Giter Site home page Giter Site logo

toolchain-common's Introduction

CodeReady Toolchain

Go Report Card GoDoc Codecov.io

This repo is for controllers, libs, scripts, make files, etc to be shared between host and member operators.

Build

Requires Go version 1.14 - download for your development environment here.

This repository uses Go modules. You may need to export GO111MODULE=on to turn modules support "on".

Setting Up and Connecting Host and Member Clusters

To setup host and member clusters - follow steps from https://github.com/codeready-toolchain/toolchain-e2e/blob/master/dev_install.adoc

Once the host and member operators are setup, we can add resources and watch the logs on the member-operator! To do so, open a new terminal and run the following commands

$ cd $GOPATH/src/github.com/codeready-toolchain/host-operator
# switch to appropriate namespace
$ oc apply -f '/path/to/masteruserrecord.yaml'
$ cd $GOPATH/github.com/codeready-toolchain/member-operator
# switch to appropriate namespace
$ oc apply -f '/path/to/useraccount.yaml'

Example masteruserrecord.yaml:

Note: The targetCluster field must contain the correct member cluster name.

apiVersion: toolchain.dev.openshift.com/v1alpha1
kind: MasterUserRecord
metadata:
  name: example
spec:
  disabled: false
  deprovisioned: false
  userID: 86505192-a386-11e9-ad56-525400ad2b23
  userAccounts:
  - targetCluster: member-192-168-42-61-8443
    syncIndex: 86505a
    spec:
      nsLimit: admin
      userID: 86505192-a386-11e9-ad56-525400ad2b23
      nsTemplateSet:
        tierName: basic
        namespaces:
        - type: dev
          revision: abcdef
        - type: code
          revision: abcdef
        - type: stage
          revision: abcdef

Example useraccount.yaml:

apiVersion: toolchain.dev.openshift.com/v1alpha1
kind: UserAccount
metadata:
  name: example
spec:
  userID: 86505192-a386-11e9-ad56-525400ad2b23
  disabled: false
  nsLimit: admin
  nsTemplateSet:
    tierName: basic
    namespaces:
    - type: dev
      revision: abcdef
    - type: code
      revision: abcdef
    - type: stage
      revision: abcdef

Configuring developers.redhat.com Authentication in OpenShift 4 Cluster

Create a secret with Identity Provider credentials:

$ oc apply -f deploy/idp_secret.yaml

Create an Identity Provider:

$ oc apply -f deploy/idp.yaml

Creating User

Create a user, identity and user identity mapping:

$ oc apply -f deploy/user.yaml

Scripts

add-cluster.sh

The CodeReady Toolchain architecture contains two types of clusters host and member. To connect these two clusters together it is necessary to run a script scripts/add-cluster.sh that takes multiple flags like, --type, --member-ns, --host-ns, --single-cluster, --kube-config. However you can see all these options by using ./scripts/add-cluster.sh -h

Assumption: This script assumes that you have host and member operators running on host and member clusters.

Scenario 1: Add Member to Host

./scripts/add-cluster.sh -t member

or

make add-member-to-host

Steps included:

  1. goes to the cluster with member profile i.e. member cluster

  2. takes a secret of the SA (from the member)

  3. takes API endpoint and cluster name of the member cluster from Kube config

  4. goes to host profile

  5. takes cluster name of the host cluster from Kube config

  6. creates a secret with the SA token taken from the member

  7. creates ToolchainCluster CR representing the added member

Note: We have make target available for this i.e. make add-member-to-host in member-operator, host-operator repository

Scenario 2: Add Host to Member

./scripts/add-cluster.sh -t host

or

make add-host-to-member

Steps included:

  1. goes to the cluster with host profile i.e. host cluster

  2. takes a secret of the SA (from the host)

  3. takes API endpoint and cluster name of the host cluster from Kube config

  4. goes to member profile

  5. takes cluster name of the member cluster from Kube config

  6. creates a secret with the SA token taken from the host

  7. creates ToolchainCluster CR representing the added host

Note: We have make target available for this i.e. make add-host-to-member member-operator, host-operator repository

Using a single cluster for both operators host and member

Assumption: This script assumes that you have both host and member operators running on the same OpenShift cluster in respective namespace with all requires resources like Service Account, (Cluster)Role, (Cluster)RoleBinding, Custom Resource Definition. Scenario 1: Add Member to Host

./scripts/add-cluster.sh -t member -s

Steps included:

  1. takes a secret of the SA (from the toolchain-member-operator namespace)

  2. takes API endpoint and cluster name of the member cluster from Kube config

  3. takes cluster name of the host cluster from Kube config

  4. creates a secret in toolchain-host-operator namespace with the SA token taken from the toolchain-member-operator ns

  5. creates ToolchainCluster in toolchain-host-operator namespace CR representing the added member

Scenario 2: Add Host to Member

./scripts/add-cluster.sh -t host -s

Steps included:

  1. takes a secret of the SA (from the toolchain-host-operator)

  2. takes API endpoint and cluster name of the host cluster from Kube config

  3. takes cluster name of the member cluster from Kube config

  4. creates a secret in toolchain-member-operator namespace with the SA token taken from the toolchain-host-operator ns

  5. creates ToolchainCluster in toolchain-member-operator namespace CR representing the added host

Using different clusters for host and member operators

Make sure you have two different clusters ready and available where the host-operator should be running in the host cluster and member-operator in the member cluster.

To do either you can pass kube-config using -kc flag with kubeconfig having host-admin and member-admin contexts or if you don’t have kubeconfig you can provide required detail of cluster when promted for cluster URL and token.

Sample Kubeconfig
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: REDACTED
    server: https://api.host-1573997449.devcluster.openshift.com:6443
  name: host-1573997449
- cluster:
    certificate-authority-data: REDACTED
    server: https://api.member-1573997449.devcluster.openshift.com:6443
  name: member-1573997449
contexts:
- context:
    cluster: host-1573997449
    user: host-admin
  name: host-admin
- context:
    cluster: member-1573997449
    user: member-admin
  name: member-admin
current-context: host-admin
kind: Config
preferences: {}
users:
- name: host-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED
- name: member-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED
export KUBECONFIG=kubeconfig
./scripts/add-cluster.sh -t host -s  -t member -mn ${MEMBER_OPERATOR_NS} -hn ${HOST_OPERATOR_NS} -kc ${KUBECONFIG}
./scripts/add-cluster.sh -t member -s  -t member -mn ${MEMBER_OPERATOR_NS} -hn ${HOST_OPERATOR_NS} -kc ${KUBECONFIG}

overwriting default namespaces for member-operator and host-operator

If you are running member-operator and host-operator in different namespaces other than default (i.e. not in toolchain-member-operator or toolchain-host-operator), you can do it passing -mn or -hs flags

./scripts/add-cluster.sh --type host --member-ns member-operator-0xdf4 --host-ns host-operator-hj6d7 --single-cluster

While overwriting default namespaces, please do remember to provide member and host namespace. If you are trying to overwrite with single namespace, it’s not supported at this point.

toolchain-common's People

Contributors

matousjobanek avatar xcoulon avatar alexeykazakov avatar tinakurian avatar rajivnathan avatar sbryzak avatar dipak-pawar avatar ranakan19 avatar nurali-techie avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.