secrets + resources: + requests: + memory: 1G + cpu: 600m + # ephemeral-storage: 1G + # limits: + # memory: 1G + # cpu: "1" + # ephemeral-storage: 1G + # nodeSelector: + # disktype: ssd + # topologySpreadConstraints: + # - labelSelector: + # matchLabels: + # app.kubernetes.io/name: percona-xtradb-cluster + # maxSkew: 1 + # topologyKey: kubernetes.io/hostname + # whenUnsatisfiable: DoNotSchedule + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" + # advanced: + # nodeAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: kubernetes.io/e2e-az-name + # operator: In + # values: + # - e2e-az1 + # - e2e-az2 + # tolerations: + # - key: "node.alpha.kubernetes.io/unreachable" + # operator: "Exists" + # effect: "NoExecute" + # tolerationSeconds: 6000 + podDisruptionBudget: + maxUnavailable: 1 + # minAvailable: 0 + volumeSpec: + # emptyDir: {} + # hostPath: + # path: /data + # type: Directory + persistentVolumeClaim: + # storageClassName: standard + # accessModes: [ "ReadWriteOnce" ] + # dataSource: + # name: new-snapshot-test + # kind: VolumeSnapshot + # apiGroup: snapshot.storage.k8s.io + resources: + requests: + storage: 6G + gracePeriod: 600 + # lifecycle: + # preStop: + # exec: + # command: [ "/bin/true" ] + # postStart: + # exec: + # command: [ "/bin/true" ] + haproxy: + enabled: true + size: 3 + image: perconalab/percona-xtradb-cluster-operator:main-haproxy + # imagePullPolicy: Always + # schedulerName: mycustom-scheduler + # readinessDelaySec: 15 + # livenessDelaySec: 600 + # configuration: | + # + # the actual default configuration file can be found here https://raw.githubusercontent.com/percona/percona-xtradb-cluster-operator/main/build/haproxy-global.cfg + # + # global + # maxconn 2048 + # external-check + # insecure-fork-wanted + # stats socket /etc/haproxy/pxc/haproxy.sock mode 600 expose-fd listeners level admin + # + # defaults + # default-server init-addr last,libc,none + # log global + # mode tcp + # retries 10 + # timeout client 28800s + # timeout connect 100500 + # timeout server 28800s + # + # resolvers kubernetes + # parse-resolv-conf + # + # frontend galera-in + # bind *:3309 accept-proxy + # bind *:3306 + # mode tcp + # option clitcpka + # default_backend galera-nodes + # + # frontend galera-admin-in + # bind *:33062 + # mode tcp + # option clitcpka + # default_backend galera-admin-nodes + # + # frontend galera-replica-in + # bind *:3307 + # mode tcp + # option clitcpka + # default_backend galera-replica-nodes + # + # frontend galera-mysqlx-in + # bind *:33060 + # mode tcp + # option clitcpka + # default_backend galera-mysqlx-nodes + # + # frontend stats + # bind *:8404 + # mode http + # http-request use-service prometheus-exporter if { path /metrics } + # imagePullSecrets: + # - name: private-registry-credentials + # annotations: + # iam.amazonaws.com/role: role-arn + # labels: + # rack: rack-22 + # readinessProbes: + # initialDelaySeconds: 15 + # timeoutSeconds: 1 + # periodSeconds: 5 + # successThreshold: 1 + # failureThreshold: 3 + # livenessProbes: + # initialDelaySeconds: 60 + # timeoutSeconds: 5 + # periodSeconds: 30 + # successThreshold: 1 + # failureThreshold: 4 + # exposePrimary: + # enabled: false + # type: ClusterIP + # annotations: + # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp + # externalTrafficPolicy: Cluster + # internalTrafficPolicy: Cluster + # labels: + # rack: rack-22 + # loadBalancerSourceRanges: + # - 10.0.0.0/8 + # loadBalancerIP: 127.0.0.1 + # exposeReplicas: + # enabled: true + # onlyReaders: false + # type: ClusterIP + # annotations: + # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp + # externalTrafficPolicy: Cluster + # internalTrafficPolicy: Cluster + # labels: + # rack: rack-22 + # loadBalancerSourceRanges: + # - 10.0.0.0/8 + # loadBalancerIP: 127.0.0.1 + # runtimeClassName: image-rc + # sidecars: + # - image: busybox + # command: ["/bin/sh"] + # args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"] + # name: my-sidecar-1 + # resources: + # requests: + # memory: 100M + # cpu: 100m + # limits: + # memory: 200M + # cpu: 200m + # envVarsSecret: my-env-var-secrets + resources: + requests: + memory: 1G + cpu: 600m + # limits: + # memory: 1G + # cpu: 700m + # priorityClassName: high-priority + # nodeSelector: + # disktype: ssd + # sidecarResources: + # requests: + # memory: 1G + # cpu: 500m + # limits: + # memory: 2G + # cpu: 600m + # containerSecurityContext: + # privileged: false + # podSecurityContext: + # runAsUser: 1001 + # runAsGroup: 1001 + # supplementalGroups: [1001] + # serviceAccountName: percona-xtradb-cluster-operator-workload + # topologySpreadConstraints: + # - labelSelector: + # matchLabels: + # app.kubernetes.io/name: percona-xtradb-cluster + # maxSkew: 1 + # topologyKey: kubernetes.io/hostname + # whenUnsatisfiable: DoNotSchedule + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" + # advanced: + # nodeAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: kubernetes.io/e2e-az-name + # operator: In + # values: + # - e2e-az1 + # - e2e-az2 + # tolerations: + # - key: "node.alpha.kubernetes.io/unreachable" + # operator: "Exists" + # effect: "NoExecute" + # tolerationSeconds: 6000 + podDisruptionBudget: + maxUnavailable: 1 + # minAvailable: 0 + gracePeriod: 30 + # lifecycle: + # preStop: + # exec: + # command: [ "/bin/true" ] + # postStart: + # exec: + # command: [ "/bin/true" ] + proxysql: + enabled: false + size: 3 + image: perconalab/percona-xtradb-cluster-operator:main-proxysql + # imagePullPolicy: Always + # configuration: | + # datadir="/var/lib/proxysql" + # + # admin_variables = + # { + # admin_credentials="proxyadmin:admin_password" + # mysql_ifaces="0.0.0.0:6032" + # refresh_interval=2000 + # + # cluster_username="proxyadmin" + # cluster_password="admin_password" + # checksum_admin_variables=false + # checksum_ldap_variables=false + # checksum_mysql_variables=false + # cluster_check_interval_ms=200 + # cluster_check_status_frequency=100 + # cluster_mysql_query_rules_save_to_disk=true + # cluster_mysql_servers_save_to_disk=true + # cluster_mysql_users_save_to_disk=true + # cluster_proxysql_servers_save_to_disk=true + # cluster_mysql_query_rules_diffs_before_sync=1 + # cluster_mysql_servers_diffs_before_sync=1 + # cluster_mysql_users_diffs_before_sync=1 + # cluster_proxysql_servers_diffs_before_sync=1 + # } + # + # mysql_variables= + # { + # monitor_password="monitor" + # monitor_galera_healthcheck_interval=1000 + # threads=2 + # max_connections=2048 + # default_query_delay=0 + # default_query_timeout=10000 + # poll_timeout=2000 + # interfaces="0.0.0.0:3306" + # default_schema="information_schema" + # stacksize=1048576 + # connect_timeout_server=10000 + # monitor_history=60000 + # monitor_connect_interval=20000 + # monitor_ping_interval=10000 + # ping_timeout_server=200 + # commands_stats=true + # sessions_sort=true + # have_ssl=true + # ssl_p2s_ca="/etc/proxysql/ssl-internal/ca.crt" + # ssl_p2s_cert="/etc/proxysql/ssl-internal/tls.crt" + # ssl_p2s_key="/etc/proxysql/ssl-internal/tls.key" + # ssl_p2s_cipher="ECDHE-RSA-AES128-GCM-SHA256" + # } + # readinessDelaySec: 15 + # livenessDelaySec: 600 + # schedulerName: mycustom-scheduler + # imagePullSecrets: + # - name: private-registry-credentials + # annotations: + # iam.amazonaws.com/role: role-arn + # labels: + # rack: rack-22 + # expose: + # enabled: false + # type: ClusterIP + # annotations: + # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp + # externalTrafficPolicy: Cluster + # internalTrafficPolicy: Cluster + # labels: + # rack: rack-22 + # loadBalancerSourceRanges: + # - 10.0.0.0/8 + # loadBalancerIP: 127.0.0.1 + # runtimeClassName: image-rc + # sidecars: + # - image: busybox + # command: ["/bin/sh"] + # args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"] + # name: my-sidecar-1 + # resources: + # requests: + # memory: 100M + # cpu: 100m + # limits: + # memory: 200M + # cpu: 200m + # envVarsSecret: my-env-var-secrets + resources: + requests: + memory: 1G + cpu: 600m + # limits: + # memory: 1G + # cpu: 700m + # priorityClassName: high-priority + # nodeSelector: + # disktype: ssd + # sidecarResources: + # requests: + # memory: 1G + # cpu: 500m + # limits: + # memory: 2G + # cpu: 600m + # containerSecurityContext: + # privileged: false + # podSecurityContext: + # runAsUser: 1001 + # runAsGroup: 1001 + # supplementalGroups: [1001] + # serviceAccountName: percona-xtradb-cluster-operator-workload + # topologySpreadConstraints: + # - labelSelector: + # matchLabels: + # app.kubernetes.io/name: percona-xtradb-cluster-operator + # maxSkew: 1 + # topologyKey: kubernetes.io/hostname + # whenUnsatisfiable: DoNotSchedule + affinity: + antiAffinityTopologyKey: "kubernetes.io/hostname" + # advanced: + # nodeAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: kubernetes.io/e2e-az-name + # operator: In + # values: + # - e2e-az1 + # - e2e-az2 + # tolerations: + # - key: "node.alpha.kubernetes.io/unreachable" + # operator: "Exists" + # effect: "NoExecute" + # tolerationSeconds: 6000 + volumeSpec: + # emptyDir: {} + # hostPath: + # path: /data + # type: Directory + persistentVolumeClaim: + # storageClassName: standard + # accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 2G + podDisruptionBudget: + maxUnavailable: 1 + # minAvailable: 0 + gracePeriod: 30 + # lifecycle: + # preStop: + # exec: + # command: [ "/bin/true" ] + # postStart: + # exec: + # command: [ "/bin/true" ] + # loadBalancerSourceRanges: + # - 10.0.0.0/8 + logcollector: + enabled: true + image: perconalab/percona-xtradb-cluster-operator:main-logcollector + # configuration: | + # [OUTPUT] + # Name es + # Match * + # Host 192.168.2.3 + # Port 9200 + # Index my_index + # Type my_type + resources: + requests: + memory: 100M + cpu: 200m + pmm: + enabled: false + image: perconalab/pmm-client:dev-latest + serverHost: monitoring-service + # serverUser: admin + # pxcParams: "--disable-tablestats-limit=2000" + # proxysqlParams: "--custom-labels=CUSTOM-LABELS" + # containerSecurityContext: + # privileged: false + resources: + requests: + memory: 150M + cpu: 300m + backup: + # allowParallel: true + image: perconalab/percona-xtradb-cluster-operator:main-pxc8.0-backup + # backoffLimit: 6 + # serviceAccountName: percona-xtradb-cluster-operator + # imagePullSecrets: + # - name: private-registry-credentials + pitr: + enabled: false + storageName: STORAGE-NAME-HERE + timeBetweenUploads: 60 + timeoutSeconds: 60 + # resources: + # requests: + # memory: 0.1G + # cpu: 100m + # limits: + # memory: 1G + # cpu: 700m + storages: + s3-us-west: + type: s3 + verifyTLS: true + # nodeSelector: + # storage: tape + # backupWorker: 'True' + # resources: + # requests: + # memory: 1G + # cpu: 600m + # topologySpreadConstraints: + # - labelSelector: + # matchLabels: + # app.kubernetes.io/name: percona-xtradb-cluster + # maxSkew: 1 + # topologyKey: kubernetes.io/hostname + # whenUnsatisfiable: DoNotSchedule + # affinity: + # nodeAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: backupWorker + # operator: In + # values: + # - 'True' + # tolerations: + # - key: "backupWorker" + # operator: "Equal" + # value: "True" + # effect: "NoSchedule" + # annotations: + # testName: scheduled-backup + # labels: + # backupWorker: 'True' + # schedulerName: 'default-scheduler' + # priorityClassName: 'high-priority' + # containerSecurityContext: + # privileged: true + # podSecurityContext: + # fsGroup: 1001 + # supplementalGroups: [1001, 1002, 1003] + # containerOptions: + # env: + # - name: VERIFY_TLS + # value: "false" + # args: + # xtrabackup: + # - "--someflag=abc" + # xbcloud: + # - "--someflag=abc" + # xbstream: + # - "--someflag=abc" + s3: + bucket: S3-BACKUP-BUCKET-NAME-HERE + credentialsSecret: my-cluster-name-backup-s3 + region: us-west-2 + azure-blob: + type: azure + azure: + credentialsSecret: azure-secret + container: test + # endpointUrl: https://accountName.blob.core.windows.net + # storageClass: Hot + fs-pvc: + type: filesystem + # nodeSelector: + # storage: tape + # backupWorker: 'True' + # resources: + # requests: + # memory: 1G + # cpu: 600m + # topologySpreadConstraints: + # - labelSelector: + # matchLabels: + # app.kubernetes.io/name: percona-xtradb-cluster + # maxSkew: 1 + # topologyKey: kubernetes.io/hostname + # whenUnsatisfiable: DoNotSchedule + # affinity: + # nodeAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: backupWorker + # operator: In + # values: + # - 'True' + # tolerations: + # - key: "backupWorker" + # operator: "Equal" + # value: "True" + # effect: "NoSchedule" + # annotations: + # testName: scheduled-backup + # labels: + # backupWorker: 'True' + # schedulerName: 'default-scheduler' + # priorityClassName: 'high-priority' + # containerSecurityContext: + # privileged: true + # podSecurityContext: + # fsGroup: 1001 + # supplementalGroups: [1001, 1002, 1003] + volume: + persistentVolumeClaim: + # storageClassName: standard + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 6G + schedule: + # - name: "sat-night-backup" + # schedule: "0 0 * * 6" + # keep: 3 + # storageName: s3-us-west + - name: "daily-backup" + schedule: "0 0 * * *" + keep: 5 + storageName: fs-pvc diff --git a/config/manager/cluster/kustomization.yaml b/config/manager/cluster/kustomization.yaml new file mode 100644 index 0000000000..5efba3d375 --- /dev/null +++ b/config/manager/cluster/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../default/ + +patchesStrategicMerge: +- manager-target.yaml + +images: +- name: percona-xtradb-cluster-operator + newName: perconalab/percona-xtradb-cluster-operator + newTag: main diff --git a/config/manager/cluster/manager-target.yaml b/config/manager/cluster/manager-target.yaml new file mode 100644 index 0000000000..13ae2047ef --- /dev/null +++ b/config/manager/cluster/manager-target.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: percona-xtradb-cluster-operator +spec: + template: + spec: + containers: + - name: operator + env: + - name: WATCH_NAMESPACE + value: "" diff --git a/config/manager/default/kustomization.yaml b/config/manager/default/kustomization.yaml new file mode 100644 index 0000000000..03c3adfd18 --- /dev/null +++ b/config/manager/default/kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- manager.yaml +commonLabels: + app.kubernetes.io/component: operator + app.kubernetes.io/instance: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster-operator + app.kubernetes.io/part-of: percona-xtradb-cluster-operator +images: +- name: percona-xtradb-cluster-operator + newName: tishina/percona-server-mongodb-operator + newTag: main diff --git a/config/manager/default/manager.yaml b/config/manager/default/manager.yaml new file mode 100644 index 0000000000..2c5483cd2b --- /dev/null +++ b/config/manager/default/manager.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: percona-xtradb-cluster-operator +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: operator + app.kubernetes.io/instance: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster-operator + app.kubernetes.io/part-of: percona-xtradb-cluster-operator + strategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app.kubernetes.io/component: operator + app.kubernetes.io/instance: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster-operator + app.kubernetes.io/part-of: percona-xtradb-cluster-operator + spec: + terminationGracePeriodSeconds: 600 + containers: + - command: + - percona-xtradb-cluster-operator + env: + - name: LOG_STRUCTURED + value: 'false' + - name: LOG_LEVEL + value: INFO + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: OPERATOR_NAME + value: percona-xtradb-cluster-operator + - name: DISABLE_TELEMETRY + value: "false" + image: perconalab/percona-xtradb-cluster-operator:1.15.0 + imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /metrics + port: metrics + scheme: HTTP + resources: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 20Mi + name: percona-xtradb-cluster-operator + ports: + - containerPort: 8080 + name: metrics + protocol: TCP + serviceAccountName: percona-xtradb-cluster-operator \ No newline at end of file diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml new file mode 100644 index 0000000000..dfce22e6c5 --- /dev/null +++ b/config/manager/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- manager.yaml diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml new file mode 100644 index 0000000000..0a889a7f60 --- /dev/null +++ b/config/manager/manager.yaml @@ -0,0 +1,48 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pgo +spec: + replicas: 1 + strategy: { type: Recreate } + template: + spec: + containers: + - name: operator + image: percona-xtradb-cluster-operator + env: + - name: PGO_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CRUNCHY_DEBUG + value: "true" + - name: RELATED_IMAGE_POSTGRES_15 + value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-15.7-1" + - name: RELATED_IMAGE_POSTGRES_15_GIS_3.3 + value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-15.7-3.3-1" + - name: RELATED_IMAGE_POSTGRES_16 + value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-16.3-1" + - name: RELATED_IMAGE_POSTGRES_16_GIS_3.3 + value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-16.3-3.3-1" + - name: RELATED_IMAGE_POSTGRES_16_GIS_3.4 + value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-16.3-3.4-1" + - name: RELATED_IMAGE_PGADMIN + value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgadmin4:ubi8-4.30-26" + - name: RELATED_IMAGE_PGBACKREST + value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.51-1" + - name: RELATED_IMAGE_PGBOUNCER + value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.22-1" + - name: RELATED_IMAGE_PGEXPORTER + value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:latest" + - name: RELATED_IMAGE_PGUPGRADE + value: "registry.developers.crunchydata.com/crunchydata/crunchy-upgrade:latest" + - name: RELATED_IMAGE_STANDALONE_PGADMIN + value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgadmin4:ubi8-8.6-1" + securityContext: + allowPrivilegeEscalation: false + capabilities: { drop: [ALL] } + readOnlyRootFilesystem: true + runAsNonRoot: true + serviceAccountName: pgo diff --git a/config/manager/namespace/kustomization.yaml b/config/manager/namespace/kustomization.yaml new file mode 100644 index 0000000000..8a3d51af83 --- /dev/null +++ b/config/manager/namespace/kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- ../default/ + +patchesStrategicMerge: +- manager-target.yaml + +images: +- name: percona-xtradb-cluster-operator + newName: perconalab/percona-xtradb-cluster-operator + newTag: main diff --git a/config/manager/namespace/manager-target.yaml b/config/manager/namespace/manager-target.yaml new file mode 100644 index 0000000000..ef6d1c9d6e --- /dev/null +++ b/config/manager/namespace/manager-target.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: percona-xtradb-cluster-operator +spec: + template: + spec: + containers: + - name: operator + env: + - name: WATCH_NAMESPACE + valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } } diff --git a/config/operator/kustomization.yaml b/config/operator/kustomization.yaml new file mode 100644 index 0000000000..adbe6c3d62 --- /dev/null +++ b/config/operator/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- ../bundle + diff --git a/config/rbac/cluster/kustomization.yaml b/config/rbac/cluster/kustomization.yaml new file mode 100644 index 0000000000..82cfb0841b --- /dev/null +++ b/config/rbac/cluster/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- service_account.yaml +- role.yaml +- role_binding.yaml diff --git a/config/rbac/cluster/role.yaml b/config/rbac/cluster/role.yaml new file mode 100644 index 0000000000..77ec086ed0 --- /dev/null +++ b/config/rbac/cluster/role.yaml @@ -0,0 +1,130 @@ +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: percona-xtradb-cluster-operator +rules: + - apiGroups: + - pxc.percona.com + resources: + - perconaxtradbclusters + - perconaxtradbclusters/status + - perconaxtradbclusterbackups + - perconaxtradbclusterbackups/status + - perconaxtradbclusterrestores + - perconaxtradbclusterrestores/status + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - pods + - pods/exec + - pods/log + - configmaps + - services + - persistentvolumeclaims + - secrets + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - apps + resources: + - deployments + - replicasets + - statefulsets + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - batch + resources: + - jobs + - cronjobs + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - events.k8s.io + - "" + resources: + - events + verbs: + - create + - patch + - get + - list + - watch + - apiGroups: + - certmanager.k8s.io + - cert-manager.io + resources: + - issuers + - certificates + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection \ No newline at end of file diff --git a/config/rbac/cluster/role_binding.yaml b/config/rbac/cluster/role_binding.yaml new file mode 100644 index 0000000000..6d7f74e868 --- /dev/null +++ b/config/rbac/cluster/role_binding.yaml @@ -0,0 +1,13 @@ +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: service-account-percona-xtradb-cluster-operator +subjects: + - kind: ServiceAccount + name: percona-xtradb-cluster-operator + namespace: "pxc-operator" +roleRef: + kind: ClusterRole + name: percona-xtradb-cluster-operator + apiGroup: rbac.authorization.k8s.io diff --git a/config/rbac/cluster/service_account.yaml b/config/rbac/cluster/service_account.yaml new file mode 100644 index 0000000000..c5ad4a1530 --- /dev/null +++ b/config/rbac/cluster/service_account.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: percona-xtradb-cluster-operator diff --git a/config/rbac/namespace/kustomization.yaml b/config/rbac/namespace/kustomization.yaml new file mode 100644 index 0000000000..82cfb0841b --- /dev/null +++ b/config/rbac/namespace/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- service_account.yaml +- role.yaml +- role_binding.yaml diff --git a/config/rbac/namespace/role.yaml b/config/rbac/namespace/role.yaml new file mode 100644 index 0000000000..3cb156b4c0 --- /dev/null +++ b/config/rbac/namespace/role.yaml @@ -0,0 +1,118 @@ +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: percona-xtradb-cluster-operator +rules: + - apiGroups: + - pxc.percona.com + resources: + - perconaxtradbclusters + - perconaxtradbclusters/status + - perconaxtradbclusterbackups + - perconaxtradbclusterbackups/status + - perconaxtradbclusterrestores + - perconaxtradbclusterrestores/status + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - pods + - pods/exec + - pods/log + - configmaps + - services + - persistentvolumeclaims + - secrets + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - apps + resources: + - deployments + - replicasets + - statefulsets + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - batch + resources: + - jobs + - cronjobs + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - events.k8s.io + - "" + resources: + - events + verbs: + - create + - patch + - get + - list + - watch + - apiGroups: + - certmanager.k8s.io + - cert-manager.io + resources: + - issuers + - certificates + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - deletecollection \ No newline at end of file diff --git a/config/rbac/namespace/role_binding.yaml b/config/rbac/namespace/role_binding.yaml new file mode 100644 index 0000000000..25a5860dab --- /dev/null +++ b/config/rbac/namespace/role_binding.yaml @@ -0,0 +1,12 @@ +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: service-account-percona-xtradb-cluster-operator +subjects: + - kind: ServiceAccount + name: percona-xtradb-cluster-operator +roleRef: + kind: Role + name: percona-xtradb-cluster-operator + apiGroup: rbac.authorization.k8s.io diff --git a/config/rbac/namespace/service_account.yaml b/config/rbac/namespace/service_account.yaml new file mode 100644 index 0000000000..c5ad4a1530 --- /dev/null +++ b/config/rbac/namespace/service_account.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: percona-xtradb-cluster-operator diff --git a/installers/olm/bundle.Dockerfile b/installers/olm/bundle.Dockerfile new file mode 100644 index 0000000000..ca6ac1a886 --- /dev/null +++ b/installers/olm/bundle.Dockerfile @@ -0,0 +1,16 @@ +# Used to build the bundle image. This file is ignored by the community operator +# registries which work with bundle directories instead. +# https://operator-framework.github.io/community-operators/packaging-operator/ + +FROM scratch AS builder + +COPY manifests/ /build/manifests/ +COPY metadata/ /build/metadata/ + +FROM scratch + +# ANNOTATIONS is replaced with bundle.annotations.yaml +LABEL \ + ${ANNOTATIONS} + +COPY --from=builder /build/ / diff --git a/installers/olm/bundle.annotations.yaml b/installers/olm/bundle.annotations.yaml new file mode 100644 index 0000000000..c96d1981f6 --- /dev/null +++ b/installers/olm/bundle.annotations.yaml @@ -0,0 +1,10 @@ +--- +annotations: + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.channel.default.v1: stable + com.redhat.openshift.versions: 'v4.13' + diff --git a/installers/olm/bundle.csv.yaml b/installers/olm/bundle.csv.yaml new file mode 100644 index 0000000000..e3625eb1d6 --- /dev/null +++ b/installers/olm/bundle.csv.yaml @@ -0,0 +1,270 @@ +# https://olm.operatorframework.io/docs/concepts/crds/clusterserviceversion/ +# https://docs.openshift.com/container-platform/4.7/operators/operator_sdk/osdk-generating-csvs.html +# https://redhat-connect.gitbook.io/certified-operator-guide/ocp-deployment/operator-metadata/creating-the-csv +# https://pkg.go.dev/github.com/operator-framework/api@v0.10.1/pkg/operators/v1alpha1#ClusterServiceVersion + +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: '' # generate.sh + annotations: + support: percona.com + olm.properties: '[]' + + # The following affect how the package is indexed at OperatorHub.io: + # https://operatorhub.io/?category=Database + # https://sdk.operatorframework.io/docs/advanced-topics/operator-capabilities/operator-capabilities/ + categories: Database + capabilities: Deep Insights + description: >- + Percona Operator for MySQL based on Percona XtraDB Cluster manages the lifecycle of Percona XtraDB + cluster instances. + + # The following appear on the details page at OperatorHub.io: + # https://operatorhub.io/operator/postgresql + createdAt: 2024-10-07 19:40Z + repository: https://github.com/percona/percona-xtradb-cluster-operator + containerImage: # kustomize config/operator + alm-examples: >- # kustomize config/examples + +spec: + # The following affect how the package is indexed at OperatorHub.io: + # https://operatorhub.io/ + displayName: Percona Operator for MySQL based on Percona XtraDB Cluster + provider: + # These values become labels on the PackageManifest. + name: Percona + url: https://www.percona.com/ + keywords: + - mysql + - percona + - database + - pxc + - galera + - database + - sql + - operator + + # The following appear on the details page at OperatorHub.io: + # https://operatorhub.io/operator/percona-xtradb-cluster-operator + description: |- + + ## Percona is Cloud Native + + Percona Operator for MySQL based on Percona XtraDB Cluster is an open-source drop in replacement for + MySQL Enterprise with synchronous replication running on Kubernetes. It + automates the deployment and management of the members in your Percona + XtraDB Cluster environment. It can be used to instantiate a new Percona + XtraDB Cluster, or to scale an existing environment. + + + Consult the + [documentation](https://percona.github.io/percona-xtradb-cluster-operator/) + on the Percona Operator for MySQL based on Percona XtraDB Cluster for complete + details on capabilities and options. + + + ### Supported Features + + + * **Scale Your Cluster** change the `size` parameter to [add or remove + members](https://percona.github.io/percona-xtradb-cluster-operator/install/scaling) + of the cluster. Three is the minimum recommended size for a functioning + cluster. + + + * **Manage Your Users** [add, remove, or + change](https://percona.github.io/percona-xtradb-cluster-operator/configure/users) + the privileges of database users + + + * **Automate Your Backups** [configure cluster + backups](https://percona.github.io/percona-xtradb-cluster-operator/configure/operator) + to run on a scheduled basis. Backups can be stored on a persistent volume or S3-compatible + storage. Leverage [Point-in-time recovery](https://www.percona.com/doc/kubernetes-operator-for-pxc/backups.html#storing-binary-logs-for-point-in-time-recovery) + to reduce RPO/RTO. + + * **Proxy integration** choose HAProxy or ProxySQL as a proxy in front of + the Percona XtraDB Cluster. Proxies are deployed and configured automatically + with the Operator. + + + ### Common Configurations + + + * **Set Resource Limits** - set limitation on requests to CPU and memory + resources. + + + * **Customize Storage** - set the desired Storage Class and Access Mode for + your database cluster data. + + + * **Control Scheduling** - define how your PXC Pods are scheduled onto the + K8S cluster with tolerations, pod disruption budgets, node selector and + affinity settings. + + * Automatic synchronization of MySQL users with ProxySQL + + * HAProxy Support + + * Fully automated minor version updates (Smart Update) + + * Update Reader members before Writer member at cluster upgrades + + * Support MySQL versions 5.7 and 8.0 + + ### Before You Start + + + Add the PXC user `Secret` to Kubernetes. User information must be placed in + the data section of the `secrets.yaml` + + file with Base64-encoded logins and passwords for the user accounts. + + + Below is a sample `secrets.yaml` file for the correct formatting. + + + ``` + + apiVersion: v1 + + kind: Secret + + metadata: + name: my-cluster-secrets + type: Opaque + + data: + root: cm9vdF9wYXNzd29yZA== + xtrabackup: YmFja3VwX3Bhc3N3b3Jk + monitor: bW9uaXRvcg== + clustercheck: Y2x1c3RlcmNoZWNrcGFzc3dvcmQ= + proxyadmin: YWRtaW5fcGFzc3dvcmQ= + pmmserver: c3VwYXxefHBheno= + operator: b3BlcmF0b3JhZG1pbg== + replication: cmVwbF9wYXNzd29yZAo= + ``` + + ### Release Highlights + + * General availability of the automated volume resizing + + * Allowing haproxy-replica Service to cycle through the reader instances only + + * Fixing the overloaded allowUnsafeConfigurations flag + version: '' # generate.sh + links: + - name: Percona + url: https://www.percona.com/ + - name: Documentation + url: https://docs.percona.com/percona-operator-for-mysql/pxc/index.html + maintainers: + - name: Percona + email: info@percona.com + icon: + - base64data: >- + PHN2ZyB3aWR0aD0iMjI3IiBoZWlnaHQ9IjE5NCIgdmlld0JveD0iMCAwIDIyNyAxOTQiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxwYXRoIGQ9Ik01OS4yODk5IDE5My40M0w0My41NDk5IDE2NS4xMkw1Ny42NDk5IDEzOS43MUw0NS4wNjk5IDExNi45NUgxNi4zMjk5TDAuNjI5ODgzIDg5LjAxTDE2LjA1OTkgNjAuNzlINDkuMDA5OUw2Mi44Mjk5IDg1LjgzSDg4LjAxOTlMMTAyLjQxIDYwLjU2SDEzNC45NkwxNTAuMzUgODguNTJMMTM2LjI3IDExNC4wM0wxNDkuMjEgMTM2Ljc2TDE3OC4yMiAxMzYuODRMMTkzLjYzIDE2NC44OEwxNzguMSAxOTMuMDhMMTQ1Ljg4IDE5My4wNEwxMzEuMTQgMTY3LjQ4SDEwNi4wOUMxMDYuMDkgMTY3LjQ4IDkzLjAwOTkgMTkwLjQ4IDkxLjMxOTkgMTkzLjQzSDU5LjI2OTlINTkuMjg5OVpNNTEuNTA5OSAxNjguMTJMNjIuNTY5OSAxODcuNTdIODQuNjg5OUw3My41Nzk5IDE2OC4wNEw1MS41MTk5IDE2OC4xMkg1MS41MDk5Wk0xODMuODYgMTY3Ljk1QzE4Mi4xOCAxNjcuOTcgMTgwLjU3IDE2Ny45OSAxNzguOTYgMTY4TDE3My4wNSAxNjguMDVDMTY5Ljk5IDE2OC4wOCAxNjYuOTIgMTY4LjEgMTYzLjg2IDE2OC4xMkgxNjMuMzlMMTYzLjE2IDE2OC41M0MxNjAuNDEgMTczLjM5IDE1Ny42NSAxNzguMjUgMTU0Ljg4IDE4My4xMUwxNTIuNDggMTg3LjMzSDE3NC42TDE3NC44MyAxODYuOTJDMTc3LjAxIDE4My4wNiAxNzkuMjIgMTc5LjE5IDE4MS40MiAxNzUuMzFMMTgxLjM0IDE3NS4zNUMxODEuNTggMTc1LjAyIDE4MS45NCAxNzQuMzggMTgyLjYzIDE3My4xOEwxODUuNjIgMTY3LjkzTDE4My44NyAxNjcuOTVIMTgzLjg2Wk03OC40OTk5IDE2NC45Nkw4OS42OTk5IDE4NC41OUwxMDAuOTcgMTY0LjgzTDg5LjkyOTkgMTQ1LjQ4TDc4LjQ5OTkgMTY0Ljk2Wk0xMzYuMzggMTY0LjkzTDE0Ny40NSAxODQuMzRMMTU4LjM3IDE2NS4xOUwxNDcuMyAxNDUuNzdMMTM2LjM4IDE2NC45M1pNNTEuNDk5OSAxNjIuMjZMNzAuMTg5OSAxNjIuMTdMNjkuNDk5OSAxNjAuOTdDNjkuNDk5OSAxNjAuOTcgNjQuMzQ5OSAxNTEuOTMgNjEuNzQ5OSAxNDcuMzdMNjAuODY5OSAxNDUuODJMNTEuNDk5OSAxNjIuMjdWMTYyLjI2Wk0xNjYuNzggMTYyLjIyTDE4NS42NCAxNjIuMDZMMTg0Ljk3IDE2MC44N0MxODIuOCAxNTYuOTkgMTc5LjIgMTUwLjY5IDE3Ni45NSAxNDYuODFMMTc2LjI0IDE0NS41OUwxNjYuNzcgMTYyLjIySDE2Ni43OFpNMTA5LjI5IDE2MS42NkgxMzEuMjdMMTQyLjMzIDE0Mi4yMUgxMjAuOThMMTA5LjMgMTYxLjY2SDEwOS4yOVpNMTYxLjcyIDE1OS4zTDE3MS4yMiAxNDIuNkgxNTIuMkwxNjEuNzEgMTU5LjNIMTYxLjcyWk02Ni4zNTk5IDE0My40MUM2Ny4wNjk5IDE0NC42NyA2Ny45Mzk5IDE0Ni4yNSA2OC44Nzk5IDE0Ny45NEM3MC43ODk5IDE1MS4zOCA3Mi45NDk5IDE1NS4yOCA3NC40Njk5IDE1Ny44OUw3NS4xNjk5IDE1OS4wOUw3NS44Njk5IDE1Ny45Qzc3LjQxOTkgMTU1LjI1IDg0LjI3OTkgMTQzLjQzIDg0LjI3OTkgMTQzLjQzTDg0Ljk4OTkgMTQyLjIxSDY1LjY3OTlMNjYuMzU5OSAxNDMuNDJWMTQzLjQxWk0xMDQuMjEgMTU4LjhMMTE0LjE1IDE0Mi4yQzExNC4xNSAxNDIuMiAxMDkuMDQgMTQyLjIgMTA3LjIxIDE0Mi4ySDk0Ljc5OTlMMTA0LjIyIDE1OC43OUwxMDQuMjEgMTU4LjhaTTY2LjY0OTkgMTM0Ljc5TDY1LjcwOTkgMTM2LjY4TDg4LjAyOTkgMTM2LjRMOTkuMTE5OSAxMTYuOTFINzUuNDc5OUM3NS40Nzk5IDExNi45MSA2OS41Mjk5IDEyOC45NyA2Ni42NDk5IDEzNC43OVpNMTIwLjk3IDEzNi4zNkgxNDIuMzJMMTQxLjYzIDEzNS4xNUMxMzguMjUgMTI5LjIxIDEzNC44NyAxMjMuMjggMTMxLjUgMTE3LjM0TDEzMS4yNyAxMTYuOTNIMTA5LjMxTDEyMC45NyAxMzYuMzZaTTEwMy41IDEyMC45NUMxMDEuMjQgMTI0Ljg2IDk3LjYyOTkgMTMxLjIzIDk1LjQ1OTkgMTM1LjE1TDk0Ljc4OTkgMTM2LjM2SDk2LjE2OTlDMTAxLjcgMTM2LjM1IDEwNy4yMiAxMzYuMzUgMTEyLjczIDEzNi4zNUgxMTQuMTZMMTA0LjE5IDExOS43N0wxMDMuNSAxMjAuOTZWMTIwLjk1Wk02MC44Mjk5IDEzMy40Mkw2OC45Njk5IDExNi45OEg1MS43NTk5TDYwLjgyOTkgMTMzLjQyWk0yMi45OTk5IDExMS4wOUw0MS43MDk5IDExMS4wNEwzMi4zNDk5IDk0LjYyTDIyLjk4OTkgMTExLjFMMjIuOTk5OSAxMTEuMDlaTTEwOS45MiAxMTEuMDVIMTMxLjI4TDE0Mi4xNCA5MS42SDEyMS4wMkwxMDkuOTIgMTExLjA1Wk03NS40NTk5IDExMS4wNUg5OS4xMjk5TDg4LjA2OTkgOTEuNkg2NS44NTk5TDc1LjQ1OTkgMTExLjA1Wk01MS44NTk5IDExMS4wMkg2OC45Mzk5TDYxLjAxOTkgOTQuOTFMNTEuODU5OSAxMTEuMDJaTTk0Ljc3OTkgOTEuNjhMMTA0LjUgMTA4Ljc3TDExNC4zIDkxLjZMOTQuNzc5OSA5MS42OFpNNi45Mzk4OCA4OC43MkwxNy45ODk5IDEwOC4xTDI5LjA1OTkgODguNjhMMTcuOTg5OSA2OS4yOEw2LjkzOTg4IDg4LjcyWk00Ni43ODk5IDEwOC4wOUw1Ni4xNDk5IDkxLjY1SDM3LjQxOTlMNDYuNzc5OSAxMDguMDlINDYuNzg5OVpNMzQuMDg5OSA4NS43OUg1Ni4xNzk5TDQ1LjExOTkgNjYuMzRIMjMuMDM5OUwzNC4wODk5IDg1Ljc5Wk0xMjAuOTkgODUuNzZIMTQyLjM0TDEzMS4yOSA2Ni4zM0gxMDkuMzRMMTIwLjk5IDg1Ljc2Wk05NC44MDk5IDg1LjczSDExNC4xOEwxMDQuMjQgNjkuMTdMOTQuODA5OSA4NS43M1oiIGZpbGw9InVybCgjcGFpbnQwX2xpbmVhcl8xMjAyXzExNDU3KSIvPgo8cGF0aCBvcGFjaXR5PSIwLjUiIGQ9Ik0xMDkuNzcgMTc1LjA5SDEyNy41OEwxMzMuNDMgMTg1LjIySDEwNC4wNEwxMDkuNzcgMTc1LjA5WiIgZmlsbD0iIzYyQUVGRiIvPgo8cGF0aCBvcGFjaXR5PSIwLjUiIGQ9Ik00OS45NDk5IDE0MC4wNkwyOS43Mjk5IDE3NS4wOUg0MS4wNjk5TDQ2Ljc1OTkgMTg1LjIySDEyLjE1OTlMNDQuMjA5OSAxMjkuNzNMNDkuOTQ5OSAxNDAuMDZaIiBmaWxsPSIjNjJBRUZGIi8+CjxwYXRoIG9wYWNpdHk9IjAuNSIgZD0iTTE5NS45NiAxNzUuMDlIMjA4LjVMMTE5LjEyIDIwLjI3TDg1LjI5OTggNzguODRMNzMuNTk5OSA3OC44M0wxMTkuMTIgMEwyMjYuMDYgMTg1LjIySDE5MC4zNEwxOTUuOTYgMTc1LjA5WiIgZmlsbD0iIzYyQUVGRiIvPgo8ZGVmcz4KPGxpbmVhckdyYWRpZW50IGlkPSJwYWludDBfbGluZWFyXzEyMDJfMTE0NTciIHgxPSIxNjMuNjIiIHkxPSI2MC40IiB4Mj0iMjAuOTE5OSIgeTI9IjIwMy4xMSIgZ3JhZGllbnRVbml0cz0idXNlclNwYWNlT25Vc2UiPgo8c3RvcCBvZmZzZXQ9IjAuMDMiIHN0b3AtY29sb3I9IiM0MzlFRkYiLz4KPHN0b3Agb2Zmc2V0PSIwLjE2IiBzdG9wLWNvbG9yPSIjM0I5NEY0Ii8+CjxzdG9wIG9mZnNldD0iMC4zOSIgc3RvcC1jb2xvcj0iIzI2N0NENyIvPgo8c3RvcCBvZmZzZXQ9IjAuNjIiIHN0b3AtY29sb3I9IiMwRTVGQjUiLz4KPC9saW5lYXJHcmFkaWVudD4KPC9kZWZzPgo8L3N2Zz4= + mediatype: image/svg+xml + + customresourcedefinitions: + owned: + - description: Instance of a Percona XtraDB Cluster + displayName: PerconaXtraDBCluster + kind: PerconaXtraDBCluster + name: perconaxtradbclusters.pxc.percona.com + version: v1 + specDescriptors: [ ] + statusDescriptors: [ ] + resources: + - version: v1 + kind: Deployment + name: '' + - version: v1 + kind: Service + name: '' + - version: v1 + kind: ReplicaSet + name: '' + - version: v1 + kind: Pod + name: '' + - version: v1 + kind: Secret + name: '' + - version: v1 + kind: ConfigMap + name: '' + - description: Instance of a Percona XtraDB Cluster Backup + displayName: PerconaXtraDBClusterBackup + kind: PerconaXtraDBClusterBackup + name: perconaxtradbclusterbackups.pxc.percona.com + version: v1 + specDescriptors: [ ] + statusDescriptors: [ ] + resources: + - version: v1 + kind: Deployment + name: '' + - version: v1 + kind: Service + name: '' + - version: v1 + kind: ReplicaSet + name: '' + - version: v1 + kind: Pod + name: '' + - version: v1 + kind: Secret + name: '' + - version: v1 + kind: ConfigMap + name: '' + - description: Instance of a Percona XtraDB Cluster Restore + displayName: PerconaXtraDBClusterRestore + kind: PerconaXtraDBClusterRestore + name: perconaxtradbclusterrestores.pxc.percona.com + version: v1 + specDescriptors: [ ] + statusDescriptors: [ ] + resources: + - version: v1 + kind: Deployment + name: '' + - version: v1 + kind: Service + name: '' + - version: v1 + kind: ReplicaSet + name: '' + - version: v1 + kind: Pod + name: '' + - version: v1 + kind: Secret + name: '' + - version: v1 + kind: ConfigMap + name: '' + required: [ ] + # https://olm.operatorframework.io/docs/best-practices/common/ + # Note: The minKubeVersion must correspond to the lowest supported OCP version + minKubeVersion: 1.27.0 + maturity: stable + # https://github.com/operator-framework/operator-lifecycle-manager/blob/v0.18.2/doc/design/how-to-update-operators.md#replaces--channels + replaces: '' # generate.sh + + # https://olm.operatorframework.io/docs/advanced-tasks/operator-scoping-with-operatorgroups/ + installModes: + - { type: OwnNamespace, supported: true } + - { type: SingleNamespace, supported: true } + - { type: MultiNamespace, supported: true } + - { type: AllNamespaces, supported: true } + + install: + strategy: deployment + spec: + permissions: # kustomize config/operator + deployments: # kustomize config/operator \ No newline at end of file diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh new file mode 100755 index 0000000000..520e4f5e41 --- /dev/null +++ b/installers/olm/generate.sh @@ -0,0 +1,133 @@ +#!/usr/bin/env bash +# shellcheck disable=SC2016 +# vim: set noexpandtab : +set -eu + +DISTRIBUTION="$1" + +cd "${BASH_SOURCE[0]%/*}" + +bundle_directory="bundles/${DISTRIBUTION}" +project_directory="projects/${DISTRIBUTION}" +go_api_directory=$(cd ../../pkg/apis && pwd) + +# The 'operators.operatorframework.io.bundle.package.v1' package name for each +# bundle (updated for the 'certified' and 'marketplace' bundles). +package_name='percona-xtradb-cluster-operator' + +# The project name used by operator-sdk for initial bundle generation. +project_name='percona-xtradb-cluster-operator' + +# The prefix for the 'clusterserviceversion.yaml' file. +# Per OLM guidance, the filename for the clusterserviceversion.yaml must be prefixed +# with the Operator's package name for the 'redhat' and 'marketplace' bundles. +# https://github.com/redhat-openshift-ecosystem/certification-releases/blob/main/4.9/ga/troubleshooting.md#get-supported-versions +file_name='percona-xtradb-cluster-operator' + +operator_yamls=$(kubectl kustomize "../../config/${DISTRIBUTION}") +echo "$operator_yamls" > operator_yamls.yaml +yq eval '. | select(.kind == "CustomResourceDefinition")' operator_yamls.yaml > operator_crds.yaml +yq eval '. | select(.kind == "Deployment")' operator_yamls.yaml > operator_deployments.yaml +yq eval '. | select(.kind == "ServiceAccount")' operator_yamls.yaml > operator_accounts.yaml +yq eval '. | select(.kind == "Role")' operator_yamls.yaml > operator_roles.yaml + +## Recreate the Operator SDK project. + +[ ! -d "${project_directory}" ] || rm -r "${project_directory}" +install -d "${project_directory}" +( + cd "${project_directory}" + operator-sdk init --fetch-deps='false' --project-name=${project_name} + + # Generate CRD descriptions from Go markers. + # https://sdk.operatorframework.io/docs/building-operators/golang/references/markers/ + yq eval '[. | {"group": .spec.group, "kind": .spec.names.kind, "version": .spec.versions[].name}]' ../../operator_crds.yaml > crd_gvks.yaml + + yq eval --inplace '.multigroup = true | .resources = load("crd_gvks.yaml" | fromyaml) | .' ./PROJECT + + ln -s "${go_api_directory}" . + operator-sdk generate kustomize manifests --interactive='false' --verbose +) + +# Recreate the OLM bundle. +[ ! -d "${bundle_directory}" ] || rm -r "${bundle_directory}" +install -d \ + "${bundle_directory}/manifests" \ + "${bundle_directory}/metadata" \ + +# `echo "${operator_yamls}" | operator-sdk generate bundle` includes the ServiceAccount which cannot +# be upgraded: https://github.com/operator-framework/operator-lifecycle-manager/issues/2193 + +# Render bundle annotations and strip comments. +# Per Red Hat we should not include the org.opencontainers annotations in the +# 'redhat' & 'marketplace' annotations.yaml file, so only add them for 'community'. +# - https://coreos.slack.com/team/UP1LZCC1Y + +if [ ${DISTRIBUTION} == 'community' ]; then +export openshift_supported_versions="${OPENSHIFT_VERSIONS}" + +yq eval '.annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator" | + .annotations["org.opencontainers.image.authors"] = "info@percona.com" | + .annotations["org.opencontainers.image.url"] = "https://percona.com" | + .annotations["org.opencontainers.image.vendor"] = "Percona" | + .annotations["operators.operatorframework.io.bundle.channels.v1"] = $package_channel | + .annotations["operators.operatorframework.io.bundle.channel.default.v1"] = $package_channel | + .annotations["com.redhat.openshift.versions"] = env(openshift_supported_versions)' \ + bundle.annotations.yaml > "${bundle_directory}/metadata/annotations.yaml" +fi + +# Copy annotations into Dockerfile LABELs. +# TODO fix tab for labels. + +labels=$(yq eval -r '.annotations | to_entries | map(" " + .key + "=" + (.value | tojson)) | join("\n")' \ +"${bundle_directory}/metadata/annotations.yaml") + +ANNOTATIONS="${labels}" envsubst < bundle.Dockerfile > "${bundle_directory}/Dockerfile" + +# Include CRDs as manifests. +crd_names=$(yq eval -o=tsv '.metadata.name' operator_crds.yaml) + +for name in ${crd_names}; do + yq eval ". | select(.metadata.name == \"${name}\")" operator_crds.yaml > "${bundle_directory}/manifests/${name}.crd.yaml" +done + +abort() { echo >&2 "$@"; exit 1; } +dump() { yq --color-output; } + +# The first command render yaml correctly and the second extract data. + +yq eval -i '[.]' operator_deployments.yaml && yq eval 'length == 1' operator_deployments.yaml --exit-status > /dev/null || abort "too many deployments accounts!" $'\n'"$(yq eval . operator_deployments-t.yaml)" + +yq eval -i '[.]' operator_accounts.yaml && yq eval 'length == 1' operator_accounts.yaml --exit-status > /dev/null || abort "too many service accounts!" $'\n'"$(yq eval . operator_accounts.yaml)" + +yq eval -i '[.]' operator_roles.yaml && yq eval 'length == 1' operator_roles.yaml --exit-status > /dev/null || abort "too many roles!" $'\n'"$(yq eval . operator_roles.yaml)" + +# Render bundle CSV and strip comments. +csv_stem=$(yq -r '.projectName' "${project_directory}/PROJECT") + +cr_example=$(yq eval -o=json '[.]' ../../deploy/cr.yaml) + +export examples="${cr_example}" +export deployment=$(yq eval operator_deployments.yaml) +export account=$(yq eval '.[] | .metadata.name' operator_accounts.yaml) +export rules=$(yq eval '.[] | .rules' operator_roles.yaml) +export version="${VERSION}" +export minKubeVer="${MIN_KUBE_VERSION}" +export stem="${csv_stem}" +export timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S.%3Z") +export name="${csv_stem}.v${VERSION}" +export skip_range="<${VERSION}" +export containerImage=$(yq eval '.[0].spec.template.spec.containers[1].image' operator_deployments.yaml) + +yq eval ' + .metadata.annotations["alm-examples"] = strenv(examples) | + .metadata.annotations["containerImage"] = env(containerImage) | + .metadata.annotations["olm.skipRange"] = env(skip_range) | + .metadata.annotations["createdAt"] = env(timestamp) | + .metadata.name = env(name) | + .spec.version = env(version) | + .spec.install.spec.permissions = [{ "serviceAccountName": env(account), "rules": env(rules) }] | + .spec.install.spec.deployments = [( env(deployment) | .[] |{ "name": .metadata.name, "spec": .spec} )] | + .spec.minKubeVersion = env(minKubeVer)' bundle.csv.yaml > "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" + +if > /dev/null command -v tree; then tree -C "${bundle_directory}"; fi \ No newline at end of file From 94f5dd7315ce642531683c39b14054253a947ab1 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Sun, 13 Oct 2024 12:55:48 +0300 Subject: [PATCH 02/19] fix makefile --- Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 7cf834c620..1a2a22903f 100644 --- a/Makefile +++ b/Makefile @@ -2,8 +2,7 @@ NAME ?= percona-xtradb-cluster-operator IMAGE_TAG_OWNER ?= perconalab IMAGE_TAG_BASE ?= $(IMAGE_TAG_OWNER)/$(NAME) SED := $(shell which gsed || which sed) -VERSION ?= 1.15.0 -#$(shell git rev-parse --abbrev-ref HEAD | $(SED) -e 's^/^-^g; s^[.]^-^g;' | tr '[:upper:]' '[:lower:]') +VERSION ?= $(shell git rev-parse --abbrev-ref HEAD | $(SED) -e 's^/^-^g; s^[.]^-^g;' | tr '[:upper:]' '[:lower:]') IMAGE ?= $(IMAGE_TAG_BASE):$(VERSION) DEPLOYDIR = ./deploy From af404f39d0fc21e8f4e49270379145c1eea62c12 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Sun, 13 Oct 2024 23:41:52 +0300 Subject: [PATCH 03/19] update makefile and fix some mistakes --- config/manager/default/kustomization.yaml | 6 +- config/manager/manager.yaml | 68 +++++------ installers/olm/Makefile | 134 ++++++++++++++++++++++ installers/olm/generate.sh | 4 +- 4 files changed, 169 insertions(+), 43 deletions(-) create mode 100644 installers/olm/Makefile diff --git a/config/manager/default/kustomization.yaml b/config/manager/default/kustomization.yaml index 03c3adfd18..0ac1abe5b8 100644 --- a/config/manager/default/kustomization.yaml +++ b/config/manager/default/kustomization.yaml @@ -8,6 +8,6 @@ commonLabels: app.kubernetes.io/name: percona-xtradb-cluster-operator app.kubernetes.io/part-of: percona-xtradb-cluster-operator images: -- name: percona-xtradb-cluster-operator - newName: tishina/percona-server-mongodb-operator - newTag: main +- name: pxc-operator + newName: perconalab/percona-xtradb-cluster-operator + newTag: 1.15.0 diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 0a889a7f60..378e0e6423 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -2,47 +2,39 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: pgo + name: pxc spec: replicas: 1 strategy: { type: Recreate } template: spec: containers: - - name: operator - image: percona-xtradb-cluster-operator - env: - - name: PGO_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CRUNCHY_DEBUG - value: "true" - - name: RELATED_IMAGE_POSTGRES_15 - value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-15.7-1" - - name: RELATED_IMAGE_POSTGRES_15_GIS_3.3 - value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-15.7-3.3-1" - - name: RELATED_IMAGE_POSTGRES_16 - value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-16.3-1" - - name: RELATED_IMAGE_POSTGRES_16_GIS_3.3 - value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-16.3-3.3-1" - - name: RELATED_IMAGE_POSTGRES_16_GIS_3.4 - value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-16.3-3.4-1" - - name: RELATED_IMAGE_PGADMIN - value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgadmin4:ubi8-4.30-26" - - name: RELATED_IMAGE_PGBACKREST - value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.51-1" - - name: RELATED_IMAGE_PGBOUNCER - value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.22-1" - - name: RELATED_IMAGE_PGEXPORTER - value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:latest" - - name: RELATED_IMAGE_PGUPGRADE - value: "registry.developers.crunchydata.com/crunchydata/crunchy-upgrade:latest" - - name: RELATED_IMAGE_STANDALONE_PGADMIN - value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgadmin4:ubi8-8.6-1" - securityContext: - allowPrivilegeEscalation: false - capabilities: { drop: [ALL] } - readOnlyRootFilesystem: true - runAsNonRoot: true - serviceAccountName: pgo + - name: operator + image: pxc-operator + env: + - name: PXC_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: RELATED_IMAGE_PXC5.7 + value: percona/percona-xtradb-cluster:5.7.44-31.65 + - name: RELATED_IMAGE_PXC5.7-BACKUP + value: percona/percona-xtradb-cluster-operator:1.15.0-pxc5.7-backup-pxb2.4.29 + - name: RELATED_IMAGE_PXC8.0 + value: percona/percona-xtradb-cluster:8.0.36-28.1 + - name: RELATED_IMAGE_PXC8.0-BACKUP + value: percona/percona-xtradb-cluster-operator:1.15.0-pxc8.0-backup-pxb8.0.35 + - name: RELATED_IMAGE_HAPROXY + value: percona/haproxy:2.8.5 + - name: RELATED_IMAGE_PROXYSQL + value: percona/proxysql2:2.5.5 + - name: RELATED_IMAGE_LOGCOLLECTOR + value: percona/percona-xtradb-cluster-operator:1.15.0-logcollector-fluentbit3.1.4 + - name: RELATED_IMAGE_PMMCLIENT + value: percona/pmm-client:2.42.0 + securityContext: + allowPrivilegeEscalation: false + capabilities: { drop: [ALL] } + readOnlyRootFilesystem: true + runAsNonRoot: true + serviceAccountName: pxc diff --git a/installers/olm/Makefile b/installers/olm/Makefile new file mode 100644 index 0000000000..5a11c084ae --- /dev/null +++ b/installers/olm/Makefile @@ -0,0 +1,134 @@ +NAME ?= percona-xtradb-cluster-operator +IMAGE_TAG_OWNER ?= perconalab +IMAGE_TAG_BASE ?= $(IMAGE_TAG_OWNER)/$(NAME) +SED := $(shell which gsed || which sed) +VERSION ?= $(shell git rev-parse --abbrev-ref HEAD | $(SED) -e 's^/^-^g; s^[.]^-^g;' | tr '[:upper:]' '[:lower:]') +IMAGE ?= $(IMAGE_TAG_BASE):$(VERSION) +DEPLOYDIR = ./deploy + +BUNDLEDIR = $(DEPLOYDIR)/csv/redhat +BUNDLE_CHANNELS := --channels=stable +BUNDLE_DEFAULT_CHANNEL := --default-channel=stable +BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) + +# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. +ENVTEST_K8S_VERSION = 1.23 +.DEFAULT_GOAL := help +.SUFFIXES: + +CONTAINER ?= docker +OPENSHIFT_VERSIONS ?= v4.12-v4.15 +PACKAGE_CHANNEL ?= stable +MIN_KUBE_VERSION ?= 1.24.0 +DOCKER_DEFAULT_PLATFORM ?= linux/amd64 +SHELL := /bin/bash +REPO_ROOT = $(shell git rev-parse --show-toplevel) +distros = community + +export VERSION +export BUNDLE_REPO +export OPENSHIFT_VERSIONS +export PACKAGE_CHANNEL +export MIN_KUBE_VERSION +export DOCKER_DEFAULT_PLATFORM + +REPO_ROOT = $(shell git rev-parse --show-toplevel) + +distros = community + +check-version: +ifndef VERSION + $(error VERSION is not set) +endif + +KUSTOMIZE = $(REPO_ROOT)/bin/kustomize +kustomize: ## Download kustomize locally if necessary. + $(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v4@v4.5.3) + +.PHONY: bundles +bundles: ## Build OLM bundles +bundles: check-version $(distros:%=bundles/%) + +# https://olm.operatorframework.io/docs/tasks/creating-operator-bundle/#validating-your-bundle +# https://github.com/operator-framework/community-operators/blob/8a36a33/docs/packaging-required-criteria-ocp.md +.PHONY: bundles/community +bundles/community: + cd ../../config/manager/default/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) + ./generate.sh community + env operator-sdk bundle validate $@ --select-optional='suite=operatorframework' + env operator-sdk bundle validate $@ --select-optional='name=community' --optional-values='index-path=$@/Dockerfile' + +.PHONY: clean +clean: clean-deprecated +clean: ## Remove generated files and downloaded tools + rm -rf ./bundles ./projects ./tools ./config/marketplace + +.PHONY: clean-deprecated +clean-deprecated: + rm -rf ./package + +.PHONY: help +help: ALIGN=18 +help: ## Print this message + @awk -F ': ## ' -- "/^[^':]+: ## /"' { printf "'$$(tput bold)'%-$(ALIGN)s'$$(tput sgr0)' %s\n", $$1, $$2 }' $(MAKEFILE_LIST) + +.PHONY: install-olm +install-olm: ## Install OLM in Kubernetes + env operator-sdk olm install + +.PHONY: tools +tools: ## Download tools needed to build bundles + +tools: tools/$(SYSTEM)/jq +tools/$(SYSTEM)/jq: + install -d '$(dir $@)' + curl -fSL -o '$@' "https://github.com/stedolan/jq/releases/download/jq-1.7.1/jq-$$(SYSTEM='$(SYSTEM)'; \ + case "$$SYSTEM" in \ + (linux-*) echo "$${SYSTEM/-amd/}";; (darwin-*) echo "$${SYSTEM/darwin-*/osx-amd64}";; (*) echo '$(SYSTEM)';; \ + esac)" + chmod u+x '$@' + +tools: tools/$(SYSTEM)/kubectl +tools/$(SYSTEM)/kubectl: + install -d '$(dir $@)' + curl -fSL -o '$@' 'https://dl.k8s.io/release/$(shell curl -Ls https://dl.k8s.io/release/stable-1.21.txt)/bin/$(OS_KERNEL)/$(OS_MACHINE)/kubectl' + chmod u+x '$@' + +# quay.io/operator-framework/operator-sdk +tools: tools/$(SYSTEM)/operator-sdk +tools/$(SYSTEM)/operator-sdk: + install -d '$(dir $@)' + curl -fSL -o '$@' 'https://github.com/operator-framework/operator-sdk/releases/download/v1.19.1/operator-sdk_$(OS_KERNEL)_$(OS_MACHINE)' + chmod u+x '$@' + +tools: tools/$(SYSTEM)/opm +tools/$(SYSTEM)/opm: + install -d '$(dir $@)' + curl -fSL -o '$@' 'https://github.com/operator-framework/operator-registry/releases/download/v1.33.0/$(OS_KERNEL)-$(OS_MACHINE)-opm' + chmod u+x '$@' + +tools/$(SYSTEM)/venv: + install -d '$(dir $@)' + python3 -m venv '$@' + +tools: tools/$(SYSTEM)/yq +tools/$(SYSTEM)/yq: | tools/$(SYSTEM)/venv + 'tools/$(SYSTEM)/venv/bin/python' -m pip install yq + cd '$(dir $@)' && ln -s venv/bin/yq + +.PHONY: validate-bundles +validate-bundles: ## Build temporary bundle images and run scorecard tests in Kubernetes +validate-bundles: $(distros:%=validate-%-image) +validate-bundles: $(distros:%=validate-%-directory) + +validate-%-directory: + ./validate-directory.sh 'bundles/$*' + +validate-%-image: + ./validate-image.sh '$(CONTAINER)' 'bundles/$*' + +.PHONY: build-bundle-images +build-bundle-images: check-version $(distros:%=build-%-image) + +build-%-image: + ./build-image.sh '$(CONTAINER)' 'bundles/$*' '$*' '$(VERSION)' diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index 520e4f5e41..f4e6ab0f07 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -24,8 +24,8 @@ project_name='percona-xtradb-cluster-operator' # https://github.com/redhat-openshift-ecosystem/certification-releases/blob/main/4.9/ga/troubleshooting.md#get-supported-versions file_name='percona-xtradb-cluster-operator' -operator_yamls=$(kubectl kustomize "../../config/${DISTRIBUTION}") -echo "$operator_yamls" > operator_yamls.yaml +kubectl kustomize "../../config/${DISTRIBUTION}" > operator_yamls.yaml + yq eval '. | select(.kind == "CustomResourceDefinition")' operator_yamls.yaml > operator_crds.yaml yq eval '. | select(.kind == "Deployment")' operator_yamls.yaml > operator_deployments.yaml yq eval '. | select(.kind == "ServiceAccount")' operator_yamls.yaml > operator_accounts.yaml From 781045698b71b5834e3587f4278b4fa822f6a21f Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Mon, 14 Oct 2024 17:54:38 +0300 Subject: [PATCH 04/19] delete unnesseary in the makefile --- Makefile | 39 --------------------------------------- 1 file changed, 39 deletions(-) diff --git a/Makefile b/Makefile index 1a2a22903f..35daef2d28 100644 --- a/Makefile +++ b/Makefile @@ -13,45 +13,6 @@ BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.23 -.DEFAULT_GOAL := help -.SUFFIXES: - -CONTAINER ?= docker -OPENSHIFT_VERSIONS ?= v4.12-v4.15 -PACKAGE_CHANNEL ?= stable -MIN_KUBE_VERSION ?= 1.24.0 -DOCKER_DEFAULT_PLATFORM ?= linux/amd64 -SHELL := /bin/bash -REPO_ROOT = $(shell git rev-parse --show-toplevel) -distros = community - -export VERSION -export BUNDLE_REPO -export OPENSHIFT_VERSIONS -export PACKAGE_CHANNEL -export MIN_KUBE_VERSION -export DOCKER_DEFAULT_PLATFORM - -check-version: -ifndef VERSION - $(error VERSION is not set) -endif - -KUSTOMIZE = $(REPO_ROOT)/bin/kustomize -kustomize: ## Download kustomize locally if necessary. - $(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v4@v4.5.3) - -.PHONY: bundles -bundles: ## Build OLM bundles -bundles: check-version $(distros:%=bundles/%) - -# https://olm.operatorframework.io/docs/tasks/creating-operator-bundle/#validating-your-bundle -# https://github.com/operator-framework/community-operators/blob/8a36a33/docs/packaging-required-criteria-ocp.md -.PHONY: bundles/community -bundles/community: - cd config/manager/default/ && $(KUSTOMIZE) edit set image percona-xtradb-cluster-operator=$(IMAGE) - ./installers/olm/generate.sh community - all: build From 5669d2d1a790e5412fba1913a6f85aa0bc0ae182 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Mon, 14 Oct 2024 17:56:29 +0300 Subject: [PATCH 05/19] delete unnesseary in the makefile --- Makefile | 5 ----- 1 file changed, 5 deletions(-) diff --git a/Makefile b/Makefile index 35daef2d28..e5a10c6eb4 100644 --- a/Makefile +++ b/Makefile @@ -6,11 +6,6 @@ VERSION ?= $(shell git rev-parse --abbrev-ref HEAD | $(SED) -e 's^/^-^g; s^[.]^- IMAGE ?= $(IMAGE_TAG_BASE):$(VERSION) DEPLOYDIR = ./deploy -BUNDLEDIR = $(DEPLOYDIR)/csv/redhat -BUNDLE_CHANNELS := --channels=stable -BUNDLE_DEFAULT_CHANNEL := --default-channel=stable -BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) - # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.23 From 3cd495fa9900f2bf2ae3b39c2b7d47a1fb487668 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Wed, 16 Oct 2024 11:42:38 +0300 Subject: [PATCH 06/19] update cluster version Jenkinsfile --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 31498a6318..0ad3383f28 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -14,7 +14,7 @@ void createCluster(String CLUSTER_SUFFIX) { gcloud config set project $GCP_PROJECT gcloud container clusters list --filter $CLUSTER_NAME-${CLUSTER_SUFFIX} --zone $region --format='csv[no-heading](name)' | xargs gcloud container clusters delete --zone $region --quiet || true - gcloud container clusters create --zone $region $CLUSTER_NAME-${CLUSTER_SUFFIX} --cluster-version=1.27 --machine-type=n1-standard-4 --preemptible --disk-size 30 --num-nodes=\$NODES_NUM --network=jenkins-vpc --subnetwork=jenkins-${CLUSTER_SUFFIX} --no-enable-autoupgrade --cluster-ipv4-cidr=/21 --labels delete-cluster-after-hours=6 && \ + gcloud container clusters create --zone $region $CLUSTER_NAME-${CLUSTER_SUFFIX} --cluster-version=1.28 --machine-type=n1-standard-4 --preemptible --disk-size 30 --num-nodes=\$NODES_NUM --network=jenkins-vpc --subnetwork=jenkins-${CLUSTER_SUFFIX} --no-enable-autoupgrade --cluster-ipv4-cidr=/21 --labels delete-cluster-after-hours=6 && \ kubectl create clusterrolebinding cluster-admin-binding --clusterrole cluster-admin --user jenkins@"$GCP_PROJECT".iam.gserviceaccount.com || ret_val=\$? if [ \${ret_val} -eq 0 ]; then break; fi ret_num=\$((ret_num + 1)) From 971438e9e9e3be99e2da5720c88c45774f62d7ed Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Wed, 16 Oct 2024 18:07:48 +0300 Subject: [PATCH 07/19] add redhat and marketplace --- Makefile | 1 - config/manager/default/kustomization.yaml | 2 +- config/marketplace/kustomization.yaml | 7 +++ config/redhat/kustomization.yaml | 7 +++ installers/olm/Makefile | 19 +++++++- installers/olm/bundle.csv.yaml | 11 ++++- installers/olm/bundle.relatedImages.yaml | 21 ++++++++ installers/olm/generate.sh | 58 +++++++++++++++++++---- 8 files changed, 113 insertions(+), 13 deletions(-) create mode 100644 config/marketplace/kustomization.yaml create mode 100644 config/redhat/kustomization.yaml create mode 100644 installers/olm/bundle.relatedImages.yaml diff --git a/Makefile b/Makefile index e5a10c6eb4..7426854ca1 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,6 @@ SED := $(shell which gsed || which sed) VERSION ?= $(shell git rev-parse --abbrev-ref HEAD | $(SED) -e 's^/^-^g; s^[.]^-^g;' | tr '[:upper:]' '[:lower:]') IMAGE ?= $(IMAGE_TAG_BASE):$(VERSION) DEPLOYDIR = ./deploy - # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.23 diff --git a/config/manager/default/kustomization.yaml b/config/manager/default/kustomization.yaml index 0ac1abe5b8..8fed022f20 100644 --- a/config/manager/default/kustomization.yaml +++ b/config/manager/default/kustomization.yaml @@ -9,5 +9,5 @@ commonLabels: app.kubernetes.io/part-of: percona-xtradb-cluster-operator images: - name: pxc-operator - newName: perconalab/percona-xtradb-cluster-operator + newName: percona/percona-xtradb-cluster-operator newTag: 1.15.0 diff --git a/config/marketplace/kustomization.yaml b/config/marketplace/kustomization.yaml new file mode 100644 index 0000000000..59ec46f4f3 --- /dev/null +++ b/config/marketplace/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- ../operator +- ../examples + diff --git a/config/redhat/kustomization.yaml b/config/redhat/kustomization.yaml new file mode 100644 index 0000000000..59ec46f4f3 --- /dev/null +++ b/config/redhat/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- ../operator +- ../examples + diff --git a/installers/olm/Makefile b/installers/olm/Makefile index 5a11c084ae..d7fcb58cfc 100644 --- a/installers/olm/Makefile +++ b/installers/olm/Makefile @@ -23,7 +23,8 @@ MIN_KUBE_VERSION ?= 1.24.0 DOCKER_DEFAULT_PLATFORM ?= linux/amd64 SHELL := /bin/bash REPO_ROOT = $(shell git rev-parse --show-toplevel) -distros = community + +distros = community redhat marketplace export VERSION export BUNDLE_REPO @@ -34,7 +35,7 @@ export DOCKER_DEFAULT_PLATFORM REPO_ROOT = $(shell git rev-parse --show-toplevel) -distros = community +distros = community redhat marketplace check-version: ifndef VERSION @@ -55,9 +56,23 @@ bundles: check-version $(distros:%=bundles/%) bundles/community: cd ../../config/manager/default/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) ./generate.sh community + env operator-sdk bundle validate $@ --select-optional='suite=operatorframework' env operator-sdk bundle validate $@ --select-optional='name=community' --optional-values='index-path=$@/Dockerfile' +.PHONY: bundles/redhat +bundles/redhat: + cd ../../config/manager/default/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) + ./generate.sh redhat + env operator-sdk bundle validate $@ --select-optional='suite=operatorframework' + +# The 'marketplace' configuration is currently identical to the 'redhat', so we just copy it here. +.PHONY: bundles/marketplace +bundles/marketplace: + cd ../../config/manager/default/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) + ./generate.sh marketplace + env operator-sdk bundle validate $@ --select-optional='suite=operatorframework' + .PHONY: clean clean: clean-deprecated clean: ## Remove generated files and downloaded tools diff --git a/installers/olm/bundle.csv.yaml b/installers/olm/bundle.csv.yaml index e3625eb1d6..1aa797ed20 100644 --- a/installers/olm/bundle.csv.yaml +++ b/installers/olm/bundle.csv.yaml @@ -8,6 +8,16 @@ kind: ClusterServiceVersion metadata: name: '' # generate.sh annotations: + features.operators.openshift.io/disconnected: "true" + features.operators.openshift.io/fips-compliant: "false" + features.operators.openshift.io/proxy-aware: "false" + features.operators.openshift.io/tls-profiles: "false" + features.operators.openshift.io/token-auth-aws: "false" + features.operators.openshift.io/token-auth-azure: "false" + features.operators.openshift.io/token-auth-gcp: "false" + features.operators.openshift.io/cnf: "false" + features.operators.openshift.io/cni: "false" + features.operators.openshift.io/csi: "false" support: percona.com olm.properties: '[]' @@ -24,7 +34,6 @@ metadata: # https://operatorhub.io/operator/postgresql createdAt: 2024-10-07 19:40Z repository: https://github.com/percona/percona-xtradb-cluster-operator - containerImage: # kustomize config/operator alm-examples: >- # kustomize config/examples spec: diff --git a/installers/olm/bundle.relatedImages.yaml b/installers/olm/bundle.relatedImages.yaml new file mode 100644 index 0000000000..c463e3191a --- /dev/null +++ b/installers/olm/bundle.relatedImages.yaml @@ -0,0 +1,21 @@ +- name: pxc5.7 + image: registry.connect.redhat.com/percona/percona-xtradb-cluster-operator-containers@sha256: +- name: pxc5.7-backup + image: registry.connect.redhat.com/percona/percona-xtradb-cluster-operator-containers@sha256: +- name: pxc8.0 + image: registry.connect.redhat.com/percona/percona-xtradb-cluster-operator-containers@sha256: +- name: pxc8.0-backup + image: registry.connect.redhat.com/percona/percona-xtradb-cluster-operator-containers@sha256: +- name: operator + image: registry.connect.redhat.com/percona/percona-xtradb-cluster-operator@sha256: +- name: haproxy + image: registry.connect.redhat.com/percona/percona-xtradb-cluster-operator-containers@sha256: +- name: proxysql + image: registry.connect.redhat.com/percona/percona-xtradb-cluster-operator-containers@sha256: +- name: logcollector + image: registry.connect.redhat.com/percona/percona-xtradb-cluster-operator-containers@sha256: +- name: pmmclient + image: registry.connect.redhat.com/percona/percona-xtradb-cluster-operator-containers@sha256: + + + diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index f4e6ab0f07..be8ba6ba86 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -1,6 +1,4 @@ #!/usr/bin/env bash -# shellcheck disable=SC2016 -# vim: set noexpandtab : set -eu DISTRIBUTION="$1" @@ -63,17 +61,34 @@ install -d \ # 'redhat' & 'marketplace' annotations.yaml file, so only add them for 'community'. # - https://coreos.slack.com/team/UP1LZCC1Y -if [ ${DISTRIBUTION} == 'community' ]; then +export package="${package_name}" +export package_channel="${PACKAGE_CHANNEL}" export openshift_supported_versions="${OPENSHIFT_VERSIONS}" +yq eval '.annotations["operators.operatorframework.io.bundle.channels.v1"] = $package_channel | + .annotations["operators.operatorframework.io.bundle.channel.default.v1"] = $package_channel | + .annotations["com.redhat.openshift.versions"] = env(openshift_supported_versions)' \ + bundle.annotations.yaml > "${bundle_directory}/metadata/annotations.yaml" + +if [ ${DISTRIBUTION} == 'community' ]; then +# community-operators yq eval '.annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator" | .annotations["org.opencontainers.image.authors"] = "info@percona.com" | .annotations["org.opencontainers.image.url"] = "https://percona.com" | - .annotations["org.opencontainers.image.vendor"] = "Percona" | - .annotations["operators.operatorframework.io.bundle.channels.v1"] = $package_channel | - .annotations["operators.operatorframework.io.bundle.channel.default.v1"] = $package_channel | - .annotations["com.redhat.openshift.versions"] = env(openshift_supported_versions)' \ + .annotations["org.opencontainers.image.vendor"] = "Percona"' \ bundle.annotations.yaml > "${bundle_directory}/metadata/annotations.yaml" + +# certified-operators +elif [ ${DISTRIBUTION} == 'redhat' ];then +yq eval --inplace ' + .annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator-certified" ' \ + "${bundle_directory}/metadata/annotations.yaml" + +# redhat-marketplace +elif [ ${DISTRIBUTION} == 'marketplace' ];then +yq eval --inplace ' + .annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator-certified-rhmp" ' \ + "${bundle_directory}/metadata/annotations.yaml" fi # Copy annotations into Dockerfile LABELs. @@ -96,7 +111,7 @@ dump() { yq --color-output; } # The first command render yaml correctly and the second extract data. -yq eval -i '[.]' operator_deployments.yaml && yq eval 'length == 1' operator_deployments.yaml --exit-status > /dev/null || abort "too many deployments accounts!" $'\n'"$(yq eval . operator_deployments-t.yaml)" +yq eval -i '[.]' operator_deployments.yaml && yq eval 'length == 1' operator_deployments.yaml --exit-status > /dev/null || abort "too many deployments accounts!" $'\n'"$(yq eval . operator_deployments.yaml)" yq eval -i '[.]' operator_accounts.yaml && yq eval 'length == 1' operator_accounts.yaml --exit-status > /dev/null || abort "too many service accounts!" $'\n'"$(yq eval . operator_accounts.yaml)" @@ -116,8 +131,12 @@ export minKubeVer="${MIN_KUBE_VERSION}" export stem="${csv_stem}" export timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S.%3Z") export name="${csv_stem}.v${VERSION}" +export name_certified="${csv_stem}-certified.v${VERSION}" +export name_certified_rhmp="${csv_stem}-certified-rhmp.v${VERSION}" export skip_range="<${VERSION}" export containerImage=$(yq eval '.[0].spec.template.spec.containers[1].image' operator_deployments.yaml) +export relatedImages=$(yq eval bundle.relatedImages.yaml) +relIm==$(yq eval bundle.relatedImages.yaml) yq eval ' .metadata.annotations["alm-examples"] = strenv(examples) | @@ -130,4 +149,27 @@ yq eval ' .spec.install.spec.deployments = [( env(deployment) | .[] |{ "name": .metadata.name, "spec": .spec} )] | .spec.minKubeVersion = env(minKubeVer)' bundle.csv.yaml > "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" +if [[ "${DISTRIBUTION}" == "redhat" ]];then +echo "REDHAT" + yq eval --inplace ' + .spec.relatedImages = env(relatedImages) | + .metadata.annotations.certified = "true" | + .metadata.annotations["containerImage"] = "registry.connect.redhat.com/percona/percona-xtradb-cluster-operator@sha256:" | + .metadata.name = strenv(name_certified)'\ + "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" + +elif [[ "${DISTRIBUTION}" == "marketplace" ]];then + # Annotations needed when targeting Red Hat Marketplace +export package_url="https://marketplace.redhat.com/en-us/operators/${file_name}" + yq --inplace ' + .metadata.name = env(name_certified_rhmp) | + .metadata.annotations["containerImage"] = "registry.connect.redhat.com/percona/percona-xtradb-cluster-operator@sha256:" | + .metadata.annotations["marketplace.openshift.io/remote-workflow"] = + "\($package_url)/pricing?utm_source=openshift_console" | + .metadata.annotations["marketplace.openshift.io/support-workflow"] = + "\($package_url)/support?utm_source=openshift_console" | + .spec.relatedImages = env(relatedImages)' \ + "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" +fi + if > /dev/null command -v tree; then tree -C "${bundle_directory}"; fi \ No newline at end of file From 752a1a670f28b9240da26375da3bc040c50954e2 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Wed, 16 Oct 2024 18:16:09 +0300 Subject: [PATCH 08/19] fix annotations --- installers/olm/generate.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index be8ba6ba86..9a8e0533d5 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -165,9 +165,9 @@ export package_url="https://marketplace.redhat.com/en-us/operators/${file_name}" .metadata.name = env(name_certified_rhmp) | .metadata.annotations["containerImage"] = "registry.connect.redhat.com/percona/percona-xtradb-cluster-operator@sha256:" | .metadata.annotations["marketplace.openshift.io/remote-workflow"] = - "\($package_url)/pricing?utm_source=openshift_console" | + "https://marketplace.redhat.com/en-us/operators/percona-xtradb-cluster-operator-certified-rhmp/pricing?utm_source=openshift_console" | .metadata.annotations["marketplace.openshift.io/support-workflow"] = - "\($package_url)/support?utm_source=openshift_console" | + "https://marketplace.redhat.com/en-us/operators/percona-xtradb-cluster-operator-certified-rhmp/support?utm_source=openshift_console" | .spec.relatedImages = env(relatedImages)' \ "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" fi From 67d040ba74e5b30dce49304e5032226ea90d1a2d Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Wed, 16 Oct 2024 18:32:01 +0300 Subject: [PATCH 09/19] Apply suggestions from code review Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- installers/olm/generate.sh | 77 ++++++++++++++++++++------------------ 1 file changed, 40 insertions(+), 37 deletions(-) diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index 9a8e0533d5..16a2c8d3d7 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -22,12 +22,12 @@ project_name='percona-xtradb-cluster-operator' # https://github.com/redhat-openshift-ecosystem/certification-releases/blob/main/4.9/ga/troubleshooting.md#get-supported-versions file_name='percona-xtradb-cluster-operator' -kubectl kustomize "../../config/${DISTRIBUTION}" > operator_yamls.yaml +kubectl kustomize "../../config/${DISTRIBUTION}" >operator_yamls.yaml -yq eval '. | select(.kind == "CustomResourceDefinition")' operator_yamls.yaml > operator_crds.yaml -yq eval '. | select(.kind == "Deployment")' operator_yamls.yaml > operator_deployments.yaml -yq eval '. | select(.kind == "ServiceAccount")' operator_yamls.yaml > operator_accounts.yaml -yq eval '. | select(.kind == "Role")' operator_yamls.yaml > operator_roles.yaml +yq eval '. | select(.kind == "CustomResourceDefinition")' operator_yamls.yaml >operator_crds.yaml +yq eval '. | select(.kind == "Deployment")' operator_yamls.yaml >operator_deployments.yaml +yq eval '. | select(.kind == "ServiceAccount")' operator_yamls.yaml >operator_accounts.yaml +yq eval '. | select(.kind == "Role")' operator_yamls.yaml >operator_roles.yaml ## Recreate the Operator SDK project. @@ -39,9 +39,9 @@ install -d "${project_directory}" # Generate CRD descriptions from Go markers. # https://sdk.operatorframework.io/docs/building-operators/golang/references/markers/ - yq eval '[. | {"group": .spec.group, "kind": .spec.names.kind, "version": .spec.versions[].name}]' ../../operator_crds.yaml > crd_gvks.yaml + yq eval '[. | {"group": .spec.group, "kind": .spec.names.kind, "version": .spec.versions[].name}]' ../../operator_crds.yaml >crd_gvks.yaml - yq eval --inplace '.multigroup = true | .resources = load("crd_gvks.yaml" | fromyaml) | .' ./PROJECT + yq eval --inplace '.multigroup = true | .resources = load("crd_gvks.yaml" | fromyaml) | .' ./PROJECT ln -s "${go_api_directory}" . operator-sdk generate kustomize manifests --interactive='false' --verbose @@ -51,7 +51,7 @@ install -d "${project_directory}" [ ! -d "${bundle_directory}" ] || rm -r "${bundle_directory}" install -d \ "${bundle_directory}/manifests" \ - "${bundle_directory}/metadata" \ + "${bundle_directory}/metadata" # `echo "${operator_yamls}" | operator-sdk generate bundle` includes the ServiceAccount which cannot # be upgraded: https://github.com/operator-framework/operator-lifecycle-manager/issues/2193 @@ -68,54 +68,57 @@ export openshift_supported_versions="${OPENSHIFT_VERSIONS}" yq eval '.annotations["operators.operatorframework.io.bundle.channels.v1"] = $package_channel | .annotations["operators.operatorframework.io.bundle.channel.default.v1"] = $package_channel | .annotations["com.redhat.openshift.versions"] = env(openshift_supported_versions)' \ - bundle.annotations.yaml > "${bundle_directory}/metadata/annotations.yaml" + bundle.annotations.yaml >"${bundle_directory}/metadata/annotations.yaml" if [ ${DISTRIBUTION} == 'community' ]; then -# community-operators -yq eval '.annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator" | + # community-operators + yq eval '.annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator" | .annotations["org.opencontainers.image.authors"] = "info@percona.com" | .annotations["org.opencontainers.image.url"] = "https://percona.com" | .annotations["org.opencontainers.image.vendor"] = "Percona"' \ - bundle.annotations.yaml > "${bundle_directory}/metadata/annotations.yaml" + bundle.annotations.yaml >"${bundle_directory}/metadata/annotations.yaml" # certified-operators -elif [ ${DISTRIBUTION} == 'redhat' ];then -yq eval --inplace ' +elif [ ${DISTRIBUTION} == 'redhat' ]; then + yq eval --inplace ' .annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator-certified" ' \ - "${bundle_directory}/metadata/annotations.yaml" + "${bundle_directory}/metadata/annotations.yaml" # redhat-marketplace -elif [ ${DISTRIBUTION} == 'marketplace' ];then -yq eval --inplace ' +elif [ ${DISTRIBUTION} == 'marketplace' ]; then + yq eval --inplace ' .annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator-certified-rhmp" ' \ - "${bundle_directory}/metadata/annotations.yaml" + "${bundle_directory}/metadata/annotations.yaml" fi # Copy annotations into Dockerfile LABELs. # TODO fix tab for labels. labels=$(yq eval -r '.annotations | to_entries | map(" " + .key + "=" + (.value | tojson)) | join("\n")' \ -"${bundle_directory}/metadata/annotations.yaml") + "${bundle_directory}/metadata/annotations.yaml") -ANNOTATIONS="${labels}" envsubst < bundle.Dockerfile > "${bundle_directory}/Dockerfile" +ANNOTATIONS="${labels}" envsubst "${bundle_directory}/Dockerfile" # Include CRDs as manifests. crd_names=$(yq eval -o=tsv '.metadata.name' operator_crds.yaml) for name in ${crd_names}; do - yq eval ". | select(.metadata.name == \"${name}\")" operator_crds.yaml > "${bundle_directory}/manifests/${name}.crd.yaml" + yq eval ". | select(.metadata.name == \"${name}\")" operator_crds.yaml >"${bundle_directory}/manifests/${name}.crd.yaml" done -abort() { echo >&2 "$@"; exit 1; } +abort() { + echo >&2 "$@" + exit 1 +} dump() { yq --color-output; } # The first command render yaml correctly and the second extract data. -yq eval -i '[.]' operator_deployments.yaml && yq eval 'length == 1' operator_deployments.yaml --exit-status > /dev/null || abort "too many deployments accounts!" $'\n'"$(yq eval . operator_deployments.yaml)" +yq eval -i '[.]' operator_deployments.yaml && yq eval 'length == 1' operator_deployments.yaml --exit-status >/dev/null || abort "too many deployments accounts!" $'\n'"$(yq eval . operator_deployments.yaml)" -yq eval -i '[.]' operator_accounts.yaml && yq eval 'length == 1' operator_accounts.yaml --exit-status > /dev/null || abort "too many service accounts!" $'\n'"$(yq eval . operator_accounts.yaml)" +yq eval -i '[.]' operator_accounts.yaml && yq eval 'length == 1' operator_accounts.yaml --exit-status >/dev/null || abort "too many service accounts!" $'\n'"$(yq eval . operator_accounts.yaml)" -yq eval -i '[.]' operator_roles.yaml && yq eval 'length == 1' operator_roles.yaml --exit-status > /dev/null || abort "too many roles!" $'\n'"$(yq eval . operator_roles.yaml)" +yq eval -i '[.]' operator_roles.yaml && yq eval 'length == 1' operator_roles.yaml --exit-status >/dev/null || abort "too many roles!" $'\n'"$(yq eval . operator_roles.yaml)" # Render bundle CSV and strip comments. csv_stem=$(yq -r '.projectName' "${project_directory}/PROJECT") @@ -147,21 +150,21 @@ yq eval ' .spec.version = env(version) | .spec.install.spec.permissions = [{ "serviceAccountName": env(account), "rules": env(rules) }] | .spec.install.spec.deployments = [( env(deployment) | .[] |{ "name": .metadata.name, "spec": .spec} )] | - .spec.minKubeVersion = env(minKubeVer)' bundle.csv.yaml > "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" + .spec.minKubeVersion = env(minKubeVer)' bundle.csv.yaml >"${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" -if [[ "${DISTRIBUTION}" == "redhat" ]];then -echo "REDHAT" - yq eval --inplace ' +if [[ ${DISTRIBUTION} == "redhat" ]]; then + echo "REDHAT" + yq eval --inplace ' .spec.relatedImages = env(relatedImages) | .metadata.annotations.certified = "true" | .metadata.annotations["containerImage"] = "registry.connect.redhat.com/percona/percona-xtradb-cluster-operator@sha256:" | - .metadata.name = strenv(name_certified)'\ - "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" + .metadata.name = strenv(name_certified)' \ + "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" -elif [[ "${DISTRIBUTION}" == "marketplace" ]];then - # Annotations needed when targeting Red Hat Marketplace -export package_url="https://marketplace.redhat.com/en-us/operators/${file_name}" - yq --inplace ' +elif [[ ${DISTRIBUTION} == "marketplace" ]]; then + # Annotations needed when targeting Red Hat Marketplace + export package_url="https://marketplace.redhat.com/en-us/operators/${file_name}" + yq --inplace ' .metadata.name = env(name_certified_rhmp) | .metadata.annotations["containerImage"] = "registry.connect.redhat.com/percona/percona-xtradb-cluster-operator@sha256:" | .metadata.annotations["marketplace.openshift.io/remote-workflow"] = @@ -169,7 +172,7 @@ export package_url="https://marketplace.redhat.com/en-us/operators/${file_name}" .metadata.annotations["marketplace.openshift.io/support-workflow"] = "https://marketplace.redhat.com/en-us/operators/percona-xtradb-cluster-operator-certified-rhmp/support?utm_source=openshift_console" | .spec.relatedImages = env(relatedImages)' \ - "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" + "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" fi -if > /dev/null command -v tree; then tree -C "${bundle_directory}"; fi \ No newline at end of file +if >/dev/null command -v tree; then tree -C "${bundle_directory}"; fi \ No newline at end of file From 978bd65384c3ebb5de1183731ea3e9e6606cd05f Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Wed, 16 Oct 2024 18:36:01 +0300 Subject: [PATCH 10/19] update codeowners --- .github/CODEOWNERS | 6 +++--- config/manager/default/kustomization.yaml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index fcb580427a..97bd121a24 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,3 +1,3 @@ -* @hors @egegunes @inelpandzic @pooknull -/e2e-tests/ @tplavcic @nmarukovich @ptankov @jvpasinatto @eleo007 -Jenkinsfile @tplavcic @nmarukovich @ptankov @jvpasinatto @eleo007 +* @hors @egegunes @inelpandzic @pooknull @nmarukovich +/e2e-tests/ @nmarukovich @ptankov @jvpasinatto @eleo007 +Jenkinsfile @nmarukovich @ptankov @jvpasinatto @eleo007 diff --git a/config/manager/default/kustomization.yaml b/config/manager/default/kustomization.yaml index 8fed022f20..ad6f2d0a0c 100644 --- a/config/manager/default/kustomization.yaml +++ b/config/manager/default/kustomization.yaml @@ -9,5 +9,5 @@ commonLabels: app.kubernetes.io/part-of: percona-xtradb-cluster-operator images: - name: pxc-operator - newName: percona/percona-xtradb-cluster-operator - newTag: 1.15.0 + newName: tishina/percona-xtradb-cluster-operator + newTag: K8SPXC-1342_bundle_generation From 4e3fa755a4647f82090f7dab28ec6ca41644bc81 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Wed, 16 Oct 2024 18:37:16 +0300 Subject: [PATCH 11/19] fix dependabot.yml --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 79c61c9a24..007e404bbc 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -23,7 +23,7 @@ updates: time: "01:00" reviewers: - hors - - tplavcic + - nmarukovich ignore: # ignore patch updates for all dependencies - dependency-name: "*" From 1db9ca228115e649f7e13d0771a7412749e5ee15 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Thu, 17 Oct 2024 13:23:41 +0300 Subject: [PATCH 12/19] update PR --- config/community/kustomization.yaml | 1 - config/examples/kustomization.yaml | 18 - config/examples/pxccluster.example.yaml | 712 ------------------ config/manager/cluster/kustomization.yaml | 15 +- config/manager/cluster/manager-cluster.yaml | 69 ++ config/manager/cluster/manager-target.yaml | 13 - config/manager/default/kustomization.yaml | 13 - config/manager/kustomization.yaml | 5 - config/manager/manager.yaml | 40 - config/manager/namespace/kustomization.yaml | 18 +- .../manager-namespace.yaml} | 4 +- config/manager/namespace/manager-target.yaml | 13 - config/marketplace/kustomization.yaml | 1 - config/redhat/kustomization.yaml | 1 - installers/olm/Makefile | 26 +- installers/olm/README.md | 3 + installers/olm/generate.sh | 53 +- 17 files changed, 133 insertions(+), 872 deletions(-) delete mode 100644 config/examples/kustomization.yaml delete mode 100644 config/examples/pxccluster.example.yaml create mode 100644 config/manager/cluster/manager-cluster.yaml delete mode 100644 config/manager/cluster/manager-target.yaml delete mode 100644 config/manager/default/kustomization.yaml delete mode 100644 config/manager/kustomization.yaml delete mode 100644 config/manager/manager.yaml rename config/manager/{default/manager.yaml => namespace/manager-namespace.yaml} (94%) delete mode 100644 config/manager/namespace/manager-target.yaml create mode 100644 installers/olm/README.md diff --git a/config/community/kustomization.yaml b/config/community/kustomization.yaml index a34c7b4844..305a5f27bc 100644 --- a/config/community/kustomization.yaml +++ b/config/community/kustomization.yaml @@ -3,4 +3,3 @@ kind: Kustomization resources: - ../operator -- ../examples diff --git a/config/examples/kustomization.yaml b/config/examples/kustomization.yaml deleted file mode 100644 index 5002edb476..0000000000 --- a/config/examples/kustomization.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Custom resources that are imported into the ClusterServiceVersion. -# -# The first for each GVK appears in the "Custom Resource Definitions" section on -# the details page at OperatorHub.io: https://operatorhub.io/operator/percona-xtradb-cluster-operator -# -# The "metadata.name" fields should be unique so they can be given a description -# that is presented by compatible UIs. -# https://github.com/operator-framework/operator-lifecycle-manager/blob/v0.18.2/doc/design/building-your-csv.md#crd-templates -# -# The "image" fields should be omitted so the defaults are used. -# https://redhat-connect.gitbook.io/certified-operator-guide/troubleshooting-and-resources/offline-enabled-operators - -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: -- pxccluster.example.yaml - diff --git a/config/examples/pxccluster.example.yaml b/config/examples/pxccluster.example.yaml deleted file mode 100644 index 549b3137b5..0000000000 --- a/config/examples/pxccluster.example.yaml +++ /dev/null @@ -1,712 +0,0 @@ -apiVersion: pxc.percona.com/v1 -kind: PerconaXtraDBCluster -metadata: - name: cluster1 - finalizers: - - percona.com/delete-pxc-pods-in-order -# - percona.com/delete-ssl -# - percona.com/delete-proxysql-pvc -# - percona.com/delete-pxc-pvc -# annotations: -# percona.com/issue-vault-token: "true" -spec: - crVersion: 1.16.0 - # enableVolumeExpansion: true - # ignoreAnnotations: - # - iam.amazonaws.com/role - # ignoreLabels: - # - rack - # secretsName: cluster1-secrets - # vaultSecretName: keyring-secret-vault - # sslSecretName: cluster1-ssl - # sslInternalSecretName: cluster1-ssl-internal - # logCollectorSecretName: cluster1-log-collector-secrets - # initContainer: - # image: perconalab/percona-xtradb-cluster-operator:main - # containerSecurityContext: - # privileged: false - # runAsUser: 1001 - # runAsGroup: 1001 - # resources: - # requests: - # memory: 100M - # cpu: 100m - # limits: - # memory: 200M - # cpu: 200m - # enableCRValidationWebhook: true - tls: - enabled: true - # SANs: - # - pxc-1.example.com - # - pxc-2.example.com - # - pxc-3.example.com - # issuerConf: - # name: special-selfsigned-issuer - # kind: ClusterIssuer - # group: cert-manager.io - # unsafeFlags: - # tls: false - # pxcSize: false - # proxySize: false - # backupIfUnhealthy: false - # pause: false - updateStrategy: SmartUpdate - upgradeOptions: - versionServiceEndpoint: https://check.percona.com - apply: disabled - schedule: "0 4 * * *" - pxc: - size: 3 - image: perconalab/percona-xtradb-cluster-operator:main-pxc8.0 - autoRecovery: true - # expose: - # enabled: true - # type: LoadBalancer - # externalTrafficPolicy: Local - # internalTrafficPolicy: Local - # loadBalancerSourceRanges: - # - 10.0.0.0/8 - # loadBalancerIP: 127.0.0.1 - # annotations: - # networking.gke.io/load-balancer-type: "Internal" - # labels: - # rack: rack-22 - # replicationChannels: - # - name: pxc1_to_pxc2 - # isSource: true - # - name: pxc2_to_pxc1 - # isSource: false - # configuration: - # sourceRetryCount: 3 - # sourceConnectRetry: 60 - # ssl: false - # sslSkipVerify: true - # ca: '/etc/mysql/ssl/ca.crt' - # sourcesList: - # - host: 10.95.251.101 - # port: 3306 - # weight: 100 - # schedulerName: mycustom-scheduler - # readinessDelaySec: 15 - # livenessDelaySec: 600 - # configuration: | - # [mysqld] - # wsrep_debug=CLIENT - # wsrep_provider_options="gcache.size=1G; gcache.recover=yes" - # [sst] - # xbstream-opts=--decompress - # [xtrabackup] - # compress=lz4 - # for PXC 5.7 - # [xtrabackup] - # compress - # imagePullSecrets: - # - name: private-registry-credentials - # priorityClassName: high-priority - # annotations: - # iam.amazonaws.com/role: role-arn - # labels: - # rack: rack-22 - # readinessProbes: - # initialDelaySeconds: 15 - # timeoutSeconds: 15 - # periodSeconds: 30 - # successThreshold: 1 - # failureThreshold: 5 - # livenessProbes: - # initialDelaySeconds: 300 - # timeoutSeconds: 5 - # periodSeconds: 10 - # successThreshold: 1 - # failureThreshold: 3 - # containerSecurityContext: - # privileged: false - # podSecurityContext: - # runAsUser: 1001 - # runAsGroup: 1001 - # supplementalGroups: [1001] - # serviceAccountName: percona-xtradb-cluster-operator-workload - # imagePullPolicy: Always - # runtimeClassName: image-rc - # sidecars: - # - image: busybox - # command: ["/bin/sh"] - # args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"] - # name: my-sidecar-1 - # resources: - # requests: - # memory: 100M - # cpu: 100m - # limits: - # memory: 200M - # cpu: 200m - # envVarsSecret: my-env-var-secrets - resources: - requests: - memory: 1G - cpu: 600m - # ephemeral-storage: 1G - # limits: - # memory: 1G - # cpu: "1" - # ephemeral-storage: 1G - # nodeSelector: - # disktype: ssd - # topologySpreadConstraints: - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: percona-xtradb-cluster - # maxSkew: 1 - # topologyKey: kubernetes.io/hostname - # whenUnsatisfiable: DoNotSchedule - affinity: - antiAffinityTopologyKey: "kubernetes.io/hostname" - # advanced: - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: kubernetes.io/e2e-az-name - # operator: In - # values: - # - e2e-az1 - # - e2e-az2 - # tolerations: - # - key: "node.alpha.kubernetes.io/unreachable" - # operator: "Exists" - # effect: "NoExecute" - # tolerationSeconds: 6000 - podDisruptionBudget: - maxUnavailable: 1 - # minAvailable: 0 - volumeSpec: - # emptyDir: {} - # hostPath: - # path: /data - # type: Directory - persistentVolumeClaim: - # storageClassName: standard - # accessModes: [ "ReadWriteOnce" ] - # dataSource: - # name: new-snapshot-test - # kind: VolumeSnapshot - # apiGroup: snapshot.storage.k8s.io - resources: - requests: - storage: 6G - gracePeriod: 600 - # lifecycle: - # preStop: - # exec: - # command: [ "/bin/true" ] - # postStart: - # exec: - # command: [ "/bin/true" ] - haproxy: - enabled: true - size: 3 - image: perconalab/percona-xtradb-cluster-operator:main-haproxy - # imagePullPolicy: Always - # schedulerName: mycustom-scheduler - # readinessDelaySec: 15 - # livenessDelaySec: 600 - # configuration: | - # - # the actual default configuration file can be found here https://raw.githubusercontent.com/percona/percona-xtradb-cluster-operator/main/build/haproxy-global.cfg - # - # global - # maxconn 2048 - # external-check - # insecure-fork-wanted - # stats socket /etc/haproxy/pxc/haproxy.sock mode 600 expose-fd listeners level admin - # - # defaults - # default-server init-addr last,libc,none - # log global - # mode tcp - # retries 10 - # timeout client 28800s - # timeout connect 100500 - # timeout server 28800s - # - # resolvers kubernetes - # parse-resolv-conf - # - # frontend galera-in - # bind *:3309 accept-proxy - # bind *:3306 - # mode tcp - # option clitcpka - # default_backend galera-nodes - # - # frontend galera-admin-in - # bind *:33062 - # mode tcp - # option clitcpka - # default_backend galera-admin-nodes - # - # frontend galera-replica-in - # bind *:3307 - # mode tcp - # option clitcpka - # default_backend galera-replica-nodes - # - # frontend galera-mysqlx-in - # bind *:33060 - # mode tcp - # option clitcpka - # default_backend galera-mysqlx-nodes - # - # frontend stats - # bind *:8404 - # mode http - # http-request use-service prometheus-exporter if { path /metrics } - # imagePullSecrets: - # - name: private-registry-credentials - # annotations: - # iam.amazonaws.com/role: role-arn - # labels: - # rack: rack-22 - # readinessProbes: - # initialDelaySeconds: 15 - # timeoutSeconds: 1 - # periodSeconds: 5 - # successThreshold: 1 - # failureThreshold: 3 - # livenessProbes: - # initialDelaySeconds: 60 - # timeoutSeconds: 5 - # periodSeconds: 30 - # successThreshold: 1 - # failureThreshold: 4 - # exposePrimary: - # enabled: false - # type: ClusterIP - # annotations: - # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp - # externalTrafficPolicy: Cluster - # internalTrafficPolicy: Cluster - # labels: - # rack: rack-22 - # loadBalancerSourceRanges: - # - 10.0.0.0/8 - # loadBalancerIP: 127.0.0.1 - # exposeReplicas: - # enabled: true - # onlyReaders: false - # type: ClusterIP - # annotations: - # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp - # externalTrafficPolicy: Cluster - # internalTrafficPolicy: Cluster - # labels: - # rack: rack-22 - # loadBalancerSourceRanges: - # - 10.0.0.0/8 - # loadBalancerIP: 127.0.0.1 - # runtimeClassName: image-rc - # sidecars: - # - image: busybox - # command: ["/bin/sh"] - # args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"] - # name: my-sidecar-1 - # resources: - # requests: - # memory: 100M - # cpu: 100m - # limits: - # memory: 200M - # cpu: 200m - # envVarsSecret: my-env-var-secrets - resources: - requests: - memory: 1G - cpu: 600m - # limits: - # memory: 1G - # cpu: 700m - # priorityClassName: high-priority - # nodeSelector: - # disktype: ssd - # sidecarResources: - # requests: - # memory: 1G - # cpu: 500m - # limits: - # memory: 2G - # cpu: 600m - # containerSecurityContext: - # privileged: false - # podSecurityContext: - # runAsUser: 1001 - # runAsGroup: 1001 - # supplementalGroups: [1001] - # serviceAccountName: percona-xtradb-cluster-operator-workload - # topologySpreadConstraints: - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: percona-xtradb-cluster - # maxSkew: 1 - # topologyKey: kubernetes.io/hostname - # whenUnsatisfiable: DoNotSchedule - affinity: - antiAffinityTopologyKey: "kubernetes.io/hostname" - # advanced: - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: kubernetes.io/e2e-az-name - # operator: In - # values: - # - e2e-az1 - # - e2e-az2 - # tolerations: - # - key: "node.alpha.kubernetes.io/unreachable" - # operator: "Exists" - # effect: "NoExecute" - # tolerationSeconds: 6000 - podDisruptionBudget: - maxUnavailable: 1 - # minAvailable: 0 - gracePeriod: 30 - # lifecycle: - # preStop: - # exec: - # command: [ "/bin/true" ] - # postStart: - # exec: - # command: [ "/bin/true" ] - proxysql: - enabled: false - size: 3 - image: perconalab/percona-xtradb-cluster-operator:main-proxysql - # imagePullPolicy: Always - # configuration: | - # datadir="/var/lib/proxysql" - # - # admin_variables = - # { - # admin_credentials="proxyadmin:admin_password" - # mysql_ifaces="0.0.0.0:6032" - # refresh_interval=2000 - # - # cluster_username="proxyadmin" - # cluster_password="admin_password" - # checksum_admin_variables=false - # checksum_ldap_variables=false - # checksum_mysql_variables=false - # cluster_check_interval_ms=200 - # cluster_check_status_frequency=100 - # cluster_mysql_query_rules_save_to_disk=true - # cluster_mysql_servers_save_to_disk=true - # cluster_mysql_users_save_to_disk=true - # cluster_proxysql_servers_save_to_disk=true - # cluster_mysql_query_rules_diffs_before_sync=1 - # cluster_mysql_servers_diffs_before_sync=1 - # cluster_mysql_users_diffs_before_sync=1 - # cluster_proxysql_servers_diffs_before_sync=1 - # } - # - # mysql_variables= - # { - # monitor_password="monitor" - # monitor_galera_healthcheck_interval=1000 - # threads=2 - # max_connections=2048 - # default_query_delay=0 - # default_query_timeout=10000 - # poll_timeout=2000 - # interfaces="0.0.0.0:3306" - # default_schema="information_schema" - # stacksize=1048576 - # connect_timeout_server=10000 - # monitor_history=60000 - # monitor_connect_interval=20000 - # monitor_ping_interval=10000 - # ping_timeout_server=200 - # commands_stats=true - # sessions_sort=true - # have_ssl=true - # ssl_p2s_ca="/etc/proxysql/ssl-internal/ca.crt" - # ssl_p2s_cert="/etc/proxysql/ssl-internal/tls.crt" - # ssl_p2s_key="/etc/proxysql/ssl-internal/tls.key" - # ssl_p2s_cipher="ECDHE-RSA-AES128-GCM-SHA256" - # } - # readinessDelaySec: 15 - # livenessDelaySec: 600 - # schedulerName: mycustom-scheduler - # imagePullSecrets: - # - name: private-registry-credentials - # annotations: - # iam.amazonaws.com/role: role-arn - # labels: - # rack: rack-22 - # expose: - # enabled: false - # type: ClusterIP - # annotations: - # service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp - # externalTrafficPolicy: Cluster - # internalTrafficPolicy: Cluster - # labels: - # rack: rack-22 - # loadBalancerSourceRanges: - # - 10.0.0.0/8 - # loadBalancerIP: 127.0.0.1 - # runtimeClassName: image-rc - # sidecars: - # - image: busybox - # command: ["/bin/sh"] - # args: ["-c", "while true; do trap 'exit 0' SIGINT SIGTERM SIGQUIT SIGKILL; done;"] - # name: my-sidecar-1 - # resources: - # requests: - # memory: 100M - # cpu: 100m - # limits: - # memory: 200M - # cpu: 200m - # envVarsSecret: my-env-var-secrets - resources: - requests: - memory: 1G - cpu: 600m - # limits: - # memory: 1G - # cpu: 700m - # priorityClassName: high-priority - # nodeSelector: - # disktype: ssd - # sidecarResources: - # requests: - # memory: 1G - # cpu: 500m - # limits: - # memory: 2G - # cpu: 600m - # containerSecurityContext: - # privileged: false - # podSecurityContext: - # runAsUser: 1001 - # runAsGroup: 1001 - # supplementalGroups: [1001] - # serviceAccountName: percona-xtradb-cluster-operator-workload - # topologySpreadConstraints: - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: percona-xtradb-cluster-operator - # maxSkew: 1 - # topologyKey: kubernetes.io/hostname - # whenUnsatisfiable: DoNotSchedule - affinity: - antiAffinityTopologyKey: "kubernetes.io/hostname" - # advanced: - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: kubernetes.io/e2e-az-name - # operator: In - # values: - # - e2e-az1 - # - e2e-az2 - # tolerations: - # - key: "node.alpha.kubernetes.io/unreachable" - # operator: "Exists" - # effect: "NoExecute" - # tolerationSeconds: 6000 - volumeSpec: - # emptyDir: {} - # hostPath: - # path: /data - # type: Directory - persistentVolumeClaim: - # storageClassName: standard - # accessModes: [ "ReadWriteOnce" ] - resources: - requests: - storage: 2G - podDisruptionBudget: - maxUnavailable: 1 - # minAvailable: 0 - gracePeriod: 30 - # lifecycle: - # preStop: - # exec: - # command: [ "/bin/true" ] - # postStart: - # exec: - # command: [ "/bin/true" ] - # loadBalancerSourceRanges: - # - 10.0.0.0/8 - logcollector: - enabled: true - image: perconalab/percona-xtradb-cluster-operator:main-logcollector - # configuration: | - # [OUTPUT] - # Name es - # Match * - # Host 192.168.2.3 - # Port 9200 - # Index my_index - # Type my_type - resources: - requests: - memory: 100M - cpu: 200m - pmm: - enabled: false - image: perconalab/pmm-client:dev-latest - serverHost: monitoring-service - # serverUser: admin - # pxcParams: "--disable-tablestats-limit=2000" - # proxysqlParams: "--custom-labels=CUSTOM-LABELS" - # containerSecurityContext: - # privileged: false - resources: - requests: - memory: 150M - cpu: 300m - backup: - # allowParallel: true - image: perconalab/percona-xtradb-cluster-operator:main-pxc8.0-backup - # backoffLimit: 6 - # serviceAccountName: percona-xtradb-cluster-operator - # imagePullSecrets: - # - name: private-registry-credentials - pitr: - enabled: false - storageName: STORAGE-NAME-HERE - timeBetweenUploads: 60 - timeoutSeconds: 60 - # resources: - # requests: - # memory: 0.1G - # cpu: 100m - # limits: - # memory: 1G - # cpu: 700m - storages: - s3-us-west: - type: s3 - verifyTLS: true - # nodeSelector: - # storage: tape - # backupWorker: 'True' - # resources: - # requests: - # memory: 1G - # cpu: 600m - # topologySpreadConstraints: - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: percona-xtradb-cluster - # maxSkew: 1 - # topologyKey: kubernetes.io/hostname - # whenUnsatisfiable: DoNotSchedule - # affinity: - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: backupWorker - # operator: In - # values: - # - 'True' - # tolerations: - # - key: "backupWorker" - # operator: "Equal" - # value: "True" - # effect: "NoSchedule" - # annotations: - # testName: scheduled-backup - # labels: - # backupWorker: 'True' - # schedulerName: 'default-scheduler' - # priorityClassName: 'high-priority' - # containerSecurityContext: - # privileged: true - # podSecurityContext: - # fsGroup: 1001 - # supplementalGroups: [1001, 1002, 1003] - # containerOptions: - # env: - # - name: VERIFY_TLS - # value: "false" - # args: - # xtrabackup: - # - "--someflag=abc" - # xbcloud: - # - "--someflag=abc" - # xbstream: - # - "--someflag=abc" - s3: - bucket: S3-BACKUP-BUCKET-NAME-HERE - credentialsSecret: my-cluster-name-backup-s3 - region: us-west-2 - azure-blob: - type: azure - azure: - credentialsSecret: azure-secret - container: test - # endpointUrl: https://accountName.blob.core.windows.net - # storageClass: Hot - fs-pvc: - type: filesystem - # nodeSelector: - # storage: tape - # backupWorker: 'True' - # resources: - # requests: - # memory: 1G - # cpu: 600m - # topologySpreadConstraints: - # - labelSelector: - # matchLabels: - # app.kubernetes.io/name: percona-xtradb-cluster - # maxSkew: 1 - # topologyKey: kubernetes.io/hostname - # whenUnsatisfiable: DoNotSchedule - # affinity: - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: backupWorker - # operator: In - # values: - # - 'True' - # tolerations: - # - key: "backupWorker" - # operator: "Equal" - # value: "True" - # effect: "NoSchedule" - # annotations: - # testName: scheduled-backup - # labels: - # backupWorker: 'True' - # schedulerName: 'default-scheduler' - # priorityClassName: 'high-priority' - # containerSecurityContext: - # privileged: true - # podSecurityContext: - # fsGroup: 1001 - # supplementalGroups: [1001, 1002, 1003] - volume: - persistentVolumeClaim: - # storageClassName: standard - accessModes: [ "ReadWriteOnce" ] - resources: - requests: - storage: 6G - schedule: - # - name: "sat-night-backup" - # schedule: "0 0 * * 6" - # keep: 3 - # storageName: s3-us-west - - name: "daily-backup" - schedule: "0 0 * * *" - keep: 5 - storageName: fs-pvc diff --git a/config/manager/cluster/kustomization.yaml b/config/manager/cluster/kustomization.yaml index 5efba3d375..39dd3ef8c1 100644 --- a/config/manager/cluster/kustomization.yaml +++ b/config/manager/cluster/kustomization.yaml @@ -1,12 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- ../default/ - -patchesStrategicMerge: -- manager-target.yaml - +- manager-cluster.yaml +commonLabels: + app.kubernetes.io/component: operator + app.kubernetes.io/instance: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster-operator + app.kubernetes.io/part-of: percona-xtradb-cluster-operator images: -- name: percona-xtradb-cluster-operator +- name: pxc-operator newName: perconalab/percona-xtradb-cluster-operator - newTag: main + newTag: 1.15.0 diff --git a/config/manager/cluster/manager-cluster.yaml b/config/manager/cluster/manager-cluster.yaml new file mode 100644 index 0000000000..15474a1dee --- /dev/null +++ b/config/manager/cluster/manager-cluster.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: percona-xtradb-cluster-operator +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: operator + app.kubernetes.io/instance: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster-operator + app.kubernetes.io/part-of: percona-xtradb-cluster-operator + strategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + labels: + app.kubernetes.io/component: operator + app.kubernetes.io/instance: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster-operator + app.kubernetes.io/part-of: percona-xtradb-cluster-operator + spec: + terminationGracePeriodSeconds: 600 + containers: + - command: + - percona-xtradb-cluster-operator + env: + - name: LOG_STRUCTURED + value: 'false' + - name: LOG_LEVEL + value: INFO + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: OPERATOR_NAME + value: percona-xtradb-cluster-operator + - name: DISABLE_TELEMETRY + value: "false" + image: perconalab/percona-xtradb-cluster-operator:main + imagePullPolicy: Always + resources: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 100m + memory: 20Mi + livenessProbe: + failureThreshold: 3 + httpGet: + path: /metrics + port: metrics + scheme: HTTP + name: percona-xtradb-cluster-operator + ports: + - containerPort: 8080 + name: metrics + protocol: TCP + serviceAccountName: percona-xtradb-cluster-operator + + diff --git a/config/manager/cluster/manager-target.yaml b/config/manager/cluster/manager-target.yaml deleted file mode 100644 index 13ae2047ef..0000000000 --- a/config/manager/cluster/manager-target.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: percona-xtradb-cluster-operator -spec: - template: - spec: - containers: - - name: operator - env: - - name: WATCH_NAMESPACE - value: "" diff --git a/config/manager/default/kustomization.yaml b/config/manager/default/kustomization.yaml deleted file mode 100644 index ad6f2d0a0c..0000000000 --- a/config/manager/default/kustomization.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: -- manager.yaml -commonLabels: - app.kubernetes.io/component: operator - app.kubernetes.io/instance: percona-xtradb-cluster-operator - app.kubernetes.io/name: percona-xtradb-cluster-operator - app.kubernetes.io/part-of: percona-xtradb-cluster-operator -images: -- name: pxc-operator - newName: tishina/percona-xtradb-cluster-operator - newTag: K8SPXC-1342_bundle_generation diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml deleted file mode 100644 index dfce22e6c5..0000000000 --- a/config/manager/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: -- manager.yaml diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml deleted file mode 100644 index 378e0e6423..0000000000 --- a/config/manager/manager.yaml +++ /dev/null @@ -1,40 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pxc -spec: - replicas: 1 - strategy: { type: Recreate } - template: - spec: - containers: - - name: operator - image: pxc-operator - env: - - name: PXC_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: RELATED_IMAGE_PXC5.7 - value: percona/percona-xtradb-cluster:5.7.44-31.65 - - name: RELATED_IMAGE_PXC5.7-BACKUP - value: percona/percona-xtradb-cluster-operator:1.15.0-pxc5.7-backup-pxb2.4.29 - - name: RELATED_IMAGE_PXC8.0 - value: percona/percona-xtradb-cluster:8.0.36-28.1 - - name: RELATED_IMAGE_PXC8.0-BACKUP - value: percona/percona-xtradb-cluster-operator:1.15.0-pxc8.0-backup-pxb8.0.35 - - name: RELATED_IMAGE_HAPROXY - value: percona/haproxy:2.8.5 - - name: RELATED_IMAGE_PROXYSQL - value: percona/proxysql2:2.5.5 - - name: RELATED_IMAGE_LOGCOLLECTOR - value: percona/percona-xtradb-cluster-operator:1.15.0-logcollector-fluentbit3.1.4 - - name: RELATED_IMAGE_PMMCLIENT - value: percona/pmm-client:2.42.0 - securityContext: - allowPrivilegeEscalation: false - capabilities: { drop: [ALL] } - readOnlyRootFilesystem: true - runAsNonRoot: true - serviceAccountName: pxc diff --git a/config/manager/namespace/kustomization.yaml b/config/manager/namespace/kustomization.yaml index 8a3d51af83..6ffbfb3a84 100644 --- a/config/manager/namespace/kustomization.yaml +++ b/config/manager/namespace/kustomization.yaml @@ -1,13 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - resources: -- ../default/ - -patchesStrategicMerge: -- manager-target.yaml - + - manager-namespace.yaml +commonLabels: + app.kubernetes.io/component: operator + app.kubernetes.io/instance: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster-operator + app.kubernetes.io/part-of: percona-xtradb-cluster-operator images: -- name: percona-xtradb-cluster-operator - newName: perconalab/percona-xtradb-cluster-operator - newTag: main + - name: pxc-operator + newName: perconalab/percona-xtradb-cluster-operator + newTag: 1.15.0 diff --git a/config/manager/default/manager.yaml b/config/manager/namespace/manager-namespace.yaml similarity index 94% rename from config/manager/default/manager.yaml rename to config/manager/namespace/manager-namespace.yaml index 2c5483cd2b..0432a725ad 100644 --- a/config/manager/default/manager.yaml +++ b/config/manager/namespace/manager-namespace.yaml @@ -45,7 +45,7 @@ spec: value: percona-xtradb-cluster-operator - name: DISABLE_TELEMETRY value: "false" - image: perconalab/percona-xtradb-cluster-operator:1.15.0 + image: perconalab/percona-xtradb-cluster-operator:main imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -65,4 +65,4 @@ spec: - containerPort: 8080 name: metrics protocol: TCP - serviceAccountName: percona-xtradb-cluster-operator \ No newline at end of file + serviceAccountName: percona-xtradb-cluster-operator diff --git a/config/manager/namespace/manager-target.yaml b/config/manager/namespace/manager-target.yaml deleted file mode 100644 index ef6d1c9d6e..0000000000 --- a/config/manager/namespace/manager-target.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: percona-xtradb-cluster-operator -spec: - template: - spec: - containers: - - name: operator - env: - - name: WATCH_NAMESPACE - valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } } diff --git a/config/marketplace/kustomization.yaml b/config/marketplace/kustomization.yaml index 59ec46f4f3..42bd0a3da5 100644 --- a/config/marketplace/kustomization.yaml +++ b/config/marketplace/kustomization.yaml @@ -3,5 +3,4 @@ kind: Kustomization resources: - ../operator -- ../examples diff --git a/config/redhat/kustomization.yaml b/config/redhat/kustomization.yaml index 59ec46f4f3..42bd0a3da5 100644 --- a/config/redhat/kustomization.yaml +++ b/config/redhat/kustomization.yaml @@ -3,5 +3,4 @@ kind: Kustomization resources: - ../operator -- ../examples diff --git a/installers/olm/Makefile b/installers/olm/Makefile index d7fcb58cfc..e80787ded8 100644 --- a/installers/olm/Makefile +++ b/installers/olm/Makefile @@ -4,6 +4,7 @@ IMAGE_TAG_BASE ?= $(IMAGE_TAG_OWNER)/$(NAME) SED := $(shell which gsed || which sed) VERSION ?= $(shell git rev-parse --abbrev-ref HEAD | $(SED) -e 's^/^-^g; s^[.]^-^g;' | tr '[:upper:]' '[:lower:]') IMAGE ?= $(IMAGE_TAG_BASE):$(VERSION) +MODE ?= cluster DEPLOYDIR = ./deploy BUNDLEDIR = $(DEPLOYDIR)/csv/redhat @@ -32,6 +33,7 @@ export OPENSHIFT_VERSIONS export PACKAGE_CHANNEL export MIN_KUBE_VERSION export DOCKER_DEFAULT_PLATFORM +export MODE REPO_ROOT = $(shell git rev-parse --show-toplevel) @@ -54,7 +56,7 @@ bundles: check-version $(distros:%=bundles/%) # https://github.com/operator-framework/community-operators/blob/8a36a33/docs/packaging-required-criteria-ocp.md .PHONY: bundles/community bundles/community: - cd ../../config/manager/default/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) + cd ../../config/manager/$(MODE)/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) ./generate.sh community env operator-sdk bundle validate $@ --select-optional='suite=operatorframework' @@ -62,21 +64,21 @@ bundles/community: .PHONY: bundles/redhat bundles/redhat: - cd ../../config/manager/default/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) + cd ../../config/manager/$(MODE)/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) ./generate.sh redhat env operator-sdk bundle validate $@ --select-optional='suite=operatorframework' # The 'marketplace' configuration is currently identical to the 'redhat', so we just copy it here. .PHONY: bundles/marketplace bundles/marketplace: - cd ../../config/manager/default/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) + cd ../../config/manager/$(MODE)/ && $(KUSTOMIZE) edit set image pxc-operator=$(IMAGE) ./generate.sh marketplace env operator-sdk bundle validate $@ --select-optional='suite=operatorframework' .PHONY: clean clean: clean-deprecated clean: ## Remove generated files and downloaded tools - rm -rf ./bundles ./projects ./tools ./config/marketplace + rm -rf ./bundles ./projects ./tools .PHONY: clean-deprecated clean-deprecated: @@ -131,19 +133,3 @@ tools/$(SYSTEM)/yq: | tools/$(SYSTEM)/venv 'tools/$(SYSTEM)/venv/bin/python' -m pip install yq cd '$(dir $@)' && ln -s venv/bin/yq -.PHONY: validate-bundles -validate-bundles: ## Build temporary bundle images and run scorecard tests in Kubernetes -validate-bundles: $(distros:%=validate-%-image) -validate-bundles: $(distros:%=validate-%-directory) - -validate-%-directory: - ./validate-directory.sh 'bundles/$*' - -validate-%-image: - ./validate-image.sh '$(CONTAINER)' 'bundles/$*' - -.PHONY: build-bundle-images -build-bundle-images: check-version $(distros:%=build-%-image) - -build-%-image: - ./build-image.sh '$(CONTAINER)' 'bundles/$*' '$*' '$(VERSION)' diff --git a/installers/olm/README.md b/installers/olm/README.md new file mode 100644 index 0000000000..9cde7f3990 --- /dev/null +++ b/installers/olm/README.md @@ -0,0 +1,3 @@ +1. Set IMAGE env variable +2. Choose the mode (cluster or namespace) and update bundle/kustomization.yaml and makefile with necessary mode. +3. ```make bundles``` \ No newline at end of file diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index 16a2c8d3d7..e00daf0e34 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -21,13 +21,29 @@ project_name='percona-xtradb-cluster-operator' # with the Operator's package name for the 'redhat' and 'marketplace' bundles. # https://github.com/redhat-openshift-ecosystem/certification-releases/blob/main/4.9/ga/troubleshooting.md#get-supported-versions file_name='percona-xtradb-cluster-operator' +echo $MODE +if [ ${MODE} == "cluster" ];then + suffix="-cw" + mode="Cluster" + rulesLevel="ClusterPermissions" + +elif [ ${MODE} == "namespace" ];then + suffix="" + mode="" + rulesLevel="permissions" +else + echo "Please add MODE variable. It could be either namespace or cluster" + exit 1 +fi kubectl kustomize "../../config/${DISTRIBUTION}" >operator_yamls.yaml +export role="${mode}Role" + yq eval '. | select(.kind == "CustomResourceDefinition")' operator_yamls.yaml >operator_crds.yaml yq eval '. | select(.kind == "Deployment")' operator_yamls.yaml >operator_deployments.yaml yq eval '. | select(.kind == "ServiceAccount")' operator_yamls.yaml >operator_accounts.yaml -yq eval '. | select(.kind == "Role")' operator_yamls.yaml >operator_roles.yaml +yq eval '. | select(.kind == env(role))' operator_yamls.yaml >operator_roles${suffix}.yaml ## Recreate the Operator SDK project. @@ -62,14 +78,16 @@ install -d \ # - https://coreos.slack.com/team/UP1LZCC1Y export package="${package_name}" -export package_channel="${PACKAGE_CHANNEL}" +export package_channel="${PACKAGE_CHANNEL}${suffix}" export openshift_supported_versions="${OPENSHIFT_VERSIONS}" -yq eval '.annotations["operators.operatorframework.io.bundle.channels.v1"] = $package_channel | - .annotations["operators.operatorframework.io.bundle.channel.default.v1"] = $package_channel | +echo "package_channel $package_channel" + +yq eval '.annotations["operators.operatorframework.io.bundle.channels.v1"] = env(package_channel) | + .annotations["operators.operatorframework.io.bundle.channel.default.v1"] = env(package_channel) | .annotations["com.redhat.openshift.versions"] = env(openshift_supported_versions)' \ bundle.annotations.yaml >"${bundle_directory}/metadata/annotations.yaml" - +echo "First" if [ ${DISTRIBUTION} == 'community' ]; then # community-operators yq eval '.annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator" | @@ -91,6 +109,8 @@ elif [ ${DISTRIBUTION} == 'marketplace' ]; then "${bundle_directory}/metadata/annotations.yaml" fi +echo "SEcond" + # Copy annotations into Dockerfile LABELs. # TODO fix tab for labels. @@ -118,7 +138,7 @@ yq eval -i '[.]' operator_deployments.yaml && yq eval 'length == 1' operator_dep yq eval -i '[.]' operator_accounts.yaml && yq eval 'length == 1' operator_accounts.yaml --exit-status >/dev/null || abort "too many service accounts!" $'\n'"$(yq eval . operator_accounts.yaml)" -yq eval -i '[.]' operator_roles.yaml && yq eval 'length == 1' operator_roles.yaml --exit-status >/dev/null || abort "too many roles!" $'\n'"$(yq eval . operator_roles.yaml)" +yq eval -i '[.]' operator_roles${suffix}.yaml && yq eval 'length == 1' operator_roles${suffix}.yaml --exit-status >/dev/null || abort "too many roles!" $'\n'"$(yq eval . operator_roles${suffix}.yaml)" # Render bundle CSV and strip comments. csv_stem=$(yq -r '.projectName' "${project_directory}/PROJECT") @@ -128,19 +148,18 @@ cr_example=$(yq eval -o=json '[.]' ../../deploy/cr.yaml) export examples="${cr_example}" export deployment=$(yq eval operator_deployments.yaml) export account=$(yq eval '.[] | .metadata.name' operator_accounts.yaml) -export rules=$(yq eval '.[] | .rules' operator_roles.yaml) -export version="${VERSION}" +export rules=$(yq eval '.[] | .rules' operator_roles${suffix}.yaml) +export version="${VERSION}${suffix}" export minKubeVer="${MIN_KUBE_VERSION}" export stem="${csv_stem}" export timestamp=$(date -u +"%Y-%m-%dT%H:%M:%S.%3Z") -export name="${csv_stem}.v${VERSION}" -export name_certified="${csv_stem}-certified.v${VERSION}" -export name_certified_rhmp="${csv_stem}-certified-rhmp.v${VERSION}" +export name="${csv_stem}.v${VERSION}${suffix}" +export name_certified="${csv_stem}-certified.v${VERSION}${suffix}" +export name_certified_rhmp="${csv_stem}-certified-rhmp.v${VERSION}${suffix}" export skip_range="<${VERSION}" export containerImage=$(yq eval '.[0].spec.template.spec.containers[1].image' operator_deployments.yaml) export relatedImages=$(yq eval bundle.relatedImages.yaml) -relIm==$(yq eval bundle.relatedImages.yaml) - +export rulesLevel=${rulesLevel} yq eval ' .metadata.annotations["alm-examples"] = strenv(examples) | .metadata.annotations["containerImage"] = env(containerImage) | @@ -148,12 +167,12 @@ yq eval ' .metadata.annotations["createdAt"] = env(timestamp) | .metadata.name = env(name) | .spec.version = env(version) | - .spec.install.spec.permissions = [{ "serviceAccountName": env(account), "rules": env(rules) }] | + .spec.install.spec[strenv(rulesLevel)] = [{ "serviceAccountName": env(account), "rules": env(rules) }] | .spec.install.spec.deployments = [( env(deployment) | .[] |{ "name": .metadata.name, "spec": .spec} )] | .spec.minKubeVersion = env(minKubeVer)' bundle.csv.yaml >"${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" -if [[ ${DISTRIBUTION} == "redhat" ]]; then - echo "REDHAT" +if [ ${DISTRIBUTION} == "redhat" ]; then + yq eval --inplace ' .spec.relatedImages = env(relatedImages) | .metadata.annotations.certified = "true" | @@ -161,7 +180,7 @@ if [[ ${DISTRIBUTION} == "redhat" ]]; then .metadata.name = strenv(name_certified)' \ "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" -elif [[ ${DISTRIBUTION} == "marketplace" ]]; then +elif [ ${DISTRIBUTION} == "marketplace" ]; then # Annotations needed when targeting Red Hat Marketplace export package_url="https://marketplace.redhat.com/en-us/operators/${file_name}" yq --inplace ' From 78739b43785f439afefe0d3485094f28ca07902c Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Thu, 17 Oct 2024 13:28:20 +0300 Subject: [PATCH 13/19] Apply suggestions from code review Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- installers/olm/generate.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index e00daf0e34..75fdff1625 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -22,18 +22,18 @@ project_name='percona-xtradb-cluster-operator' # https://github.com/redhat-openshift-ecosystem/certification-releases/blob/main/4.9/ga/troubleshooting.md#get-supported-versions file_name='percona-xtradb-cluster-operator' echo $MODE -if [ ${MODE} == "cluster" ];then - suffix="-cw" - mode="Cluster" - rulesLevel="ClusterPermissions" - -elif [ ${MODE} == "namespace" ];then - suffix="" - mode="" - rulesLevel="permissions" +if [ ${MODE} == "cluster" ]; then + suffix="-cw" + mode="Cluster" + rulesLevel="ClusterPermissions" + +elif [ ${MODE} == "namespace" ]; then + suffix="" + mode="" + rulesLevel="permissions" else - echo "Please add MODE variable. It could be either namespace or cluster" - exit 1 + echo "Please add MODE variable. It could be either namespace or cluster" + exit 1 fi kubectl kustomize "../../config/${DISTRIBUTION}" >operator_yamls.yaml From 4721a9bce07aff8bca300648fd0545c03b6c32f7 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Thu, 17 Oct 2024 14:56:14 +0300 Subject: [PATCH 14/19] delete unused --- config/manager/namespace/kustomization.yaml | 8 ++++---- installers/olm/generate.sh | 10 ++-------- 2 files changed, 6 insertions(+), 12 deletions(-) diff --git a/config/manager/namespace/kustomization.yaml b/config/manager/namespace/kustomization.yaml index 6ffbfb3a84..d280a80c33 100644 --- a/config/manager/namespace/kustomization.yaml +++ b/config/manager/namespace/kustomization.yaml @@ -1,13 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - manager-namespace.yaml +- manager-namespace.yaml commonLabels: app.kubernetes.io/component: operator app.kubernetes.io/instance: percona-xtradb-cluster-operator app.kubernetes.io/name: percona-xtradb-cluster-operator app.kubernetes.io/part-of: percona-xtradb-cluster-operator images: - - name: pxc-operator - newName: perconalab/percona-xtradb-cluster-operator - newTag: 1.15.0 +- name: pxc-operator + newName: perconalab/percona-xtradb-cluster-operator + newTag: 1.15.0 diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index 75fdff1625..ffda5c51a5 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -21,7 +21,7 @@ project_name='percona-xtradb-cluster-operator' # with the Operator's package name for the 'redhat' and 'marketplace' bundles. # https://github.com/redhat-openshift-ecosystem/certification-releases/blob/main/4.9/ga/troubleshooting.md#get-supported-versions file_name='percona-xtradb-cluster-operator' -echo $MODE + if [ ${MODE} == "cluster" ]; then suffix="-cw" mode="Cluster" @@ -69,9 +69,6 @@ install -d \ "${bundle_directory}/manifests" \ "${bundle_directory}/metadata" -# `echo "${operator_yamls}" | operator-sdk generate bundle` includes the ServiceAccount which cannot -# be upgraded: https://github.com/operator-framework/operator-lifecycle-manager/issues/2193 - # Render bundle annotations and strip comments. # Per Red Hat we should not include the org.opencontainers annotations in the # 'redhat' & 'marketplace' annotations.yaml file, so only add them for 'community'. @@ -81,13 +78,11 @@ export package="${package_name}" export package_channel="${PACKAGE_CHANNEL}${suffix}" export openshift_supported_versions="${OPENSHIFT_VERSIONS}" -echo "package_channel $package_channel" - yq eval '.annotations["operators.operatorframework.io.bundle.channels.v1"] = env(package_channel) | .annotations["operators.operatorframework.io.bundle.channel.default.v1"] = env(package_channel) | .annotations["com.redhat.openshift.versions"] = env(openshift_supported_versions)' \ bundle.annotations.yaml >"${bundle_directory}/metadata/annotations.yaml" -echo "First" + if [ ${DISTRIBUTION} == 'community' ]; then # community-operators yq eval '.annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator" | @@ -109,7 +104,6 @@ elif [ ${DISTRIBUTION} == 'marketplace' ]; then "${bundle_directory}/metadata/annotations.yaml" fi -echo "SEcond" # Copy annotations into Dockerfile LABELs. # TODO fix tab for labels. From 5131198f31bae0f1c1808c5d2055d700b9c76e11 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Thu, 17 Oct 2024 15:29:11 +0300 Subject: [PATCH 15/19] Apply suggestions from code review Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- installers/olm/generate.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index ffda5c51a5..0b06302439 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -104,7 +104,6 @@ elif [ ${DISTRIBUTION} == 'marketplace' ]; then "${bundle_directory}/metadata/annotations.yaml" fi - # Copy annotations into Dockerfile LABELs. # TODO fix tab for labels. From 42c47ad400bd77e3d05d0cff1bb410d80978f52f Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Mon, 21 Oct 2024 12:46:33 +0200 Subject: [PATCH 16/19] update PR delete unused variables --- installers/olm/Makefile | 2 -- installers/olm/README.md | 2 +- installers/olm/bundle.csv.yaml | 2 +- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/installers/olm/Makefile b/installers/olm/Makefile index e80787ded8..b19287c21b 100644 --- a/installers/olm/Makefile +++ b/installers/olm/Makefile @@ -37,8 +37,6 @@ export MODE REPO_ROOT = $(shell git rev-parse --show-toplevel) -distros = community redhat marketplace - check-version: ifndef VERSION $(error VERSION is not set) diff --git a/installers/olm/README.md b/installers/olm/README.md index 9cde7f3990..a202e72508 100644 --- a/installers/olm/README.md +++ b/installers/olm/README.md @@ -1,3 +1,3 @@ -1. Set IMAGE env variable +1. Set VERSION env variable 2. Choose the mode (cluster or namespace) and update bundle/kustomization.yaml and makefile with necessary mode. 3. ```make bundles``` \ No newline at end of file diff --git a/installers/olm/bundle.csv.yaml b/installers/olm/bundle.csv.yaml index 1aa797ed20..ab8f15d115 100644 --- a/installers/olm/bundle.csv.yaml +++ b/installers/olm/bundle.csv.yaml @@ -34,7 +34,7 @@ metadata: # https://operatorhub.io/operator/postgresql createdAt: 2024-10-07 19:40Z repository: https://github.com/percona/percona-xtradb-cluster-operator - alm-examples: >- # kustomize config/examples + alm-examples: >- spec: # The following affect how the package is indexed at OperatorHub.io: From f4b40f3ae170f4e908d9b3dffe0f77784b0dce1d Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Mon, 21 Oct 2024 12:52:13 +0200 Subject: [PATCH 17/19] fix --- installers/olm/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installers/olm/Makefile b/installers/olm/Makefile index b19287c21b..3b19e4690a 100644 --- a/installers/olm/Makefile +++ b/installers/olm/Makefile @@ -4,7 +4,7 @@ IMAGE_TAG_BASE ?= $(IMAGE_TAG_OWNER)/$(NAME) SED := $(shell which gsed || which sed) VERSION ?= $(shell git rev-parse --abbrev-ref HEAD | $(SED) -e 's^/^-^g; s^[.]^-^g;' | tr '[:upper:]' '[:lower:]') IMAGE ?= $(IMAGE_TAG_BASE):$(VERSION) -MODE ?= cluster +MODE ?= namespace DEPLOYDIR = ./deploy BUNDLEDIR = $(DEPLOYDIR)/csv/redhat From de7382aff0a7ed4935832bf4afcd129fa67e20bd Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Thu, 26 Dec 2024 15:38:07 +0100 Subject: [PATCH 18/19] fix PR comments --- config/crd/kustomization.yaml | 2 +- installers/olm/Makefile | 2 +- installers/olm/bundle.annotations.yaml | 6 +++-- installers/olm/bundle.csv.yaml | 33 +++++++++++++------------- installers/olm/generate.sh | 30 ++++++++++++++++------- 5 files changed, 44 insertions(+), 29 deletions(-) diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index f283ad3f5d..e5edcb5911 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -7,7 +7,7 @@ resources: - bases/pxc.percona.com_perconaxtradbclusterrestores.yaml #+kubebuilder:scaffold:crdkustomizeresource -patchesJson6902: +patches: - path: patches/deprecated-1.2.json target: name: perconaxtradbclusters.pxc.percona.com diff --git a/installers/olm/Makefile b/installers/olm/Makefile index 3b19e4690a..447cbfe4f7 100644 --- a/installers/olm/Makefile +++ b/installers/olm/Makefile @@ -18,7 +18,7 @@ ENVTEST_K8S_VERSION = 1.23 .SUFFIXES: CONTAINER ?= docker -OPENSHIFT_VERSIONS ?= v4.12-v4.15 +OPENSHIFT_VERSIONS ?= v4.13-v4.16 PACKAGE_CHANNEL ?= stable MIN_KUBE_VERSION ?= 1.24.0 DOCKER_DEFAULT_PLATFORM ?= linux/amd64 diff --git a/installers/olm/bundle.annotations.yaml b/installers/olm/bundle.annotations.yaml index c96d1981f6..3f13e46c1c 100644 --- a/installers/olm/bundle.annotations.yaml +++ b/installers/olm/bundle.annotations.yaml @@ -3,8 +3,10 @@ annotations: operators.operatorframework.io.bundle.mediatype.v1: registry+v1 operators.operatorframework.io.bundle.manifests.v1: manifests/ operators.operatorframework.io.bundle.metadata.v1: metadata/ - operators.operatorframework.io.bundle.package.v1: + operators.operatorframework.io.bundle.package.v1: percona-xtradb-cluster-operator operators.operatorframework.io.bundle.channels.v1: stable operators.operatorframework.io.bundle.channel.default.v1: stable com.redhat.openshift.versions: 'v4.13' - + org.opencontainers.image.authors: info@percona.com + org.opencontainers.image.url: https://percona.com + org.opencontainers.image.vendor: Percona diff --git a/installers/olm/bundle.csv.yaml b/installers/olm/bundle.csv.yaml index ab8f15d115..c9c27d4d1b 100644 --- a/installers/olm/bundle.csv.yaml +++ b/installers/olm/bundle.csv.yaml @@ -6,9 +6,9 @@ apiVersion: operators.coreos.com/v1alpha1 kind: ClusterServiceVersion metadata: - name: '' # generate.sh + name: '' annotations: - features.operators.openshift.io/disconnected: "true" + features.operators.openshift.io/disconnected: "false" features.operators.openshift.io/fips-compliant: "false" features.operators.openshift.io/proxy-aware: "false" features.operators.openshift.io/tls-profiles: "false" @@ -18,9 +18,7 @@ metadata: features.operators.openshift.io/cnf: "false" features.operators.openshift.io/cni: "false" features.operators.openshift.io/csi: "false" - support: percona.com - olm.properties: '[]' - + support: percona/percona.com # The following affect how the package is indexed at OperatorHub.io: # https://operatorhub.io/?category=Database # https://sdk.operatorframework.io/docs/advanced-topics/operator-capabilities/operator-capabilities/ @@ -32,8 +30,8 @@ metadata: # The following appear on the details page at OperatorHub.io: # https://operatorhub.io/operator/postgresql - createdAt: 2024-10-07 19:40Z - repository: https://github.com/percona/percona-xtradb-cluster-operator + createdAt: "%Y-%m-%dT%H:%M:%S.%3Z" + repository: 'https://github.com/percona/percona-xtradb-cluster-operator' alm-examples: >- spec: @@ -163,7 +161,7 @@ spec: * Allowing haproxy-replica Service to cycle through the reader instances only * Fixing the overloaded allowUnsafeConfigurations flag - version: '' # generate.sh + version: links: - name: Percona url: https://www.percona.com/ @@ -262,18 +260,19 @@ spec: # Note: The minKubeVersion must correspond to the lowest supported OCP version minKubeVersion: 1.27.0 maturity: stable - # https://github.com/operator-framework/operator-lifecycle-manager/blob/v0.18.2/doc/design/how-to-update-operators.md#replaces--channels - replaces: '' # generate.sh - # https://olm.operatorframework.io/docs/advanced-tasks/operator-scoping-with-operatorgroups/ installModes: - - { type: OwnNamespace, supported: true } - - { type: SingleNamespace, supported: true } - - { type: MultiNamespace, supported: true } - - { type: AllNamespaces, supported: true } + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: true + type: MultiNamespace + - supported: true + type: AllNamespaces install: strategy: deployment spec: - permissions: # kustomize config/operator - deployments: # kustomize config/operator \ No newline at end of file + permissions: + deployments: \ No newline at end of file diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index 0b06302439..eb22031308 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -85,11 +85,12 @@ yq eval '.annotations["operators.operatorframework.io.bundle.channels.v1"] = env if [ ${DISTRIBUTION} == 'community' ]; then # community-operators - yq eval '.annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator" | - .annotations["org.opencontainers.image.authors"] = "info@percona.com" | - .annotations["org.opencontainers.image.url"] = "https://percona.com" | - .annotations["org.opencontainers.image.vendor"] = "Percona"' \ - bundle.annotations.yaml >"${bundle_directory}/metadata/annotations.yaml" + yq eval --inplace ' + .annotations["operators.operatorframework.io.bundle.package.v1"] = "percona-xtradb-cluster-operator" | + .annotations["org.opencontainers.image.authors"] = "info@percona.com" | + .annotations["org.opencontainers.image.url"] = "https://percona.com" | + .annotations["org.opencontainers.image.vendor"] = "Percona"' \ + "${bundle_directory}/metadata/annotations.yaml" # certified-operators elif [ ${DISTRIBUTION} == 'redhat' ]; then @@ -110,8 +111,16 @@ fi labels=$(yq eval -r '.annotations | to_entries | map(" " + .key + "=" + (.value | tojson)) | join("\n")' \ "${bundle_directory}/metadata/annotations.yaml") +labels="${labels} + + com.redhat.delivery.backport=true + + com.redhat.delivery.operator.bundle=true" + ANNOTATIONS="${labels}" envsubst "${bundle_directory}/Dockerfile" +awk '{gsub(/^[ \t]+/, " "); print}' "${bundle_directory}/Dockerfile" > "${bundle_directory}/Dockerfile.new" && mv "${bundle_directory}/Dockerfile.new" "${bundle_directory}/Dockerfile" + # Include CRDs as manifests. crd_names=$(yq eval -o=tsv '.metadata.name' operator_crds.yaml) @@ -136,9 +145,12 @@ yq eval -i '[.]' operator_roles${suffix}.yaml && yq eval 'length == 1' operator_ # Render bundle CSV and strip comments. csv_stem=$(yq -r '.projectName' "${project_directory}/PROJECT") -cr_example=$(yq eval -o=json '[.]' ../../deploy/cr.yaml) +cr_example=$(yq eval -o=json ../../deploy/cr.yaml) +backup_example=$(yq eval -o=json ../../deploy/backup/backup.yaml) +restore_example=$(yq eval -o=json ../../deploy/backup/restore.yaml) +full_example=$(jq -n "[${cr_example}, ${backup_example}, ${restore_example}]") -export examples="${cr_example}" +export examples="${full_example}" export deployment=$(yq eval operator_deployments.yaml) export account=$(yq eval '.[] | .metadata.name' operator_accounts.yaml) export rules=$(yq eval '.[] | .rules' operator_roles${suffix}.yaml) @@ -150,7 +162,7 @@ export name="${csv_stem}.v${VERSION}${suffix}" export name_certified="${csv_stem}-certified.v${VERSION}${suffix}" export name_certified_rhmp="${csv_stem}-certified-rhmp.v${VERSION}${suffix}" export skip_range="<${VERSION}" -export containerImage=$(yq eval '.[0].spec.template.spec.containers[1].image' operator_deployments.yaml) +export containerImage="$(yq eval '.[0].spec.template.spec.containers[0].image' operator_deployments.yaml)" export relatedImages=$(yq eval bundle.relatedImages.yaml) export rulesLevel=${rulesLevel} yq eval ' @@ -186,5 +198,7 @@ elif [ ${DISTRIBUTION} == "marketplace" ]; then .spec.relatedImages = env(relatedImages)' \ "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" fi +# delete blank lines. +sed -i '' '/^$/d' "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" if >/dev/null command -v tree; then tree -C "${bundle_directory}"; fi \ No newline at end of file From 9ff73d871060a8b319c664b9b567209ecbaa9b80 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Fri, 27 Dec 2024 20:56:10 +0100 Subject: [PATCH 19/19] add docker.io for community and fix crd indent --- installers/olm/generate.sh | 51 +++++++++++++++++++++++++++++++++++--- 1 file changed, 47 insertions(+), 4 deletions(-) diff --git a/installers/olm/generate.sh b/installers/olm/generate.sh index eb22031308..4ac3a84ee2 100755 --- a/installers/olm/generate.sh +++ b/installers/olm/generate.sh @@ -36,6 +36,22 @@ else exit 1 fi +update_yaml_images() { + local yaml_file="$1" + + if [ ! -f "$yaml_file" ]; then + echo "Error: File '$yaml_file' does not exist." + return 1 + fi + + local temp_file=$(mktemp) + + sed -E 's/(("image":|containerImage:|image:)[ ]*"?)([^"]+)("?)/\1docker.io\/\3\4/g' "$yaml_file" > "$temp_file" + mv "$temp_file" "$yaml_file" + + echo "File '$yaml_file' updated successfully." +} + kubectl kustomize "../../config/${DISTRIBUTION}" >operator_yamls.yaml export role="${mode}Role" @@ -124,9 +140,26 @@ awk '{gsub(/^[ \t]+/, " "); print}' "${bundle_directory}/Dockerfile" > "${bun # Include CRDs as manifests. crd_names=$(yq eval -o=tsv '.metadata.name' operator_crds.yaml) -for name in ${crd_names}; do - yq eval ". | select(.metadata.name == \"${name}\")" operator_crds.yaml >"${bundle_directory}/manifests/${name}.crd.yaml" -done +gawk -v names="${crd_names}" -v bundle_directory="${bundle_directory}" ' +BEGIN { + split(names, name_array, " "); + idx=1; +} +/apiVersion: apiextensions.k8s.io\/v1/ { + if (idx in name_array) { + current_file = bundle_directory "/manifests/" name_array[idx] ".crd.yaml"; + idx++; + } else { + current_file = bundle_directory "/unnamed_" idx ".yaml"; + idx++; + } +} +{ + if (current_file != "") { + print > current_file; + } +} +' ../../deploy/crd.yaml abort() { echo >&2 "$@" @@ -176,7 +209,10 @@ yq eval ' .spec.install.spec.deployments = [( env(deployment) | .[] |{ "name": .metadata.name, "spec": .spec} )] | .spec.minKubeVersion = env(minKubeVer)' bundle.csv.yaml >"${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" -if [ ${DISTRIBUTION} == "redhat" ]; then +if [ ${DISTRIBUTION} == "community" ]; then + update_yaml_images "bundles/$DISTRIBUTION/manifests/${file_name}.clusterserviceversion.yaml" + +elif [ ${DISTRIBUTION} == "redhat" ]; then yq eval --inplace ' .spec.relatedImages = env(relatedImages) | @@ -198,6 +234,13 @@ elif [ ${DISTRIBUTION} == "marketplace" ]; then .spec.relatedImages = env(relatedImages)' \ "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml" fi + +sed -i '' '/crVersion/!b +/crVersion/n +/crVersion/a\ + initImage: $initImage +' "bundles/$DISTRIBUTION/manifests/${file_name}.clusterserviceversion.yaml" + # delete blank lines. sed -i '' '/^$/d' "${bundle_directory}/manifests/${file_name}.clusterserviceversion.yaml"