Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .github/actions/release-nightly/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,13 +60,13 @@ runs:
- name: Set up QEMU (required by multi platform build)
uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3

#
#
# IMPORTANT:
# Do we really want to run smoke test?
# We can skip unless we see the usage of the nightly is widespread and it makes sense to run some smoke
# test before releasing
#

# - name: Infra setting
# uses: ./.github/actions/infra-setting

Expand Down Expand Up @@ -178,7 +178,7 @@ runs:
Apache Camel K ${{ env.VERSION }} build for testing purposes only (unstable). This nightly release is using an **unsupported** operator image published as `${{ env.IMAGE_NAME }}:${{ env.VERSION }}`. The available platforms are AMD64 and ARM64.
## Kubectl
```
kubectl apply -k github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=${{ env.TAG }}
kubectl apply -k github.com/apache/camel-k/install/overlays/all-namespaces?ref=${{ env.TAG }}
```
## Helm
```
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/common.yml
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ jobs:
shell: bash
run: |
kubectl create ns camel-k
kubectl apply -k install/overlays/kubernetes/descoped/ --server-side --force-conflicts
kubectl apply -k install/overlays/all-namespaces/ --server-side --force-conflicts
kubectl wait --for=condition=available deployment/camel-k-operator -n camel-k --timeout=60s
# Install Apache Kamelets catalog
mvn -q dependency:copy -Dartifact=org.apache.camel.kamelets:camel-kamelets:4.18.1:jar -Dmdep.useBaseVersion=true -DoutputDirectory=/tmp
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/nightly-multi.yml
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ jobs:
VERSION="$(make get-version | sed s/-SNAPSHOT//)-nightly"
sed -i "s#apache/camel-k:$THIS_VERSION#testcamelk/camel-k:$VERSION#g" install/base/config/manager/operator-deployment.yaml
kubectl create ns camel-k
kubectl apply -k install/overlays/kubernetes/descoped/ --server-side --force-conflicts
kubectl apply -k install/overlays/all-namespaces/ --server-side --force-conflicts
kubectl wait --for=condition=available deployment/camel-k-operator -n camel-k --timeout=60s
# Install Apache Kamelets catalog
mvn -q dependency:copy -Dartifact=org.apache.camel.kamelets:camel-kamelets:4.18.1:jar -Dmdep.useBaseVersion=true -DoutputDirectory=/tmp
Expand Down Expand Up @@ -92,7 +92,7 @@ jobs:
VERSION="$(make get-version | sed s/-SNAPSHOT//)-nightly-21-jdk"
CUSTOM_IMAGE=testcamelk/camel-k CUSTOM_VERSION=$VERSION make bundle
kubectl create ns camel-k
kubectl apply -k install/overlays/kubernetes/descoped/ --server-side --force-conflicts
kubectl apply -k install/overlays/all-namespaces/ --server-side --force-conflicts
kubectl wait --for=condition=available deployment/camel-k-operator -n camel-k --timeout=60s
# Install Apache Kamelets catalog
mvn -q dependency:copy -Dartifact=org.apache.camel.kamelets:camel-kamelets:4.18.1:jar -Dmdep.useBaseVersion=true -DoutputDirectory=/tmp
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ The list of available container images is published in (https://hub.docker.com/r
If you want to use a different container image instead of the default, you will need to edit your operator Deployment by replacing the default image with the one you're choosing. You can use the following script in order to change on the fly the value and install a Camel K JDK 21 based operator:

```bash
kustomize build github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=v2.6.0 | sed 's#docker.io/apache/camel-k:2.6.0#docker.io/apache/camel-k:2.6.0-21-jdk#g' | kubectl apply -f - --server-side -n camel-k
kustomize build github.com/apache/camel-k/install/overlays/all-namespaces?ref=v2.6.0 | sed 's#docker.io/apache/camel-k:2.6.0#docker.io/apache/camel-k:2.6.0-21-jdk#g' | kubectl apply -f - --server-side -n camel-k
```

During the build, you should see the version used in the Maven building log traces:
Expand Down
18 changes: 17 additions & 1 deletion docs/modules/ROOT/pages/installation/installation.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ https://kustomize.io[Kustomize] provides a declarative approach to the configura
[subs=attributes+]
----
$ kubectl create ns camel-k
$ kubectl apply -k github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=v{last-released-version} --server-side
$ kubectl apply -k github.com/apache/camel-k/install/overlays/all-namespaces?ref=v{last-released-version} --server-side
----

You can specify as `ref` parameter the version you're willing to install (ie, `v{last-released-version}`). The command above will install a descoped (global) operator in the camel-k namespace. This is the suggested configuration in order to manage Integrations in all namespaces.
Expand Down Expand Up @@ -43,6 +43,22 @@ You can edit the `Subscription` custom resource, setting the channel you want to

NOTE: Some Kubernetes clusters such as Openshift may let you to perform the same operation from a GUI as well. Refer to the cluster instruction to learn how to perform such action from user interface.

[[installation-topology]]
== Installation topology

When you decide to install the operator, you can decide to install the following topology:

* Global operator: a single global operator watching all namespaces.
* Own namespace operator: a namespaces operator watching its own namespace only.
* Single namespace operator: an operator installed in a namespace and watching another namespace.
* Multi namespace operator: an operator installed in a namespace and watching multiple namespaces.

The namespace(s) to watch is configured via `WATCH_NAMESPACE` variable in the operator `Deployment` resource. You can provide an empty value (watch all namespaces), a single value (watch either the own namespace or any other namespace) or a comma separated value (watching as many namespaces as provided).

It's important to notice that when running the single or multiple namespace operator, you will need to provide the RBACs which are expected by the operator to run properly. For such a configuration you can take as a reference the `Kustomize` examples available in `/install/overlays/single-namespace/` and `/install/overlays/multi-namespace/`. The last topology is probably the most secure as it will avoid the operator to access to any resource outside those namespaces for which you've provided the proper security rules.

NOTE: OLM only allows own and global installation mode.

[[bootstrap-configuration]]
== Setup the operator configuration

Expand Down
4 changes: 2 additions & 2 deletions docs/modules/ROOT/pages/installation/upgrade.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ If you want to upgrade via https://kustomize.io[Kustomize] you'll need to execut

[subs=attributes+]
----
$ kubectl apply -k github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=v{last-released-version} --server-side --force-conflicts
$ kubectl apply -k github.com/apache/camel-k/install/overlays/all-namespaces?ref=v{last-released-version} --server-side --force-conflicts
----

[[operatorhub]]
Expand Down Expand Up @@ -50,7 +50,7 @@ Since Camel K version 2, we're able to run any Camel K runtime version from the

----
kamel run /tmp/Test.java -t camel.runtime-version=1.17.0
kubectl apply -k github.com/apache/camel-k/install/overlays/kubernetes/descoped?ref=v2.4.0 --server-side --force-conflicts //ie, version 2.4.0
kubectl apply -k github.com/apache/camel-k/install/overlays/all-namespaces?ref=v2.4.0 --server-side --force-conflicts //ie, version 2.4.0
kamel rebuild test
kamel logs test
[1] 2023-04-13 13:38:43,648 INFO [org.apa.cam.k.Runtime] (main) Apache Camel K Runtime 1.17.0
Expand Down
2 changes: 0 additions & 2 deletions docs/modules/ROOT/pages/pipes/bind-cli.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -65,8 +65,6 @@ As an example, take the option available on the `kamel bind timer-source log-sin
apiVersion: camel.apache.org/v1
kind: Pipe
metadata:
annotations:
camel.apache.org/operator.id: camel-k
name: timer-source-to-log-sink
namespace: camel-k
spec:
Expand Down
2 changes: 0 additions & 2 deletions docs/modules/ROOT/pages/running/running-cli.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,6 @@ As an example, take the option available on the `kamel run test.yaml -t promethe
apiVersion: camel.apache.org/v1
kind: Integration
metadata:
annotations:
camel.apache.org/operator.id: camel-k
name: test
spec:
flows:
Expand Down
2 changes: 1 addition & 1 deletion e2e/advanced/operator_id_filtering_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ func TestOperatorIDFiltering(t *testing.T) {
v1.IntegrationKitTypeLabel: v1.IntegrationKitTypeExternal,
},
Annotations: map[string]string{
"camel.apache.org/operator.id": operator2,
v1.OperatorIDAnnotation: operator2,
},
},
Spec: v1.IntegrationKitSpec{
Expand Down
47 changes: 0 additions & 47 deletions e2e/common/misc/pipe_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -127,53 +127,6 @@ func TestPipe(t *testing.T) {
})
}

func TestPipeWithImage(t *testing.T) {
WithNewTestNamespace(t, func(ctx context.Context, g *WithT, ns string) {
bindingID := "with-image-binding"

t.Run("run with initial image", func(t *testing.T) {
expectedImage := "quay.io/fuse_qe/echo-server:0.3.2"

g.Expect(KamelBind(t, ctx, ns, "my-own-timer-source", "my-own-log-sink",
"--trait", "container.image="+expectedImage, "--trait", "jvm.enabled=false",
"--trait", "kamelets.enabled=false", "--trait", "dependencies.enabled=false",
"--annotation", "test=1", "--name", bindingID).Execute()).To(Succeed())

g.Eventually(IntegrationGeneration(t, ctx, ns, bindingID)).
Should(gstruct.PointTo(BeNumerically("==", 1)))
g.Eventually(Integration(t, ctx, ns, bindingID)).Should(WithTransform(Annotations,
HaveKeyWithValue("test", "1"),
))
g.Eventually(IntegrationStatusImage(t, ctx, ns, bindingID)).
Should(Equal(expectedImage))
g.Eventually(IntegrationPodPhase(t, ctx, ns, bindingID), TestTimeoutShort).
Should(Equal(corev1.PodRunning))
g.Eventually(IntegrationPodImage(t, ctx, ns, bindingID)).
Should(Equal(expectedImage))
})

t.Run("run with new image", func(t *testing.T) {
expectedImage := "quay.io/fuse_qe/echo-server:0.3.3"

g.Expect(KamelBind(t, ctx, ns, "my-own-timer-source", "my-own-log-sink",
"--trait", "container.image="+expectedImage, "--trait", "jvm.enabled=false",
"--trait", "kamelets.enabled=false", "--trait", "dependencies.enabled=false",
"--annotation", "test=2", "--name", bindingID).Execute()).To(Succeed())
g.Eventually(IntegrationGeneration(t, ctx, ns, bindingID)).
Should(gstruct.PointTo(BeNumerically("==", 1)))
g.Eventually(Integration(t, ctx, ns, bindingID)).Should(WithTransform(Annotations,
HaveKeyWithValue("test", "2"),
))
g.Eventually(IntegrationStatusImage(t, ctx, ns, bindingID)).
Should(Equal(expectedImage))
g.Eventually(IntegrationPodPhase(t, ctx, ns, bindingID), TestTimeoutShort).
Should(Equal(corev1.PodRunning))
g.Eventually(IntegrationPodImage(t, ctx, ns, bindingID)).
Should(Equal(expectedImage))
})
})
}

func TestPipeScale(t *testing.T) {
WithNewTestNamespace(t, func(ctx context.Context, g *WithT, ns string) {
name := RandomizedSuffixName("timer2log")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,67 +37,6 @@ import (
. "github.com/onsi/gomega"
)

func TestKustomizeNamespaced(t *testing.T) {
kustomizeDir := testutil.MakeTempCopyDir(t, "../../../install")
WithNewTestNamespace(t, func(ctx context.Context, g *WithT, ns string) {
// Let's make sure no CRD is yet available in the cluster
// as we must make the procedure to install them accordingly
g.Eventually(CRDs(t)).Should(BeNil(), "No Camel K CRDs should be previously installed for this test")
// We must change a few values in the Kustomize config
ExpectExecSucceed(t, g,
exec.Command(
"sed",
"-i",
fmt.Sprintf("s/namespace: .*/namespace: %s/", ns),
fmt.Sprintf("%s/overlays/kubernetes/namespaced/kustomization.yaml", kustomizeDir),
))
ExpectExecSucceed(t, g, Kubectl(
"apply",
"-k",
fmt.Sprintf("%s/overlays/kubernetes/namespaced", kustomizeDir),
"--server-side",
))

// Refresh the test client to account for the newly installed CRDs
RefreshClient(t)
g.Eventually(OperatorPod(t, ctx, ns)).ShouldNot(BeNil())
g.Eventually(OperatorPodPhase(t, ctx, ns)).Should(Equal(corev1.PodRunning))
// Check if restricted security context has been applied
operatorPod := OperatorPod(t, ctx, ns)()
g.Expect(operatorPod.Spec.Containers[0].SecurityContext.RunAsNonRoot).To(
Equal(DefaultOperatorSecurityContext().RunAsNonRoot),
)
g.Expect(operatorPod.Spec.Containers[0].SecurityContext.Capabilities).To(
Equal(DefaultOperatorSecurityContext().Capabilities),
)
g.Expect(operatorPod.Spec.Containers[0].SecurityContext.SeccompProfile).To(
Equal(DefaultOperatorSecurityContext().SeccompProfile),
)
g.Expect(operatorPod.Spec.Containers[0].SecurityContext.AllowPrivilegeEscalation).To(
Equal(DefaultOperatorSecurityContext().AllowPrivilegeEscalation),
)

// Test a simple integration is running
g.Expect(KamelRun(t, ctx, ns, "files/yaml.yaml").Execute()).To(Succeed())
g.Eventually(IntegrationPodPhase(t, ctx, ns, "yaml"), TestTimeoutMedium).Should(Equal(corev1.PodRunning))
g.Eventually(IntegrationConditionStatus(t, ctx, ns, "yaml", v1.IntegrationConditionReady), TestTimeoutShort).Should(Equal(corev1.ConditionTrue))
g.Eventually(IntegrationLogs(t, ctx, ns, "yaml"), TestTimeoutShort).Should(ContainSubstring("Magicstring!"))

// Test operator only uninstall
UninstallOperator(t, ctx, g, ns, "../../../")

g.Eventually(OperatorPod(t, ctx, ns)).Should(BeNil())
g.Eventually(Integration(t, ctx, ns, "yaml"), TestTimeoutShort).ShouldNot(BeNil())
g.Eventually(IntegrationConditionStatus(t, ctx, ns, "yaml", v1.IntegrationConditionReady), TestTimeoutShort).Should(Equal(corev1.ConditionTrue))

// Test CRD uninstall (will remove Integrations as well)
UninstallCRDs(t, ctx, g, "../../../")

g.Eventually(OperatorPod(t, ctx, ns)).Should(BeNil())
g.Eventually(CRDs(t)).Should(BeNil())
})
}

func TestKustomizeDescoped(t *testing.T) {
kustomizeDir := testutil.MakeTempCopyDir(t, "../../../install")
WithNewTestNamespace(t, func(ctx context.Context, g *WithT, ns string) {
Expand All @@ -110,18 +49,15 @@ func TestKustomizeDescoped(t *testing.T) {
"sed",
"-i",
fmt.Sprintf("s/namespace: .*/namespace: %s/", ns),
fmt.Sprintf("%s/overlays/kubernetes/descoped/kustomization.yaml", kustomizeDir),
fmt.Sprintf("%s/overlays/all-namespaces/kustomization.yaml", kustomizeDir),
))
ExpectExecSucceed(t, g, Kubectl(
"apply",
"-k",
fmt.Sprintf("%s/overlays/kubernetes/descoped", kustomizeDir),
fmt.Sprintf("%s/overlays/all-namespaces", kustomizeDir),
"--server-side",
))

// Refresh the test client to account for the newly installed CRDs
RefreshClient(t)

podFunc := OperatorPod(t, ctx, ns)
g.Eventually(podFunc).ShouldNot(BeNil())
g.Eventually(OperatorPodPhase(t, ctx, ns)).Should(Equal(corev1.PodRunning))
Expand Down
98 changes: 98 additions & 0 deletions e2e/install/kustomize/multi_namespace_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
//go:build integration
// +build integration

// To enable compilation of this file in Goland, go to "Settings -> Go -> Vendoring & Build Tags -> Custom Tags" and add "integration"

/*
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package kustomize

import (
"context"
"fmt"
"testing"
"time"

corev1 "k8s.io/api/core/v1"

. "github.com/apache/camel-k/v2/e2e/support"
testutil "github.com/apache/camel-k/v2/e2e/support/util"
v1 "github.com/apache/camel-k/v2/pkg/apis/camel/v1"

. "github.com/onsi/gomega"
)

func TestKustomizeMultiNamespace(t *testing.T) {
kustomizeDir := testutil.MakeTempCopyDir(t, "../../../install")

// The operator is expected to be installed in "operators" namespace
// it also expects to reconcile correctly an Integration in namespace "tenant-a" and "tenant-b"
// but it won't reconcile in any other namespaces, for example, "tenant-z"
WithNamedTestNamespace(t, func(ctx context.Context, g *WithT, operatorNs string) {
WithNamedTestNamespace(t, func(ctx context.Context, g *WithT, tenantANs string) {
WithNamedTestNamespace(t, func(ctx context.Context, g *WithT, tenantBNs string) {
// Let's make sure no CRD is yet available in the cluster
// as we must make the procedure to install them accordingly
g.Eventually(CRDs(t)).Should(BeNil(), "No Camel K CRDs should be previously installed for this test")
ExpectExecSucceed(t, g, Kubectl(
"apply",
"-k",
fmt.Sprintf("%s/overlays/multi-namespace", kustomizeDir),
"--server-side",
))
g.Eventually(OperatorPod(t, ctx, operatorNs)).ShouldNot(BeNil())
g.Eventually(OperatorPodPhase(t, ctx, operatorNs)).Should(Equal(corev1.PodRunning))

WithNamedTestNamespace(t, func(ctx context.Context, g *WithT, tenantNs string) {
// Test a simple integration in "tenant-z" is not reconciled
g.Expect(KamelRun(t, ctx, tenantNs, "files/yaml.yaml").Execute()).To(Succeed())
g.Consistently(IntegrationPhase(t, ctx, tenantNs, "yaml"), 30*time.Second).Should(BeEmpty())
}, "tenant-z")

// Test a simple integration in "tenant-a" is reconciled and runs correctly
g.Expect(KamelRun(t, ctx, tenantANs, "files/yaml.yaml").Execute()).To(Succeed())
g.Eventually(IntegrationConditionStatus(t, ctx, tenantANs, "yaml", v1.IntegrationConditionReady), TestTimeoutMedium).
Should(Equal(corev1.ConditionTrue))
g.Eventually(IntegrationLogs(t, ctx, tenantANs, "yaml"), TestTimeoutShort).Should(ContainSubstring("Magicstring!"))

// Test a simple integration in "tenant-b" is reconciled and runs correctly
g.Expect(KamelRun(t, ctx, tenantBNs, "files/yaml.yaml").Execute()).To(Succeed())
g.Eventually(IntegrationConditionStatus(t, ctx, tenantBNs, "yaml", v1.IntegrationConditionReady), TestTimeoutMedium).
Should(Equal(corev1.ConditionTrue))
g.Eventually(IntegrationLogs(t, ctx, tenantBNs, "yaml"), TestTimeoutShort).Should(ContainSubstring("Magicstring!"))

// Test operator only uninstall
UninstallOperator(t, ctx, g, operatorNs, "../../../")

g.Eventually(OperatorPod(t, ctx, operatorNs)).Should(BeNil())
g.Eventually(Integration(t, ctx, "tenant-a", "yaml"), TestTimeoutShort).ShouldNot(BeNil())
g.Eventually(IntegrationConditionStatus(t, ctx, "tenant-a", "yaml", v1.IntegrationConditionReady), TestTimeoutShort).
Should(Equal(corev1.ConditionTrue))
g.Eventually(Integration(t, ctx, "tenant-b", "yaml"), TestTimeoutShort).ShouldNot(BeNil())
g.Eventually(IntegrationConditionStatus(t, ctx, "tenant-b", "yaml", v1.IntegrationConditionReady), TestTimeoutShort).
Should(Equal(corev1.ConditionTrue))

// Test CRD uninstall (will remove Integrations as well)
UninstallCRDs(t, ctx, g, "../../../")

g.Eventually(OperatorPod(t, ctx, operatorNs)).Should(BeNil())
g.Eventually(CRDs(t)).Should(BeNil())
}, "tenant-b")
}, "tenant-a")
}, "operators")
}
Loading
Loading