OpenShift 4 - 为Gogs构建一个Operator
文章目录创建CustomResourceDefinition相关对象创建Gogs Operator创建Quay的Repository部署Gogs Operator基于Gogs Operator部署Gogs Server创建CustomResourceDefinition相关对象创建内容如下的gogs-crd.yaml文件,它定义了一个名为gogs.gpte.opentlc.com的CustomRe
·
文章目录
创建CustomResourceDefinition相关对象
- 创建内容如下的gogs-crd.yaml文件,它定义了一个名为gogs.gpte.opentlc.com的CustomResourceDefinition。
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: gogs.gpte.opentlc.com
spec:
group: gpte.opentlc.com
names:
kind: Gogs
listKind: GogsList
plural: gogs
singular: gogs
scope: Namespaced
version: v1alpha1
subresources:
status: {}
- 执行命令,创建CustomResourceDefinition。
$ oc apply -f gogs-crd.yaml
$ oc get CustomResourceDefinition gogs.gpte.opentlc.com
NAME CREATED AT
gogs.gpte.opentlc.com 2020-10-14T02:33:46Z
- 创建内容如下的gogs-admin-rules.yaml文件,其中定义了ClusterRole对象。
apiVersion: authorization.openshift.io/v1
kind: ClusterRole
metadata:
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
name: gogs-admin-rules
rules:
- apiGroups:
- apps
resources:
- deployments/finalizers
verbs:
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- events
- services/finalizers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- gpte.opentlc.com
resources:
- gogs
- gogs/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- 执行命令,创建ClusterRole。
$ oc apply -f gogs-admin-rules.yaml
clusterrole.authorization.openshift.io/gogs-admin-rules created
创建Gogs Operator
- 下载operator-sdk。
sudo wget https://github.com/operator-framework/operator-sdk/releases/download/v0.16.0/operator-sdk-v0.16.0-x86_64-linux-gnu -O /usr/local/bin/operator-sdk
sudo chmod +x /usr/local/bin/operator-sdk
- 下载Ansible Operator Role,它们使用的是AnsibleRole定义了Operator。
cd $HOME
git clone https://github.com/redhat-gpte-devopsautomation/ansible-operator-roles
cd ansible-operator-roles
git checkout v0.16.0
cd $HOME
- 使用operator-sdk创建gogs-operator的框架。
$ operator-sdk new gogs-operator --api-version=gpte.opentlc.com/v1alpha1 --kind=Gogs --type=ansible --generate-playbook
INFO[0000] Creating new Ansible operator 'gogs-operator'.
INFO[0000] Created deploy/service_account.yaml
INFO[0000] Created deploy/role.yaml
INFO[0000] Created deploy/role_binding.yaml
INFO[0000] Created deploy/crds/gpte.opentlc.com_v1alpha1_gogs_cr.yaml
INFO[0000] Created build/Dockerfile
INFO[0000] Created roles/gogs/README.md
INFO[0000] Created roles/gogs/meta/main.yml
INFO[0000] Created roles/gogs/files/.placeholder
INFO[0000] Created roles/gogs/templates/.placeholder
INFO[0000] Created roles/gogs/vars/main.yml
INFO[0000] Created molecule/test-local/playbook.yml
INFO[0000] Created roles/gogs/defaults/main.yml
INFO[0000] Created roles/gogs/tasks/main.yml
INFO[0000] Created molecule/default/molecule.yml
INFO[0000] Created molecule/default/prepare.yml
INFO[0000] Created molecule/default/playbook.yml
INFO[0000] Created molecule/default/verify.yml
INFO[0000] Created roles/gogs/handlers/main.yml
INFO[0000] Created watches.yaml
INFO[0000] Created deploy/operator.yaml
INFO[0000] Created .travis.yml
INFO[0000] Created requirements.yml
INFO[0000] Created molecule/test-local/molecule.yml
INFO[0000] Created molecule/test-local/prepare.yml
INFO[0000] Created molecule/test-local/verify.yml
INFO[0000] Created molecule/cluster/molecule.yml
INFO[0000] Created molecule/cluster/create.yml
INFO[0000] Created molecule/cluster/prepare.yml
INFO[0000] Created molecule/cluster/playbook.yml
INFO[0000] Created molecule/cluster/verify.yml
INFO[0000] Created molecule/cluster/destroy.yml
INFO[0000] Created molecule/templates/operator.yaml.j2
INFO[0000] Generated CustomResourceDefinition manifests.
INFO[0000] Generating Ansible playbook.
INFO[0000] Created playbook.yml
INFO[0000] Project creation complete.
- 将AnsibleRole文件复制到gogs-operator框架的对应目录里。
cd $HOME/gogs-operator
rm -rf roles playbook.yml
mkdir roles
cp -R $HOME/ansible-operator-roles/roles/postgresql-ocp ./roles
cp -R $HOME/ansible-operator-roles/roles/gogs-ocp ./roles
cp $HOME/ansible-operator-roles/playbooks/gogs.yaml ./playbook.yml
创建Quay的Repository
- 注册quay.io账号,然后登录quay.io。
- 创建一个名为gogs-operator的public repository。
- 使用operator-sdk构建gogs-operator:v0.0.1镜像。
$ export QUAY_ID=<your quay id>
$ podman login -u $QUAY_ID quay.io
$ cd $HOME/gogs-operator
$ operator-sdk --image-builder podman build quay.io/${QUAY_ID}/gogs-operator:v0.0.1
STEP 1: FROM quay.io/operator-framework/ansible-operator:v0.16.0
Getting image source signatures
Copying blob 1086abd9534b done
Copying blob 941e1e2b31a8 done
Copying blob fb9c825bde0e done
Copying blob 766853d7a46c done
Copying blob 0bb54aa5e977 done
Copying blob d1f608fb5d23 done
Copying blob 68ae997be542 done
Copying blob 77b0fdf51b36 done
Copying blob 14a50061f2fd done
Copying config 19ba5006a2 done
Writing manifest to image destination
Storing signatures
STEP 2: COPY requirements.yml ${HOME}/requirements.yml
81e538e9dda2344b89ad122a1f0507f308c1b31d8703c85a7e85ce11854d4c7c
STEP 3: RUN ansible-galaxy collection install -r ${HOME}/requirements.yml && chmod -R ug+rwx ${HOME}/.ansible
Process install dependency map
Starting collection install process
Installing 'community.kubernetes:0.11.1' to '/opt/ansible/.ansible/collections/ansible_collections/community/kubernetes'
Installing 'operator_sdk.util:0.1.0' to '/opt/ansible/.ansible/collections/ansible_collections/operator_sdk/util'
efa2dd5e0bf76eee0ba3a7f1baf0d2195daf9dd0a6e5a9581137966138bd193e
STEP 4: COPY watches.yaml ${HOME}/watches.yaml
16971429073ff6719074a1abfc436afac59cdcd740eaa0986cbda60dc9269fae
STEP 5: COPY roles/ ${HOME}/roles/
26534a98992516ed82a29363bdd3cf9df8103c655b0d075c5379a1fd91cf377e
STEP 6: COPY playbook.yml ${HOME}/playbook.yml
STEP 7: COMMIT quay.io/dawnskyliu/gogs-operator:v0.0.1
daf8358b4f67037731c4a1306a0c7fd9ad800fc7a22a05515c1bb848f1662de6
INFO[0086] Operator build complete.
- 将gogs-operator:v0.0.1镜像推送到quay.io。
$ podman push quay.io/${QUAY_ID}/gogs-operator:v0.0.1
Getting image source signatures
Copying blob 02299619a610 done
Copying blob 39e6c8e9829a done
Copying blob 92af68d64d0b done
Copying blob 148e0cd43c3b done
Copying blob d59c21ddec1e done
Copying blob 92b864bfcfaa done
Copying blob ee556c3b63fe done
Copying blob 5667c1d6b621 done
Copying blob 56da014552e1 done
Copying blob 9a2bec017004 done
Copying blob c1e390619370 done
Copying blob b5cb5b5f981b done
Copying blob 62fb357a06d9 done
Copying blob 63a1294429c1 done
Copying config daf8358b4f done
Writing manifest to image destination
Copying config daf8358b4f done
Writing manifest to image destination
Storing signatures
- 编辑$HOME/gogs-operator/deploy/operator.yaml文件,注意需要其中的。
apiVersion: apps/v1
kind: Deployment
metadata:
name: gogs-operator
spec:
replicas: 1
selector:
matchLabels:
name: gogs-operator
template:
metadata:
labels:
name: gogs-operator
spec:
serviceAccountName: gogs-operator
containers:
- name: gogs-operator
# Replace this with the built image name
image: "quay.io/<your-quay-id>/gogs-operator:v0.0.1"
imagePullPolicy: "Always"
volumeMounts:
- mountPath: /tmp/ansible-operator/runner
name: runner
env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: "gogs-operator"
- name: ANSIBLE_GATHERING
value: explicit
volumes:
- name: runner
emptyDir: {}
部署Gogs Operator
- 执行命令创建项目和ServiceAccount
$ oc new-project my-gogs --display-name="Gogs"
$ oc apply -f $HOME/gogs-operator/deploy/service_account.yaml
- 修改$HOME/gogs-operator/deploy/role.yaml文件,将其内容改为如下:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
name: gogs-operator
rules:
- apiGroups:
- ""
resources:
- pods
- services
- services/finalizers
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- serviceaccounts
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resourceNames:
- gogs-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- apps
resources:
- replicasets
- deployments
verbs:
- get
- apiGroups:
- gpte.opentlc.com
resources:
- gogs
- gogs/status
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- route.openshift.io
resources:
- routes
verbs:
- create
- update
- delete
- get
- list
- watch
- patch
- 创建Role和RoleBinding对象。
oc apply -f $HOME/gogs-operator/deploy/role.yaml
oc apply -f $HOME/gogs-operator/deploy/role_binding.yaml
- 执行命令部署Gogs Operator 。
$ oc apply -f $HOME/gogs-operator/deploy/operator.yaml
$ oc get pod
NAME READY STATUS RESTARTS AGE
gogs-operator-54867bf5cf-hlknh 1/1 Running 0 69s
基于Gogs Operator部署Gogs Server
- 创建$HOME/gogs-operator/gogs.yaml文件,内容如下:
apiVersion: gpte.opentlc.com/v1alpha1
kind: Gogs
metadata:
name: gogs
spec:
postgresqlVolumeSize: 4Gi
gogsVolumeSize: 4Gi
gogsSsl: True"
- 根据$HOME/gogs-operator/gogs.yaml创建gogs server。
oc apply -f $HOME/gogs-operator/gogs.yaml
- 查看部署的gogs资源,确认应该有以下3个Pod。
$ oc get pod
NAME READY STATUS RESTARTS AGE
gogs-gogs-7b6f957d49-ggfr9 1/1 Running 0 116s
gogs-operator-54867bf5cf-hlknh 1/1 Running 0 11m
postgresql-gogs-gogs-56d7884467-b9h9t 1/1 Running 0 4m31s
- 查看部署的gogs对象。
$ oc get gogs
NAME AGE
gogs 7m10s
- 查看gogs对象的信息。
oc describe gogs gogs
- 查看gogs的route。
oc get route
NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD
gogs-gogs gogs-gogs-pek-2b3a-gogs.apps.cluster-pek-2b3a.pek-2b3a.sandbox954.opentlc.com gogs-gogs <all> edge/Redirect None
- 用浏览器打开route,确认可以访问gogs的初始页面。
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献3条内容
所有评论(0)