Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

provide a way to tell the operator to create only the remote cluster resources #836

Merged
merged 13 commits into from
Nov 7, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions crd-docs/cr/kiali.io_v1alpha1_kiali.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ spec:
scopes: ["openid", "profile", "email"]
username_claim: "sub"
openshift:
#redirect_uris:
#token_inactivity_timeout:
#token_max_age:

Expand Down Expand Up @@ -218,6 +219,7 @@ spec:
pod_labels:
sidecar.istio.io/inject: "true"
priority_class_name: ""
remote_cluster_resources_only: false
replicas: 1
# default: resources is undefined
resources:
Expand Down
8 changes: 8 additions & 0 deletions crd-docs/crd/kiali.io_kialis.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,11 @@ spec:
description: "To learn more about these settings and how to configure the OpenShift authentication strategy, read the documentation at https://kiali.io/docs/configuration/authentication/openshift/"
type: object
properties:
redirect_uris:
description: "The OAuthClient redirect URIs. You normally do not have to set this unless you are creating remote cluster resources (see `deployment.remote_cluster_resources_only`) with `auth.strategy` set to `openshift`."
type: array
items:
type: string
token_inactivity_timeout:
description: "Timeout that overrides the default OpenShift token inactivity timeout. This value represents the maximum amount of time in seconds that can occur between consecutive uses of the token. Tokens become invalid if they are not used within this temporal window. If 0, the Kiali tokens never timeout. OpenShift may have a minimum allowed value - see the OpenShift documentation specific for the version of OpenShift you are using. WARNING: existing tokens will not be affected by changing this setting."
type: integer
Expand Down Expand Up @@ -594,6 +599,9 @@ spec:
priority_class_name:
description: "The priorityClassName used to assign the priority of the Kiali pod."
type: string
remote_cluster_resources_only:
description: "When `true`, only those resources necessary for a remote Kiali Server to access this cluster are created (such as the service account and roles/bindings). There will be no Kiali Server deployment/pod created when this is `true`."
type: boolean
replicas:
description: "The replica count for the Kiail deployment. If `deployment.hpa` is specified, this setting is ignored."
type: integer
Expand Down
37 changes: 24 additions & 13 deletions molecule/common/tasks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,18 @@
- debug:
msg: "Present Kiali CR: {{ kiali_cr }}"

- name: Get Kiali Configmap
vars:
instance_name: "{{ kiali.instance_name | default('kiali') }}"
set_fact:
kiali_configmap_resource: "{{ lookup('kubernetes.core.k8s', api_version='v1', kind='ConfigMap', namespace=kiali.install_namespace, resource_name=instance_name) }}"

- name: Format Configmap
set_fact:
kiali_configmap: "{{ kiali_configmap_resource.data['config.yaml'] | from_yaml }}"
- debug:
msg: "Present Kiali ConfigMap: {{ kiali_configmap }}"

- name: Get Kiali Operator Pod
k8s_info:
api_version: v1
Expand All @@ -33,18 +45,8 @@
label_selectors:
- "app.kubernetes.io/instance={{ instance_name }}"
register: kiali_pod

- name: Get Kiali Configmap
vars:
instance_name: "{{ kiali.instance_name | default('kiali') }}"
set_fact:
kiali_configmap_resource: "{{ lookup('kubernetes.core.k8s', api_version='v1', kind='ConfigMap', namespace=kiali.install_namespace, resource_name=instance_name) }}"

- name: Format Configmap
set_fact:
kiali_configmap: "{{ kiali_configmap_resource.data['config.yaml'] | from_yaml }}"
- debug:
msg: "Present Kiali ConfigMap: {{ kiali_configmap }}"
when:
- kiali_configmap.deployment.remote_cluster_resources_only == False

- name: Get Kiali Deployment
vars:
Expand All @@ -56,6 +58,8 @@
label_selectors:
- "app.kubernetes.io/instance={{ instance_name }}"
register: kiali_deployment
when:
- kiali_configmap.deployment.remote_cluster_resources_only == False

- name: Get Kiali Service
vars:
Expand All @@ -67,6 +71,8 @@
label_selectors:
- "app.kubernetes.io/instance={{ instance_name }}"
register: kiali_service
when:
- kiali_configmap.deployment.remote_cluster_resources_only == False

- name: Get Kiali Route
vars:
Expand All @@ -80,6 +86,7 @@
register: kiali_route
when:
- is_openshift == True
- kiali_configmap.deployment.remote_cluster_resources_only == False

- name: Get Kiali Ingress
ignore_errors: yes
Expand All @@ -93,7 +100,8 @@
- "app.kubernetes.io/instance={{ instance_name }}"
register: kiali_ingress
when:
- is_openshift != True
- is_openshift == False
- kiali_configmap.deployment.remote_cluster_resources_only == False

- name: Determine the Kiali Route URL on OpenShift
vars:
Expand All @@ -102,6 +110,7 @@
kiali_base_url: "https://{{ kiali_route.resources[0].spec.host }}{{ web_root }}"
when:
- is_openshift == True
- kiali_configmap.deployment.remote_cluster_resources_only == False

# To avoid problems with Ingress/Minikube conflicts, if installing multiple kiali instances set web_root to the instance name
- name: Determine the Kiali Ingress URL on minikube
Expand All @@ -112,9 +121,11 @@
kiali_base_url: "https://{{ lookup('env', 'MOLECULE_MINIKUBE_IP') }}{{ web_root }}"
when:
- is_minikube == True
- kiali_configmap.deployment.remote_cluster_resources_only == False

- name: Determine the Kiali Ingress URL on kind
set_fact:
kiali_base_url: "http://{{ kiali_service.resources[0].status.loadBalancer.ingress[0].ip }}:20001/kiali"
when:
- is_kind == True
- kiali_configmap.deployment.remote_cluster_resources_only == False
5 changes: 5 additions & 0 deletions molecule/default/prepare.yml
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,9 @@
namespace: "{{ cr_namespace }}"
definition: "{{ kiali_cr_definition }}"

# We normally always want to wait for kiali to be deployed, but for those tests
# where this is not wanted (e.g. when remote_cluster_resources_only==true), then
# import this playbook with the var "wait_for_kiali_pod_after_prepare" set to false.
- name: Asserting that Kiali is Deployed
vars:
instance_name: "{{ kiali.instance_name | default('kiali') }}"
Expand All @@ -127,3 +130,5 @@
- kiali_deployment.resources[0].status.availableReplicas == 1
retries: "{{ wait_retries }}"
delay: 5
when:
- wait_for_kiali_pod_after_prepare | default(true) == True
Loading