Advanced Installation

This installation is for advanced users that want to contribute to the project and/or add new resources or modify existing resources.

If you want to contribute only to the operator's code or otherwise don't have to do any substantial resource modification, then please follow Basic Installation.

This will require some additional dependencies and a knowledge of Kustomize.

If you do want to contribute, please follow Contributing and our Code of Conduct before doing so.

Requirements

Files and Services

You need to have the following:

• access to a Kubernetes cluster running at least version 1.11.3 and kubeconfig properly set up
• a Project in Google Cloud with Service Directory enabled
• a Google Cloud Service Account with at least role roles/servicedirectory.editor.

Software

Please make sure you have the following software installed:

• Kubectl 1.11.3+:

  • Unix/Linux users with Snap:

    snap install kubectl --classic
    

  • MacOs users with HomeBrew:

    brew install kubectl
    

  • Windows users: follow this section of the documentation

• Make, which will automate some steps:

  • Unix/Linux and MacOS: already pre-installed.
  • Windows users: download the binaries from this page.

• Golang 1.13+ to build the project. Follow the link to learn how to install it for any system.

• Docker 17.03+ for building and pushing the operator's container images.

  • Unix/Linux users with Snap:

  sudo snap install docker
  

  • MacOs users: Docker Desktop for Mac
  • Windows users: Docker Desktop for Windows

• Kubebuilder:

  • MacOs users with HomeBrew:

  brew install kubebuilder
  

  • Other systems: follow this section on the documentation.

Optional: New YAML files

If you are not adding any new Kubernetes resources, such as Secrets, Deployments, Services, etc., you can skip this section and go directly to Configure the operator.

Note that this is different from CRDs, as the CN-WAN Operator does not have any custom resources.

As a reminder, if you are adding resources to CN-WAN Operator to contribute to the project, please discuss the changes you want to make with the CN-WAN Operator OWNERS by opening a new issue or by email prior to make a pull request.

Finally, if you just want to do simple modifications, like set a docker pull secret, you should modify files inside deploy and follow Basic Installation.

Directories organization

You will have to put the YAML files in one of the sub-directories of /config: if you are modifying/adding resources just for your own sake, then you can place them in whichever folder you want, so long as you also modify kustomazion.yaml accordingly, as specified below.

Instead, in case you are adding files for the project, we ask you to place files depending on the Kind of such resources: i.e. Roles in rbac, WebHooks in webhook and everything else in manager.

Modify the kustomization.yaml file by adding the file you just placed. For example, take a look at config/manager/kustomization.yaml:

resources:
- manager.yaml
- settings.yaml
- serviceHandlerSecret.yaml
patchesStrategicMerge:
- patch.yaml

If you are adding a new Service, add its file name without path under resources: the same way you see above. Specify any modification you want to do on resources, by adding your patch under patchesStrategicMerge:.

Please take a look at this guide to learn how to use Kustomize in case this looks too obscure.

Configure the operator

Before deploying the operator you will need to configure it.

Settings

Modify the file config/manager/settings.yaml with the appropriate values.
You will need to modify what's below settings.yaml: | and follow Configuration if you haven't already.

Credentials

Copy the contents of you Service Account and paste to config/manager/serviceHandlerSecret.yaml below gcloud-credentials.json: |-.

The file must look like this:

apiVersion: v1
kind: Secret
metadata:
  name: service-handler-account
  namespace: system
stringData:
  gcloud-credentials.json: |-
    {
      "type": "service_account",
      "project_id": "my-project",
      "private_key_id": "prive-key-id",
      "private_key": "private-key",
      "client_email": "client-email@example.com",
      "client_id": "1234567890",
      "auth_uri": "https://accounts.google.com/o/oauth2/auth",
      "token_uri": "https://oauth2.googleapis.com/token",
      "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
      "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/name"
    }

Please double-check indentation: if invalid, it will violate yaml parsing rules and treated as an empty string. Make sure it is as above.

Build the Operator

First, you need to build and push the docker image to your container registry of choice. To ease the process up, you can edit the Makefile - included in the root folder of the project - by entering the image repository where you want to push the image:

IMG ?= example.com/username/image:tag

Make sure you are properly logged in your container registry of choice before proceeding. Most of the times, running docker login <registry> as documented here should be enough, but we encourage you to read your container registry's official documentation to know how to do that. Build and push the image:

# Build & Push
make docker-build docker-push

Deploy

Deploy the operator on your cluster by running the command below from the root directory of the project:

make custom-deploy

The operator will be first tested and, if successful, installed in one of the available and suitable worker nodes of your cluster.

If you haven't already, please read Concepts to learn more about CN-WAN Operator.

Remove

To remove the operator from your cluster, execute:

make custom-remove