-
Notifications
You must be signed in to change notification settings - Fork 34
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Self targets (run-int-tests) (#1254)
- Loading branch information
1 parent
b8bcdc6
commit c6369bb
Showing
53 changed files
with
956 additions
and
393 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| --- | ||
| title: Self Targets | ||
| sidebar_position: 2 | ||
| --- | ||
|
|
||
| # Self Targets | ||
|
|
||
| This example demonstrates how you can use the Landscaper to deploy objects on its own resource cluster. | ||
| This means in this example the resource cluster and the target cluster are the same. | ||
| For this use-case, the Landscaper provides a special type of targets, so-called | ||
| [Self Targets](../../../usage/Targets.md#targets-to-the-landscaper-resource-cluster-self-targets). | ||
| Their advantage is that you do not need to include a kubeconfig into them. Instead, the Target references a ServiceAccount | ||
| in the same Namespace. The Self Target in this example looks as follows: | ||
|
|
||
| ```yaml | ||
| apiVersion: landscaper.gardener.cloud/v1alpha1 | ||
| kind: Target | ||
| metadata: | ||
| name: self-target | ||
| namespace: cu-example | ||
| spec: | ||
| type: landscaper.gardener.cloud/kubernetes-cluster | ||
| config: | ||
| selfConfig: | ||
| serviceAccount: | ||
| name: self-serviceaccount | ||
| expirationSeconds: 3600 | ||
| ``` | ||
| This Target references a [ServiceAccount `self-serviceaccount`](installation/serviceaccount.yaml.tpl). | ||
| A [ClusterRoleBinding `landscaper:guided-tour:self`](installation/clusterrolebinding.yaml.tpl) binds the ServiceAccount | ||
| to the ClusterRole `cluster-admin`, so that it has the necessary rights to create objects on the resource cluster. | ||
| The [Installation `self-inst`](installation/installation.yaml.tpl) uses the Target to deploy a ConfigMap on the | ||
| resource cluster. | ||
|
|
||
|
|
||
| ## Procedure | ||
|
|
||
| 1. In the [settings](commands/settings) file, adjust the variables `RESOURCE_CLUSTER_KUBECONFIG_PATH`. | ||
|
|
||
| 2. On the Landscaper resource cluster, create namespaces `cu-example` and `example`. | ||
|
|
||
| 3. Run script [commands/deploy-k8s-resources.sh](commands/deploy-k8s-resources.sh). | ||
| It templates the following objects and applies them to the resource cluster: | ||
| - [ServiceAccount `self-serviceaccount`](installation/serviceaccount.yaml.tpl), | ||
| - [ClusterRoleBinding `landscaper:guided-tour:self`](installation/clusterrolebinding.yaml.tpl), | ||
| - [Target `self-target`](installation/target.yaml.tpl), | ||
| - [Installation `self-inst`](installation/installation.yaml.tpl). | ||
|
|
||
| The diagram below provides an overview of these objects. | ||
|
|
||
| 4. Wait until the Installation is in phase `Succeeded` and check that it has created a ConfigMap `self-target-example` | ||
| in namespace `example` on the resource cluster. | ||
|
|
||
|  | ||
|
|
||
|
|
||
| ## Cleanup | ||
|
|
||
| You can remove the Installation with the | ||
| [delete-installation script](commands/delete-installation.sh). | ||
| When the Installation is gone, you can delete the Target, ClusterRoleBinding, and ServiceAccount with the | ||
| [delete-other-k8s-resources script](commands/delete-other-k8s-resources.sh). | ||
|
|
||
|
|
||
| ## References | ||
|
|
||
| [Self Targets](../../../usage/Targets.md#targets-to-the-landscaper-resource-cluster-self-targets) |
17 changes: 17 additions & 0 deletions
17
docs/guided-tour/targets/02-self-targets/commands/delete-installation.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| #!/bin/bash | ||
| # | ||
| # SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors | ||
| # | ||
| # SPDX-License-Identifier: Apache-2.0 | ||
|
|
||
| set -o errexit | ||
|
|
||
| COMPONENT_DIR="$(dirname $0)/.." | ||
| cd "${COMPONENT_DIR}" | ||
| COMPONENT_DIR="$(pwd)" | ||
| echo "COMPONENT_DIR: ${COMPONENT_DIR}" | ||
|
|
||
| source "${COMPONENT_DIR}/commands/settings" | ||
|
|
||
| echo "deleting installation" | ||
| kubectl delete installation "self-inst" -n "${NAMESPACE}" --kubeconfig="${RESOURCE_CLUSTER_KUBECONFIG_PATH}" |
23 changes: 23 additions & 0 deletions
23
docs/guided-tour/targets/02-self-targets/commands/delete-other-k8s-resources.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| #!/bin/bash | ||
| # | ||
| # SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors | ||
| # | ||
| # SPDX-License-Identifier: Apache-2.0 | ||
|
|
||
| set -o errexit | ||
|
|
||
| COMPONENT_DIR="$(dirname $0)/.." | ||
| cd "${COMPONENT_DIR}" | ||
| COMPONENT_DIR="$(pwd)" | ||
| echo "COMPONENT_DIR: ${COMPONENT_DIR}" | ||
|
|
||
| source "${COMPONENT_DIR}/commands/settings" | ||
|
|
||
| echo "deleting target" | ||
| kubectl delete target "self-target" -n "${NAMESPACE}" --kubeconfig="${RESOURCE_CLUSTER_KUBECONFIG_PATH}" | ||
|
|
||
| echo "deleting clusterrolebinding" | ||
| kubectl delete clusterrolebinding "landscaper:guided-tour:self" --kubeconfig="${RESOURCE_CLUSTER_KUBECONFIG_PATH}" | ||
|
|
||
| echo "deleting serviceaccount" | ||
| kubectl delete serviceaccount "self-serviceaccount" -n "${NAMESPACE}" --kubeconfig="${RESOURCE_CLUSTER_KUBECONFIG_PATH}" |
45 changes: 45 additions & 0 deletions
45
docs/guided-tour/targets/02-self-targets/commands/deploy-k8s-resources.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| #!/bin/bash | ||
| # | ||
| # SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors | ||
| # | ||
| # SPDX-License-Identifier: Apache-2.0 | ||
|
|
||
| set -o errexit | ||
|
|
||
| COMPONENT_DIR="$(dirname $0)/.." | ||
| cd "${COMPONENT_DIR}" | ||
| COMPONENT_DIR="$(pwd)" | ||
| echo "COMPONENT_DIR: ${COMPONENT_DIR}" | ||
|
|
||
| source "${COMPONENT_DIR}/commands/settings" | ||
|
|
||
| TMP_DIR=`mktemp -d` | ||
| echo "TMP_DIR: ${TMP_DIR}" | ||
|
|
||
| echo "creating serviceaccount" | ||
| outputFile="${TMP_DIR}/serviceaccount.yaml" | ||
| export namespace="${NAMESPACE}" | ||
| inputFile="${COMPONENT_DIR}/installation/serviceaccount.yaml.tpl" | ||
| envsubst < ${inputFile} > ${outputFile} | ||
| kubectl apply -f ${outputFile} --kubeconfig="${RESOURCE_CLUSTER_KUBECONFIG_PATH}" | ||
|
|
||
| echo "creating clusterrolebinding" | ||
| outputFile="${TMP_DIR}/clusterrolebinding.yaml" | ||
| export namespace="${NAMESPACE}" | ||
| inputFile="${COMPONENT_DIR}/installation/clusterrolebinding.yaml.tpl" | ||
| envsubst < ${inputFile} > ${outputFile} | ||
| kubectl apply -f ${outputFile} --kubeconfig="${RESOURCE_CLUSTER_KUBECONFIG_PATH}" | ||
|
|
||
| echo "creating target" | ||
| outputFile="${TMP_DIR}/target.yaml" | ||
| export namespace="${NAMESPACE}" | ||
| inputFile="${COMPONENT_DIR}/installation/target.yaml.tpl" | ||
| envsubst < ${inputFile} > ${outputFile} | ||
| kubectl apply -f ${outputFile} --kubeconfig="${RESOURCE_CLUSTER_KUBECONFIG_PATH}" | ||
|
|
||
| echo "creating installation" | ||
| outputFile="${TMP_DIR}/installation.yaml" | ||
| export namespace="${NAMESPACE}" | ||
| inputFile="${COMPONENT_DIR}/installation/installation.yaml.tpl" | ||
| envsubst < ${inputFile} > ${outputFile} | ||
| kubectl apply -f ${outputFile} --kubeconfig="${RESOURCE_CLUSTER_KUBECONFIG_PATH}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| # path to the kubeconfig of the resource cluster, i.e. the cluster on which installations, targets, etc. are created | ||
| RESOURCE_CLUSTER_KUBECONFIG_PATH="/Users/${USER}/tmp/kubes/kubeconfig.yaml" | ||
|
|
||
| # namespace for resources in the resource cluster | ||
| NAMESPACE="cu-example" |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
12 changes: 12 additions & 0 deletions
12
docs/guided-tour/targets/02-self-targets/installation/clusterrolebinding.yaml.tpl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| kind: ClusterRoleBinding | ||
| metadata: | ||
| name: landscaper:guided-tour:self | ||
| roleRef: | ||
| apiGroup: rbac.authorization.k8s.io | ||
| kind: ClusterRole | ||
| name: cluster-admin | ||
| subjects: | ||
| - kind: ServiceAccount | ||
| name: self-serviceaccount | ||
| namespace: ${namespace} |
53 changes: 53 additions & 0 deletions
53
docs/guided-tour/targets/02-self-targets/installation/installation.yaml.tpl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| apiVersion: landscaper.gardener.cloud/v1alpha1 | ||
| kind: Installation | ||
| metadata: | ||
| name: self-inst | ||
| namespace: ${namespace} | ||
| annotations: | ||
| landscaper.gardener.cloud/operation: reconcile | ||
|
|
||
| spec: | ||
|
|
||
| imports: | ||
| targets: | ||
| - name: cluster | ||
| target: self-target | ||
|
|
||
| blueprint: | ||
| inline: | ||
| filesystem: | ||
| blueprint.yaml: | | ||
| apiVersion: landscaper.gardener.cloud/v1alpha1 | ||
| kind: Blueprint | ||
| jsonSchema: "https://json-schema.org/draft/2019-09/schema" | ||
|
|
||
| imports: | ||
| - name: cluster | ||
| type: target | ||
| targetType: landscaper.gardener.cloud/kubernetes-cluster | ||
|
|
||
| deployExecutions: | ||
| - name: default | ||
| type: GoTemplate | ||
| template: | | ||
| deployItems: | ||
| - name: default-deploy-item | ||
| type: landscaper.gardener.cloud/kubernetes-manifest | ||
|
|
||
| target: | ||
| import: cluster | ||
|
|
||
| config: | ||
| apiVersion: manifest.deployer.landscaper.gardener.cloud/v1alpha2 | ||
| kind: ProviderConfiguration | ||
| updateStrategy: update | ||
| manifests: | ||
| - policy: manage | ||
| manifest: | ||
| apiVersion: v1 | ||
| kind: ConfigMap | ||
| metadata: | ||
| name: self-target-example | ||
| namespace: example | ||
| data: | ||
| testData: hello |
5 changes: 5 additions & 0 deletions
5
docs/guided-tour/targets/02-self-targets/installation/serviceaccount.yaml.tpl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| apiVersion: v1 | ||
| kind: ServiceAccount | ||
| metadata: | ||
| name: self-serviceaccount | ||
| namespace: ${namespace} |
12 changes: 12 additions & 0 deletions
12
docs/guided-tour/targets/02-self-targets/installation/target.yaml.tpl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| apiVersion: landscaper.gardener.cloud/v1alpha1 | ||
| kind: Target | ||
| metadata: | ||
| name: self-target | ||
| namespace: ${namespace} | ||
| spec: | ||
| type: landscaper.gardener.cloud/kubernetes-cluster | ||
| config: | ||
| selfConfig: | ||
| serviceAccount: | ||
| name: self-serviceaccount | ||
| expirationSeconds: 3600 |
Oops, something went wrong.