From 5dd985948a5771e9517b716d574da6965ddfd156 Mon Sep 17 00:00:00 2001 From: Denilson Nastacio Date: Mon, 15 May 2023 12:53:07 -0400 Subject: [PATCH] feat: Add GitOps Managed Cluster Set Signed-off-by: Denilson Nastacio --- config/argocd/Chart.yaml | 4 +-- .../0300-app-project-rhacm-control-plane.yaml | 4 +++ config/rhacm/seeds/Chart.yaml | 4 +-- .../seeds/templates/0020-argocd-roles.yaml | 6 +++++ .../0200-gitops-managed-cluster-set.yaml | 12 +++++++++ .../seeds/templates/0300-gitops-cluster.yaml | 25 ++++++++++++++++++ .../0301-managed-cluster-set-bindings.yaml | 12 +++++++++ ...0302-gitops-cluster-placement-binding.yaml | 20 ++++++++++++++ docs/rhacm.md | 26 +++++++++++-------- 9 files changed, 98 insertions(+), 15 deletions(-) create mode 100644 config/rhacm/seeds/templates/0200-gitops-managed-cluster-set.yaml create mode 100644 config/rhacm/seeds/templates/0300-gitops-cluster.yaml create mode 100644 config/rhacm/seeds/templates/0301-managed-cluster-set-bindings.yaml create mode 100644 config/rhacm/seeds/templates/0302-gitops-cluster-placement-binding.yaml diff --git a/config/argocd/Chart.yaml b/config/argocd/Chart.yaml index 08e6a523..30379488 100644 --- a/config/argocd/Chart.yaml +++ b/config/argocd/Chart.yaml @@ -16,9 +16,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.7.0 +version: 0.7.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: "0.8.13" +appVersion: "0.21.0" diff --git a/config/argocd/templates/0300-app-project-rhacm-control-plane.yaml b/config/argocd/templates/0300-app-project-rhacm-control-plane.yaml index 8cf1deb8..f2fa6402 100644 --- a/config/argocd/templates/0300-app-project-rhacm-control-plane.yaml +++ b/config/argocd/templates/0300-app-project-rhacm-control-plane.yaml @@ -13,6 +13,8 @@ spec: clusterResourceWhitelist: - group: '' kind: Namespace + - group: cluster.open-cluster-management.io + kind: ManagedClusterSet - group: rbac.authorization.k8s.io kind: ClusterRole - group: rbac.authorization.k8s.io @@ -37,6 +39,8 @@ spec: kind: Application - group: apps.open-cluster-management.io kind: '*' + - group: cluster.open-cluster-management.io + kind: '*' - group: policy.open-cluster-management.io kind: '*' - group: operator.open-cluster-management.io diff --git a/config/rhacm/seeds/Chart.yaml b/config/rhacm/seeds/Chart.yaml index f907d8f6..bc001fad 100644 --- a/config/rhacm/seeds/Chart.yaml +++ b/config/rhacm/seeds/Chart.yaml @@ -16,9 +16,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.9.0 +version: 0.10.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 0.17.0 +appVersion: 0.18.0 diff --git a/config/rhacm/seeds/templates/0020-argocd-roles.yaml b/config/rhacm/seeds/templates/0020-argocd-roles.yaml index b8009c29..38950165 100644 --- a/config/rhacm/seeds/templates/0020-argocd-roles.yaml +++ b/config/rhacm/seeds/templates/0020-argocd-roles.yaml @@ -49,3 +49,9 @@ rules: - apiGroups: ["multicluster.openshift.io"] resources: ["multiclusterengines"] verbs: ["*"] + - apiGroups: ["apps.open-cluster-management.io"] + resources: ["gitopsclusters"] + verbs: ["*"] + - apiGroups: ["cluster.open-cluster-management.io"] + resources: ["managedclustersets", "managedclustersets/bind", "managedclustersetbindings", "placements"] + verbs: ["*"] diff --git a/config/rhacm/seeds/templates/0200-gitops-managed-cluster-set.yaml b/config/rhacm/seeds/templates/0200-gitops-managed-cluster-set.yaml new file mode 100644 index 00000000..1984b388 --- /dev/null +++ b/config/rhacm/seeds/templates/0200-gitops-managed-cluster-set.yaml @@ -0,0 +1,12 @@ +# https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/applications/managing-applications#gitops-config +--- +apiVersion: cluster.open-cluster-management.io/v1beta2 +kind: ManagedClusterSet +metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "200" + name: gitops-clusters +spec: + clusterSelector: + selectorType: ExclusiveClusterSetLabel diff --git a/config/rhacm/seeds/templates/0300-gitops-cluster.yaml b/config/rhacm/seeds/templates/0300-gitops-cluster.yaml new file mode 100644 index 00000000..3bd9de9e --- /dev/null +++ b/config/rhacm/seeds/templates/0300-gitops-cluster.yaml @@ -0,0 +1,25 @@ +# Creates a gitopscluster resource +# +# Requires: +# Openshift-GitOps operator be installed in the project "openshift-gitops" +# Placement resource "all-gitops-clusters" exists +# A clusterSet is bound to the openshift-gitops namespace +--- +apiVersion: apps.open-cluster-management.io/v1beta1 +kind: GitOpsCluster +metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "300" + name: argo-acm-importer + namespace: openshift-gitops +spec: + # createBlankClusterSecrets: true + argoServer: + cluster: notused + argoNamespace: openshift-gitops + placementRef: + kind: Placement + apiVersion: cluster.open-cluster-management.io/v1beta1 + name: all-gitops-clusters + namespace: openshift-gitops diff --git a/config/rhacm/seeds/templates/0301-managed-cluster-set-bindings.yaml b/config/rhacm/seeds/templates/0301-managed-cluster-set-bindings.yaml new file mode 100644 index 00000000..5100980a --- /dev/null +++ b/config/rhacm/seeds/templates/0301-managed-cluster-set-bindings.yaml @@ -0,0 +1,12 @@ +# Creates a ManagedClusterSetBinding to the openshift-gitops project +--- +apiVersion: cluster.open-cluster-management.io/v1beta1 +kind: ManagedClusterSetBinding +metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "301" + name: gitops-clusters + namespace: openshift-gitops +spec: + clusterSet: gitops-clusters diff --git a/config/rhacm/seeds/templates/0302-gitops-cluster-placement-binding.yaml b/config/rhacm/seeds/templates/0302-gitops-cluster-placement-binding.yaml new file mode 100644 index 00000000..d07e4758 --- /dev/null +++ b/config/rhacm/seeds/templates/0302-gitops-cluster-placement-binding.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: cluster.open-cluster-management.io/v1beta1 +kind: Placement +metadata: + annotations: + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + argocd.argoproj.io/sync-wave: "302" + name: all-gitops-clusters + namespace: openshift-gitops +spec: + tolerations: + - key: cluster.open-cluster-management.io/unreachable + operator: Exists + - key: cluster.open-cluster-management.io/unavailable + operator: Exists + predicates: + - requiredClusterSelector: + labelSelector: + matchLabels: + gitops-remote: "true" diff --git a/docs/rhacm.md b/docs/rhacm.md index f3c3cb58..d9efc046 100644 --- a/docs/rhacm.md +++ b/docs/rhacm.md @@ -2,16 +2,18 @@ ## Contents -- [Overview](#overview) -- [Installation](#installation) - * [Install RHACM on OCP cluster via Argo](#install-rhacm-on-ocp-cluster-via-argo) -- [Using the policies](#using-the-policies) - * [Policies](#policies) - * [Label your clusters](#label-your-clusters) - * [Examples](#examples) -- [The "rhacm-users" group](#the--rhacm-users--group) -- [Contributing](#contributing) -- [References](#references) +- [Red Hat Advanced Cluster Management for Kubernetes](#red-hat-advanced-cluster-management-for-kubernetes) + - [Contents](#contents) + - [Overview](#overview) + - [Installation](#installation) + - [Install RHACM on OCP cluster via Argo](#install-rhacm-on-ocp-cluster-via-argo) + - [Using the policies](#using-the-policies) + - [Policies](#policies) + - [Label your clusters](#label-your-clusters) + - [Examples](#examples) + - [The "rhacm-users" group](#the-rhacm-users-group) + - [Contributing](#contributing) + - [References](#references) --- @@ -90,9 +92,11 @@ Once Argo completes synchronizing the applications, your cluster will have polic Labels: - `gitops-branch` + `cp4a`: Placement for Cloud Pak for Business Automation. -- `gitops-branch` + `cp4waiops`: Placement for Cloud Pak for Cloud Pak for Watson AIOps. - `gitops-branch` + `cp4d`: Placement for Cloud Pak for Data. - `gitops-branch` + `cp4i`: Placement for Cloud Pak for Integration. +- `gitops-branch` + `cp4s`: Placement for Cloud Pak for Security. +- `gitops-branch` + `cp4waiops`: Placement for Cloud Pak for Watson AIOps. +- `gitops-remote` + `true`: Assign cluster to the `gitops-cluster` cluster-set, registering it to the [GitOps Cluster](https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.7/html/applications/managing-applications#gitops-config). Values for each label: