Merge pull request #804 from awels/olm-manifests-b

BugFix:
kubevirt · May 16, 2019 · 52e7187 · 52e7187
2 parents 21aba72 + 9934dba
commit 52e7187
Show file tree

Hide file tree

Showing 3 changed files with 105 additions and 29 deletions.
diff --git a/doc/cdi-operator-olm.md b/doc/cdi-operator-olm.md
@@ -1,5 +1,5 @@
 # OLM (Operator Lifecycle Management) intergartion
-##OLM Overview
+## OLM Overview
 https://github.com/kubevirt/kubevirt/blob/master/docs/devel/olm-integration.md
 
 
@@ -23,7 +23,7 @@ make olm-verify
 CSV_VERSION=<CSV version>  QUAY_USERNAME=<quay account username> QUAY_PASSWORD=<quay account password> QUAY_NAMESPACE=<namespace> QUAY_REPOSITORY=<application name> make olm-push
 ```
 
-##CDI OLM installation 
+## Containerized Data Importer (CDI) OLM installation 
 ### Prerequisites
 #### Build OLM manifests and push them to quay
 - Build OLM manifests and push to quay. Specify your DOCKER_REPO, DOCKER_TAG, QUAY_NAMESPACE, QUAY_REPOSITORY, CSV_VERSION.
@@ -34,55 +34,71 @@ DOCKER_REPO=<repo> DOCKER_TAG=<docker tag> PULL_POLICY=<pull policy> VERBOSITY=<
 ```bash
 QUAY_NAMESPACE=<quay namespace> QUAY_REPOSITORY=<quay repo> QUAY_USERNAME=<quay username> QUAY_PASSWORD=<quay password> CSV_VERSION=<csv version > make olm-push
 ```
-#### Install OLM and Marketplace operators on cluster
-- Install OLM operator from cloned operator-lifecycle-manager repo 
+#### Install OLM and marketplace operators on cluster
+- Install OLM operator from cloned operator-lifecycle-manager repo and wait untill all pods are Running and Ready. 
 
 ```bash
 kubectl apply -f $GOPATH/src/github.com/operator-framework/operator-lifecycle-manager/deploy/upstream/quickstart/olm.yaml
 ```
-- Install marketplace operator from cloned operator-marketplace repo
+- Install marketplace operator from cloned operator-marketplace repo and wait until all pods are Running and Ready.
 ```bash
 kubectl apply -f $GOPATH/src/github.com/operator-framework/operator-marketplace/deploy/upstream/ --validate=false
 ```
-###CDI installation by means of OLM and Marketplace operators
+- Wait till marketplace-operator is Running and Ready.
+```bash
+kubectl get pods -n marketplace 
+NAME                                   READY   STATUS    RESTARTS   AGE
+cdi-7c7fc4f774-bdbsh                   1/1     Running   0          37s
+marketplace-operator-d8cc985d4-mv7xp   1/1     Running   0          2m40s
+
+```
+### CDI installation by means of OLM and marketplace operators
 - Install CDI operatorsource manifest that specifies the location of CDI OLM bundle in quay
 ```bash
-kubectl apply -f _out/manifests/release/olm/cdi-operatorsource.yaml_
+kubectl apply -f _out/manifests/release/olm/cdi-operatorsource.yaml
 ```
 - Handle marketplace namespace workarouond
 
   Move _catalogsourceconfig.operators.coreos.com/cdi_ from _markeplace_ namespace to _olm_ namespace by modifying *targetNamespace* field to 'olm' from 'marketplace'
 ```bash
-cluster/kubectl.sh get operatorsource,catalogsourceconfig,catalogsource,subscription,installplan --all-namespaces
-cluster/kubectl.sh edit catalogsourceconfig.operators.coreos.com/cdi -n marketplace
+kubectl get operatorsource,catalogsourceconfig,catalogsource,subscription,installplan --all-namespaces
+kubectl edit catalogsourceconfig.operators.coreos.com/cdi -n marketplace
 ```
 - Create CDI namespace
 ```bash
 kubectl create ns cdi 
 ```
 - Configure namespace to be allowed to create operators there
 ```bash
-cluster/kubectl.sh apply -f _out/manifests/release/olm/operatorgroup.yaml
+kubectl apply -f _out/manifests/release/olm/operatorgroup.yaml
 ```
 - Install subscription that will point from which channel the app is downloaded
 ```bash
-cluster/kubectl.sh apply -f  _out/manifests/release/olm/cdi-subscription.yaml
+kubectl apply -f  _out/manifests/release/olm/cdi-subscription.yaml
+```
+- Verify CDI installation plan was created
+```bash
+kubectl get operatorsource,catalogsourceconfig,catalogsource,subscription,installplan -n cdi
+NAME                                    PACKAGE   SOURCE   CHANNEL
+subscription.operators.coreos.com/cdi   cdi       cdi      beta
+
+NAME                                             CSV                 SOURCE   APPROVAL    APPROVED
+installplan.operators.coreos.com/install-995l9   cdioperator.0.0.0            Automatic   true
+
 ```
 - Now cdi-operator starts running but in order for it to succeed we need to deploy cdi cr
 ```bash
 cluster/kubectl.sh apply -f  _out/manifests/release/cdi-operator-cr.yaml
 ```
-Now the operator should finish its deployment succefully
+Now the operator should finish its deployment successfully
 
-###OKD UI
+### OKD UI
 - Grant cluster-admin permissions to kube-system:default
 ```bash
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: kube-system-admin
-  labels:
-    operator.cdi.kubevirt.io: ""
 subjects:
 - kind: ServiceAccount
   name: default

diff --git a/pkg/operator/resources/operator/components.go b/pkg/operator/resources/operator/components.go
@@ -59,13 +59,13 @@ func (ci *CdiImages) FillDefaults() *CdiImages {
 		ci.ClonerImage = ClonerImageDefault
 	}
 	if ci.APIServerImage == "" {
-		ci.ClonerImage = APIServerImageDefault
+		ci.APIServerImage = APIServerImageDefault
 	}
 	if ci.UplodaProxyImage == "" {
-		ci.ClonerImage = UploadProxyImageDefault
+		ci.UplodaProxyImage = UploadProxyImageDefault
 	}
 	if ci.UplodaServerImage == "" {
-		ci.ClonerImage = UploadServerImageDefault
+		ci.UplodaServerImage = UploadServerImageDefault
 	}
 
 	return ci

diff --git a/pkg/operator/resources/operator/operator.go b/pkg/operator/resources/operator/operator.go
@@ -33,8 +33,8 @@ import (
 
 const (
 	operatorServiceAccountName = "cdi-operator"
-	operatorClusterRoleName    = "cdi-operator-cluster-role"
-	operatorNamespacedRoleName = "cdi-operator-role"
+	operatorClusterRoleName    = "cdi-operator-cluster"
+	operatorNamespacedRoleName = "cdi-operator"
 	privilegedAccountPrefix    = "system:serviceaccount"
 	prometheusLabel            = common.PrometheusLabel
 )
@@ -86,7 +86,25 @@ func getOperatorClusterRules() *[]rbacv1.PolicyRule {
 				"securitycontextconstraints",
 			},
 			Verbs: []string{
-				"*",
+				"get",
+				"list",
+				"watch",
+			},
+		},
+		{
+			APIGroups: []string{
+				"security.openshift.io",
+			},
+			Resources: []string{
+				"securitycontextconstraints",
+			},
+			ResourceNames: []string{
+				"privileged",
+			},
+			Verbs: []string{
+				"get",
+				"patch",
+				"update",
 			},
 		},
 		{
@@ -229,8 +247,11 @@ func getOperatorClusterRules() *[]rbacv1.PolicyRule {
 			},
 			Verbs: []string{
 				"get",
+				"list",
+				"watch",
 				"create",
 				"update",
+				"patch",
 			},
 		},
 		{
@@ -244,6 +265,18 @@ func getOperatorClusterRules() *[]rbacv1.PolicyRule {
 				"*",
 			},
 		},
+		{
+			APIGroups: []string{
+				"storage.k8s.io",
+			},
+			Resources: []string{
+				"storageclasses",
+			},
+			Verbs: []string{
+				"get",
+				"list",
+			},
+		},
 		{
 			APIGroups: []string{
 				"",
@@ -456,15 +489,32 @@ func createCDIListCRD() *extv1beta1.CustomResourceDefinition {
 			},
 		},
 		Spec: extv1beta1.CustomResourceDefinitionSpec{
-			Group: "cdi.kubevirt.io",
+			Group:   "cdi.kubevirt.io",
+			Version: "v1alpha1",
+			Scope:   "Cluster",
+
+			Versions: []extv1beta1.CustomResourceDefinitionVersion{
+				{
+					Name:    "v1alpha1",
+					Served:  true,
+					Storage: true,
+				},
+			},
 			Names: extv1beta1.CustomResourceDefinitionNames{
 				Kind:     "CDI",
 				ListKind: "CDIList",
 				Plural:   "cdis",
 				Singular: "cdi",
+				Categories: []string{
+					"all",
+				},
+				ShortNames: []string{"cdi", "cdis"},
+			},
+
+			AdditionalPrinterColumns: []extv1beta1.CustomResourceColumnDefinition{
+				{Name: "Age", Type: "date", JSONPath: ".metadata.creationTimestamp"},
+				{Name: "Phase", Type: "string", JSONPath: ".status.phase"},
 			},
-			Version: "v1alpha1",
-			Scope:   "Cluster",
 		},
 	}
 }
@@ -474,11 +524,20 @@ const (
 )
 
 func createOperatorDeploymentSpec(repo, namespace, deployClusterResources, operatorImage, controllerImage, importerImage, clonerImage, apiServerImage, uploadProxyImage, uploadServerImage, tag, verbosity, pullPolicy string) *appsv1.DeploymentSpec {
-	spec := utils.CreateOperatorDeploymentSpec("cdi-operator", namespace, "name", "cdi-operator", operatorServiceAccountName, int32(1))
-	container := utils.CreatePortsContainer("cdi-operator", repo, operatorImage, tag, verbosity, corev1.PullPolicy(pullPolicy), createPrometheusPorts())
-	container.Env = *createOperatorEnvVar(repo, deployClusterResources, operatorImage, controllerImage, importerImage, clonerImage, apiServerImage, uploadProxyImage, uploadServerImage, tag, verbosity, pullPolicy)
-	spec.Template.Spec.Containers = []corev1.Container{container}
-	return spec
+	deployment := createOperatorDeployment(repo,
+		namespace,
+		deployClusterResources,
+		operatorImage,
+		controllerImage,
+		importerImage,
+		clonerImage,
+		apiServerImage,
+		uploadProxyImage,
+		uploadServerImage,
+		tag,
+		verbosity,
+		pullPolicy)
+	return &deployment.Spec
 }
 
 func createOperatorEnvVar(repo, deployClusterResources, operatorImage, controllerImage, importerImage, clonerImage, apiServerImage, uploadProxyImage, uploadServerImage, tag, verbosity, pullPolicy string) *[]corev1.EnvVar {
@@ -543,6 +602,7 @@ func createPrometheusPorts() *[]corev1.ContainerPort {
 		{
 			Name:          "metrics",
 			ContainerPort: 60000,
+			Protocol:      "TCP",
 		},
 	}
 }