Skip to content

Commit c08f7a5

Browse files
committed
chore(install): multi namespace support
Closes #6616
1 parent 46d0231 commit c08f7a5

40 files changed

Lines changed: 401 additions & 49 deletions

.github/actions/release-nightly/action.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -60,13 +60,13 @@ runs:
6060
- name: Set up QEMU (required by multi platform build)
6161
uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3
6262

63-
#
63+
#
6464
# IMPORTANT:
6565
# Do we really want to run smoke test?
6666
# We can skip unless we see the usage of the nightly is widespread and it makes sense to run some smoke
6767
# test before releasing
6868
#
69-
69+
7070
# - name: Infra setting
7171
# uses: ./.github/actions/infra-setting
7272

@@ -178,7 +178,7 @@ runs:
178178
Apache Camel K ${{ env.VERSION }} build for testing purposes only (unstable). This nightly release is using an **unsupported** operator image published as `${{ env.IMAGE_NAME }}:${{ env.VERSION }}`. The available platforms are AMD64 and ARM64.
179179
## Kubectl
180180
```
181-
kubectl apply -k github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=${{ env.TAG }}
181+
kubectl apply -k github.com/apache/camel-k/install/overlays/all-namespaces?ref=${{ env.TAG }}
182182
```
183183
## Helm
184184
```

.github/workflows/common.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -101,7 +101,7 @@ jobs:
101101
shell: bash
102102
run: |
103103
kubectl create ns camel-k
104-
kubectl apply -k install/overlays/kubernetes/descoped/ --server-side --force-conflicts
104+
kubectl apply -k install/overlays/all-namespaces/ --server-side --force-conflicts
105105
kubectl wait --for=condition=available deployment/camel-k-operator -n camel-k --timeout=60s
106106
# Install Apache Kamelets catalog
107107
mvn -q dependency:copy -Dartifact=org.apache.camel.kamelets:camel-kamelets:4.18.1:jar -Dmdep.useBaseVersion=true -DoutputDirectory=/tmp

.github/workflows/nightly-multi.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ jobs:
5555
VERSION="$(make get-version | sed s/-SNAPSHOT//)-nightly"
5656
sed -i "s#apache/camel-k:$THIS_VERSION#testcamelk/camel-k:$VERSION#g" install/base/config/manager/operator-deployment.yaml
5757
kubectl create ns camel-k
58-
kubectl apply -k install/overlays/kubernetes/descoped/ --server-side --force-conflicts
58+
kubectl apply -k install/overlays/all-namespaces/ --server-side --force-conflicts
5959
kubectl wait --for=condition=available deployment/camel-k-operator -n camel-k --timeout=60s
6060
# Install Apache Kamelets catalog
6161
mvn -q dependency:copy -Dartifact=org.apache.camel.kamelets:camel-kamelets:4.18.1:jar -Dmdep.useBaseVersion=true -DoutputDirectory=/tmp
@@ -92,7 +92,7 @@ jobs:
9292
VERSION="$(make get-version | sed s/-SNAPSHOT//)-nightly-21-jdk"
9393
CUSTOM_IMAGE=testcamelk/camel-k CUSTOM_VERSION=$VERSION make bundle
9494
kubectl create ns camel-k
95-
kubectl apply -k install/overlays/kubernetes/descoped/ --server-side --force-conflicts
95+
kubectl apply -k install/overlays/all-namespaces/ --server-side --force-conflicts
9696
kubectl wait --for=condition=available deployment/camel-k-operator -n camel-k --timeout=60s
9797
# Install Apache Kamelets catalog
9898
mvn -q dependency:copy -Dartifact=org.apache.camel.kamelets:camel-kamelets:4.18.1:jar -Dmdep.useBaseVersion=true -DoutputDirectory=/tmp

docs/modules/ROOT/pages/installation/advanced/jdk-version.adoc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ The list of available container images is published in (https://hub.docker.com/r
1010
If you want to use a different container image instead of the default, you will need to edit your operator Deployment by replacing the default image with the one you're choosing. You can use the following script in order to change on the fly the value and install a Camel K JDK 21 based operator:
1111

1212
```bash
13-
kustomize build github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=v2.6.0 | sed 's#docker.io/apache/camel-k:2.6.0#docker.io/apache/camel-k:2.6.0-21-jdk#g' | kubectl apply -f - --server-side -n camel-k
13+
kustomize build github.com/apache/camel-k/install/overlays/all-namespaces?ref=v2.6.0 | sed 's#docker.io/apache/camel-k:2.6.0#docker.io/apache/camel-k:2.6.0-21-jdk#g' | kubectl apply -f - --server-side -n camel-k
1414
```
1515

1616
During the build, you should see the version used in the Maven building log traces:

docs/modules/ROOT/pages/installation/installation.adoc

Lines changed: 17 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ https://kustomize.io[Kustomize] provides a declarative approach to the configura
1313
[subs=attributes+]
1414
----
1515
$ kubectl create ns camel-k
16-
$ kubectl apply -k github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=v{last-released-version} --server-side
16+
$ kubectl apply -k github.com/apache/camel-k/install/overlays/all-namespaces?ref=v{last-released-version} --server-side
1717
----
1818

1919
You can specify as `ref` parameter the version you're willing to install (ie, `v{last-released-version}`). The command above will install a descoped (global) operator in the camel-k namespace. This is the suggested configuration in order to manage Integrations in all namespaces.
@@ -43,6 +43,22 @@ You can edit the `Subscription` custom resource, setting the channel you want to
4343

4444
NOTE: Some Kubernetes clusters such as Openshift may let you to perform the same operation from a GUI as well. Refer to the cluster instruction to learn how to perform such action from user interface.
4545

46+
[[installation-topology]]
47+
== Installation topology
48+
49+
When you decide to install the operator, you can decide to install the following topology:
50+
51+
* Global operator: a single global operator watching all namespaces.
52+
* Own namespace operator: a namespaces operator watching its own namespace only.
53+
* Single namespace operator: an operator installed in a namespace and watching another namespace.
54+
* Multi namespace operator: an operator installed in a namespace and watching multiple namespaces.
55+
56+
The namespace(s) to watch is configured via `WATCH_NAMESPACE` variable in the operator `Deployment` resource. You can provide an empty value (watch all namespaces), a single value (watch either the own namespace or any other namespace) or a comma separated value (watching as many namespaces as provided).
57+
58+
It's important to notice that when running the single or multiple namespace operator, you will need to provide the RBACs which are expected by the operator to run properly. For such a configuration you can take as a reference the `Kustomize` examples available in `/install/overlays/single-namespace/` and `/install/overlays/multi-namespace/`. The last topology is probably the most secure as it will avoid the operator to access to any resource outside those namespaces for which you've provided the proper security rules.
59+
60+
NOTE: OLM only allows own and global installation mode.
61+
4662
[[bootstrap-configuration]]
4763
== Setup the operator configuration
4864

docs/modules/ROOT/pages/installation/upgrade.adoc

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ If you want to upgrade via https://kustomize.io[Kustomize] you'll need to execut
1212

1313
[subs=attributes+]
1414
----
15-
$ kubectl apply -k github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=v{last-released-version} --server-side --force-conflicts
15+
$ kubectl apply -k github.com/apache/camel-k/install/overlays/all-namespaces?ref=v{last-released-version} --server-side --force-conflicts
1616
----
1717

1818
[[operatorhub]]
@@ -50,7 +50,7 @@ Since Camel K version 2, we're able to run any Camel K runtime version from the
5050

5151
----
5252
kamel run /tmp/Test.java -t camel.runtime-version=1.17.0
53-
kubectl apply -k github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=v2.4.0 --server-side --force-conflicts //ie, version 2.4.0
53+
kubectl apply -k github.com/apache/camel-k/install/overlays/all-namespaces?ref=v2.4.0 --server-side --force-conflicts //ie, version 2.4.0
5454
kamel rebuild test
5555
kamel logs test
5656
[1] 2023-04-13 13:38:43,648 INFO [org.apa.cam.k.Runtime] (main) Apache Camel K Runtime 1.17.0

e2e/install/kustomize/all_namespaces_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -49,12 +49,12 @@ func TestKustomizeDescoped(t *testing.T) {
4949
"sed",
5050
"-i",
5151
fmt.Sprintf("s/namespace: .*/namespace: %s/", ns),
52-
fmt.Sprintf("%s/overlays/kubernetes/descoped/kustomization.yaml", kustomizeDir),
52+
fmt.Sprintf("%s/overlays/all-namespaces/kustomization.yaml", kustomizeDir),
5353
))
5454
ExpectExecSucceed(t, g, Kubectl(
5555
"apply",
5656
"-k",
57-
fmt.Sprintf("%s/overlays/kubernetes/descoped", kustomizeDir),
57+
fmt.Sprintf("%s/overlays/all-namespaces", kustomizeDir),
5858
"--server-side",
5959
))
6060

Lines changed: 98 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,98 @@
1+
//go:build integration
2+
// +build integration
3+
4+
// To enable compilation of this file in Goland, go to "Settings -> Go -> Vendoring & Build Tags -> Custom Tags" and add "integration"
5+
6+
/*
7+
Licensed to the Apache Software Foundation (ASF) under one or more
8+
contributor license agreements. See the NOTICE file distributed with
9+
this work for additional information regarding copyright ownership.
10+
The ASF licenses this file to You under the Apache License, Version 2.0
11+
(the "License"); you may not use this file except in compliance with
12+
the License. You may obtain a copy of the License at
13+
14+
http://www.apache.org/licenses/LICENSE-2.0
15+
16+
Unless required by applicable law or agreed to in writing, software
17+
distributed under the License is distributed on an "AS IS" BASIS,
18+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19+
See the License for the specific language governing permissions and
20+
limitations under the License.
21+
*/
22+
23+
package kustomize
24+
25+
import (
26+
"context"
27+
"fmt"
28+
"testing"
29+
"time"
30+
31+
corev1 "k8s.io/api/core/v1"
32+
33+
. "github.com/apache/camel-k/v2/e2e/support"
34+
testutil "github.com/apache/camel-k/v2/e2e/support/util"
35+
v1 "github.com/apache/camel-k/v2/pkg/apis/camel/v1"
36+
37+
. "github.com/onsi/gomega"
38+
)
39+
40+
func TestKustomizeMultiNamespace(t *testing.T) {
41+
kustomizeDir := testutil.MakeTempCopyDir(t, "../../../install")
42+
43+
// The operator is expected to be installed in "operators" namespace
44+
// it also expects to reconcile correctly an Integration in namespace "tenant-a" and "tenant-b"
45+
// but it won't reconcile in any other namespaces, for example, "tenant-z"
46+
WithNamedTestNamespace(t, func(ctx context.Context, g *WithT, operatorNs string) {
47+
WithNamedTestNamespace(t, func(ctx context.Context, g *WithT, tenantANs string) {
48+
WithNamedTestNamespace(t, func(ctx context.Context, g *WithT, tenantBNs string) {
49+
// Let's make sure no CRD is yet available in the cluster
50+
// as we must make the procedure to install them accordingly
51+
g.Eventually(CRDs(t)).Should(BeNil(), "No Camel K CRDs should be previously installed for this test")
52+
ExpectExecSucceed(t, g, Kubectl(
53+
"apply",
54+
"-k",
55+
fmt.Sprintf("%s/overlays/multi-namespace", kustomizeDir),
56+
"--server-side",
57+
))
58+
g.Eventually(OperatorPod(t, ctx, operatorNs)).ShouldNot(BeNil())
59+
g.Eventually(OperatorPodPhase(t, ctx, operatorNs)).Should(Equal(corev1.PodRunning))
60+
61+
WithNamedTestNamespace(t, func(ctx context.Context, g *WithT, tenantNs string) {
62+
// Test a simple integration in "tenant-z" is not reconciled
63+
g.Expect(KamelRun(t, ctx, tenantNs, "files/yaml.yaml").Execute()).To(Succeed())
64+
g.Consistently(IntegrationPhase(t, ctx, tenantNs, "yaml"), 30*time.Second).Should(BeEmpty())
65+
}, "tenant-z")
66+
67+
// Test a simple integration in "tenant-a" is reconciled and runs correctly
68+
g.Expect(KamelRun(t, ctx, tenantANs, "files/yaml.yaml").Execute()).To(Succeed())
69+
g.Eventually(IntegrationConditionStatus(t, ctx, tenantANs, "yaml", v1.IntegrationConditionReady), TestTimeoutMedium).
70+
Should(Equal(corev1.ConditionTrue))
71+
g.Eventually(IntegrationLogs(t, ctx, tenantANs, "yaml"), TestTimeoutShort).Should(ContainSubstring("Magicstring!"))
72+
73+
// Test a simple integration in "tenant-b" is reconciled and runs correctly
74+
g.Expect(KamelRun(t, ctx, tenantBNs, "files/yaml.yaml").Execute()).To(Succeed())
75+
g.Eventually(IntegrationConditionStatus(t, ctx, tenantBNs, "yaml", v1.IntegrationConditionReady), TestTimeoutMedium).
76+
Should(Equal(corev1.ConditionTrue))
77+
g.Eventually(IntegrationLogs(t, ctx, tenantBNs, "yaml"), TestTimeoutShort).Should(ContainSubstring("Magicstring!"))
78+
79+
// Test operator only uninstall
80+
UninstallOperator(t, ctx, g, operatorNs, "../../../")
81+
82+
g.Eventually(OperatorPod(t, ctx, operatorNs)).Should(BeNil())
83+
g.Eventually(Integration(t, ctx, "tenant-a", "yaml"), TestTimeoutShort).ShouldNot(BeNil())
84+
g.Eventually(IntegrationConditionStatus(t, ctx, "tenant-a", "yaml", v1.IntegrationConditionReady), TestTimeoutShort).
85+
Should(Equal(corev1.ConditionTrue))
86+
g.Eventually(Integration(t, ctx, "tenant-b", "yaml"), TestTimeoutShort).ShouldNot(BeNil())
87+
g.Eventually(IntegrationConditionStatus(t, ctx, "tenant-b", "yaml", v1.IntegrationConditionReady), TestTimeoutShort).
88+
Should(Equal(corev1.ConditionTrue))
89+
90+
// Test CRD uninstall (will remove Integrations as well)
91+
UninstallCRDs(t, ctx, g, "../../../")
92+
93+
g.Eventually(OperatorPod(t, ctx, operatorNs)).Should(BeNil())
94+
g.Eventually(CRDs(t)).Should(BeNil())
95+
}, "tenant-b")
96+
}, "tenant-a")
97+
}, "operators")
98+
}

e2e/install/kustomize/own_namespace_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -49,12 +49,12 @@ func TestKustomizeOwnNamespace(t *testing.T) {
4949
"sed",
5050
"-i",
5151
fmt.Sprintf("s/namespace: .*/namespace: %s/", ns),
52-
fmt.Sprintf("%s/overlays/kubernetes/own-namespace/kustomization.yaml", kustomizeDir),
52+
fmt.Sprintf("%s/overlays/own-namespace/kustomization.yaml", kustomizeDir),
5353
))
5454
ExpectExecSucceed(t, g, Kubectl(
5555
"apply",
5656
"-k",
57-
fmt.Sprintf("%s/overlays/kubernetes/own-namespace", kustomizeDir),
57+
fmt.Sprintf("%s/overlays/own-namespace", kustomizeDir),
5858
"--server-side",
5959
))
6060

e2e/install/kustomize/single_namespace_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@ func TestKustomizeSingleNamespace(t *testing.T) {
5151
ExpectExecSucceed(t, g, Kubectl(
5252
"apply",
5353
"-k",
54-
fmt.Sprintf("%s/overlays/kubernetes/single-namespace", kustomizeDir),
54+
fmt.Sprintf("%s/overlays/single-namespace", kustomizeDir),
5555
"--server-side",
5656
))
5757
g.Eventually(OperatorPod(t, ctx, operatorNs)).ShouldNot(BeNil())
@@ -60,7 +60,7 @@ func TestKustomizeSingleNamespace(t *testing.T) {
6060
WithNamedTestNamespace(t, func(ctx context.Context, g *WithT, tenantNs string) {
6161
// Test a simple integration in "tenant-b" is not reconciled
6262
g.Expect(KamelRun(t, ctx, tenantNs, "files/yaml.yaml").Execute()).To(Succeed())
63-
g.Consistently(IntegrationPhase(t, ctx, tenantNs, "yaml"), 10*time.Second).Should(BeEmpty())
63+
g.Consistently(IntegrationPhase(t, ctx, tenantNs, "yaml"), 30*time.Second).Should(BeEmpty())
6464
}, "tenant-b")
6565

6666
// Test a simple integration in "tenant-a" is reconciled and runs correctly

0 commit comments

Comments
 (0)