Skip to content

Commit

Permalink
Merge pull request #69 from ocadotechnology/upgrade_python_packages
Browse files Browse the repository at this point in the history 
feat: upgrade python kubernetes library
  • Loading branch information
@dh-harald
dh-harald authored Dec 1, 2022
2 parents bcda8f2 + 5d54726 commit 01da173
Show file tree
Hide file tree
Showing 5 changed files with 35 additions and 25 deletions.
2 changes: 1 addition & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,4 @@ COPY . ./app
WORKDIR /app
ENV PYTHONPATH "$PYTHONPATH:/app"
RUN pip install --no-cache -r requirements.txt
ENTRYPOINT ["python", "mirroroperator/operator.py"]
CMD ["python", "-u", "mirroroperator/operator.py"]
28 changes: 21 additions & 7 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,10 +86,10 @@ Name | description | default
`DOCKER_CERTIFICATE_SECRET` | (Required) You **must** provide a certificate to enable TLS between the docker daemon and the registry and create a secret from it, this variable is the name of the secret | None
`NAMESPACE` | (Optional) The namespace in which the resources should be created. This should be the same namespace as where the container is running | default
`SECONDS_BETWEEN_STREAMS` | (Optional) Time to sleep between calls to the API. The operator will occasionally lose connection or else fail to run if the Custom Resource Definition does not exist. | 30
`DOCKER_REGISTRY` | (Optional) The docker registry where Docker images for all containers are to be pulled from. Set it if you have cache/proxy for accessing DockerHub. Overrides HOSTESS_DOCKER_REGISTRY if set to non-default value. | docker.io
`HOSTESS_DOCKER_REGISTRY` | (Optional) Deprecated, will be removed in version 1.0.0. The docker registry where mirror-hostess and alpine are to be pulled from. | docker.io
`DOCKER_REGISTRY` | (Optional) The docker registry where Docker images for all containers are to be pulled from. Set it if you have cache/proxy for accessing DockerHub. | docker.io
`HOSTESS_DOCKER_REGISTRY` | (Optional) The docker registry where mirror-hostess is to be pulled from. | ghcr.io
`HOSTESS_DOCKER_IMAGE` | (Optional) The name of the docker image for mirror-hostess. | ocadotechnology/mirror-hostess
`HOSTESS_DOCKER_TAG` | (Optional) The tag for the mirror-hostess docker image. | 1.1.0
`HOSTESS_DOCKER_TAG` | (Optional) The tag for the mirror-hostess docker image. | 1.4.0
`ADDRESSING_SCHEME` | (Optional) Select supported addressing scheme | hostess
`IMAGESWAP_NAMESPACE` | (Optional) The namespace for `imageswap-maps` ConfigMap | the same as `NAMESPACE`
`SS_DS_LABELS` | (Optional) StatefulSet and DaemonSet labels | None
Expand All @@ -100,17 +100,31 @@ Name | description | default

## Usage
In order to have the operator deploy a new mirror, the cluster needs to have the custom resource defined:
```
apiVersion: apiextensions.k8s.io/v1beta1
```yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
# name must match the spec fields below, and be in the form: <plural>.<group>
name: registrymirrors.k8s.osp.tech
spec:
# group name to use for REST API: /apis/<group>/<version>
group: k8s.osp.tech
preserveUnknownFields: false
# version name to use for REST API: /apis/<group>/<version>
version: v1
versions:
- name: v1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
# either Namespaced or Cluster
scope: Cluster
names:
Expand All @@ -123,8 +137,8 @@ spec:
# shortNames allow shorter string to match your resource on the CLI
shortNames:
- rm
```
TODO: add proper openAPIV3Schema
You can then create new mirrors by providing at minimum an `upstreamUrl` in the spec:
```yaml
Expand Down
12 changes: 3 additions & 9 deletions mirroroperator/operator.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ def __init__(self, env_vars):
"""
:param env_vars: dictionary includes namespace,
docker_registry (used in RegistryMirror),
hostess_docker_registry (used in RegistryMirror, deprecated),
hostess_docker_registry (used in RegistryMirror),
ss_ds_labels (used in RegistryMirror, optional),
ss_ds_template_lables (used in RegistryMirror, optional)
ss_ds_tolerations (used in RegistryMirror, optional)
Expand Down Expand Up @@ -151,15 +151,13 @@ def main():
# optional to allow for image to be pulled from elsewhere
docker_registry=os.environ.get(
"DOCKER_REGISTRY", "docker.io"),
# pylint: disable=fixme
# TODO: remove 'hostess_docker_registry' in 1.0.0
hostess_docker_registry=os.environ.get(
"HOSTESS_DOCKER_REGISTRY", "docker.io"),
"HOSTESS_DOCKER_REGISTRY", "ghcr.io"),
addressing_scheme=os.environ.get("ADDRESSING_SCHEME", "hostess"),
imageswap_namespace=os.environ.get("IMAGESWAP_NAMESPACE", env_namespace),
hostess_docker_image=os.environ.get("HOSTESS_DOCKER_IMAGE",
"ocadotechnology/mirror-hostess"),
hostess_docker_tag=os.environ.get("HOSTESS_DOCKER_TAG", "1.1.0"),
hostess_docker_tag=os.environ.get("HOSTESS_DOCKER_TAG", "1.4.0"),
# optional labels to be added to daemonsets and statefulsets
ss_ds_labels=safely_eval_env("SS_DS_LABELS"),
ss_ds_template_labels=safely_eval_env("SS_DS_TEMPLATE_LABELS"),
Expand All @@ -172,10 +170,6 @@ def main():
# get ca certificate
ca_certificate_bundle=os.environ.get("CA_CERTIFICATE_BUNDLE"),
)
# HOSTESS_DOCKER_REGISTRY is deprecated in favor of DOCKER_REGISTRY
if env_vars["docker_registry"] != "docker.io":
env_vars["hostess_docker_registry"] = env_vars["docker_registry"]

parser = argparse.ArgumentParser()
parser.add_argument("--map-update",
help="Update the imageswap-maps Config Map",
Expand Down
16 changes: 9 additions & 7 deletions mirroroperator/registrymirror.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,10 @@ def __init__(self, event_type, namespace, docker_registry,
if kwargs["ss_ds_tolerations"] is not None:
for t in kwargs["ss_ds_tolerations"]:
self.ss_ds_tolerations.append(client.V1Toleration(**t))
self.image_pull_secrets = kwargs["image_pull_secrets"] or ""
if kwargs["image_pull_secrets"] is not None:
self.image_pull_secrets = [{"name": name} for name in kwargs["image_pull_secrets"].split(",")]
else:
self.image_pull_secrets = None
self.ca_certificate_bundle = kwargs["ca_certificate_bundle"]

self.volume_claim_spec = client.V1PersistentVolumeClaimSpec(
Expand Down Expand Up @@ -322,8 +325,8 @@ def generate_daemon_set(self, daemon_set):
"-u",
"-x"
],
image="{}/alpine:3.6".format(
self.hostess_docker_registry),
image="{}/alpine:3.14".format(
self.docker_registry),
image_pull_policy="IfNotPresent",
resources=client.V1ResourceRequirements(
requests={"memory": "1Mi", "cpu": "0.001"},
Expand Down Expand Up @@ -365,8 +368,7 @@ def generate_daemon_set(self, daemon_set):
spec=client.V1PodSpec(
containers=daemonset_containers,
tolerations=self.ss_ds_tolerations,
image_pull_secrets=[{"name": name} for name in
self.image_pull_secrets.split(",")],
image_pull_secrets=self.image_pull_secrets,
service_account_name="mirror-hostess",
termination_grace_period_seconds=2,
volumes=[client.V1Volume(
Expand Down Expand Up @@ -583,7 +585,7 @@ def generate_stateful_set(self):
init_containers=[
client.V1Container(
name="generate-ca-certs",
image="{}/cloudbees/docker-certificates:1.2".format(
image="{}/cloudbees/docker-certificates:1.3".format(
self.docker_registry),
command=["/bin/sh"],
args=["-c", script],
Expand Down Expand Up @@ -613,7 +615,7 @@ def generate_stateful_set(self):
containers=[
client.V1Container(
name="registry",
image="{}/nginx:1.13.3-alpine".format(
image="{}/nginx:1.22.1-alpine".format(
self.docker_registry),
readiness_probe=client.V1Probe(
http_get=client.V1HTTPGetAction(
Expand Down
2 changes: 1 addition & 1 deletion requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
bitmath==1.3.3.1
fasteners==0.14.1
kubernetes==11.0.0
kubernetes==21.7.0
statsd==3.2.1

0 comments on commit 01da173

Please sign in to comment.