From f308ce8d29101824a90b75ed20d2b7d797a144d9 Mon Sep 17 00:00:00 2001 From: tchughesiv Date: Tue, 26 Mar 2019 14:32:47 -0500 Subject: [PATCH] [KIECLOUD-168] rhpam authoring-ha fixes Signed-off-by: tchughesiv --- config/envs/rhdm-authoring-ha.yaml | 2 +- config/envs/rhpam-authoring-ha.yaml | 375 ++++++++++++++++-- .../kieapp/defaults/defaults_test.go | 1 + 3 files changed, 348 insertions(+), 30 deletions(-) diff --git a/config/envs/rhdm-authoring-ha.yaml b/config/envs/rhdm-authoring-ha.yaml index 6a3283216..100664bd0 100644 --- a/config/envs/rhdm-authoring-ha.yaml +++ b/config/envs/rhdm-authoring-ha.yaml @@ -290,7 +290,7 @@ others: from: kind: ImageStreamTag namespace: "openshift" - name: "amq-broker-72-scaledown-controller-openshift:0.4" + name: "amq-broker-72-scaledown-controller-openshift:1.0" type: ImageChange - type: ConfigChange diff --git a/config/envs/rhpam-authoring-ha.yaml b/config/envs/rhpam-authoring-ha.yaml index bfc47a4ec..0aaefaee5 100644 --- a/config/envs/rhpam-authoring-ha.yaml +++ b/config/envs/rhpam-authoring-ha.yaml @@ -58,7 +58,119 @@ smartRouter: ## KIE smartrouter END # ES/AMQ BEGIN others: - - persistentVolumeClaims: + - roles: + - metadata: + name: "[[.ApplicationName]]-amq-role" + labels: + app: "[[.ApplicationName]]" + application: "[[.ApplicationName]]" + rules: + - apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + + - metadata: + name: "[[.ApplicationName]]-amq-scaledown-controller-role" + labels: + app: "[[.ApplicationName]]" + application: "[[.ApplicationName]]" + rules: + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - create + - delete + - patch + - update + - apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + + rolebindings: + - metadata: + name: "[[.ApplicationName]]-amq-scaledown-controller-openshift-rb" + labels: + app: "[[.ApplicationName]]" + application: "[[.ApplicationName]]" + subjects: + - kind: ServiceAccount + name: "[[.ApplicationName]]-amq-scaledown-controller-sa" + roleRef: + kind: Role + name: "[[.ApplicationName]]-amq-scaledown-controller-role" + apiGroup: rbac.authorization.k8s.io + + - metadata: + name: "[[.ApplicationName]]-amq-rb" + labels: + app: "[[.ApplicationName]]" + application: "[[.ApplicationName]]" + subjects: + - kind: ServiceAccount + name: "[[.ApplicationName]]-amq-sa" + roleRef: + kind: Role + name: "[[.ApplicationName]]-amq-role" + apiGroup: rbac.authorization.k8s.io + + serviceaccounts: + - metadata: + labels: + app: "[[.ApplicationName]]" + application: "[[.ApplicationName]]" + name: "[[.ApplicationName]]-amq-sa" + + - metadata: + labels: + app: "[[.ApplicationName]]" + application: "[[.ApplicationName]]" + name: "[[.ApplicationName]]-amq-scaledown-controller-sa" + + persistentVolumeClaims: - metadata: name: "[[.ApplicationName]]-[[.Constants.Product]]index-claim" labels: @@ -138,17 +250,172 @@ others: labels: app: "[[.ApplicationName]]" application: "[[.ApplicationName]]" - name: "[[.ApplicationName]]-amq" + service: "[[.ApplicationName]]-amq-scaledown-controller" + name: "[[.ApplicationName]]-amq-scaledown-controller" + annotations: + deployment.kubernetes.io/revision: "1" + template.alpha.openshift.io/wait-for-ready: "true" spec: replicas: 1 selector: - deploymentConfig: "[[.ApplicationName]]-amq" + deploymentConfig: "[[.ApplicationName]]-amq-scaledown-controller" strategy: rollingParams: maxSurge: 0 type: Rolling template: metadata: + labels: + app: "[[.ApplicationName]]" + application: "[[.ApplicationName]]" + deploymentConfig: "[[.ApplicationName]]-amq-scaledown-controller" + name: "[[.ApplicationName]]-amq-scaledown-controller" + spec: + serviceAccountName: "[[.ApplicationName]]-amq-scaledown-controller-sa" + containers: + - args: + - --localOnly + - --v + - "3" + image: "amq-broker-72-scaledown-controller-openshift" + imagePullPolicy: IfNotPresent + name: "[[.ApplicationName]]-amq" + terminationGracePeriodSeconds: 30 + triggers: + - imageChangeParams: + automatic: true + containerNames: + - "[[.ApplicationName]]-amq" + from: + kind: ImageStreamTag + namespace: "openshift" + name: "amq-broker-72-scaledown-controller-openshift:1.0" + type: ImageChange + - type: ConfigChange + + statefulsets: + - metadata: + annotations: + alpha.image.policy.openshift.io/resolve-names: "*" + statefulsets.kubernetes.io/drainer-pod-template: | + { + "metadata": { + "labels": { + "app": "[[.ApplicationName]]", + "application": "[[.ApplicationName]]" + }, + "name": "[[.ApplicationName]]-amq-drainer-pod" + }, + "spec": { + "serviceAccount": "[[.ApplicationName]]-amq-sa", + "serviceAccountName": "[[.ApplicationName]]-amq-sa", + "terminationGracePeriodSeconds": 5, + "containers": [ + { + "env": [ + { + "name": "AMQ_EXTRA_ARGS", + "value": "--no-autotune" + }, + { + "name": "AMQ_USER", + "value": "jmsBrokserUser" + }, + { + "name": "AMQ_PASSWORD", + "value": "[[.AdminPassword]]" + }, + { + "name": "AMQ_ROLE", + "value": "admin" + }, + { + "name": "AMQ_NAME", + "value": "broker" + }, + { + "name": "AMQ_TRANSPORTS", + "value": "openwire" + }, + { + "name": "AMQ_QUEUES", + "value": "" + }, + { + "name": "AMQ_GLOBAL_MAX_SIZE", + "value": "100 gb" + }, + { + "name": "AMQ_ALLOW_ANONYMOUS", + "value": "" + }, + { + "name": "AMQ_DATA_DIR", + "value": "/opt/amq/data" + }, + { + "name": "AMQ_DATA_DIR_LOGGING", + "value": "true" + }, + { + "name": "AMQ_CLUSTERED", + "value": "true" + }, + { + "name": "AMQ_REPLICAS", + "value": "2" + }, + { + "name": "AMQ_CLUSTER_USER", + "value": "jmsBrokserUser" + }, + { + "name": "AMQ_CLUSTER_PASSWORD", + "value": "[[.AdminPassword]]" + }, + { + "name": "POD_NAMESPACE", + "valueFrom": { + "fieldRef": { + "fieldPath": "metadata.namespace" + } + } + }, + { + "name": "OPENSHIFT_DNS_PING_SERVICE_PORT", + "value": "8888" + } + ], + "image": "amq-broker-72-openshift:1.1", + "name": "[[.ApplicationName]]-amq", + "command": ["/bin/sh", "-c", "echo \"Starting the drainer\" ; /opt/amq/bin/drain.sh; echo \"Drain completed! Exit code $?\""], + "volumeMounts": [ + { + "name": "[[.ApplicationName]]-amq-pvol", + "mountPath": "/opt/amq/data" + } + ] + } + ] + } + } + creationTimestamp: null + generation: 3 + labels: + app: "[[.ApplicationName]]" + application: "[[.ApplicationName]]" + name: "[[.ApplicationName]]-amq" + spec: + podManagementPolicy: OrderedReady + replicas: 2 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: "[[.ApplicationName]]" + serviceName: "[[.ApplicationName]]-amq-tcp" + template: + metadata: + creationTimestamp: null labels: app: "[[.ApplicationName]]" application: "[[.ApplicationName]]" @@ -169,20 +436,32 @@ others: value: "openwire" - name: AMQ_GLOBAL_MAX_SIZE value: "100 gb" - image: "amq-broker-72-openshift" - imagePullPolicy: Always - readinessProbe: - exec: - command: - - "/bin/bash" - - "-c" - - "/opt/amq/bin/readinessProbe.sh" - lifecycle: - preStop: - exec: - command: - - /opt/amq/bin/shutdownHook.sh - name: "[[.ApplicationName]]-amq" + - name: AMQ_REQUIRE_LOGIN + - name: AMQ_DATA_DIR + value: /opt/amq/data + - name: AMQ_DATA_DIR_LOGGING + value: "true" + - name: AMQ_CLUSTERED + value: "true" + - name: AMQ_REPLICAS + value: "0" + - name: AMQ_CLUSTER_USER + value: "jmsBrokserUser" + - name: AMQ_CLUSTER_PASSWORD + value: "[[.AdminPassword]]" + - name: OPENSHIFT_DNS_PING_SERVICE_NAME + value: "[[.ApplicationName]]-amq-ping" + - name: AMQ_EXTRA_ARGS + - name: AMQ_ANYCAST_PREFIX + - name: AMQ_MULTICAST_PREFIX + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "amq-broker-72-openshift:1.1" + imagePullPolicy: IfNotPresent + name: broker-amq ports: - containerPort: 8161 name: jolokia @@ -199,21 +478,43 @@ others: - containerPort: 61616 name: artemis protocol: TCP + readinessProbe: + exec: + command: + - /bin/bash + - -c + - /opt/amq/bin/readinessProbe.sh + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/amq/data + name: "[[.ApplicationName]]-amq-pvol" + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} terminationGracePeriodSeconds: 60 - triggers: - - imageChangeParams: - automatic: true - containerNames: - - "[[.ApplicationName]]-amq" - from: - kind: ImageStreamTag - namespace: "openshift" - name: "amq-broker-72-openshift:1.0" - type: ImageChange - - type: ConfigChange + updateStrategy: + type: OnDelete + volumeClaimTemplates: + - metadata: + creationTimestamp: null + name: "[[.ApplicationName]]-amq-pvol" + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi services: - spec: + clusterIP: None ports: - port: 61616 targetPort: 61616 @@ -228,6 +529,23 @@ others: annotations: description: The broker's OpenWire port. + - spec: + clusterIP: None + ports: + - port: 8888 + protocol: TCP + targetPort: 8888 + selector: + deploymentConfig: "[[.ApplicationName]]-amq" + metadata: + name: "[[.ApplicationName]]-amq-ping" + annotations: + description: The JGroups ping port for clustering. + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" + labels: + app: "[[.ApplicationName]]" + application: "[[.ApplicationName]]" + - spec: ports: - name: rest @@ -262,6 +580,5 @@ others: name: "[[.ApplicationName]]-[[.Constants.Product]]index" port: targetPort: rest - ## ES/AMQ END diff --git a/pkg/controller/kieapp/defaults/defaults_test.go b/pkg/controller/kieapp/defaults/defaults_test.go index aa6be4724..0ed54faf4 100644 --- a/pkg/controller/kieapp/defaults/defaults_test.go +++ b/pkg/controller/kieapp/defaults/defaults_test.go @@ -230,6 +230,7 @@ func TestRhpamAuthoringHAEnvironment(t *testing.T) { assert.Nil(t, err, "Error getting prod environment") assert.Equal(t, "test-rhpamcentr", env.Console.DeploymentConfigs[0].ObjectMeta.Name) + assert.Equal(t, "test-amq", env.Others[0].StatefulSets[0].ObjectMeta.Name) assert.Equal(t, fmt.Sprintf("rhpam%s-businesscentral-openshift", cr.Spec.CommonConfig.Version), env.Console.DeploymentConfigs[0].Spec.Template.Spec.Containers[0].Image) pingService := getService(env.Console.Services, "test-rhpamcentr-ping") assert.Len(t, pingService.Spec.Ports, 1, "The ping service should have only one port")