Skip to content

Commit

Permalink
feat(deploy): support single namespace
Browse files Browse the repository at this point in the history
Signed-off-by: Rory Z <[email protected]>
  • Loading branch information
Rory-Z committed Dec 23, 2024
1 parent 01b870d commit 2cd0ad9
Show file tree
Hide file tree
Showing 10 changed files with 65 additions and 12 deletions.
14 changes: 12 additions & 2 deletions .github/workflows/deploy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,12 @@ jobs:

- [EMQX, emqx, "config/samples/emqx/v2beta1/emqx-slim.yaml"]
- [EMQX, emqx, "config/samples/emqx/v2beta1/emqx-full.yaml"]
single_namespace:
- false
- true
exclude:
- install: static
single_namespace: true

steps:
- run: minikube start
Expand Down Expand Up @@ -63,11 +69,15 @@ jobs:
helm install emqx-operator deploy/charts/emqx-operator \
--set image.tag=${{ github.sha }} \
--set development=true \
--namespace emqx-operator-system \
--set singleNamespace=${{ matrix.single_namespace }} \
--namespace ${{ matrix.single_namespace && 'default' || 'emqx-operator-system' }} \
--create-namespace
- name: Check operator
timeout-minutes: 5
run: kubectl wait --for=condition=Ready pods -l "control-plane=controller-manager" -n emqx-operator-system
run: |
kubectl wait --for=condition=Ready pods \
-l "control-plane=controller-manager" \
-n ${{ matrix.single_namespace && 'default' || 'emqx-operator-system' }}
- name: Deployment emqx
timeout-minutes: 5
uses: ./.github/actions/deploy-emqx
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build the manager binary
FROM golang:1.22 as builder
FROM golang:1.22 AS builder

WORKDIR /workspace
# Copy the Go Modules manifests
Expand Down
8 changes: 3 additions & 5 deletions RELEASE.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Release Note 🍻

EMQX Operator 2.2.25 has been released.
EMQX Operator 2.2.26-rc.1 has been released.

## Supported version
+ apps.emqx.io/v2beta1
Expand All @@ -15,9 +15,7 @@ EMQX Operator 2.2.25 has been released.

## Enhancements 🚀

+ `apps.emqx.io/v2beta1 EMQX`.

+ Fix sometimes got `EOF` error when request EMQX API
+ EMQX operator can now be deployed in a single namespace scope, where it will only manage resources within that namespace. Just set `singleNamespace: true` in the `values.yaml` file of Helm chart, and then the operator will only manage resources in the namespace where it is deployed.

## How to install/upgrade EMQX Operator 💡

Expand All @@ -29,7 +27,7 @@ helm repo update
helm upgrade --install emqx-operator emqx/emqx-operator \
--namespace emqx-operator-system \
--create-namespace \
--version 2.2.25
--version 2.2.26-rc.1
kubectl wait --for=condition=Ready pods -l "control-plane=controller-manager" -n emqx-operator-system
```

Expand Down
4 changes: 2 additions & 2 deletions deploy/charts/emqx-operator/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,12 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 2.2.26
version: 2.2.26-rc.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 2.2.26
appVersion: 2.2.26-rc.1

sources:
- https://github.com/emqx/emqx-operator/tree/main/deploy/charts/emqx-operator
Expand Down
1 change: 1 addition & 0 deletions deploy/charts/emqx-operator/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ The following table lists the configurable parameters of the cert-manager chart
| Parameter | Description | Default |
| --------- | ----------- | ------- |
| `skipCRDs` | If `true`, skips installing CRDs | `false` |
| `singleNamespace` | If true, the operator will watch only the namespace where it is deployed. If false, the operator will watch all namespaces. | `false` |
| `development` | Development configures the logger to use a Zap development config (stacktraces on warnings, no sampling), otherwise a Zap production config will be used (stacktraces on errors, sampling). | `false` |
| `image.repository` | Image repository | `emqx/emqx-operator-controller` |
| `image.tag` | Image tag | `{{RELEASE_VERSION}}` |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,23 +16,40 @@ imagePullSecrets:
{{- end }}
---
apiVersion: rbac.authorization.k8s.io/v1
{{ if .Values.singleNamespace }}
kind: RoleBinding
metadata:
name: {{ include "emqx-operator.fullname" . }}-manager-rolebinding
namespace: {{ .Release.Namespace }}
{{- else }}
kind: ClusterRoleBinding
metadata:
name: {{ include "emqx-operator.fullname" . }}-manager-rolebinding
{{- end }}
roleRef:
apiGroup: rbac.authorization.k8s.io
{{- if .Values.singleNamespace }}
kind: Role
{{- else }}
kind: ClusterRole
{{- end }}
name: {{ include "emqx-operator.fullname" . }}-manager-role
subjects:
- kind: ServiceAccount
name: {{ include "emqx-operator.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
{{ if .Values.singleNamespace }}
kind: Role
metadata:
name: {{ include "emqx-operator.fullname" . }}-manager-role
namespace: {{ .Release.Namespace }}
{{- else }}
kind: ClusterRole
metadata:
creationTimestamp: null
name: {{ include "emqx-operator.fullname" . }}-manager-role
{{- end }}
rules:
- apiGroups:
- ""
Expand Down
7 changes: 7 additions & 0 deletions deploy/charts/emqx-operator/templates/controller-manager.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,13 @@ spec:
- containerPort: 9443
name: webhook-server
protocol: TCP
{{- if .Values.singleNamespace }}
env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{{- end }}
readinessProbe:
httpGet:
path: /readyz
Expand Down
3 changes: 3 additions & 0 deletions deploy/charts/emqx-operator/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@

skipCRDs: false

## If true, the operator will watch only the namespace where it is deployed. If false, the operator will watch all namespaces.
singleNamespace: false

# Development configures the logger to use a Zap development config
# (stacktraces on warnings, no sampling), otherwise a Zap production
# config will be used (stacktraces on errors, sampling).
Expand Down
17 changes: 17 additions & 0 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ import (
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
clientgoscheme "k8s.io/client-go/kubernetes/scheme"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/cache"
"sigs.k8s.io/controller-runtime/pkg/healthz"
"sigs.k8s.io/controller-runtime/pkg/log/zap"

Expand Down Expand Up @@ -102,6 +103,9 @@ func main() {
LeaderElectionID: "19fd6fcc.emqx.io",
LeaseDuration: ptr.To(time.Second * 30),
RenewDeadline: ptr.To(time.Second * 20),
Cache: cache.Options{
DefaultNamespaces: getWatchNamespace(),
},
})
if err != nil {
setupLog.Error(err, "unable to start manager")
Expand Down Expand Up @@ -173,3 +177,16 @@ func main() {
os.Exit(1)
}
}

// getWatchNamespace returns the Namespace the operator should be watching for changes
func getWatchNamespace() map[string]cache.Config {
var watchNamespaceEnvVar = "WATCH_NAMESPACE"

ns, found := os.LookupEnv(watchNamespaceEnvVar)
if found {
return map[string]cache.Config{
ns: {},
}
}
return nil
}
2 changes: 1 addition & 1 deletion sidecar/reloader/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build the manager binary
FROM golang:1.18.3 as builder
FROM golang:1.18.3 AS builder

WORKDIR /workspace
# Copy the Go Modules manifests
Expand Down

0 comments on commit 2cd0ad9

Please sign in to comment.