-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: morvencao <[email protected]>
- Loading branch information
Showing
45 changed files
with
5,160 additions
and
104 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
1. Build | ||
|
||
```bash | ||
docker build -t quay.io/morvencao/maestro:latest . | ||
docker push quay.io/morvencao/maestro:latest | ||
``` | ||
|
||
2. Deploy | ||
|
||
```bash | ||
oc process \ | ||
--filename="templates/service-template-aro-hcp.yml" \ | ||
--local="true" \ | ||
--ignore-unknown-parameters="true" \ | ||
--param="ENVIRONMENT=development" \ | ||
--param="GLOG_V=10" \ | ||
--param="DB_SSLMODE=disable" \ | ||
--param="IMAGE_REGISTRY=quay.io" \ | ||
--param="IMAGE_REPOSITORY=morvencao/maestro" \ | ||
--param="IMAGE_TAG=latest" \ | ||
--param="ENABLE_JWT=false" \ | ||
--param="ENABLE_AUTHZ=false" \ | ||
--param="AUTHZ_RULES=" \ | ||
--param="ENABLE_SENTRY"=false \ | ||
--param="SENTRY_KEY"=TODO \ | ||
--param="JWKS_URL=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/certs" \ | ||
--param="OCM_SERVICE_CLIENT_ID=maestro" \ | ||
--param="OCM_SERVICE_CLIENT_SECRET=maestro" \ | ||
--param="TOKEN=" \ | ||
--param="OCM_BASE_URL=https://api.integration.openshift.com" \ | ||
--param="ENABLE_OCM_MOCK=true" \ | ||
--param="DB_SECRET_NAME=maestro-db" \ | ||
> "templates/service-template-aro-hcp.json" | ||
``` | ||
|
||
```bash | ||
oc process \ | ||
--filename="templates/db-template.yml" \ | ||
--local="true" \ | ||
--ignore-unknown-parameters="true" \ | ||
--param="DATABASE_HOST=maestro-db" \ | ||
--param="DATABASE_NAME=maestro" \ | ||
--param="DATABASE_PASSWORD=foobar-bizz-buzz" \ | ||
--param="DATABASE_PORT=5432" \ | ||
--param="DATABASE_USER=maestro" \ | ||
--param="DB_SSLMODE=disable" \ | ||
--param="POSTGRES_IMAGE=docker.io/library/postgres:14.2" \ | ||
> "templates/db-template.json" | ||
``` | ||
|
||
```bash | ||
kubectl create ns maestro-test | ||
kubectl -n maestro-test create secret tls mqtt-creds \ | ||
--cert=/root/workspace/azure/maestro-source-authn-ID.pem \ | ||
--key=/root/workspace/azure/maestro-source-authn-ID.key | ||
|
||
cat << EOF | kubectl -n maestro-test apply -f - | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: maestro-mqtt | ||
stringData: | ||
config.yaml: | | ||
brokerHost: ns-lcao.eastus-1.ts.eventgrid.azure.net:8883 | ||
clientCertFile: /secrets/mqtt-creds/tls.crt | ||
clientKeyFile: /secrets/mqtt-creds/tls.key | ||
topics: | ||
sourceEvents: sources/maestro/consumers/+/sourceevents | ||
agentEvents: sources/maestro/consumers/+/agentevents | ||
EOF | ||
|
||
|
||
kubectl -n maestro-test create serviceaccount maestro | ||
kubectl -n maestro-test apply -f "templates/db-template.json" | ||
kubectl -n maestro-test apply -f "templates/service-template-aro-hcp.json" | ||
``` | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,187 @@ | ||
# Run Maestro E2E | ||
|
||
```bash | ||
export container_tool=docker | ||
export GOPATH=$HOME/go | ||
export USER=demo | ||
export CLIENT_ID=demo | ||
export CLIENT_SECRET=demo | ||
export ENABLE_JWT=false | ||
export ENABLE_AUTHZ=false | ||
export external_apps_domain=$(oc get ingresses.config.openshift.io cluster -o jsonpath='{.spec.domain}') | ||
oc create ns maestro-demo | ||
make deploy | ||
``` | ||
|
||
```bash | ||
oc -n maestro-demo get svc | ||
oc -n maestro-demo get pod | ||
oc -n maestro-demo logs -f deploy/maestro -f | ||
``` | ||
|
||
```bash | ||
export consumer_id=$(curl -k -X POST -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/consumers -d '{"name": "cluster1"}' | jq -r .id) | ||
export agent_namespace=maestro-agent-demo | ||
make deploy-agent | ||
``` | ||
|
||
```bash | ||
oc -n maestro-agent-demo get pod | ||
|
||
oc -n maestro-agent-demo get pod -o yaml | grep consumer-name | ||
``` | ||
|
||
```bash | ||
curl -k -X GET -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/consumers | jq | ||
|
||
curl -k -X GET -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/resources | jq | ||
curl -k -X POST -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/resources --data-binary @example/resource.json | jq | ||
curl -k -X GET -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/resources/b216464f-e302-415a-a06c-c5e391ad08a7 | jq | ||
curl -k -X PATCH -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/resources/b216464f-e302-415a-a06c-c5e391ad08a7 --data-binary @example/resource.json | jq | ||
curl -k -X DELETE -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/resources/b216464f-e302-415a-a06c-c5e391ad08a7 | ||
``` | ||
|
||
```bash | ||
curl -k -X POST -H "Content-Type: application/json" -d '{"name": "cluster1"}' https://127.0.0.1:30080/api/maestro/v1/consumers | jq | ||
curl -k -X GET -H "Content-Type: application/json" https://127.0.0.1:30080/api/maestro/v1/consumers | jq | ||
curl -k -X DELETE -H "Content-Type: application/json" https://127.0.0.1:30080/api/maestro/v1/consumers/0f8263a9-17b4-415c-b4c5-b6f583885345 | jq | ||
|
||
curl -k -X GET -H "Content-Type: application/json" https://127.0.0.1:30080/api/maestro/v1/resources | jq | ||
``` | ||
|
||
```bash | ||
clusteradm clusterset bind global --namespace default | ||
``` | ||
|
||
or | ||
```bash | ||
cat << EOF | oc apply -n default -f - | ||
apiVersion: cluster.open-cluster-management.io/v1beta2 | ||
kind: ManagedClusterSetBinding | ||
metadata: | ||
name: global-binding | ||
namespace: default | ||
spec: | ||
clusterSet: global | ||
``` | ||
```bash | ||
cat << EOF | oc apply -n default -f - | ||
apiVersion: cluster.open-cluster-management.io/v1beta1 | ||
kind: Placement | ||
metadata: | ||
name: placement1 | ||
namespace: default | ||
spec: | ||
numberOfClusters: 3 | ||
clusterSets: | ||
- global | ||
EOF | ||
|
||
cat << EOF | oc apply -n default -f - | ||
apiVersion: work.open-cluster-management.io/v1alpha1 | ||
kind: ManifestWorkReplicaSet | ||
metadata: | ||
name: mwrset-nginx | ||
spec: | ||
placementRefs: | ||
- name: placement1 | ||
manifestWorkTemplate: | ||
workload: | ||
manifests: | ||
- apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: nginx1 | ||
namespace: default | ||
spec: | ||
replicas: 2 | ||
selector: | ||
matchLabels: | ||
app: nginx | ||
template: | ||
metadata: | ||
labels: | ||
app: nginx | ||
spec: | ||
containers: | ||
- image: nginxinc/nginx-unprivileged | ||
name: nginx | ||
EOF | ||
``` | ||
|
||
|
||
```bash | ||
oc delete ManifestWorkReplicaSet mwrset-nginx -n default | ||
|
||
oc get ManifestWorkReplicaSet -A | ||
oc get appliedmanifestwork -A | ||
oc -n default get pod | ||
curl -k -X GET -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/resources | jq | ||
curl -k -X GET -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/resources | jq -r '.items[0].id' | ||
curl -k -X DELETE -H "Content-Type: application/json" https://maestro.${external_apps_domain}/api/maestro/v1/resources/c4df9ff0-bfeb-5bc6-a0ab-4c9128d698b4 | ||
oc exec -it maestro-db-748dc568f4-p9pzd -- psql -d maestro -U maestro | ||
delete from resources; | ||
delete from events; | ||
``` | ||
|
||
TODO: | ||
|
||
ocm-sdk-go | ||
1. Add resource ID for ManifestBundleCodec (encode) | ||
2. Add resource version for ManifestBundleCodec (encode) | ||
3. Action for CloudEventsType of ManifestBundle(create_request, update_request) | ||
4. manifest bundle: version++ to make version update (use metadata.resourceVersion?) | ||
|
||
work-agent | ||
1. Add manifestbundle codec | ||
|
||
|
||
|
||
## GRPC | ||
|
||
```bash | ||
oc -n maestro-demo edit deploy/maestro | ||
|
||
oc -n maestro-demo patch deploy/maestro --type=json -p='[{"op": "add", "path": "/spec/template/spec/containers/0/command/-", "value": "--enable-grpc-server=true"}]' | ||
``` | ||
|
||
```bash | ||
oc -n maestro-demo port-forward svc/maestro-grpc 8090:8090 | ||
``` | ||
|
||
|
||
## Manifest: | ||
|
||
```bash | ||
# create | ||
go run ./example/grpcclient.go -grpc_server localhost:8090 -cloudevents_json_file ./example/cloudevent.json | ||
|
||
|
||
# update | ||
go run ./example/grpcclient.go -grpc_server localhost:8090 -cloudevents_json_file ./example/cloudevent.update.json | ||
|
||
# delete | ||
go run ./example/grpcclient.go -grpc_server localhost:8090 -cloudevents_json_file ./example/cloudevent.delete.json | ||
``` | ||
|
||
```bash | ||
oc -n maestro-agent-demo patch deploy/maestro-agent --type=json -p='[{"op": "add", "path": "/spec/template/spec/containers/0/command/-", "value": "--agent-client-codecs=manifest"}]' | ||
oc -n maestro-agent-demo patch deploy/maestro-agent --type=json -p='[{"op": "add", "path": "/spec/template/spec/containers/0/command/-", "value": "--agent-client-codecs=manifestbundle"}]' | ||
``` | ||
|
||
## ManifestBundle: | ||
|
||
```bash | ||
# create | ||
go run ./example/grpcclient.go -grpc_server localhost:8090 -cloudevents_json_file ./example/cloudevent-bundle.json | ||
|
||
|
||
# update | ||
go run ./example/grpcclient.go -grpc_server localhost:8090 -cloudevents_json_file ./example/cloudevent-bundle.update.json | ||
|
||
# delete | ||
go run ./example/grpcclient.go -grpc_server localhost:8090 -cloudevents_json_file ./example/cloudevent-bundle.delete.json | ||
``` | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
{ | ||
"specversion": "1.0", | ||
"id": "aa27051a-5578-4e03-b737-5d6416d09694", | ||
"type": "io.open-cluster-management.works.v1alpha1.manifestbundles.spec.delete_request", | ||
"source": "grpc", | ||
"clustername": "cluster1", | ||
"resourceid": "68ebf474-6709-48bb-b760-386181268064", | ||
"resourceversion": 1, | ||
"deletiontimestamp": "2024-05-20T09:54:06.582625606Z", | ||
"datacontenttype": "application/json", | ||
"data": {} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
{ | ||
"specversion": "1.0", | ||
"id": "0192bd68-8444-4743-b02b-4a6605ec0413", | ||
"type": "io.open-cluster-management.works.v1alpha1.manifestbundles.spec.create_request", | ||
"source": "grpc", | ||
"clustername": "cluster1", | ||
"resourceid": "68ebf474-6709-48bb-b760-386181268064", | ||
"resourceversion": 1, | ||
"datacontenttype": "application/json", | ||
"data": { | ||
"manifests": [ | ||
{ | ||
"apiVersion": "v1", | ||
"kind": "ConfigMap", | ||
"metadata": { | ||
"name": "web", | ||
"namespace": "default" | ||
} | ||
}, | ||
{ | ||
"apiVersion": "apps/v1", | ||
"kind": "Deployment", | ||
"metadata": { | ||
"name": "web", | ||
"namespace": "default" | ||
}, | ||
"spec": { | ||
"replicas": 1, | ||
"selector": { | ||
"matchLabels": { | ||
"app": "web" | ||
} | ||
}, | ||
"template": { | ||
"metadata": { | ||
"labels": { | ||
"app": "web" | ||
} | ||
}, | ||
"spec": { | ||
"containers": [ | ||
{ | ||
"image": "nginxinc/nginx-unprivileged", | ||
"name": "nginx" | ||
} | ||
] | ||
} | ||
} | ||
} | ||
} | ||
], | ||
"deleteOption": { | ||
"propagationPolicy": "Foreground" | ||
}, | ||
"manifestConfigs": [ | ||
{ | ||
"resourceIdentifier": { | ||
"group": "apps", | ||
"resource": "deployments", | ||
"namespace": "default", | ||
"name": "web" | ||
}, | ||
"feedbackRules": [ | ||
{ | ||
"type": "JSONPaths", | ||
"jsonPaths": [ | ||
{ | ||
"name": "status", | ||
"path": ".status" | ||
} | ||
] | ||
} | ||
], | ||
"updateStrategy": { | ||
"type": "ServerSideApply" | ||
} | ||
} | ||
] | ||
} | ||
} |
Oops, something went wrong.