Move AWI-GRPC-Catalyst-SDWAN with operator to kube-awi

This change moves the charts responsible for deploying
AWI-GRPC-Catalyst-SDWAN controller and the k8s operator to the
kube-awi repository.

This repository, embeds the charts from kube-awi creating an
addition to the operator setup with a visibility provided by
awi-infra-guard service, the UI service that uses this visibility
mode and envoy-proxy that proxies requests for UI and backend
services and allows CLI to handle both AWI-GRPC-Catalyst-SDWAN
and awi-infra-guard requests.

Author: Ignacy Osetek

Makefile

@@ -1,21 +1,4 @@
-LOCALBIN ?= $(shell pwd)/bin
-$(LOCALBIN):
-	mkdir -p $(LOCALBIN)
-
-KUBEBIN ?= $(shell pwd)/kube-awi/bin
-HELMIFY ?= $(LOCALBIN)/helmify
-KUSTOMIZE ?= $(KUBEBIN)/kustomize
-
 .PHONY: init-submodules
 init-submodules:
 	git submodule update --init --recursive
 
-.PHONY: helmify
-helmify: $(HELMIFY) ## Download helmify locally if necessary.
-$(HELMIFY): $(LOCALBIN)
-	test -s $(LOCALBIN)/helmify || GOBIN=$(LOCALBIN) go install github.com/arttor/helmify/cmd/helmify@v0.4.11
-
-.PHONY: build-operator-chart
-build-operator-chart: helmify
-	$(MAKE) -C kube-awi manifests kustomize
-	$(KUSTOMIZE) build kube-awi/config/default | $(HELMIFY) awi-operator

README.md

@@ -90,91 +90,17 @@ named as described below.
 
 ### Catalyst SDWAN Credentials
 
-Needed when App Net Interface uses Catalyst SDWAN as a connector
+The AWI application requires the same secrets as one described in
+[this README](kube-awi/README.md).
 
-```yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: catalyst-sdwan-credentials
-type: Opaque
-data:
-  username: "{CATALYST_SDWAN_USERNAME}"
-  password: "{CATALYST_SDWAN_PASSWORD}"
-```
-
-### Provider specific credentials
-
-If the App Net Interface connector is set to AWI, the administrator
-needs to provide secrets required for using AWS/GCP providers.
-
-The AWS secret currently expects base64 encoded `credentials` file
-such as `$HOME/.aws/credentials`:
-
-```ini
-[default]
-aws_access_key_id = KEY
-aws_secret_access_key = VALUE
-```
-
-and such base64 encoded file should be placed inside a following secret:
-
-```yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: aws-credentials
-type: Opaque
-data:
-  credentials: "{FILE_ENCODED}"
-```
-
-Similarly, GCP credentials also require base64 encoded file, which can be
-found under `$HOME/.config/gcloud`. The example file content:
-
-**Service Account is required.**
-
-```json
-{
-  "client_email": "CLIENT_EMAIL",
-  "client_id": "CLIENT_ID",
-  "private_key": "PRIVATE_KEY",
-  "private_key_id": "PRIVATE_KEY_ID",
-  "token_uri": "TOKEN_URI",
-  "type": "service_account"
-}
-```
-
-And such base64 encoded file should be put in following secret:
-
-```yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: gcp-credentials
-type: Opaque
-data:
-  gcp-key.json: "{FILE_ENCODED}"
-```
-
-### Cluster Context
-
-If the administrator wants App Net Interface to be able to interact with
-k8s cluster (discovery process or creating connections to pods) the kubeconfig
-file needs to be provided as a secret (base64 encoded):
-
-```yaml
-apiVersion: v1
-kind: Secret
-metadata:
-  name: kube-config
-type: Opaque
-data:
-  config: "{FILE_ENCODED}"
-```
+If the domain connector is set to AWI, the Catalyst SDWAN Controller
+credentials may be left empty, but provider specific credentials are
+necessary.
 
 ### UI Credentials
 
+Installing AWI introduces another set of credentials for AWI-UI.
+
 Currently, UI credentials are completely optional even if UI
 is spawned. The UI expects:
 
@@ -246,58 +172,17 @@ helm install awi . --namespace awi-system
 
 The AWI project consists of two charts:
 
-1. main chart - the chart containing manifests for most of AWI components that include:
-
-    * AWI GRPC Catalyst Sdwan - the main operational controller
-    * AWI Infra Guard - component responsible for setting connections using AWI connector
-    * AWI UI - the front-end for the application
-    * Envoy Proxy - a proxy image for forwarding requests to proper targets and handling
-        WebGRPC protocol used by the UI
-
-1. operator chart - the second chart responsible for kube-awi component that allows
-    spawning k8s operator and necessary CRDs
-
-## Building
-
-Creating a new `main chart` simply requires updating templates, `Chart.yaml` and `values.yaml`
-according to your needs, however `operator chart` involves a few different steps.
-
-### Operator Chart
-
-The `operator chart` is built automatically from the `kube-awi` repository using `helmify`
-tool. If the kube-awi repository did not change, there should be no need in rebuilding
-operator chart.
-
-If the operator chart needs to be refreshed:
+1. operator chart - the chart used for deploying `kube-awi` chart which spawns AWI
+    Catalyst SDWAN Controller along with the k8s operator
 
-1. Initialize submodules to download kube-awi repository
+1. awi chart - the chart containing manifests for additional components, namely:
 
-    ```
-    make init-submodules
-    ```
+    * AWI Infra Guard - component responsible for visibility, required by CLI and UI
 
-1. Ensure kube-awi is recent
-
-    ```
-    cd kube-awi
-    git checkout main
-    git pull origin main
-    cd ..
-    ```
-
-1. Make sure kube-awi is kustomized accodringly to the project needs.  If not, enter
-    kube-awi directory, kustomize it and optionally commit changes.
-
-    The project's production kustomize configuration should be commited so this step
-    is mostly for building custom charts.
-
-1. Generate chart
-
-    ```
-    make build-operator-graph
-    ```
+    * AWI UI - the front-end for the application
 
-1. Update `main chart` Chart.yaml with a new dependency version of your operator chart
+    * Envoy Proxy - a proxy image for forwarding requests to proper targets and handling
+        WebGRPC protocol used by the UI
 
 # Contributing
 

helm/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
-- name: awi-operator
-  repository: file://../awi-operator
+- name: Catalyst-SDWAN-AWI-Plugin
+  repository: file://../kube-awi/chart
   version: 0.1.0
-digest: sha256:21a913979011049b01df10cd8750fcf9f8296d0c1421018beb3821be89658132
-generated: "2024-04-08T19:06:52.226409283+02:00"
+digest: sha256:a7e81d7ae2bd46c1ea124b0d3addd5621baebefe78cea08b2d1a3fd6a8fbb141
+generated: "2024-04-18T14:51:33.633642028+02:00"

helm/Chart.yaml

@@ -1,10 +1,9 @@
 apiVersion: v2
-name: Catalyst-SDWAN-AWI-Plugin
+name: awi
 description: A Helm chart for App Net Interface project
 version: 0.1.0
 appVersion: "0.1"
 dependencies:
-  - name: awi-operator
+  - name: Catalyst-SDWAN-AWI-Plugin
     version: 0.1.0
-    repository: "file://../awi-operator"
-    condition: components.kubeAWI
+    repository: "file://../kube-awi/chart"

helm/charts/Catalyst-SDWAN-AWI-Plugin-0.1.0.tgz

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: envoy-proxy-config
+  name: awi-envoy-proxy-config
 data:
   envoy.yaml: |
     admin:
@@ -142,7 +142,7 @@ data:
                       address:
                         socket_address:
                           address: awi-grpc-catalyst-sdwan
-                          port_value: {{ .Values.configs.awiGrpcCatalystSdwan.port }}
+                          port_value: {{ index .Values "Catalyst-SDWAN-AWI-Plugin" "config" "port" }}
         - name: awi_infra_guard_cluster
           connect_timeout: 0.25s
           type: logical_dns
@@ -163,16 +163,16 @@ data:
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: envoy-proxy
+  name: awi-envoy-proxy
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: envoy-proxy
+      app: awi-envoy-proxy
   template:
     metadata:
       labels:
-        app: envoy-proxy
+        app: awi-envoy-proxy
     spec:
       containers:
       - name: envoy-proxy
@@ -183,7 +183,7 @@ spec:
       volumes:
       - name: config-volume
         configMap:
-          name: envoy-proxy-config
+          name: awi-envoy-proxy-config
           items:
           - key: envoy.yaml
             path: envoy.yaml
@@ -193,11 +193,11 @@ spec:
 apiVersion: v1
 kind: Service
 metadata:
-  name: envoy-proxy
+  name: awi-envoy-proxy
 spec:
   type: LoadBalancer
   selector:
-    app: envoy-proxy
+    app: awi-envoy-proxy
   ports:
     - name: envoy-proxy-front
       protocol: TCP