diff --git a/Makefile b/Makefile index a537445f..fb3d8769 100644 --- a/Makefile +++ b/Makefile @@ -158,13 +158,7 @@ minikube-push: VERSION ?= $(shell cat .version) minikube-push: .version minikube image load $(IMAGE_TAG_BASE):$(VERSION) -##@ Deployment - -install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/crd | kubectl apply -f - - -uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/crd | kubectl delete -f - +## Deployment deploy: VERSION ?= $(shell cat .version) deploy: .version kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 985c3eee..28c8259d 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -23,31 +23,31 @@ spec: control-plane: controller-manager spec: containers: - - command: - - /manager - args: - - --leader-elect - - --controller=manager - image: controller:latest - name: manager - securityContext: - allowPrivilegeEscalation: false - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 + - command: + - /manager + args: + - --leader-elect + - --controller=manager + image: controller:latest + name: manager + securityContext: + allowPrivilegeEscalation: false + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 serviceAccountName: controller-manager terminationGracePeriodSeconds: 10 --- -apiVersion: dm.cray.hpe.com/v1alpha1 +apiVersion: nnf.cray.hpe.com/v1alpha1 kind: DataMovementManager metadata: name: manager-controller-manager @@ -55,35 +55,35 @@ metadata: spec: selector: matchLabels: - cray.nnf.node: "true" - hostPath: "/mnt/nnf" - mountPath: "/mnt/nnf" + cray.nnf.node: 'true' + hostPath: '/mnt/nnf' + mountPath: '/mnt/nnf' template: spec: serviceAccountName: nnf-dm-controller-manager # not sure why 'controller-manager' isn't patched to include the 'nnf-dm-' prefix tolerations: - - key: "cray.nnf.node" - operator: "Equal" - value: "true" - effect: "NoSchedule" + - key: 'cray.nnf.node' + operator: 'Equal' + value: 'true' + effect: 'NoSchedule' shareProcessNamespace: true containers: - name: worker image: nnf-mfu:latest - command: + command: - /usr/sbin/sshd args: - -De securityContext: privileged: true capabilities: - add: ["SETUID", "SETGID", "MKNOD"] + add: ['SETUID', 'SETGID', 'MKNOD'] - name: manager - command: - - /manager + command: + - /manager args: - - --leader-elect=false - - --controller=node + - --leader-elect=false + - --controller=node image: controller:latest env: - name: NNF_NODE_NAME diff --git a/config/manager/manager_imagepullsecret_patch.yaml b/config/manager/manager_imagepullsecret_patch.yaml index e0c7f521..b158234a 100644 --- a/config/manager/manager_imagepullsecret_patch.yaml +++ b/config/manager/manager_imagepullsecret_patch.yaml @@ -7,9 +7,9 @@ spec: template: spec: imagePullSecrets: - - name: name_of_secret + - name: name_of_secret --- -apiVersion: dm.cray.hpe.com/v1alpha1 +apiVersion: nnf.cray.hpe.com/v1alpha1 kind: DataMovementManager metadata: name: manager-controller-manager @@ -18,4 +18,4 @@ spec: template: spec: imagePullSecrets: - - name: name_of_secret + - name: name_of_secret diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 59f1bab4..7b18528d 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -101,7 +101,17 @@ rules: - list - watch - apiGroups: - - dm.cray.hpe.com + - lus.cray.hpe.com + resources: + - lustrefilesystems + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - nnf.cray.hpe.com resources: - datamovementmanagers verbs: @@ -113,29 +123,19 @@ rules: - update - watch - apiGroups: - - dm.cray.hpe.com + - nnf.cray.hpe.com resources: - datamovementmanagers/finalizers verbs: - update - apiGroups: - - dm.cray.hpe.com + - nnf.cray.hpe.com resources: - datamovementmanagers/status verbs: - get - patch - update -- apiGroups: - - lus.cray.hpe.com - resources: - - lustrefilesystems - verbs: - - get - - list - - patch - - update - - watch - apiGroups: - nnf.cray.hpe.com resources: diff --git a/internal/controller/datamovementmanager_controller.go b/internal/controller/datamovementmanager_controller.go index 6a9b0639..5366e8f9 100644 --- a/internal/controller/datamovementmanager_controller.go +++ b/internal/controller/datamovementmanager_controller.go @@ -84,9 +84,9 @@ type DataMovementManagerReconciler struct { Scheme *runtime.Scheme } -//+kubebuilder:rbac:groups=dm.cray.hpe.com,resources=datamovementmanagers,verbs=get;list;watch;create;update;patch;delete -//+kubebuilder:rbac:groups=dm.cray.hpe.com,resources=datamovementmanagers/status,verbs=get;update;patch -//+kubebuilder:rbac:groups=dm.cray.hpe.com,resources=datamovementmanagers/finalizers,verbs=update +//+kubebuilder:rbac:groups=nnf.cray.hpe.com,resources=datamovementmanagers,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=nnf.cray.hpe.com,resources=datamovementmanagers/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=nnf.cray.hpe.com,resources=datamovementmanagers/finalizers,verbs=update // Data Movement Manager initializes the secrets used in establishing SSH connections between the data movement deployment // and the data movement daemonset describing the worker nodes.