-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adds an operator manifest example for running on Kubernetes (#17)
* Adds an operator manifest example for running on Kubernetes This new operator.yaml will become the template for a versioned release asset when we start cutting releases. That way we can include the fully-specified `PrefectHQ/prefect-operator` version tag in a place that people can permanently reference. This change also changes the SQLite version of the server from a `StatefulSet` to a `Deployment` with an explicit PVC, fixed replicas, and the `Recreate` rollout strategy. This makes it easier to reason about what the server deployment will look like and simplifies the code. Closes #8 * Typo
- Loading branch information
1 parent
f0ae62b
commit 2f3fa17
Showing
6 changed files
with
165 additions
and
108 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,22 @@ | ||
#!/bin/bash | ||
kubectl apply -f - << NAMESPACE | ||
apiVersion: v1 | ||
kind: Namespace | ||
metadata: | ||
name: prefect-operator | ||
NAMESPACE | ||
|
||
make docker | ||
kubectl -n prefect-operator apply -f operator.yaml | ||
kubectl -n prefect-operator rollout restart deployment prefect-operator | ||
|
||
python -m prefect_operator generate-crds > crds.yaml | ||
kubectl apply -f crds.yaml | ||
|
||
if [ -z "$1" ]; then | ||
exit 0 | ||
fi | ||
|
||
for f in examples/$1/*.yaml; do | ||
kubectl apply -f $f | ||
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: ClusterRole | ||
metadata: | ||
name: prefect-operator-role-cluster | ||
rules: | ||
|
||
# Kopf framework: knowing which other operators are running (i.e. peering) | ||
- apiGroups: [kopf.dev] | ||
resources: [clusterkopfpeerings] | ||
verbs: [list, watch, patch, get] | ||
|
||
# Kopf framework: runtime observation of namespaces & CRDs (addition/deletion) | ||
- apiGroups: [apiextensions.k8s.io] | ||
resources: [customresourcedefinitions] | ||
verbs: [list, watch] | ||
- apiGroups: [""] | ||
resources: [namespaces] | ||
verbs: [list, watch] | ||
|
||
# Kopf framework: admission webhook configuration management | ||
- apiGroups: [admissionregistration.k8s.io/v1, admissionregistration.k8s.io/v1beta1] | ||
resources: [validatingwebhookconfigurations, mutatingwebhookconfigurations] | ||
verbs: [create, patch] | ||
|
||
# Kopf framework: events | ||
- apiGroups: [""] | ||
resources: [events] | ||
verbs: [create] | ||
|
||
# Prefect operator: read-only access for watching prefect-operator CRDs cluster-wide | ||
- apiGroups: [prefect.io] | ||
resources: [prefectservers, prefectworkpools] | ||
verbs: [list, get, watch, patch] | ||
|
||
# Prefect operator: write access to deployments, services, etc | ||
- apiGroups: [""] | ||
resources: [services, persistentvolumeclaims] | ||
verbs: [list, get, create, update, patch, delete] | ||
|
||
- apiGroups: ["apps"] | ||
resources: [deployments] | ||
verbs: [list, get, create, update, patch, delete] | ||
|
||
- apiGroups: ["batch"] | ||
resources: [jobs] | ||
verbs: [list, get, create, update, patch, delete] | ||
|
||
--- | ||
|
||
apiVersion: v1 | ||
kind: ServiceAccount | ||
metadata: | ||
namespace: prefect-operator | ||
name: prefect-operator | ||
|
||
--- | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: ClusterRoleBinding | ||
metadata: | ||
name: prefect-operator-rolebinding-cluster | ||
roleRef: | ||
apiGroup: rbac.authorization.k8s.io | ||
kind: ClusterRole | ||
name: prefect-operator-role-cluster | ||
subjects: | ||
- kind: ServiceAccount | ||
namespace: prefect-operator | ||
name: prefect-operator | ||
|
||
--- | ||
|
||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
namespace: prefect-operator | ||
name: prefect-operator | ||
spec: | ||
replicas: 1 | ||
strategy: | ||
type: Recreate | ||
selector: | ||
matchLabels: | ||
app: prefect-operator | ||
template: | ||
metadata: | ||
labels: | ||
app: prefect-operator | ||
spec: | ||
serviceAccountName: prefect-operator | ||
containers: | ||
- name: operator | ||
image: PrefectHQ/prefect-operator:latest | ||
imagePullPolicy: IfNotPresent |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters