From 9f72845c4d9884be61851bb08a93de694af4fe65 Mon Sep 17 00:00:00 2001 From: Fabien Boucher Date: Thu, 28 Mar 2024 12:34:51 +0000 Subject: [PATCH] logserver - remove CRD and controller There is no required usecase for it. So let's remove some code. Change-Id: Ib03ac3984c87d6fd7c86dc593d65cf9e0c6c25e2 --- CHANGELOG.md | 3 + api/v1/logserver_types.go | 70 -------- api/v1/softwarefactory_types.go | 16 +- api/v1/zz_generated.deepcopy.go | 104 +----------- config/rbac/role.yaml | 26 --- .../{logserver_controller.go => logserver.go} | 154 ++---------------- controllers/main.go | 11 -- controllers/softwarefactory_controller.go | 32 +--- doc/deployment/crds.md | 9 - doc/developer/howtos/index.md | 39 ----- doc/reference/api/index.md | 62 +------ 11 files changed, 40 insertions(+), 486 deletions(-) delete mode 100644 api/v1/logserver_types.go rename controllers/{logserver_controller.go => logserver.go} (66%) diff --git a/CHANGELOG.md b/CHANGELOG.md index 83172ca2..4d2ffcbf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,9 @@ All notable changes to this project will be documented in this file. ### Changed ### Deprecated ### Removed + +- The LogsServer CRD and controller. As there is no identified need for a proper CRD and Controller. + ### Fixed ### Security diff --git a/api/v1/logserver_types.go b/api/v1/logserver_types.go deleted file mode 100644 index bc03ed4a..00000000 --- a/api/v1/logserver_types.go +++ /dev/null @@ -1,70 +0,0 @@ -// Copyright (C) 2022 Red Hat -// SPDX-License-Identifier: Apache-2.0 - -package v1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! -// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. - -// LogServerSpec defines the desired state of LogServer -type LogServerSpec struct { - // The fully qualified domain name to use with the log server. Logs will be served at https://`FQDN`/logs/ - FQDN string `json:"fqdn"` - // LetsEncrypt settings for enabling using LetsEncrypt for Routes/TLS - LetsEncrypt *LetsEncryptSpec `json:"LetsEncrypt,omitempty"` - // Default storage class to use with Persistent Volume Claims issued by this resource. Consult your cluster's configuration to see what storage classes are available and recommended for your use case. - StorageClassName string `json:"storageClassName,omitempty"` - // The SSH public key, encoded as base64, to use to authorize file transfers on the log server - AuthorizedSSHKey string `json:"authorizedSSHKey"` - // General runtime settings for the log server - Settings LogServerSpecSettings `json:"settings,omitempty"` -} - -type LogServerSpecSettings struct { - // Logs retention time in days. Logs older than this setting in days will be purged by a pruning cronjob. Defaults to 60 days - // +kubebuilder:default:=60 - // +kubebuilder:validation:Minimum:=1 - RetentionDays int `json:"retentionDays,omitempty"` - // The frequency, in seconds, at which the log pruning cronjob is running. Defaults to 3600s, i.e. logs are checked for pruning every hour - // +kubebuilder:default:=3600 - // +kubebuilder:validation:Minimum:=1 - LoopDelay int `json:"loopDelay,omitempty"` - // Storage-related settings - Storage StorageSpec `json:"storage,omitempty"` -} - -// LogServerStatus defines the observed state of a Log server -type LogServerStatus BaseStatus - -//+kubebuilder:object:root=true -//+kubebuilder:subresource:status -//+kubebuilder:printcolumn:name="Ready",type=boolean,JSONPath=`.status.ready` -//+kubebuilder:resource:shortName="logss" -//+kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.conditions[0].status",description="Status" -//+kubebuilder:printcolumn:name="Message",type="string",JSONPath=".status.conditions[0].message",description="Message" - -// LogServer is the Schema for the LogServers API -type LogServer struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec LogServerSpec `json:"spec,omitempty"` - Status LogServerStatus `json:"status,omitempty"` -} - -//+kubebuilder:object:root=true - -// LogServerList contains a list of LogServer -type LogServerList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - Items []LogServer `json:"items"` -} - -func init() { - SchemeBuilder.Register(&LogServer{}, &LogServerList{}) -} diff --git a/api/v1/softwarefactory_types.go b/api/v1/softwarefactory_types.go index 2b8c0ff3..50f38cf8 100644 --- a/api/v1/softwarefactory_types.go +++ b/api/v1/softwarefactory_types.go @@ -485,6 +485,20 @@ type SecretRef struct { SecretKeyRef *Secret `json:"secretKeyRef"` } +// LogServerSpec defines the desired state of LogServer +type LogServerSpec struct { + // Logs retention time in days. Logs older than this setting in days will be purged by a pruning cronjob. Defaults to 60 days + // +kubebuilder:default:=60 + // +kubebuilder:validation:Minimum:=1 + RetentionDays int `json:"retentionDays,omitempty"` + // The frequency, in seconds, at which the log pruning cronjob is running. Defaults to 3600s, i.e. logs are checked for pruning every hour + // +kubebuilder:default:=3600 + // +kubebuilder:validation:Minimum:=1 + LoopDelay int `json:"loopDelay,omitempty"` + // Storage-related settings + Storage StorageSpec `json:"storage,omitempty"` +} + // SoftwareFactorySpec defines the desired state of SoftwareFactory type SoftwareFactorySpec struct { // Important: Run "make manifests" to regenerate code after modifying this file @@ -518,7 +532,7 @@ type SoftwareFactorySpec struct { // Logserver service spec // +kubebuilder:validation:Optional // +kubebuilder:default={"loopDelay": 3600, retentionDays: 60} - Logserver LogServerSpecSettings `json:"logserver,omitempty"` + Logserver LogServerSpec `json:"logserver,omitempty"` // MariaDB service spec MariaDB MariaDBSpec `json:"mariadb,omitempty"` diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index f59f9962..1d57350d 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -205,74 +205,10 @@ func (in *LetsEncryptSpec) DeepCopy() *LetsEncryptSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogServer) DeepCopyInto(out *LogServer) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogServer. -func (in *LogServer) DeepCopy() *LogServer { - if in == nil { - return nil - } - out := new(LogServer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LogServer) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogServerList) DeepCopyInto(out *LogServerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]LogServer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogServerList. -func (in *LogServerList) DeepCopy() *LogServerList { - if in == nil { - return nil - } - out := new(LogServerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *LogServerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LogServerSpec) DeepCopyInto(out *LogServerSpec) { *out = *in - if in.LetsEncrypt != nil { - in, out := &in.LetsEncrypt, &out.LetsEncrypt - *out = new(LetsEncryptSpec) - **out = **in - } - in.Settings.DeepCopyInto(&out.Settings) + in.Storage.DeepCopyInto(&out.Storage) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogServerSpec. @@ -285,44 +221,6 @@ func (in *LogServerSpec) DeepCopy() *LogServerSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogServerSpecSettings) DeepCopyInto(out *LogServerSpecSettings) { - *out = *in - in.Storage.DeepCopyInto(&out.Storage) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogServerSpecSettings. -func (in *LogServerSpecSettings) DeepCopy() *LogServerSpecSettings { - if in == nil { - return nil - } - out := new(LogServerSpecSettings) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *LogServerStatus) DeepCopyInto(out *LogServerStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]metav1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogServerStatus. -func (in *LogServerStatus) DeepCopy() *LogServerStatus { - if in == nil { - return nil - } - out := new(LogServerStatus) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MariaDBSpec) DeepCopyInto(out *MariaDBSpec) { *out = *in diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index c458470a..3ed326bc 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -71,32 +71,6 @@ rules: - patch - update - watch -- apiGroups: - - sf.softwarefactory-project.io - resources: - - logservers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - sf.softwarefactory-project.io - resources: - - logservers/finalizers - verbs: - - update -- apiGroups: - - sf.softwarefactory-project.io - resources: - - logservers/status - verbs: - - get - - patch - - update - apiGroups: - sf.softwarefactory-project.io resources: diff --git a/controllers/logserver_controller.go b/controllers/logserver.go similarity index 66% rename from controllers/logserver_controller.go rename to controllers/logserver.go index 3bb09f83..091c8ed2 100644 --- a/controllers/logserver_controller.go +++ b/controllers/logserver.go @@ -6,24 +6,17 @@ package controllers import ( - "context" _ "embed" + "encoding/base64" "strconv" - "time" - v1 "k8s.io/api/apps/v1" apiv1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/rest" - ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/log" - certv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" - sfv1 "github.com/softwarefactory-project/sf-operator/api/v1" "github.com/softwarefactory-project/sf-operator/controllers/libs/base" "github.com/softwarefactory-project/sf-operator/controllers/libs/conds" @@ -31,11 +24,6 @@ import ( "github.com/softwarefactory-project/sf-operator/controllers/libs/utils" ) -//+kubebuilder:rbac:groups=sf.softwarefactory-project.io,resources=logservers,verbs=get;list;watch;create;update;patch;delete -//+kubebuilder:rbac:groups=sf.softwarefactory-project.io,resources=logservers/status,verbs=get;update;patch -//+kubebuilder:rbac:groups=sf.softwarefactory-project.io,resources=logservers/finalizers,verbs=update -//+kubebuilder:rbac:groups=monitoring.coreos.com,resources=servicemonitors;podmonitors;prometheusrules,verbs=get;list;watch;create;update;patch;delete - const logserverIdent = "logserver" const httpdPort = 8080 const httpdPortName = "logserver-httpd" @@ -62,12 +50,7 @@ type LogServerReconciler struct { RESTConfig *rest.Config } -type LogServerController struct { - SFUtilContext - cr sfv1.LogServer -} - -func (r *LogServerController) ensureLogserverPodMonitor() bool { +func (r *SFController) ensureLogserverPodMonitor() bool { selector := metav1.LabelSelector{ MatchLabels: map[string]string{ "app": "sf", @@ -97,7 +80,7 @@ func (r *LogServerController) ensureLogserverPodMonitor() bool { return true } -func (r *LogServerController) ensureLogserverPromRule() bool { +func (r *SFController) ensureLogserverPromRule() bool { lsDiskRuleGroup := sfmonitoring.MkDiskUsageRuleGroup(r.ns, logserverIdent) // We keep the logserver's PromRule management here for standalone logservers desiredLsPromRule := sfmonitoring.MkPrometheusRuleCR(logserverIdent+"-default.rules", r.ns) @@ -133,44 +116,7 @@ func (r *LogServerController) ensureLogserverPromRule() bool { return true } -// cleanup ensures removal of legacy resources -func (r *LogServerController) cleanup() { - // Delete apiv1.Service httpdPortName-httpdPort - r.DeleteR(&apiv1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: r.ns, - Name: httpdPortName, - }, - }) - - // Delete apiv1.Service sshdPortName-sshdPort - r.DeleteR(&apiv1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: r.ns, - Name: sshdPortName, - }, - }) - - // Delete apiv1.service logserverIdent-NodeExporterPortNameSuffix - r.DeleteR(&apiv1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: r.ns, - Name: logserverIdent + sfmonitoring.NodeExporterPortNameSuffix, - }, - }) - - // Remove the Deployment -> We switch to StatefulSet - r.DeleteR(&v1.Deployment{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: r.ns, - Name: logserverIdent, - }, - }) -} - -func (r *LogServerController) DeployLogserver() sfv1.LogServerStatus { - - r.cleanup() +func (r *SFController) DeployLogserver() bool { r.EnsureSSHKeySecret(logserverIdent + "-keys") @@ -209,7 +155,7 @@ func (r *LogServerController) DeployLogserver() sfv1.LogServerStatus { // Create the statefulset sts := r.mkStatefulSet(logserverIdent, base.HTTPDImage(), - BaseGetStorageConfOrDefault(r.cr.Spec.Settings.Storage, r.cr.Spec.StorageClassName), apiv1.ReadWriteOnce) + BaseGetStorageConfOrDefault(r.cr.Spec.Logserver.Storage, r.cr.Spec.StorageClassName), apiv1.ReadWriteOnce) // Setup the main container sts.Spec.Template.Spec.Containers[0].VolumeMounts = volumeMounts @@ -255,8 +201,14 @@ func (r *LogServerController) DeployLogserver() sfv1.LogServerStatus { sshdContainer.LivenessProbe = base.MkReadinessTCPProbe(sshdPort) sshdContainer.StartupProbe = base.MkReadinessTCPProbe(sshdPort) + pubKey, err := r.GetSecretDataFromKey("zuul-ssh-key", "pub") + if err != nil { + return false + } + pubKeyB64 := base64.StdEncoding.EncodeToString(pubKey) + sshdContainer.Env = []apiv1.EnvVar{ - base.MkEnvVar("AUTHORIZED_KEY", r.cr.Spec.AuthorizedSSHKey), + base.MkEnvVar("AUTHORIZED_KEY", pubKeyB64), } sshdContainer.VolumeMounts = []apiv1.VolumeMount{ { @@ -279,12 +231,12 @@ func (r *LogServerController) DeployLogserver() sfv1.LogServerStatus { sts.Spec.Template.Spec.Containers = append(sts.Spec.Template.Spec.Containers, sshdContainer) - retentionDays := r.cr.Spec.Settings.RetentionDays + retentionDays := r.cr.Spec.Logserver.RetentionDays if retentionDays == 0 { retentionDays = 60 } - loopDelay := r.cr.Spec.Settings.LoopDelay + loopDelay := r.cr.Spec.Logserver.LoopDelay if loopDelay == 0 { loopDelay = 3600 } @@ -323,8 +275,8 @@ func (r *LogServerController) DeployLogserver() sfv1.LogServerStatus { "fqdn": r.cr.Spec.FQDN, "serial": "5", "httpd-conf": utils.Checksum([]byte(logserverConf)), - "purgeLogConfig": "retentionDays:" + strconv.Itoa(r.cr.Spec.Settings.RetentionDays) + - " loopDelay:" + strconv.Itoa(r.cr.Spec.Settings.LoopDelay), + "purgeLogConfig": "retentionDays:" + strconv.Itoa(r.cr.Spec.Logserver.RetentionDays) + + " loopDelay:" + strconv.Itoa(r.cr.Spec.Logserver.LoopDelay), "httpd-image": base.HTTPDImage(), "purgelogs-image": base.PurgelogsImage(), "sshd-image": base.SSHDImage(), @@ -332,7 +284,7 @@ func (r *LogServerController) DeployLogserver() sfv1.LogServerStatus { current, stsUpdated := r.ensureStatefulset(sts) - pvcReadiness := r.reconcileExpandPVC(logserverIdent+"-"+logserverIdent+"-0", r.cr.Spec.Settings.Storage) + pvcReadiness := r.reconcileExpandPVC(logserverIdent+"-"+logserverIdent+"-0", r.cr.Spec.Logserver.Storage) routeReady := r.ensureHTTPSRoute( r.cr.Name+"-logserver", r.cr.Spec.FQDN, @@ -350,75 +302,5 @@ func (r *LogServerController) DeployLogserver() sfv1.LogServerStatus { isReady := r.IsStatefulSetReady(current) && !stsUpdated && pvcReadiness && routeReady && iconsRouteReady conds.UpdateConditions(&r.cr.Status.Conditions, logserverIdent, isReady) - return sfv1.LogServerStatus{ - Ready: isReady, - ObservedGeneration: r.cr.Generation, - ReconciledBy: conds.GetOperatorConditionName(), - } -} - -// Reconcile is part of the main kubernetes reconciliation loop which aims to -// move the current state of the cluster closer to the desired state. -// -// For more details, check Reconcile and its Result here: -// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.11.2/pkg/reconcile -func (r *LogServerReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { - log := log.FromContext(ctx) - - log.V(1).Info("Logserver CR - Entering reconcile loop") - - var cr sfv1.LogServer - - if err := r.Client.Get(ctx, req.NamespacedName, &cr); err != nil && errors.IsNotFound(err) { - log.Error(err, "unable to fetch LogServer resource") - // we'll ignore not-found errors, since they can't be fixed by an immediate - // requeue (we'll need to wait for a new notification), and we can get them - // on deleted requests. - return ctrl.Result{}, client.IgnoreNotFound(err) - } - - var utils = &SFUtilContext{ - Client: r.Client, - Scheme: r.Scheme, - RESTClient: r.RESTClient, - RESTConfig: r.RESTConfig, - ns: req.NamespacedName.Namespace, - log: log, - ctx: ctx, - owner: &cr, - standalone: false, - } - - var controller = LogServerController{ - SFUtilContext: *utils, - cr: cr, - } - - // Setup LetsEncrypt Issuer if needed - if cr.Spec.LetsEncrypt != nil { - controller.ensureLetsEncryptIssuer(*cr.Spec.LetsEncrypt) - } - - cr.Status = controller.DeployLogserver() - - if err := r.Client.Status().Update(ctx, &cr); err != nil { - log.Error(err, "unable to update LogServer status") - return ctrl.Result{}, err - } - if !cr.Status.Ready { - log.V(1).Info("Logserver CR - Reconcile running...") - delay, _ := time.ParseDuration("20s") - return ctrl.Result{RequeueAfter: delay}, nil - } else { - log.V(1).Info("Logserver CR - Reconcile completed!") - return ctrl.Result{}, nil - } -} - -// SetupWithManager sets up the controller with the Manager. -func (r *LogServerReconciler) SetupWithManager(mgr ctrl.Manager) error { - return ctrl.NewControllerManagedBy(mgr). - For(&sfv1.LogServer{}). - Owns(&certv1.Certificate{}). - Complete(r) + return isReady } diff --git a/controllers/main.go b/controllers/main.go index 4d2955df..d13be7eb 100644 --- a/controllers/main.go +++ b/controllers/main.go @@ -113,23 +113,12 @@ func Main(ns string, metricsAddr string, probeAddr string, enableLeaderElection Completed: false, } - lgr := &LogServerReconciler{ - Client: mgr.GetClient(), - Scheme: mgr.GetScheme(), - RESTClient: restClient, - RESTConfig: config, - } - //+kubebuilder:scaffold:builder if err = sfr.SetupWithManager(mgr); err != nil { setupLog.Error(err, "unable to create controller", "controller", "SoftwareFactory") os.Exit(1) } - if err = lgr.SetupWithManager(mgr); err != nil { - setupLog.Error(err, "unable to create controller", "controller", "LogServer") - os.Exit(1) - } if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil { setupLog.Error(err, "unable to set up health check") os.Exit(1) diff --git a/controllers/softwarefactory_controller.go b/controllers/softwarefactory_controller.go index c2334446..ba5f40bf 100644 --- a/controllers/softwarefactory_controller.go +++ b/controllers/softwarefactory_controller.go @@ -7,7 +7,6 @@ package controllers import ( "context" - "encoding/base64" "errors" "fmt" "sort" @@ -100,35 +99,6 @@ func isOperatorReady(services map[string]bool) bool { return true } -func (r *SFController) DeployLogserverResource() bool { - pubKey, err := r.GetSecretDataFromKey("zuul-ssh-key", "pub") - if err != nil { - return false - } - storageclassname := r.cr.Spec.Logserver.Storage.ClassName - if storageclassname == "" { - storageclassname = r.cr.Spec.StorageClassName - } - pubKeyB64 := base64.StdEncoding.EncodeToString(pubKey) - cr := sfv1.LogServer{ - ObjectMeta: metav1.ObjectMeta{ - Name: logserverIdent, - }, - Spec: sfv1.LogServerSpec{ - FQDN: r.cr.Spec.FQDN, - LetsEncrypt: r.cr.Spec.LetsEncrypt, - StorageClassName: storageclassname, - AuthorizedSSHKey: pubKeyB64, - Settings: r.cr.Spec.Logserver, - }, - } - var logserverController = LogServerController{ - SFUtilContext: r.SFUtilContext, - cr: cr, - } - return logserverController.DeployLogserver().Ready -} - // cleanup ensures removal of legacy resources func (r *SFController) cleanup() { r.DeleteR(&corev1.Service{ @@ -273,7 +243,7 @@ func (r *SFController) deploySFStep(services map[string]bool) map[string]bool { services["Zuul"] = r.DeployZuul() } - services["Logserver"] = r.DeployLogserverResource() + services["Logserver"] = r.DeployLogserver() if services["Zookeeper"] { nodepool := r.DeployNodepool() diff --git a/doc/deployment/crds.md b/doc/deployment/crds.md index 7df09059..73c6b6f3 100644 --- a/doc/deployment/crds.md +++ b/doc/deployment/crds.md @@ -7,7 +7,6 @@ unstable but the ultimate source of truth for documentation about their properti 1. [SoftwareFactory](#crds) -1. [LogServer]() ## SoftwareFactory @@ -16,11 +15,3 @@ This custom resource describes a Software Factory instance. ```yaml --8<-- "config/crd/bases/sf.softwarefactory-project.io_softwarefactories.yaml" ``` - -## LogServer - -This custom resource describes a standalone Log Server (SSH/rsync endpoint + HTTP server). - -```yaml ---8<-- "config/crd/bases/sf.softwarefactory-project.io_logservers.yaml" -``` \ No newline at end of file diff --git a/doc/developer/howtos/index.md b/doc/developer/howtos/index.md index 50fcaba0..56830c89 100644 --- a/doc/developer/howtos/index.md +++ b/doc/developer/howtos/index.md @@ -55,45 +55,6 @@ Make your changes, commit them, then push them with `git push`. To test your modifications, you can simply create a trivial change on the **config** repository, as described [here](#how-to-open-a-review-on-the-test-gerrit). -## How to hack on the LogServer Custom Resource - -The operator handles the `LogServer` Custom Resource. This resource is used to setup the logs server -part of a `SoftwareFactory` deployment. - -Here is an usage example of this resource: - -```shell -# Create a dedicated namespace -kubectl create ns logserver -# Start the operator for the dedicated namespace -sf-operator --namespace logserver operator -``` - -```shell -# Load your public ssh key in base64 -PUB_KEY=`cat ~/.ssh/id_ecdsa.pub | base64 -w0` -# Create the resource manifest -sed "s/authorizedSSHKey.*/authorizedSSHKey: $PUB_KEY/" config/samples/sf_v1_logserver.yaml > /tmp/my-logserver.yaml -sed "s/fqdn.*/fqdn: test.local/" -i /tmp/my-logserver.yaml -# Apply the custom resource -kubectl apply -f /tmp/my-logserver.yaml -``` - -To access the web frontend of the service you need to ensure that `logserver.test.local` resolves to your -microshift cluster inbound, then `firefox https://logserver.test.local`. - -To send data to the logserver, first enable the port-forward: - -```shell -kubectl -n logserver port-forward service/logserver 22220:2222 -``` - -Then use rsync: - -```shell -rsync -av -e "ssh -p22220" src-directory zuul@127.0.0.1:rsync/ -``` - ## How to configure secrets used by Zuul This python package provides helper code to perform service runtime configuration. diff --git a/doc/reference/api/index.md b/doc/reference/api/index.md index 5c3ca64c..f4780ed6 100644 --- a/doc/reference/api/index.md +++ b/doc/reference/api/index.md @@ -9,8 +9,6 @@ Package v1 contains API Schema definitions for the sf v1 API group ### Resource Types -- [LogServer](#logserver) -- [LogServerList](#logserverlist) - [SoftwareFactory](#softwarefactory) - [SoftwareFactoryList](#softwarefactorylist) @@ -25,7 +23,6 @@ Package v1 contains API Schema definitions for the sf v1 API group BaseStatus struct which defines the observed state for a Controller Do not use this directy, it must be derived from. _Appears in:_ -- [LogServerStatus](#logserverstatus) - [SoftwareFactoryStatus](#softwarefactorystatus) | Field | Description | Default Value | @@ -199,7 +196,6 @@ _Appears in:_ _Appears in:_ -- [LogServerSpec](#logserverspec) - [SoftwareFactorySpec](#softwarefactoryspec) | Field | Description | Default Value | @@ -223,39 +219,6 @@ _Appears in:_ -#### LogServer - - - -LogServer is the Schema for the LogServers API - -_Appears in:_ -- [LogServerList](#logserverlist) - -| Field | Description | Default Value | -| --- | --- | --- | -| `apiVersion` _string_ | `sf.softwarefactory-project.io/v1` | - | -| `kind` _string_ | `LogServer` | - | -| `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | -| -| `spec` _[LogServerSpec](#logserverspec)_ | | -| - - -#### LogServerList - - - -LogServerList contains a list of LogServer - - - -| Field | Description | Default Value | -| --- | --- | --- | -| `apiVersion` _string_ | `sf.softwarefactory-project.io/v1` | - | -| `kind` _string_ | `LogServerList` | - | -| `metadata` _[ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#listmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | -| -| `items` _[LogServer](#logserver) array_ | | -| - - #### LogServerSpec @@ -263,25 +226,6 @@ LogServerList contains a list of LogServer LogServerSpec defines the desired state of LogServer _Appears in:_ -- [LogServer](#logserver) - -| Field | Description | Default Value | -| --- | --- | --- | -| `fqdn` _string_ | The fully qualified domain name to use with the log server. Logs will be served at https://`FQDN`/logs/ | -| -| `LetsEncrypt` _[LetsEncryptSpec](#letsencryptspec)_ | LetsEncrypt settings for enabling using LetsEncrypt for Routes/TLS | -| -| `storageClassName` _string_ | Default storage class to use with Persistent Volume Claims issued by this resource. Consult your cluster's configuration to see what storage classes are available and recommended for your use case. | -| -| `authorizedSSHKey` _string_ | The SSH public key, encoded as base64, to use to authorize file transfers on the log server | -| -| `settings` _[LogServerSpecSettings](#logserverspecsettings)_ | General runtime settings for the log server | -| - - -#### LogServerSpecSettings - - - - - -_Appears in:_ -- [LogServerSpec](#logserverspec) - [SoftwareFactorySpec](#softwarefactoryspec) | Field | Description | Default Value | @@ -291,8 +235,6 @@ _Appears in:_ | `storage` _[StorageSpec](#storagespec)_ | Storage-related settings | -| - - #### MariaDBSpec @@ -443,7 +385,7 @@ _Appears in:_ | `zuul` _[ZuulSpec](#zuulspec)_ | Zuul service spec | -| | `nodepool` _[NodepoolSpec](#nodepoolspec)_ | Nodepool services spec | -| | `zookeeper` _[ZookeeperSpec](#zookeeperspec)_ | Zookeeper service spec | -| -| `logserver` _[LogServerSpecSettings](#logserverspecsettings)_ | Logserver service spec | {map[loopDelay:3600 retentionDays:60]}| +| `logserver` _[LogServerSpec](#logserverspec)_ | Logserver service spec | {map[loopDelay:3600 retentionDays:60]}| | `mariadb` _[MariaDBSpec](#mariadbspec)_ | MariaDB service spec | -| | `gitserver` _[GitServerSpec](#gitserverspec)_ | Git server spec | -| @@ -474,7 +416,7 @@ _Appears in:_ _Appears in:_ - [GitServerSpec](#gitserverspec) -- [LogServerSpecSettings](#logserverspecsettings) +- [LogServerSpec](#logserverspec) - [MariaDBSpec](#mariadbspec) - [NodepoolBuilderSpec](#nodepoolbuilderspec) - [ZookeeperSpec](#zookeeperspec)