-
Notifications
You must be signed in to change notification settings - Fork 205
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Konveyor and OLM add-ons #711
Changes from 3 commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
# Konveyor Amazon EKS Blueprints AddOn | ||
|
||
This add-on installs [Konveyor](https://konveyor.github.io/). | ||
|
||
Konveyor helps large organizations modernize enterprise java applications to Kubernetes. It serves as a platform providing a view of an organization's applications, allowing Assessment and Analysis capabilities to be executed at scale to help Architects get a better feel of the issues present in application source code in regard to deploying to a new environment such as Kubernetes, or other technologies. | ||
|
||
## Dependencies | ||
|
||
The add-on depends on the following components: | ||
- Operator Lifecycle Manager add-on (_OlmAddOn_) | ||
- [AWS Load Balancer Controller](https://kubernetes-sigs.github.io/aws-load-balancer-controller/) add-on (_AwsLoadBalancerControllerAddOn_), which will instantiate an [ALB](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html) to fulfill the Ingress deployed by this add-on | ||
- [EBS CSI Driver Amazon EKS add-on](https://aws-quickstart.github.io/cdk-eks-blueprints/addons/ebs-csi-driver/) (_EbsCsiDriverAddOn_), to provide Persistent Volumes (PVs) fulfilling Konveyor's Persistent Volume Claims (PVCs) | ||
- a subdomain for the Konveyor application | ||
- a certificate for the subdomain, made available by the either _CreateCertificateProvider_ or _ImportCertificateProvider_, to be assigned to the load balancer | ||
|
||
## Setup | ||
|
||
For a fully working setup, please see the Konveyor pattern in the EKS Blueprints Pattern [repository](https://github.com/aws-samples/cdk-eks-blueprints-patterns). |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
# Operator Lifecycle Manager Amazon EKS Blueprints AddOn | ||
|
||
This add-on installs [Operator Lifecycle Manager](https://olm.operatorframework.io/) (OLM). | ||
|
||
## Setup | ||
|
||
OLM defines Custom Resource Definitions (CRDs). Operators relying on those CRDs should be deployed once the CRDs are defined, to avoid deployment errors from Kubernetes. To avoid such errors, you can create a KubernetesObjectValue and add a dependency on that. For a working example, please see the Konveyor add-on. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,176 @@ | ||
import { ClusterAddOn, ClusterInfo } from "../../spi"; | ||
import { Construct } from 'constructs'; | ||
import { readYamlDocument, loadYaml, dependable } from "../../utils"; | ||
import { KubectlProvider, ManifestDeployment } from "../helm-addon/kubectl-provider"; | ||
import { KubernetesObjectValue } from "aws-cdk-lib/aws-eks"; | ||
import { ICertificate } from "aws-cdk-lib/aws-certificatemanager"; | ||
|
||
export interface KonveyorAddOnProps { | ||
/** | ||
* Namespace for Konveyor/Tackle. | ||
* @default 'konveyor-operator' | ||
*/ | ||
namespace?: string; | ||
/** | ||
* Konveyor/Tackle name. | ||
* @default 'tackle' | ||
*/ | ||
konveyorName?: string; | ||
/** | ||
* See https://github.com/konveyor/tackle2-operator | ||
* @default '100Gi' | ||
*/ | ||
cacheDataVolumeSize?: string; | ||
/** | ||
* See https://github.com/konveyor/tackle2-operator | ||
* @default '100Gi' | ||
*/ | ||
hubBucketVolumeSize?: string; | ||
/** | ||
* See https://github.com/konveyor/tackle2-operator | ||
* @default 'false' | ||
*/ | ||
rwxSupported?: string; | ||
/** | ||
* See https://github.com/konveyor/tackle2-operator | ||
* @default 'false' | ||
*/ | ||
featureAuthRequired?: string; | ||
/** | ||
* See https://github.com/konveyor/tackle2-operator | ||
* @default 'true' | ||
*/ | ||
featureIsolateNamespace?: string; | ||
/** | ||
* See https://github.com/konveyor/tackle2-operator | ||
* @default '5Gi' | ||
*/ | ||
hubDatabaseVolumeSize?: string; | ||
/** | ||
* See https://github.com/konveyor/tackle2-operator | ||
* @default '1Gi' | ||
*/ | ||
keycloakDatabaseDataVolumeSize?: string; | ||
/** | ||
* See https://github.com/konveyor/tackle2-operator | ||
* @default '100Gi' | ||
*/ | ||
pathfinderDatabaseDataVolumeSize?: string; | ||
/** | ||
* Ingress name | ||
* @default 'http-ingress' | ||
*/ | ||
ingressName?: string; | ||
/** | ||
* Service name for the Ingress configuration | ||
* @default 'tackle-ui' | ||
*/ | ||
serviceName?: string; | ||
/** | ||
* Service port for the Ingress configuration | ||
* @default '8080' | ||
*/ | ||
servicePort?: number; | ||
/** | ||
* Certificate resource name for the Ingress HTTPS configuration | ||
*/ | ||
certificateResourceName: string; | ||
/** | ||
* Subdomain to be assigned to the Load Balancer | ||
*/ | ||
subdomain: string; | ||
/** | ||
* URL of the Konveyor Operator Manifest | ||
*/ | ||
konveyorOperatorManifestUrl?: string; | ||
} | ||
|
||
/** | ||
* Default Konveyor/Tackle properties | ||
*/ | ||
const defaultProps = { | ||
namespace: "konveyor-operator", | ||
konveyorName: "tackle", | ||
cacheDataVolumeSize: "100Gi", | ||
hubBucketVolumeSize: "100Gi", | ||
rwxSupported: "false", | ||
featureAuthRequired: "false", | ||
featureIsolateNamespace: "true", | ||
hubDatabaseVolumeSize: "5Gi", | ||
keycloakDatabaseDataVolumeSize: "1Gi", | ||
pathfinderDatabaseDataVolumeSize: "100Gi", | ||
ingressName: "http-ingress", | ||
serviceName: "tackle-ui", | ||
servicePort: 8080, | ||
konveyorOperatorManifestUrl: "https://operatorhub.io/install/konveyor-0.1/konveyor-operator.yaml" | ||
}; | ||
|
||
export class KonveyorAddOn implements ClusterAddOn { | ||
readonly props: KonveyorAddOnProps; | ||
|
||
constructor(props?: KonveyorAddOnProps) { | ||
this.props = { ...defaultProps, ...props } as KonveyorAddOnProps; | ||
} | ||
|
||
@dependable('AwsLoadBalancerControllerAddOn') | ||
@dependable("EbsCsiDriverAddOn") | ||
@dependable("OlmAddOn") | ||
deploy(clusterInfo: ClusterInfo): void | Promise<Construct> { | ||
const kubectlProvider = new KubectlProvider(clusterInfo); | ||
|
||
// load Konveyor operator from URL | ||
/* eslint-disable */ | ||
const request = require('sync-request'); | ||
const response = request('GET', this.props.konveyorOperatorManifestUrl); | ||
const konveyorOperatorDoc: string = response.getBody().toString(); | ||
const konveyorOperatorDocReplacedNamespace = konveyorOperatorDoc.replace(/my-konveyor-operator/g, this.props.namespace!); | ||
const konveyorOperatorManifest = konveyorOperatorDocReplacedNamespace.split("---").map(e => loadYaml(e)); | ||
|
||
const konveyorOperatorDeployment: ManifestDeployment = { | ||
name: "konveyor-operator-deployment", | ||
namespace: this.props.namespace!, | ||
manifest: konveyorOperatorManifest, | ||
values: {} | ||
}; | ||
|
||
const konveyorOperatorStatement = kubectlProvider.addManifest(konveyorOperatorDeployment); | ||
|
||
// wait for OLM to be deployed otherwise CRDs are not found | ||
const waitOLMDeployment = new KubernetesObjectValue(konveyorOperatorStatement, 'WaitOLMDeployment', { | ||
cluster: clusterInfo.cluster, | ||
objectType: "Service", | ||
objectName: "operatorhubio-catalog", | ||
objectNamespace:"olm", | ||
jsonPath: ".metadata.name" | ||
}); | ||
|
||
konveyorOperatorStatement.node.addDependency(waitOLMDeployment); | ||
|
||
// load Tackle and Ingress resources | ||
const doc = readYamlDocument(__dirname + "/tackle-manifest.ytpl"); | ||
const konveyorManifest = doc.split("---").map(e => loadYaml(e)); | ||
|
||
const certificateArn = clusterInfo.getResource<ICertificate>(this.props.certificateResourceName)?.certificateArn; | ||
const subdomain = this.props.subdomain; | ||
const konveyorManifestDeployment: ManifestDeployment = { | ||
name: "konveyor-deployment", | ||
namespace: this.props.namespace!, | ||
manifest: konveyorManifest, | ||
values: { ...this.props, certificateArn, subdomain } | ||
}; | ||
|
||
const konveyorStatement = kubectlProvider.addManifest(konveyorManifestDeployment); | ||
|
||
// wait for Konveyor to be deployed otherwise CRDs are not found | ||
const waitKonveyorOperatorDeployment = new KubernetesObjectValue(konveyorStatement, 'WaitKonveyorOperatorDeployment', { | ||
cluster: clusterInfo.cluster, | ||
objectType: "CustomResourceDefinition", | ||
objectName: "tackles.tackle.konveyor.io", | ||
jsonPath: ".spec.group" | ||
}); | ||
|
||
konveyorStatement.node.addDependency(waitKonveyorOperatorDeployment); | ||
|
||
return Promise.resolve(konveyorStatement); | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
kind: Tackle | ||
apiVersion: tackle.konveyor.io/v1alpha1 | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. v1alpha1 makes me think this product is not production ready. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Hello, I'm a maintainer of Konveyor and can provide some more context of Konveyor's status. The code is in production at multiple large organizations being used to aid modernization engagements of enterprise java applications to Kubernetes. The code that makes up Konveyor began ~10 years ago on the Analysis side with the latest version of the platform being developed ~2 years ago, the solution was called Tackle2. After being accepted into CNCF, there has been an effort to refocus Konveyor onto a Unified vision of bringing the functionality that used to be in separate projects together into a common solution which is Konveyor. As part of this refocus, we decided to release Konveyor as a "v0.1" as opposed to continuing with the Tackle 2.1+ scheme that was in place prior. It is possible for the API surface to change as we are working with the community to shape what the future will be. In regard to the API surface for the operator CR, we are careful to keep upgrades working and stable and have automated tests and QE resources actively helping to ensure stability. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Hello @jwmatthews, thank you for your feedback, it surely helps. Understand the comment related to the CR API version and upgrades. It is not as intuitive but it surely matches the saying "there is nothing more permanent than temporary" when it comes versioning. I assume we should change the source references to https://github.com/konveyor/tackle2-operator, please confirm. Is https://konveyor.github.io/ still the right documentation entry point? I saw a reference to tackle document here pointing to what appears to be the right page: https://konveyor.github.io/tackle. This url, however, is not functioning. Understand that doc maintenance may not be the top priority, I was a lot more interesting in dev activities, which you confirmed. Thank you. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yes, https://konveyor.github.io/ is the right documentation entry point, we are bringing back usage of this as the central spot for developers to contribute to. The source code for the Konveyor operator is located at: https://github.com/konveyor/tackle2-operator If you want to reference source code, use: https://github.com/konveyor/tackle2-operator As to https://konveyor.github.io/tackle, that is an older link and not intended. |
||
metadata: | ||
name: "{{konveyorName}}" | ||
namespace: "{{namespace}}" | ||
spec: | ||
cache_data_volume_size: "{{cacheDataVolumeSize}}" | ||
hub_bucket_volume_size: "{{hubBucketVolumeSize}}" | ||
rwx_supported: "{{rwxSupported}}" | ||
feature_auth_required: "{{featureAuthRequired}}" | ||
feature_isolate_namespace: "{{featureIsolateNamespace}}" | ||
hub_database_volume_size: "{{hubDatabaseVolumeSize}}" | ||
keycloak_database_data_volume_size: "{{keycloakDatabaseDataVolumeSize}}" | ||
pathfinder_database_data_volume_size: "{{pathfinderDatabaseDataVolumeSize}}" | ||
--- | ||
apiVersion: networking.k8s.io/v1 | ||
kind: Ingress | ||
metadata: | ||
name: "{{ingressName}}" | ||
namespace: "{{namespace}}" | ||
annotations: | ||
alb.ingress.kubernetes.io/scheme: internet-facing | ||
alb.ingress.kubernetes.io/target-type: ip | ||
alb.ingress.kubernetes.io/certificate-arn: "{{certificateArn}}" | ||
spec: | ||
ingressClassName: alb | ||
tls: | ||
- hosts: | ||
- "{{subdomain}}" | ||
rules: | ||
- http: | ||
paths: | ||
- path: / | ||
pathType: Prefix | ||
backend: | ||
service: | ||
name: "{{serviceName}}" | ||
port: | ||
number: 8080 |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
import { ClusterAddOn, ClusterInfo } from "../../spi"; | ||
import { Construct } from 'constructs'; | ||
import { loadYaml } from "../../utils/yaml-utils"; | ||
import { KubectlProvider, ManifestDeployment } from "../helm-addon/kubectl-provider"; | ||
import * as assert from "assert"; | ||
|
||
const OLMDownloadURL = "https://github.com/operator-framework/operator-lifecycle-manager/releases/download/"; | ||
|
||
export interface OlmAddOnProps { | ||
/** | ||
* OLM version | ||
*/ | ||
version?: string | ||
} | ||
|
||
/** | ||
* Default OLM properties | ||
*/ | ||
const defaultProps = { | ||
version: "v0.21.2" | ||
}; | ||
|
||
export class OlmAddOn implements ClusterAddOn { | ||
readonly props: OlmAddOnProps; | ||
readonly manifestUrls: string[]; | ||
|
||
constructor(props?: OlmAddOnProps) { | ||
this.props = {...defaultProps, ...props}; | ||
this.manifestUrls = [ | ||
OLMDownloadURL+this.props.version+"/crds.yaml", | ||
OLMDownloadURL+this.props.version+"/olm.yaml" | ||
]; | ||
} | ||
|
||
deploy(clusterInfo: ClusterInfo): void | Promise<Construct> { | ||
let previousResource: Construct; | ||
const resources: Construct[] = []; | ||
|
||
/* eslint-disable */ | ||
const request = require('sync-request'); | ||
const kubectlProvider = new KubectlProvider(clusterInfo); | ||
|
||
this.manifestUrls!.map((manifestUrl, urlIndex) => { | ||
const response = request('GET', manifestUrl); | ||
// workaround: KubectlProvider is based on Lambda, which fails if the manifests are too large, so we: | ||
// 1. break the YAMLs | ||
// 2. remove descriptions | ||
const doc: string = response.getBody().toString(); | ||
const trimmedDoc = doc.replace(/description:.*[a-zA-Z0-9].*\n/g, 'description: removed\n'); | ||
const manifests = trimmedDoc.split("---").filter(e=>e.length>0).map(e => loadYaml(e)); | ||
|
||
const batchResources = manifests.map((manifest, docIndex) => { | ||
const manifestDeployment: ManifestDeployment = { | ||
name: "olmIdx"+urlIndex+docIndex, | ||
namespace: "olm", | ||
manifest: [manifest], | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why manifest is an array here? should be an actual doc. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. addManifest ends up instantiating KubernetesManifest and it looks to me "manifest" is an array type in the param list, as per here: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_eks.KubernetesManifest.html#construct-props ? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. nm, I think we should do a better job on reflecting the types. |
||
values: {} | ||
}; | ||
|
||
const resource = kubectlProvider.addManifest(manifestDeployment); | ||
|
||
if (previousResource != undefined) { | ||
resource.node.addDependency(previousResource); | ||
} | ||
previousResource = resource; | ||
return resource; | ||
}); | ||
|
||
resources.push(...batchResources); | ||
}); | ||
|
||
assert(resources.length > 0, "No OLM manifest found"); | ||
|
||
return Promise.resolve(resources.at(-1)!); | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please elaborate on the use cases answering the question of why the customer would use this addon, expanding on scenarios where this product is applicable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should this point to a different doc portal for tackle2 operator? The documentation page here is misleading and calls out the unmaintained repo as the source which is confusing (to me and I assume the target audience).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://konveyor.github.io/ is good to use for Konveyor documentation. The repo was stale and needed attention, hence we updated it ~2 weeks ago and are working to revamp this as the central documentation for Konveyor going forward.