resources

package
v0.0.0-...-207e492 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 19, 2023 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source
const APICertCommonName = "metering-server"
View Source
const APICertDirName = "metering-api"
View Source
const APICertName = "icp-metering-api-ca-cert"

API certificate definition

View Source
const APICertSecretName = "icp-metering-api-secret" + ""

use concatenation so linter won't complain about "Secret" vars

View Source
const APICertVolumeName = "icp-metering-api-certs"
View Source
const CommonServicesProductID = "068a62892a1e4db39641342e592daa25"
View Source
const CommonServicesProductName = "IBM Cloud Platform Common Services"
View Source
const DefaultAPIKeySecretName = "icp-serviceid-apikey-secret" + ""

use concatenation so linter won't complain about "Secret" vars

View Source
const DefaultAPIServiceName = "v1.metering.ibm.com"
View Source
const DefaultCaIssuer = "cs-ca-issuer"
View Source
const DefaultClusterName = "mycluster"
View Source
const DefaultDmImageName = "metering-data-manager"
View Source
const DefaultDmImageTag = "3.7.1"

starting with Common Services 3.4, images can be pulled by SHA or tag. run scripts/get-image-sha.sh to update operator.yaml with the SHA values. a SHA value looks like this: "sha256:nnnnnnnn" a tag value looks like this: "3.5.0".

View Source
const DefaultImageRegistry = "quay.io/opencloudio"
View Source
const DefaultMcmUIImageName = "metering-mcmui"
View Source
const DefaultMcmUIImageTag = "3.7.1"
View Source
const DefaultPlatformOidcSecretName = "platform-oidc-credentials" + ""
View Source
const DefaultReportImageName = "metering-report"
View Source
const DefaultReportImageTag = "3.7.1"
View Source
const DefaultUIImageName = "metering-ui"
View Source
const DefaultUIImageTag = "3.7.1"
View Source
const DefaultWatchNamespace = "ibm-common-services"
View Source
const DmDeploymentName = "metering-dm"
View Source
const DmNodeHeapSizeVar = "NODE_HEAP_SIZE"
View Source
const DmServiceName = "metering-dm"
View Source
const McmDeploymentName = "metering-mcmui"
View Source
const McmServiceName = "metering-mcmui"
View Source
const McmUICertCommonName = "metering-mcmui"
View Source
const McmUICertDirName = "metering-mcmui"
View Source
const McmUICertName = "metering-mcmui-ca-cert"

MCMUI certificate definition

View Source
const McmUICertSecretName = "metering-mcmui-cert" + ""

use concatenation so linter won't complain about "Secret" vars

View Source
const McmUICertVolumeName = "metering-mcmui-certs"
View Source
const MeteringComponentName = "meteringsvc"
View Source
const MeteringDependencies = "ibm-common-services.auth-idp, mongodb, cert-manager"
View Source
const MeteringReleaseName = "metering"
View Source
const ReaderDaemonSetName = "metering-reader"
View Source
const ReaderDeploymentName = "metering-reader"
View Source
const ReaderServiceName = "metering-server"
View Source
const ReceiverCertCommonName = "metering-receiver"
View Source
const ReceiverCertDirName = "metering-receiver"
View Source
const ReceiverCertName = "icp-metering-receiver-ca-cert"

Receiver certificate definition

View Source
const ReceiverCertSecretName = "icp-metering-receiver-secret" + ""

use concatenation so linter won't complain about "Secret" vars

View Source
const ReceiverCertVolumeName = "icp-metering-receiver-certs"
View Source
const ReceiverRouteName = "metering-receiver-route"
View Source
const ReceiverServiceName = "metering-receiver"
View Source
const ReportDeploymentName = "metering-report"
View Source
const ReportServiceName = "metering-report"
View Source
const SenderDeploymentName = "metering-sender"
View Source
const UICertCommonName = "metering-ui"
View Source
const UICertDirName = "metering-ui"
View Source
const UICertName = "metering-ui-ca-cert"

UI certificate definition

View Source
const UICertSecretName = "metering-ui-cert" + ""

use concatenation so linter won't complain about "Secret" vars

View Source
const UICertVolumeName = "metering-ui-certs"
View Source
const UIDeploymentName = "metering-ui"
View Source
const UIServiceName = "metering-ui"
View Source
const VarImageSHAforDM = "IMAGE_SHA_OR_TAG_DM"

define the env vars that contain either the SHA or the tag

View Source
const VarImageSHAforMCMUI = "IMAGE_SHA_OR_TAG_MCMUI"
View Source
const VarImageSHAforReport = "IMAGE_SHA_OR_TAG_REPORT"
View Source
const VarImageSHAforUI = "IMAGE_SHA_OR_TAG_UI"
View Source
const WatchNamespaceV350 = "ibm-common-services"

Variables

View Source
var APICertVolume = corev1.Volume{
	Name: APICertVolumeName,
	VolumeSource: corev1.VolumeSource{
		Secret: &corev1.SecretVolumeSource{
			SecretName:  APICertSecretName,
			DefaultMode: &DefaultMode,
			Optional:    &TrueVar,
		},
	},
}
View Source
var APICertVolumeMount = corev1.VolumeMount{
	Name:      APICertVolumeName,
	MountPath: "/sec/" + APICertDirName,
}
View Source
var APICertificateData = CertificateData{
	Name:      APICertName,
	Secret:    APICertSecretName,
	Common:    APICertCommonName,
	App:       ReaderDeploymentName,
	Component: ReaderDeploymentName,
}
View Source
var APIcheckIngressData = IngressData{
	Name:        "metering-api-check",
	Path:        "/meteringapi/api/v1",
	Service:     ReaderServiceName,
	Port:        apiIngressPort,
	Annotations: apiCheckIngressAnnotations,
}
View Source
var APIrbacIngressData = IngressData{
	Name:        "metering-api-rbac",
	Path:        "/meteringapi/api/",
	Service:     ReaderServiceName,
	Port:        apiIngressPort,
	Annotations: apiRBACIngressAnnotations,
}
View Source
var APIswaggerIngressData = IngressData{
	Name:        "metering-api-swagger",
	Path:        "/meteringapi/api/swagger",
	Service:     ReaderServiceName,
	Port:        apiIngressPort,
	Annotations: apiSwaggerIngressAnnotations,
}
View Source
var ArchitectureList = []string{
	"amd64",
	"ppc64le",
	"s390x",
}
View Source
var CommonEnvVars = []corev1.EnvVar{
	{
		Name:  "NODE_TLS_REJECT_UNAUTHORIZED",
		Value: "0",
	},
}
View Source
var CommonIngressAnnotations = map[string]string{
	"app.kubernetes.io/managed-by": "operator",
	"kubernetes.io/ingress.class":  "ibm-icp-management",
}
View Source
var CommonMainVolumeMounts = []corev1.VolumeMount{
	{
		Name:      "mongodb-ca-cert",
		MountPath: "/certs/mongodb-ca",
	},
	{
		Name:      "mongodb-client-cert",
		MountPath: "/certs/mongodb-client",
	},
}
View Source
var DefaultMode int32 = 420
View Source
var DefaultStatusForCR = []string{"none"}
View Source
var DmMainContainer = corev1.Container{
	Image:           "metering-data-manager",
	Name:            "metering-dm",
	ImagePullPolicy: corev1.PullAlways,

	VolumeMounts: []corev1.VolumeMount{
		LoglevelVolumeMount,
	},

	Env: []corev1.EnvVar{
		{
			Name:  "METERING_API_ENABLED",
			Value: "true",
		},
		{
			Name:  "HC_DM_USE_HTTPS",
			Value: "false",
		},
		{
			Name:  "HC_DM_MCM_SENDER_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_STORAGEREADER_ENABLED",
			Value: "true",
		},
		{
			Name:  "HC_DM_REPORTER2_ENABLED",
			Value: "true",
		},
		{
			Name:  "HC_DM_PURGER2_ENABLED",
			Value: "true",
		},
		{
			Name:  "HC_DM_PREAGGREGATOR_ENABLED",
			Value: "true",
		},
		{
			Name:  "HC_DM_METRICS_ENABLED",
			Value: "true",
		},
		{
			Name:  "HC_DM_SELFMETER_PURGER_ENABLED",
			Value: "true",
		},
	},
	Ports: []corev1.ContainerPort{
		{ContainerPort: 3000},
		{ContainerPort: 5000},
	},
	LivenessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/livenessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3000,
				},
				Scheme: corev1.URISchemeHTTP,
			},
		},
		InitialDelaySeconds: 305,
		TimeoutSeconds:      5,
		PeriodSeconds:       300,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	ReadinessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/readinessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3000,
				},
				Scheme: corev1.URISchemeHTTP,
			},
		},
		InitialDelaySeconds: 15,
		TimeoutSeconds:      15,
		PeriodSeconds:       30,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	Resources:       corev1.ResourceRequirements{},
	SecurityContext: &commonSecurityContext,
}
View Source
var DmResourceRequirements = corev1.ResourceRequirements{
	Limits: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu450,
		corev1.ResourceMemory: *memory850},
	Requests: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu200,
		corev1.ResourceMemory: *memory230},
}
View Source
var FalseVar = false
View Source
var IAMEnvVars = []corev1.EnvVar{
	{
		Name:  "DEFAULT_IAM_TOKEN_SERVICE_PORT",
		Value: "10443",
	},
	{
		Name:  "DEFAULT_IAM_PAP_SERVICE_PORT",
		Value: "39001",
	},
}
View Source
var Log4jsVolumeMount = corev1.VolumeMount{
	Name:      "log4js",
	MountPath: "/etc/config",
}
View Source
var LoglevelVolumeMount = corev1.VolumeMount{
	Name:      "loglevel",
	MountPath: "/etc/config",
}
View Source
var McmIngressData = IngressData{
	Name:        "metering-mcmui",
	Path:        "/metering-mcm",
	Service:     "metering-mcmui",
	Port:        3001,
	Annotations: mcmIngressAnnotations,
}
View Source
var McmUICertVolume = corev1.Volume{
	Name: McmUICertVolumeName,
	VolumeSource: corev1.VolumeSource{
		Secret: &corev1.SecretVolumeSource{
			SecretName:  McmUICertSecretName,
			DefaultMode: &DefaultMode,
			Optional:    &TrueVar,
		},
	},
}
View Source
var McmUICertVolumeMountForMain = corev1.VolumeMount{
	Name:      McmUICertVolumeName,
	MountPath: "/certs/" + McmUICertDirName,
}
View Source
var McmUICertVolumeMountForSecretCheck = corev1.VolumeMount{
	Name:      McmUICertVolumeName,
	MountPath: "/sec/" + McmUICertDirName,
}
View Source
var McmUICertificateData = CertificateData{
	Name:      McmUICertName,
	Secret:    McmUICertSecretName,
	Common:    McmUICertCommonName,
	App:       McmDeploymentName,
	Component: McmDeploymentName,
}
View Source
var McmUIMainContainer = corev1.Container{
	Image:           "metering-mcmui",
	Name:            "metering-mcmui",
	ImagePullPolicy: corev1.PullAlways,

	VolumeMounts: []corev1.VolumeMount{
		Log4jsVolumeMount,
	},

	Env: []corev1.EnvVar{
		{
			Name:  "PORT",
			Value: "3001",
		},
		{
			Name:  "PROXY_URI",
			Value: "metering-mcm",
		},
		{
			Name:  "MCM_UI_ISSSL",
			Value: "true",
		},
		{
			Name:  "MCM_UI_SSL_CA",
			Value: "/certs/" + McmUICertDirName + "/ca.crt",
		},
		{
			Name:  "MCM_UI_SSL_CERT",
			Value: "/certs/" + McmUICertDirName + "/tls.crt",
		},
		{
			Name:  "MCM_UI_SSL_KEY",
			Value: "/certs/" + McmUICertDirName + "/tls.key",
		},
	},
	Ports: []corev1.ContainerPort{
		{ContainerPort: 3001},
	},
	LivenessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/unsecure/livenessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3001,
				},
				Scheme: corev1.URISchemeHTTPS,
			},
		},
		InitialDelaySeconds: 305,
		TimeoutSeconds:      5,
		PeriodSeconds:       300,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	ReadinessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/unsecure/readinessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3001,
				},
				Scheme: corev1.URISchemeHTTPS,
			},
		},
		InitialDelaySeconds: 15,
		TimeoutSeconds:      5,
		PeriodSeconds:       15,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	Resources:       corev1.ResourceRequirements{},
	SecurityContext: &commonSecurityContext,
}
View Source
var McmUIResourceRequirements = corev1.ResourceRequirements{
	Limits: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu100,
		corev1.ResourceMemory: *memory375},
	Requests: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu50,
		corev1.ResourceMemory: *memory370},
}
View Source
var RdrMainContainer = corev1.Container{
	Image:           "metering-data-manager",
	Name:            "metering-reader",
	ImagePullPolicy: corev1.PullAlways,

	VolumeMounts: []corev1.VolumeMount{
		{
			Name:      APICertVolumeName,
			MountPath: "/certs/" + APICertDirName,
		},
		LoglevelVolumeMount,
	},

	Env: []corev1.EnvVar{
		{
			Name:  "METERING_API_ENABLED",
			Value: "true",
		},
		{
			Name:  "METERING_INTERNALAPI_ENABLED",
			Value: "true",
		},
		{
			Name:  "HC_DM_USE_HTTPS",
			Value: "true",
		},
		{
			Name:  "HC_DM_MCM_RECEIVER_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_MCM_SENDER_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_MCMREADER_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_READER_ENABLED",
			Value: "true",
		},
		{
			Name:  "HC_DM_STORAGEREADER_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_READER_APIENABLED",
			Value: "true",
		},
		{
			Name:  "HC_DM_REPORTER2_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_PURGER2_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_PREAGGREGATOR_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_SELFMETER_PURGER_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_API_PORT",
			Value: "4000",
		},
		{
			Name:  "HC_DM_INTERNAL_API_PORT",
			Value: "4002",
		},
		{
			Name:  "HC_API_SSL_CA",
			Value: "/certs/" + APICertDirName + "/ca.crt",
		},
		{
			Name:  "HC_API_SSL_CERT",
			Value: "/certs/" + APICertDirName + "/tls.crt",
		},
		{
			Name:  "HC_API_SSL_KEY",
			Value: "/certs/" + APICertDirName + "/tls.key",
		},
	},
	Ports: []corev1.ContainerPort{
		{ContainerPort: 3000},
		{ContainerPort: 4000},
		{ContainerPort: 4002},
	},
	LivenessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/livenessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3000,
				},
				Scheme: corev1.URISchemeHTTP,
			},
		},
		InitialDelaySeconds: 305,
		TimeoutSeconds:      5,
		PeriodSeconds:       300,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	ReadinessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/readinessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3000,
				},
				Scheme: corev1.URISchemeHTTP,
			},
		},
		InitialDelaySeconds: 15,
		TimeoutSeconds:      15,
		PeriodSeconds:       30,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	Resources:       corev1.ResourceRequirements{},
	SecurityContext: &commonSecurityContext,
}
View Source
var RdrResourceRequirements = corev1.ResourceRequirements{
	Limits: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu60,
		corev1.ResourceMemory: *memory320},
	Requests: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu50,
		corev1.ResourceMemory: *memory240},
}
View Source
var ReceiverCertVolume = corev1.Volume{
	Name: ReceiverCertVolumeName,
	VolumeSource: corev1.VolumeSource{
		Secret: &corev1.SecretVolumeSource{
			SecretName:  ReceiverCertSecretName,
			DefaultMode: &DefaultMode,
			Optional:    &TrueVar,
		},
	},
}
View Source
var ReceiverCertVolumeMountForMain = corev1.VolumeMount{
	Name:      ReceiverCertVolumeName,
	MountPath: "/certs/" + ReceiverCertDirName,
}
View Source
var ReceiverCertVolumeMountForSecretCheck = corev1.VolumeMount{
	Name:      ReceiverCertVolumeName,
	MountPath: "/sec/" + ReceiverCertDirName,
}
View Source
var ReceiverCertificateData = CertificateData{
	Name:      ReceiverCertName,
	Secret:    ReceiverCertSecretName,
	Common:    ReceiverCertCommonName,
	App:       DmDeploymentName,
	Component: ReceiverCertCommonName,
}
View Source
var ReceiverSslEnvVars = []corev1.EnvVar{
	{
		Name:  "HC_RECEIVER_SSL_CA",
		Value: "/certs/" + ReceiverCertDirName + "/ca.crt",
	},
	{
		Name:  "HC_RECEIVER_SSL_CERT",
		Value: "/certs/" + ReceiverCertDirName + "/tls.crt",
	},
	{
		Name:  "HC_RECEIVER_SSL_KEY",
		Value: "/certs/" + ReceiverCertDirName + "/tls.key",
	},
}
View Source
var Replica1 int32 = 1
View Source
var ReportContainer = corev1.Container{
	Image:           "metering-report",
	Name:            "metering-report",
	ImagePullPolicy: corev1.PullAlways,
	Command: []string{
		"./apiserver",
	},
	Args: []string{
		"--cert-dir=/tmp",
		"--secure-port=7443",
		"--disable-admission-plugins=NamespaceLifecycle,MutatingAdmissionWebhook,ValidatingAdmissionWebhook",
	},
	VolumeMounts: []corev1.VolumeMount{
		{
			Name:      "tmp-dir",
			MountPath: "/tmp",
		},
		{
			Name:      APICertVolumeName,
			MountPath: "/certs/" + APICertDirName,
		},
	},
	SecurityContext: &commonSecurityContext,
	LivenessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/livenessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3000,
				},
				Scheme: corev1.URISchemeHTTP,
			},
		},
		InitialDelaySeconds: 305,
		TimeoutSeconds:      5,
		PeriodSeconds:       300,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	ReadinessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/readinessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3000,
				},
				Scheme: corev1.URISchemeHTTP,
			},
		},
		InitialDelaySeconds: 15,
		TimeoutSeconds:      15,
		PeriodSeconds:       30,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	Resources: corev1.ResourceRequirements{},
}
View Source
var ReportResourceRequirements = corev1.ResourceRequirements{
	Limits: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu100,
		corev1.ResourceMemory: *memory90},
	Requests: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu50,
		corev1.ResourceMemory: *memory65},
}
View Source
var Seconds60 int64 = 60
View Source
var SecretCheckCmd = `set -- $SECRET_LIST; ` +
	`for secretDirName in $SECRET_DIR_LIST; do` +
	`  while true; do` +
	`    echo ` + "`date`" + `: Checking for secret $1;` +
	`    ls /sec/$secretDirName/* && break;` +
	`    echo ` + "`date`" + `: Required secret $1 not found ... try again in 30s;` +
	`    sleep 30;` +
	`  done;` +
	`  echo ` + "`date`" + `: Secret $1 found;` +
	`  shift; ` +
	`done; ` +
	`echo ` + "`date`" + `: All required secrets exist`
View Source
var SenderMainContainer = corev1.Container{
	Image:           "metering-data-manager",
	Name:            "metering-sender",
	ImagePullPolicy: corev1.PullAlways,

	VolumeMounts: []corev1.VolumeMount{
		LoglevelVolumeMount,
	},

	Env: []corev1.EnvVar{
		{
			Name:  "METERING_API_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_SELFMETER_PURGER_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_REPORTER2_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_PURGER2_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_PREAGGREGATOR_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_METRICS_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_READER_APIENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_MCM_RECEIVER_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_MCMREADER_ENABLED",
			Value: "false",
		},
		{
			Name:  "HC_DM_MCM_SENDER_ENABLED",
			Value: "true",
		},
	},
	LivenessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/livenessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3000,
				},
				Scheme: corev1.URISchemeHTTP,
			},
		},
		InitialDelaySeconds: 305,
		TimeoutSeconds:      5,
		PeriodSeconds:       300,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	ReadinessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/readinessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3000,
				},
				Scheme: corev1.URISchemeHTTP,
			},
		},
		InitialDelaySeconds: 15,
		TimeoutSeconds:      15,
		PeriodSeconds:       30,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	Resources:       corev1.ResourceRequirements{},
	SecurityContext: &commonSecurityContext,
}
View Source
var SenderResourceRequirements = corev1.ResourceRequirements{
	Limits: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu60,
		corev1.ResourceMemory: *memory320},
	Requests: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu50,
		corev1.ResourceMemory: *memory240},
}
View Source
var SenderSecretCheckCmd = SecretCheckCmd + ";" +
	`echo ` + "`date`" + `: Further, checking for kubeConfig secret...;` +
	`node /datamanager/lib/metering_init.js kubeconfig_secretcheck `
View Source
var TempDirVolume = corev1.Volume{
	Name: "tmp-dir",
	VolumeSource: corev1.VolumeSource{
		EmptyDir: &corev1.EmptyDirVolumeSource{},
	},
}
View Source
var TrueVar = true
View Source
var UICertVolume = corev1.Volume{
	Name: UICertVolumeName,
	VolumeSource: corev1.VolumeSource{
		Secret: &corev1.SecretVolumeSource{
			SecretName:  UICertSecretName,
			DefaultMode: &DefaultMode,
			Optional:    &TrueVar,
		},
	},
}
View Source
var UICertVolumeMountForMain = corev1.VolumeMount{
	Name:      UICertVolumeName,
	MountPath: "/certs/" + UICertDirName,
}
View Source
var UICertVolumeMountForSecretCheck = corev1.VolumeMount{
	Name:      UICertVolumeName,
	MountPath: "/sec/" + UICertDirName,
}
View Source
var UICertificateData = CertificateData{
	Name:      UICertName,
	Secret:    UICertSecretName,
	Common:    UICertCommonName,
	App:       UIDeploymentName,
	Component: UIDeploymentName,
}
View Source
var UIEnvVars = []corev1.EnvVar{
	{
		Name:  "IS_PRIVATECLOUD",
		Value: "true",
	},
	{
		Name:  "USE_PRIVATECLOUD_SECURITY",
		Value: "true",
	},
	{
		Name:  "DEFAULT_PLATFORM_IDENTITY_MANAGEMENT_SERVICE_PORT",
		Value: "4500",
	},
	{
		Name:  "DEFAULT_PLATFORM_HEADER_SERVICE_PORT",
		Value: "3000",
	},
}
View Source
var UIIngressData = IngressData{
	Name:        "metering-ui",
	Path:        "/metering/",
	Service:     "metering-ui",
	Port:        3130,
	Annotations: uiIngressAnnotations,
}
View Source
var UIMainContainer = corev1.Container{
	Image:           "metering-ui",
	Name:            "metering-ui",
	ImagePullPolicy: corev1.PullAlways,

	VolumeMounts: []corev1.VolumeMount{
		LoglevelVolumeMount,
	},

	Env: []corev1.EnvVar{
		{
			Name:  "ICP_DEFAULT_DASHBOARD",
			Value: "cpi.icp.main",
		},
		{
			Name:  "PORT",
			Value: "3130",
		},
		{
			Name:  "PROXY_URI",
			Value: "metering",
		},
		{
			Name:  "HC_UI_ISSSL",
			Value: "true",
		},
		{
			Name:  "HC_UI_SSL_CA",
			Value: "/certs/" + UICertDirName + "/ca.crt",
		},
		{
			Name:  "HC_UI_SSL_CERT",
			Value: "/certs/" + UICertDirName + "/tls.crt",
		},
		{
			Name:  "HC_UI_SSL_KEY",
			Value: "/certs/" + UICertDirName + "/tls.key",
		},
	},
	Ports: []corev1.ContainerPort{
		{ContainerPort: 3130},
	},
	LivenessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/unsecure/c2c/status/livenessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3130,
				},
				Scheme: corev1.URISchemeHTTPS,
			},
		},
		InitialDelaySeconds: 305,
		TimeoutSeconds:      5,
		PeriodSeconds:       300,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	ReadinessProbe: &corev1.Probe{
		Handler: corev1.Handler{
			HTTPGet: &corev1.HTTPGetAction{
				Path: "/unsecure/c2c/status/readinessProbe",
				Port: intstr.IntOrString{
					Type:   intstr.Int,
					IntVal: 3130,
				},
				Scheme: corev1.URISchemeHTTPS,
			},
		},
		InitialDelaySeconds: 15,
		TimeoutSeconds:      15,
		PeriodSeconds:       30,
		SuccessThreshold:    1,
		FailureThreshold:    3,
	},
	Resources:       corev1.ResourceRequirements{},
	SecurityContext: &commonSecurityContext,
}
View Source
var UIResourceRequirements = corev1.ResourceRequirements{
	Limits: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu100,
		corev1.ResourceMemory: *memory375},
	Requests: map[corev1.ResourceName]resource.Quantity{
		corev1.ResourceCPU:    *cpu50,
		corev1.ResourceMemory: *memory370},
}

Functions

func AnnotationsForPod

func AnnotationsForPod() map[string]string

AnnotationsForPod returns the annotations associated with the pod being created

func BuildCertificate

func BuildCertificate(instanceNamespace, instanceIssuer string, certData CertificateData) *certmgr.Certificate

BuildCertificate returns a Certificate object. Call controllerutil.SetControllerReference to set the owner and controller for the Certificate object created by this function.

func BuildCommonClusterEnvVars

func BuildCommonClusterEnvVars(instanceNamespace, instanceIAMnamespace string) []corev1.EnvVar

func BuildCommonVolumes

func BuildCommonVolumes(mongoDB operatorv1alpha1.MeteringSpecMongoDB, loglevelPrefix, loglevelType string) []corev1.Volume

set loglevelType to "log4js" when building volumes for metering-mcmui. set loglevelType to "loglevel" when building volumes for any other component.

func BuildIngress

func BuildIngress(namespace string, ingressData IngressData) *netv1.Ingress

BuildIngress returns an Ingress object. Call controllerutil.SetControllerReference to set the owner and controller for the Ingress object created by this function.

func BuildInitContainer

func BuildInitContainer(deploymentName, imageName string, envVars []corev1.EnvVar) corev1.Container

func BuildMongoDBEnvVars

func BuildMongoDBEnvVars(mongoDB operatorv1alpha1.MeteringSpecMongoDB) []corev1.EnvVar

func BuildReceiverEnvVars

func BuildReceiverEnvVars(multiCloudReceiverEnabled bool) []corev1.EnvVar

func BuildResourceRequirements

func BuildResourceRequirements(requestedResources, defaultResources corev1.ResourceRequirements) corev1.ResourceRequirements

returns a ResourceRequirements object. if any value in requestedResources is not zero, use that value to override the corresponding value in defaultResources.

func BuildSecretCheckContainer

func BuildSecretCheckContainer(deploymentName, imageName, checkerCommand string,
	mongoDB operatorv1alpha1.MeteringSpecMongoDB, additionalInfo *SecretCheckData) corev1.Container

checkerCommand is the command to be executed by the secret-check container. mongoDB contains the password names from the CR. additionalInfo contains info about additional secrets to check.

func BuildSenderClusterEnvVars

func BuildSenderClusterEnvVars(instanceNamespace, instanceClusterNamespace,
	instanceClusterName, hubKubeConfigSecret string) []corev1.EnvVar

func BuildUIClusterEnvVars

func BuildUIClusterEnvVars(instanceNamespace, instanceClusterName string,
	instanceUI operatorv1alpha1.MeteringSpecUI, isMcmUI bool) []corev1.EnvVar

set isMcmUI to true when building env vars for metering-mcmui. set isMcmUI to false when building env vars for any other component.

func BuildUISecretVolumeMounts

func BuildUISecretVolumeMounts(apiKeySecretName, platformOidcSecretName string) []corev1.VolumeMount

func BuildUISecretVolumes

func BuildUISecretVolumes(apiKeySecretName, platformOidcSecretName string) []corev1.Volume

func CheckRhacm

func CheckRhacm(cfg *rest.Config) error

CheckRhacm checks if RHACM exists

func GetAffinity

func GetAffinity(addAntiAffinity bool, appName string) *corev1.Affinity

GetAffinity returns the Affinity definition for a PodSpec. if AntiAffinity is needed, set addAntiAffinity to true and pass the app name.

func GetImageID

func GetImageID(instanceImageRegistry, instanceImageTagPostfix, defaultImageRegistry,
	imageName, envVarName, defaultImageTag string) string

GetImageID returns the ID of an operand image, either <imageName>@<SHA> or <imageName>:<tag>

func GetPodNames

func GetPodNames(pods []corev1.Pod) []string

GetPodNames returns the pod names of the array of pods passed in

func GetServiceAccountName

func GetServiceAccountName() string

GetServiceAccountName returns the service account name or default if it is not set in the environment

func GetTolerations

func GetTolerations() []corev1.Toleration

GetTolerations returns the Tolerations definition for a PodSpec.

func GetTopologySpreadConstraints

func GetTopologySpreadConstraints(appName string) []corev1.TopologySpreadConstraint

GetTopologySpreadConstraints returns the TopologySpreadConstraints definition for a PodSpec.

func IsAPIServiceEqual

func IsAPIServiceEqual(oldAPIService, newAPIService *apiregistrationv1.APIService) bool

Use DeepEqual to determine if 2 APIService are equal. Check labels, insecureSkipTLSVerify, service name and service namespace. If there are any differences, return false. Otherwise, return true.

func IsCertificateEqual

func IsCertificateEqual(oldCertificate, newCertificate *certmgr.Certificate) bool

Use DeepEqual to determine if 2 certificates are equal. Check ObjectMeta and Spec. If there are any differences, return false. Otherwise, return true.

func IsDaemonSetEqual

func IsDaemonSetEqual(oldDaemonSet, newDaemonSet *appsv1.DaemonSet) bool

Use DeepEqual to determine if 2 daemon sets are equal. Check labels, pod template labels, service account names, volumes, containers, init containers, image name, volume mounts, env vars, liveness, readiness. If there are any differences, return false. Otherwise, return true. oldDaemonSet is the daemon set that is currently running. newDaemonSet is what we expect the daemon set to look like.

func IsDeploymentEqual

func IsDeploymentEqual(oldDeployment, newDeployment *appsv1.Deployment) bool

Use DeepEqual to determine if 2 deployments are equal. Check labels, replicas, pod template labels, service account names, volumes, containers, init containers, image name, volume mounts, env vars, liveness, readiness. If there are any differences, return false. Otherwise, return true. oldDeployment is the deployment that is currently running. newDeployment is what we expect the deployment to look like.

func IsIngressEqual

func IsIngressEqual(oldIngress, newIngress *netv1.Ingress) bool

Use DeepEqual to determine if 2 ingresses are equal. Check ObjectMeta and Spec. If there are any differences, return false. Otherwise, return true.

func IsRouteEqual

func IsRouteEqual(oldRoute, newRoute *ocproutev1.Route) bool

Use DeepEqual to determine if 2 routes are equal. Check ObjectMeta, Port, Host and To. If there are any differences, return false. Otherwise, return true. oldRoute is the route that is currently running. newRoute is what we expect the route to look like.

func IsServiceEqual

func IsServiceEqual(oldService, newService *corev1.Service) bool

Use DeepEqual to determine if 2 services are equal. Check ObjectMeta, Ports and Selector. If there are any differences, return false. Otherwise, return true. oldService is the service that is currently running. newService is what we expect the service to look like.

func LabelsForMetadata

func LabelsForMetadata(deploymentName string) map[string]string

returns the labels associated with the resource being created

func LabelsForPodMetadata

func LabelsForPodMetadata(deploymentName string, crType string, crName string) map[string]string

returns the labels associated with the Pod being created

func LabelsForSelector

func LabelsForSelector(deploymentName string, crType string, crName string) map[string]string

returns the labels for selecting the resources belonging to the given metering CR name

func ReconcileCertificate

func ReconcileCertificate(client client.Client, instanceNamespace, certificateName string,
	newCertificate *certmgr.Certificate, needToRequeue *bool) error

Check if the Certificates already exist, if not create new ones.

func ReconcileDeployment

func ReconcileDeployment(client client.Client, instanceNamespace, deploymentName, deploymentType string,
	newDeployment *appsv1.Deployment, needToRequeue *bool) error

Check if a Deployment already exists. If not, create a new one.

func ReconcileIngress

func ReconcileIngress(client client.Client, instanceNamespace, ingressName, ingressType string,
	newIngress *netv1.Ingress, needToRequeue *bool) error

Check if the Ingress already exists, if not create a new one.

func ReconcileRoute

func ReconcileRoute(client client.Client, instanceNamespace, routeName, routeType string,
	newRoute *ocproutev1.Route, needToRequeue *bool) error

Check if a Route already exists. If not, create a new one.

func ReconcileService

func ReconcileService(client client.Client, instanceNamespace, serviceName, serviceType string,
	newService *corev1.Service, needToRequeue *bool) error

Check if a Service already exists. If not, create a new one.

Types

type CertificateData

type CertificateData struct {
	Name      string
	Secret    string
	Common    string
	App       string
	Component string
}

type IngressData

type IngressData struct {
	Name        string
	Path        string
	Service     string
	Port        int32
	Annotations map[string]string
}

type SecretCheckData

type SecretCheckData struct {
	Names        string
	Dirs         string
	VolumeMounts []corev1.VolumeMount
}

SecretCheckData contains info about additional secrets for the secret-check container. Names will be added to the SECRET_LIST env var. Dirs will be added to the SECRET_DIR_LIST env var. VolumeMounts contains the volume mounts associated with the secrets.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL