diff --git a/README.md b/README.md index 43ef025eb..ded6eb88f 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ There are manual deployment, upgrade and rollback options available as well. To understand how to deploy a Pravega Operator using helm, refer to [this](charts/pravega-operator#installing-the-chart). #### Deploying in Test Mode - The Operator can be run in a "test" mode if we want to create pravega on minikube or on a cluster with very limited resources by enabling `testmode: true` in `values.yaml` file. Operator running in test mode skips minimum replica requirement checks on Pravega components. "Test" mode ensures a bare minimum setup of pravega and is not recommended to be used in production environments. + The Operator can be run in `test mode` if we want to deploy pravega on minikube or on a cluster with very limited resources by enabling `testmode: true` in `values.yaml` file. Operator running in test mode skips minimum replica requirement checks on Pravega components. Test mode provides a bare minimum setup and is not recommended to be used in production environments. ### Upgrade the Operator @@ -74,6 +74,8 @@ Check out the available [options for long term storage](doc/longtermstorage.md) For demo purposes, you can quickly install a toy NFS server. ``` +$ helm repo add stable https://kubernetes-charts.storage.googleapis.com +$ helm repo update $ helm install stable/nfs-server-provisioner --generate-name ``` diff --git a/charts/pravega-operator/README.md b/charts/pravega-operator/README.md index ed78a9a70..f05295259 100644 --- a/charts/pravega-operator/README.md +++ b/charts/pravega-operator/README.md @@ -21,19 +21,18 @@ To install the pravega-operator chart, use the following commands: ``` $ helm repo add pravega https://charts.pravega.io $ helm repo update -$ helm install [RELEASE_NAME] pravega/pravega-operator --version=[VERSION] --set webhookCert.crt=[TLS_CRT] --set webhookCert.generate=false --set webhookCert.certName=[CERT_NAME] --set webhookCert.secretName=[SECRET_NAME] +$ helm install [RELEASE_NAME] pravega/pravega-operator --version=[VERSION] --set webhookCert.certName=[CERT_NAME] --set webhookCert.secretName=[SECRET_NAME] ``` where: - **[RELEASE_NAME]** is the release name for the pravega-operator chart. - **[DEPLOYMENT_NAME]** is the name of the pravega-operator deployment so created. (If [RELEASE_NAME] contains the string `pravega-operator`, `[DEPLOYMENT_NAME] = [RELEASE_NAME]`, else `[DEPLOYMENT_NAME] = [RELEASE_NAME]-pravega-operator`. The [DEPLOYMENT_NAME] can however be overridden by providing `--set fullnameOverride=[DEPLOYMENT_NAME]` along with the helm install command) - **[VERSION]** can be any stable release version for pravega-operator from 0.5.0 onwards. -- **[CERT_NAME]** is the name of the certificate created in the previous step +- **[CERT_NAME]** is the name of the certificate created as a prerequisite - **[SECRET_NAME]** is the name of the secret created by the above certificate -- **[TLS_CRT]** is contained in the above secret and can be obtained using the command `kubectl get secret [SECRET_NAME] -o yaml | grep tls.crt` This command deploys a pravega-operator on the Kubernetes cluster in its default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. ->Note: If the pravega-operator version is 0.4.5, webhookCert.generate, webhookCert.crt, webhookCert.certName and webhookCert.secretName should not be set. Also in this case, bookkeeper operator, cert-manager and the certificate/issuer do not need to be deployed as prerequisites. +>Note: If the pravega-operator version is 0.4.5, webhookCert.certName and webhookCert.secretName should not be set. Also in this case, bookkeeper operator, cert-manager and the certificate/issuer do not need to be deployed as prerequisites. ## Uninstalling the Chart diff --git a/charts/pravega-operator/templates/pravega.pravega.io_pravegaclusters_crd.yaml b/charts/pravega-operator/templates/pravega.pravega.io_pravegaclusters_crd.yaml index 74f08c189..0b96f0037 100644 --- a/charts/pravega-operator/templates/pravega.pravega.io_pravegaclusters_crd.yaml +++ b/charts/pravega-operator/templates/pravega.pravega.io_pravegaclusters_crd.yaml @@ -40,7 +40,9 @@ spec: conversionReviewVersions: ["v1beta1", "v1alpha1"] strategy: Webhook webhookClientConfig: + {{- if .Release.IsUpgrade }} caBundle: {{ .Values.webhookCert.crt }} + {{- end }} service: name: pravega-webhook-svc namespace: {{ .Release.Namespace }} diff --git a/charts/pravega-operator/templates/version_map.yaml b/charts/pravega-operator/templates/version_map.yaml index cccd4b5be..4a5853b0c 100644 --- a/charts/pravega-operator/templates/version_map.yaml +++ b/charts/pravega-operator/templates/version_map.yaml @@ -13,13 +13,15 @@ data: 0.3.1:0.3.1,0.3.2 0.3.2:0.3.2 0.4.0:0.4.0 - 0.5.0:0.5.0,0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1 - 0.5.1:0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1 - 0.6.0:0.6.0,0.6.1,0.6.2,0.7.0,0.7.1 - 0.6.1:0.6.1,0.6.2,0.7.0,0.7.1 - 0.6.2:0.6.2,0.7.0,0.7.1 - 0.7.0:0.7.0,0.7.1 - 0.7.1:0.7.1 + 0.5.0:0.5.0,0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.5.1:0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.6.0:0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.6.1:0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.6.2:0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.7.0:0.7.0,0.7.1,0.7.2,0.8.0 + 0.7.1:0.7.1,0.7.2,0.8.0 + 0.7.2:0.7.2,0.8.0 + 0.8.0:0.8.0 {{- if and .Values.testmode.enabled .Values.testmode.version }} {{ .Values.testmode.version }}:{{ .Values.testmode.version }} {{- end }} diff --git a/charts/pravega-operator/templates/webhook.yaml b/charts/pravega-operator/templates/webhook.yaml index 406531dfa..3f9ea0a85 100644 --- a/charts/pravega-operator/templates/webhook.yaml +++ b/charts/pravega-operator/templates/webhook.yaml @@ -23,7 +23,7 @@ metadata: labels: {{ include "pravega-operator.commonLabels" . | indent 4 }} annotations: - cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ .Values.certName }} + cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ .Values.webhookCert.certName }} webhooks: - clientConfig: service: @@ -31,6 +31,7 @@ webhooks: namespace: {{ .Release.Namespace }} path: /validate-pravega-pravega-io-v1beta1-pravegacluster name: pravegawebhook.pravega.io + failurePolicy: Fail rules: - apiGroups: - pravega.pravega.io diff --git a/charts/pravega/README.md b/charts/pravega/README.md index b3dbc5455..d5a67fb3e 100644 --- a/charts/pravega/README.md +++ b/charts/pravega/README.md @@ -89,6 +89,6 @@ The following table lists the configurable parameters of the pravega chart and t | `storage.longtermStorage.filesystem.pvc` | Name of the pre-created PVC, if long term storage type is filesystem | `pravega-tier2` | | `storage.longtermStorage.ecs` | Configuration to use a Dell EMC ECS system, if long term storage type is ecs | `{}` | | `storage.longtermStorage.hdfs` | Configuration to use an HDFS system, if long term storage type is hdfs | `{}` | -| `storage.cache.className` | Storage class for cache volume | `standard` | +| `storage.cache.className` | Storage class for cache volume | `` | | `storage.cache.size` | Storage requests for cache volume | `20Gi` | | `options` | List of Pravega options | | diff --git a/charts/pravega/templates/pravega.yaml b/charts/pravega/templates/pravega.yaml index 4c224d195..f89979b6f 100644 --- a/charts/pravega/templates/pravega.yaml +++ b/charts/pravega/templates/pravega.yaml @@ -98,11 +98,9 @@ spec: {{- if .Values.storage.cache.className }} storageClassName: {{ .Values.storage.cache.className }} {{- end }} - {{- if .Values.storage.cache.size }} resources: requests: storage: {{ .Values.storage.cache.size }} - {{- end }} {{- end }} longtermStorage: {{- if eq (default .Values.storage.longtermStorage.type "filesystem") "ecs" }} diff --git a/charts/pravega/values.yaml b/charts/pravega/values.yaml index dc6a90cd4..97b653e8b 100644 --- a/charts/pravega/values.yaml +++ b/charts/pravega/values.yaml @@ -73,8 +73,8 @@ segmentStore: ## used to override the service type for segmentStore type: annotations: {} - segmentStoreLoadBalancerIP: - segmentStoreExternalTrafficPolicy: Local + loadBalancerIP: + externalTrafficPolicy: Local jvmOptions: ["-Xmx2g", "-XX:MaxDirectMemorySize=2g"] storage: @@ -108,7 +108,7 @@ storage: cache: size: 20Gi - className: standard + className: options: bookkeeper.ensemble.size: "3" diff --git a/deploy/version_map.yaml b/deploy/version_map.yaml index e0253892f..d290359ec 100644 --- a/deploy/version_map.yaml +++ b/deploy/version_map.yaml @@ -10,10 +10,12 @@ data: 0.3.1:0.3.1,0.3.2 0.3.2:0.3.2 0.4.0:0.4.0 - 0.5.0:0.5.0,0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1 - 0.5.1:0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1 - 0.6.0:0.6.0,0.6.1,0.6.2,0.7.0,0.7.1 - 0.6.1:0.6.1,0.6.2,0.7.0,0.7.1 - 0.6.2:0.6.2,0.7.0,0.7.1 - 0.7.0:0.7.0,0.7.1 - 0.7.1:0.7.1 + 0.5.0:0.5.0,0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.5.1:0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.6.0:0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.6.1:0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.6.2:0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.7.0:0.7.0,0.7.1,0.7.2,0.8.0 + 0.7.1:0.7.1,0.7.2,0.8.0 + 0.7.2:0.7.2,0.8.0 + 0.8.0:0.8.0 diff --git a/deploy/webhook.yaml b/deploy/webhook.yaml index 76cb556c8..8ceeb7f38 100644 --- a/deploy/webhook.yaml +++ b/deploy/webhook.yaml @@ -27,6 +27,7 @@ webhooks: namespace: default path: /validate-pravega-pravega-io-v1beta1-pravegacluster name: pravegawebhook.pravega.io + failurePolicy: Fail rules: - apiGroups: - pravega.pravega.io diff --git a/doc/longtermstorage.md b/doc/longtermstorage.md index e0e5c3655..7e2aecc4c 100644 --- a/doc/longtermstorage.md +++ b/doc/longtermstorage.md @@ -12,7 +12,9 @@ The following LongTermStorage storage providers are supported: The following example uses an NFS volume provisioned by the [NFS Server Provisioner](https://github.com/kubernetes/charts/tree/master/stable/nfs-server-provisioner) helm chart to provide LongTermStorage storage. ``` -$ helm install stable/nfs-server-provisioner +$ helm repo add stable https://kubernetes-charts.storage.googleapis.com +$ helm repo update +$ helm install stable/nfs-server-provisioner --generate-name ``` Note that the `nfs-server-provisioner` is a toy NFS server and is ONLY intended as a demo and should NOT be used for production deployments. @@ -20,7 +22,7 @@ Note that the `nfs-server-provisioner` is a toy NFS server and is ONLY intended You can also connect to an existing NFS server by using [NFS Client Provisioner](https://github.com/helm/charts/tree/master/stable/nfs-client-provisioner). ``` -helm install --set nfs.server= --set nfs.path= --set storageClass.name=nfs --set nfs.mountOptions='{nolock,sec=sys,vers=4.0}' stable/nfs-client-provisioner +helm install --set nfs.server= --set nfs.path= --set storageClass.name=nfs --set nfs.mountOptions='{nolock,sec=sys,vers=4.0}' stable/nfs-client-provisioner --generate-name ``` Verify that the `nfs` storage class is now available. @@ -169,7 +171,7 @@ Refer to the steps below to add ECS server certificate or CA's certificate into $ kubectl create -f ecs-tls.yaml ``` -3. In Pravega manifest, add the secret name defined above into "tls/static/caBundle" section. +3. In Pravega manifest, add the secret name defined above into "tls/static/caBundle" section. ``` ... kind: "PravegaCluster" diff --git a/doc/operator-upgrade.md b/doc/operator-upgrade.md index 6d8dd01f0..a1da72b23 100644 --- a/doc/operator-upgrade.md +++ b/doc/operator-upgrade.md @@ -104,7 +104,9 @@ To install cert-manager check [this](https://cert-manager.io/docs/installation/k ``` ./pre-upgrade.sh [PRAVEGA_OPERATOR_RELEASE_NAME][PRAVEGA_OPERATOR_NAMESPACE] ``` - +where: +- `[PRAVEGA_OPERATOR_RELEASE_NAME]` is the release name of the pravega operator deployment +- `[PRAVEGA_OPERATOR_NAMESPACE]` is the namespace in which the pravega operator has been deployed (this is an optional parameter and its default value is `default`) ### Triggering the upgrade @@ -112,7 +114,7 @@ To install cert-manager check [this](https://cert-manager.io/docs/installation/k The upgrade to Operator 0.5.0 can be triggered using the following command ``` -helm upgrade [PRAVEGA_OPERATOR_RELEASE_NAME] pravega/pravega-operator --version=0.5.0 --set webhookCert.crt=[TLS_CRT] --set webhookCert.generate=false --set webhookCert.certName=[CERT_NAME] --set webhookCert.secretName=[SECRET_NAME] +helm upgrade [PRAVEGA_OPERATOR_RELEASE_NAME] pravega/pravega-operator --version=0.5.0 --set webhookCert.crt=[TLS_CRT] --set webhookCert.certName=[CERT_NAME] --set webhookCert.secretName=[SECRET_NAME] ``` where: - `[CERT_NAME]` is the name of the certificate that has been created diff --git a/doc/webhook.md b/doc/webhook.md index d84e494ff..a385e63fe 100644 --- a/doc/webhook.md +++ b/doc/webhook.md @@ -1,23 +1,25 @@ ## Admission Webhook [Admission webhooks](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/) are HTTP callbacks that receive admission requests and do something with them. -There are two webhooks [ValidatingAdmissionWebhook](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#validatingadmissionwebhook) and -[MutatingAdmissionWebhook](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#mutatingadmissionwebhook) which are basically -doing the same thing except MutatingAdmissionWebhook can modify the requests. In our case, we use MutatingAdmissionWebhook because it can validate requests as well as mutating them. E.g. clear the image tag -if version is specified. +There are two webhooks [ValidatingAdmissionWebhook](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#validatingadmissionwebhook) and +[MutatingAdmissionWebhook](https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#mutatingadmissionwebhook) which are basically doing the same thing except MutatingAdmissionWebhook can modify the requests. In our case, we are using a ValidatingAdmissionWebhook so that it can reject requests to enforce custom policies (which in our case is to ensure that the user is unable to install an invalid pravega version or upgrade to any unsupported pravega version). -In the Pravega operator repo, we are leveraging the webhook implementation from controller-runtime package, here is the [GoDoc](https://godoc.org/sigs.k8s.io/controller-runtime/pkg/webhook). -In detail, there are two steps that developers need to do 1) create webhook server and 2) implement the handler. +In the Pravega operator repo, we are leveraging the webhook implementation from controller-runtime package, here is the [GoDoc](https://godoc.org/sigs.k8s.io/controller-runtime/pkg/webhook). + +If you want to implement admission webhooks for your CRD, the only thing you need to do is to implement the `Defaulter` and (or) the `Validator` interface. Kubebuilder takes care of the rest for you, such as: +- Creating the webhook server. +- Ensuring the server has been added in the manager. +- Creating handlers for your webhooks. +- Registering each handler with a path in your server. The webhook server registers webhook configuration with the apiserver and creates an HTTP server to route requests to the handlers. -The server is behind a Kubernetes Service and provides a certificate to the apiserver when serving requests. The kubebuilder has a detailed instruction of -building a webhook, see [here](https://github.com/kubernetes-sigs/kubebuilder/blob/86026527c754a144defa6474af6fb352143b9270/docs/book/beyond_basics/sample_webhook.md). +The server is behind a Kubernetes Service and provides a certificate to the apiserver when serving requests. +The kubebuilder has a detailed instruction of building a webhook, see [here](https://book.kubebuilder.io/cronjob-tutorial/webhook-implementation.html) -The webhook feature itself is enabled by default but it can be disabled if `webhook=false` is specified when installing the -operator locally using `operator-sdk up local`. E.g. ` operator-sdk up local --operator-flags -webhook=false`. The use case of this is that webhook needs to be -disabled when developing the operator locally since webhook can only be deployed in Kubernetes environment. +The webhook feature itself is enabled by default but it can be disabled if `webhook=false` is specified when installing the +operator locally using `operator-sdk run --local`. E.g. `operator-sdk run --local --operator-flags -webhook=false`. The use case of this is that webhook needs to be disabled when developing the operator locally since webhook can only be deployed in Kubernetes environment. ### How to deploy -The webhook is deployed along with the Pravega operator, thus there is no extra steps needed. However, there are some configurations that are necessary to make webhook work. +The ValidatingAdmissionWebhook and the webhook service should be deployed using the provided manifest `webhook.yaml` while deploying the Pravega Operator. However, there are some configurations that are necessary to make webhook work. 1. Permission @@ -27,7 +29,7 @@ an example of the additional permission - apiGroups: - admissionregistration.k8s.io resources: - - mutatingwebhookconfigurations + - validatingwebhookconfigurations verbs: - '*' ``` @@ -36,11 +38,7 @@ an example of the additional permission The webhook will deploy a Kubernetes service. This service will need to select the operator pod as its backend. The way to select is using Kubernetes label selector and user will need to specify `"component": "pravega-operator"` as the label -when deploying the Pravega operator deployment. -``` +when deploying the Pravega operator deployment. ### What it does -The webhook maintains a compatibility matrix of the Pravega versions. Reuqests will be rejected if the version is not valid or not upgrade compatible -with the current running version. Also, all the upgrade requests will be rejected if the current cluster is in upgrade status. - - +The webhook maintains a compatibility matrix of the Pravega versions. Requests will be rejected if the version is not valid or not upgrade compatible with the current running version. Also, all the upgrade requests will be rejected if the current cluster is in upgrade status. diff --git a/scripts/pre-upgrade.sh b/scripts/pre-upgrade.sh index ca6c40be2..4583c14c3 100755 --- a/scripts/pre-upgrade.sh +++ b/scripts/pre-upgrade.sh @@ -1,14 +1,14 @@ #! /bin/bash set -ex -if [ "$#" -ne 2 ]; then +if [[ "$#" -lt 1 || "$#" -gt 2 ]]; then echo "Error : Invalid number of arguments" Usage: "./pre-upgrade.sh " exit 1 fi name=$1 -namespace=$2 +namespace=${2:-default} kubectl annotate Service pravega-webhook-svc meta.helm.sh/release-name=$name -n $namespace --overwrite kubectl annotate Service pravega-webhook-svc meta.helm.sh/release-namespace=$namespace -n $namespace --overwrite diff --git a/setup/README.md b/setup/README.md index 5d2a1b799..92eb2ca95 100644 --- a/setup/README.md +++ b/setup/README.md @@ -5,24 +5,10 @@ The purpose of this script is to sequentially deploy all the dependencies (i.e. ## Prerequisites - Kubernetes 1.15+ with Beta APIs - - Helm 3+ + - Helm 3.2.1+ - [Tier 2 Setup](https://github.com/pravega/pravega-operator#set-up-tier-2-storage) - Cert-Manager v0.15.0+ - - Copy the necessary charts to the right location - -First clone the [Zookeeper Operator](https://github.com/pravega/zookeeper-operator) and [Bookkeeper Operator](https://github.com/pravega/bookkeeper-operator) repositories locally using : -``` -git clone https://github.com/pravega/zookeeper-operator -git clone https://github.com/pravega/bookkeeper-operator -``` - -Next, copy the contents of the charts directory from both these repositories inside the charts directory of this repository. -``` -cp -r /charts/ /charts/. -cp -r /charts/ /charts/. -``` - -This will result in separate sub-directories for [zookeeper-operator](https://github.com/pravega/zookeeper-operator/tree/master/charts/zookeeper-operator), [zookeeper](https://github.com/pravega/zookeeper-operator/tree/master/charts/zookeeper), [bookkeeper-operator](https://github.com/pravega/bookkeeper-operator/tree/master/charts/pravega-operator) and [bookkeeper](https://github.com/pravega/bookkeeper-operator/tree/master/charts/pravega) charts alongside the directories for [pravega-operator](https://github.com/pravega/pravega-operator/tree/master/charts/pravega-operator) and [pravega](https://github.com/pravega/pravega-operator/tree/master/charts/pravega) charts inside the [charts](https://github.com/pravega/pravega-operator/tree/master/charts) directory. + - An Issuer and a Certificate (either self-signed or CA signed) for the Bookkeeper Operator (refer to [this](https://github.com/pravega/bookkeeper-operator/blob/master/deploy/certificate.yaml) manifest to create a self-signed certificate in the default namespace) We use cert-manager for certificate management for webhook services in Kubernetes. In case you plan to use the same, you would need to [install cert-manager](https://cert-manager.io/docs/installation/kubernetes/) @@ -31,8 +17,11 @@ We use cert-manager for certificate management for webhook services in Kubernete To deploy the Pravega Cluster along with all the required dependencies, run the following command: ``` -$ ./pravegacluster.sh deploy +$ ./pravegacluster.sh deploy [CERT_NAME] [SECRET_NAME] ``` +where: +- **[CERT_NAME]** is the name of the bookkeeper operator certificate created as a prerequisite (this is an optional parameter and its default value is `selfsigned-cert-bk`) +- **[SECRET_NAME]** is the name of the secret created by the above certificate (this is an optional parameter and its default value is `selfsigned-cert-tls-bk`) ## Undeploying the Pravega Cluster diff --git a/setup/pravegacluster.sh b/setup/pravegacluster.sh index 80174081e..025c863fe 100755 --- a/setup/pravegacluster.sh +++ b/setup/pravegacluster.sh @@ -1,37 +1,47 @@ #!/usr/bin/env bash set -ex -if [ "$#" -ne 1 ]; then +if [ "$#" -lt 1 ]; then echo "Error : Invalid number of arguments" echo "Usage: ./pravegacluster.sh [deploy/destroy]" exit 1 fi +args=$# +cert=${2:-selfsigned-cert-bk} +secret=${3:-selfsigned-cert-tls-bk} + deploy_cluster () { + # Adding and updating the pravega charts repo + helm repo add pravega https://charts.pravega.io + helm repo update + # Installing the Zookeeper Operator - helm install zookeeper-operator ../charts/zookeeper-operator --wait + helm install zookeeper-operator pravega/zookeeper-operator --wait # Installing the Zookeeper Cluster - helm install zookeeper ../charts/zookeeper --wait + helm install zookeeper pravega/zookeeper --wait # Installing the BookKeeper Operator - helm install bookkeeper-operator ../charts/bookkeeper-operator --wait + if [[ "$args" -gt 1 ]]; then + helm install bookkeeper-operator pravega/bookkeeper-operator --set webhookCert.certName=$cert --set webhookCert.secretName=$secret --wait + else + helm install bookkeeper-operator pravega/bookkeeper-operator --wait + fi # Installing the BookKeeper Cluster - helm install bookkeeper ../charts/bookkeeper --wait + helm install bookkeeper pravega/bookkeeper --wait # Installing the issuer and certificate set +ex kubectl create -f ../deploy/certificate.yaml set -ex - tls=$(kubectl get secret selfsigned-cert-tls -o yaml | grep tls.crt) - crt=${tls/" tls.crt: "/} # Installing the Pravega Operator - helm install pravega-operator ../charts/pravega-operator --set webhookCert.crt="$crt" --wait + helm install pravega-operator pravega/pravega-operator --wait # Installing the Pravega Cluster - helm install pravega ../charts/pravega --wait + helm install pravega pravega/pravega --wait } destroy_cluster(){ diff --git a/tools/manifest_files/version_map.yaml b/tools/manifest_files/version_map.yaml index 766ad933a..373467e84 100644 --- a/tools/manifest_files/version_map.yaml +++ b/tools/manifest_files/version_map.yaml @@ -11,11 +11,12 @@ data: 0.3.1:0.3.1,0.3.2 0.3.2:0.3.2 0.4.0:0.4.0 - 0.5.0:0.5.0,0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.8.0 - 0.5.1:0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.8.0 - 0.6.0:0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.8.0 - 0.6.1:0.6.1,0.6.2,0.7.0,0.7.1,0.8.0 - 0.6.2:0.6.2,0.7.0,0.7.1,0.8.0 - 0.7.0:0.7.0,0.7.1,0.8.0 - 0.7.1:0.7.1,0.8.0 + 0.5.0:0.5.0,0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.5.1:0.5.1,0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.6.0:0.6.0,0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.6.1:0.6.1,0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.6.2:0.6.2,0.7.0,0.7.1,0.7.2,0.8.0 + 0.7.0:0.7.0,0.7.1,0.7.2,0.8.0 + 0.7.1:0.7.1,0.7.2,0.8.0 + 0.7.2:0.7.2,0.8.0 0.8.0:0.8.0 diff --git a/tools/manifest_files/webhook.yaml b/tools/manifest_files/webhook.yaml index 3dd2d2189..c542a3c53 100644 --- a/tools/manifest_files/webhook.yaml +++ b/tools/manifest_files/webhook.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: name: pravega-webhook-svc - namespace: default + namespace: default spec: ports: - port: 443 @@ -18,16 +18,17 @@ apiVersion: admissionregistration.k8s.io/v1beta1 kind: ValidatingWebhookConfiguration metadata: name: pravega-webhook-config - namespace: default + namespace: default annotations: cert-manager.io/inject-ca-from: default/selfsigned-cert webhooks: - clientConfig: service: name: pravega-webhook-svc - namespace: default + namespace: default path: /validate-pravega-pravega-io-v1beta1-pravegacluster name: pravegawebhook.pravega.io + failurePolicy: Fail rules: - apiGroups: - pravega.pravega.io