From bc8e5f614209138db93dc8cd9e4e3fdc9e91fbb6 Mon Sep 17 00:00:00 2001 From: Abhisek Dwivedi Date: Thu, 17 Oct 2024 01:36:35 +0530 Subject: [PATCH] Add backup and restore related resources in helm-chart --- README.md | 6 +- ...rnetes-operator.clusterserviceversion.yaml | 2 + .../aerospike-backup-service/values.yaml | 2 +- helm-charts/aerospike-backup/values.yaml | 6 +- ...or-aerospikebackup-editor-clusterrole.yaml | 20 +++++ ...or-aerospikebackup-viewer-clusterrole.yaml | 25 ++++++ ...spikebackupservice-editor-clusterrole.yaml | 20 +++++ ...spikebackupservice-viewer-clusterrole.yaml | 25 ++++++ ...r-aerospikerestore-editor-clusterrole.yaml | 20 +++++ ...r-aerospikerestore-viewer-clusterrole.yaml | 25 ++++++ ...erospike-operator-manager-clusterrole.yaml | 89 +++++++++++++++++++ ...erator-mutating-webhook-configuration.yaml | 20 +++++ ...ator-validating-webhook-configuration.yaml | 60 +++++++++++++ 13 files changed, 315 insertions(+), 5 deletions(-) create mode 100644 helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackup-editor-clusterrole.yaml create mode 100644 helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackup-viewer-clusterrole.yaml create mode 100644 helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackupservice-editor-clusterrole.yaml create mode 100644 helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackupservice-viewer-clusterrole.yaml create mode 100644 helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikerestore-editor-clusterrole.yaml create mode 100644 helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikerestore-viewer-clusterrole.yaml diff --git a/README.md b/README.md index 7b588edc5..e239a8aec 100644 --- a/README.md +++ b/README.md @@ -26,6 +26,8 @@ The Operator supports the following capabilities: * Configure persistent storage and resource allocation * Standardize and validate configurations * Cluster security management +* Aerospike cluster monitoring +* Backup and restore Aerospike clusters ## Building and quick start @@ -82,8 +84,8 @@ operator using OLM. ### Install operator-sdk -Install operator-sdk version 1.28.0 using the -installation [guide](https://v1-28-x.sdk.operatorframework.io/docs/installation/) +Install operator-sdk version 1.36.0 using the +installation [guide](https://v1-36-x.sdk.operatorframework.io/docs/installation/) ### Build the bundle diff --git a/config/manifests/bases/aerospike-kubernetes-operator.clusterserviceversion.yaml b/config/manifests/bases/aerospike-kubernetes-operator.clusterserviceversion.yaml index fad07a059..28f873703 100644 --- a/config/manifests/bases/aerospike-kubernetes-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/aerospike-kubernetes-operator.clusterserviceversion.yaml @@ -257,6 +257,8 @@ spec: - Configure persistent storage and resource allocation - Standardize and validate configurations - Cluster security management + - Aerospike cluster monitoring + - Backup and restore Aerospike clusters displayName: Aerospike Kubernetes Operator icon: - base64data: PHN2ZyB3aWR0aD0iMjUwMCIgaGVpZ2h0PSIyNTAwIiB2aWV3Qm94PSIwIDAgMjU2IDI1NiIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiBwcmVzZXJ2ZUFzcGVjdFJhdGlvPSJ4TWlkWU1pZCI+PHBhdGggZD0iTTAgMGgyNTZ2MjU2SDBWMHoiIGZpbGw9IiNCMDI1MkEiLz48cGF0aCBkPSJNMTU2LjI5MyA5NS42MDVsLTczLjE2OSAzMi41OTQgNzMuMTcgMzIuODFWOTUuNjA1em0tOTIuMDMyIDM5Ljk3OWwtMTcuMDQ5LTcuMyAxNy4wNDktNy44ODIgMTQ0LjUyNy02NS4zNzZ2MTcuNDAzbC0zNy45MzIgMTYuODI0djc4LjExN2wzNy45MzIgMTd2MTYuNjA0TDY0LjI2IDEzNS41ODR6IiBmaWxsPSIjRkZGIi8+PC9zdmc+ diff --git a/helm-charts/aerospike-backup-service/values.yaml b/helm-charts/aerospike-backup-service/values.yaml index 4a1d0a15a..577dd6df3 100644 --- a/helm-charts/aerospike-backup-service/values.yaml +++ b/helm-charts/aerospike-backup-service/values.yaml @@ -33,7 +33,6 @@ backupServiceConfig: {} # test-policy: # parallel: 3 # remove-files: KeepAll -# type: 1 # storage: # local: # path: /localStorage @@ -42,6 +41,7 @@ backupServiceConfig: {} # type: aws-s3 # path: "s3://test-bucket" # s3-region: us-east-1 +# s3-endpoint-override: "" # s3-profile: default ## SecretMounts is the list of secret to be mounted in the backup service. diff --git a/helm-charts/aerospike-backup/values.yaml b/helm-charts/aerospike-backup/values.yaml index 064aa8196..3d51fb301 100644 --- a/helm-charts/aerospike-backup/values.yaml +++ b/helm-charts/aerospike-backup/values.yaml @@ -17,7 +17,8 @@ backupService: {} ## This config is used to trigger backups. It includes: aerospike-cluster, backup-routines backupConfig: {} # aerospike-cluster: -# aerospike-aerospikebackup-test-cluster: # Name format: -- + # Name format: The name must begin with the prefix - +# aerospike-aerospikebackup-test-cluster: # credentials: # password: admin123 # user: admin @@ -25,7 +26,8 @@ backupConfig: {} # - host-name: aerocluster.aerospike.svc.cluster.local # port: 3000 # backup-routines: -# aerospike-aerospikebackup-test-routine: # Name format: -- + # Name format: The name must begin with the prefix - +# aerospike-aerospikebackup-test-routine: # backup-policy: test-policy # interval-cron: "@daily" # incr-interval-cron: "@hourly" diff --git a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackup-editor-clusterrole.yaml b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackup-editor-clusterrole.yaml new file mode 100644 index 000000000..5267f63f2 --- /dev/null +++ b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackup-editor-clusterrole.yaml @@ -0,0 +1,20 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: aerospike-operator-aerospikebackup-editor-role + labels: + app: {{ template "aerospike-kubernetes-operator.fullname" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackups + verbs: + - create + - delete + - patch + - update +{{- end }} diff --git a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackup-viewer-clusterrole.yaml b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackup-viewer-clusterrole.yaml new file mode 100644 index 000000000..e47abd025 --- /dev/null +++ b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackup-viewer-clusterrole.yaml @@ -0,0 +1,25 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: aerospike-operator-aerospikebackup-viewer-role + labels: + app: {{ template "aerospike-kubernetes-operator.fullname" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackups + verbs: + - get + - list + - watch +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackups/status + verbs: + - get +{{- end }} diff --git a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackupservice-editor-clusterrole.yaml b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackupservice-editor-clusterrole.yaml new file mode 100644 index 000000000..01aeb1fe5 --- /dev/null +++ b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackupservice-editor-clusterrole.yaml @@ -0,0 +1,20 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: aerospike-operator-aerospikebackupservice-editor-role + labels: + app: {{ template "aerospike-kubernetes-operator.fullname" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackupservices + verbs: + - create + - delete + - patch + - update +{{- end }} diff --git a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackupservice-viewer-clusterrole.yaml b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackupservice-viewer-clusterrole.yaml new file mode 100644 index 000000000..58e31c95c --- /dev/null +++ b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikebackupservice-viewer-clusterrole.yaml @@ -0,0 +1,25 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: aerospike-operator-aerospikebackupservice-viewer-role + labels: + app: {{ template "aerospike-kubernetes-operator.fullname" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackupservices + verbs: + - get + - list + - watch +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackupservices/status + verbs: + - get +{{- end }} diff --git a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikerestore-editor-clusterrole.yaml b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikerestore-editor-clusterrole.yaml new file mode 100644 index 000000000..a8189e1b2 --- /dev/null +++ b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikerestore-editor-clusterrole.yaml @@ -0,0 +1,20 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: aerospike-operator-aerospikerestore-editor-role + labels: + app: {{ template "aerospike-kubernetes-operator.fullname" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikerestores + verbs: + - create + - delete + - patch + - update +{{- end }} diff --git a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikerestore-viewer-clusterrole.yaml b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikerestore-viewer-clusterrole.yaml new file mode 100644 index 000000000..246859052 --- /dev/null +++ b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-aerospikerestore-viewer-clusterrole.yaml @@ -0,0 +1,25 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: aerospike-operator-aerospikerestore-viewer-role + labels: + app: {{ template "aerospike-kubernetes-operator.fullname" . }} + chart: {{ .Chart.Name }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikerestores + verbs: + - get + - list + - watch +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikerestores/status + verbs: + - get +{{- end }} diff --git a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-manager-clusterrole.yaml b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-manager-clusterrole.yaml index 05053cfbc..cf2759980 100644 --- a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-manager-clusterrole.yaml +++ b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-manager-clusterrole.yaml @@ -9,6 +9,17 @@ metadata: chart: {{ .Chart.Name }} release: {{ .Release.Name }} rules: +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - patch + - update + - watch - apiGroups: - apps resources: @@ -21,6 +32,58 @@ rules: - patch - update - watch +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackups/finalizers + verbs: + - update +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackups/status + verbs: + - get + - patch + - update +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackupservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackupservices/finalizers + verbs: + - update +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikebackupservices/status + verbs: + - get + - patch + - update - apiGroups: - asdb.aerospike.com resources: @@ -47,6 +110,32 @@ rules: - get - patch - update +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikerestores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikerestores/finalizers + verbs: + - update +- apiGroups: + - asdb.aerospike.com + resources: + - aerospikerestores/status + verbs: + - get + - patch + - update - apiGroups: - "" resources: diff --git a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-mutating-webhook-configuration.yaml b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-mutating-webhook-configuration.yaml index 4e8914035..c2e830318 100644 --- a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-mutating-webhook-configuration.yaml +++ b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-mutating-webhook-configuration.yaml @@ -29,3 +29,23 @@ webhooks: resources: - aerospikeclusters sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: aerospike-operator-webhook-service + namespace: {{ .Release.Namespace }} + path: /mutate-asdb-aerospike-com-v1beta1-aerospikerestore + failurePolicy: Fail + name: maerospikerestore.kb.io + rules: + - apiGroups: + - asdb.aerospike.com + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - aerospikerestores + sideEffects: None diff --git a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-validating-webhook-configuration.yaml b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-validating-webhook-configuration.yaml index 664edbd2b..a4e5d3fb3 100644 --- a/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-validating-webhook-configuration.yaml +++ b/helm-charts/aerospike-kubernetes-operator/templates/aerospike-operator-validating-webhook-configuration.yaml @@ -29,3 +29,63 @@ webhooks: resources: - aerospikeclusters sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: aerospike-operator-webhook-service + namespace: {{ .Release.Namespace }} + path: /validate-asdb-aerospike-com-v1beta1-aerospikebackup + failurePolicy: Fail + name: vaerospikebackup.kb.io + rules: + - apiGroups: + - asdb.aerospike.com + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - aerospikebackups + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: aerospike-operator-webhook-service + namespace: {{ .Release.Namespace }} + path: /validate-asdb-aerospike-com-v1beta1-aerospikebackupservice + failurePolicy: Fail + name: vaerospikebackupservice.kb.io + rules: + - apiGroups: + - asdb.aerospike.com + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - aerospikebackupservices + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: aerospike-operator-webhook-service + namespace: {{ .Release.Namespace }} + path: /validate-asdb-aerospike-com-v1beta1-aerospikerestore + failurePolicy: Fail + name: vaerospikerestore.kb.io + rules: + - apiGroups: + - asdb.aerospike.com + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - aerospikerestores + sideEffects: None