From 686a4756fc4749bdc5a97aa08955cc3a27d06ef1 Mon Sep 17 00:00:00 2001 From: Julien Vincent Date: Fri, 11 Feb 2022 17:38:51 +0000 Subject: [PATCH] Allow user-defined install namespace for operator (#122) * feature: replaced hardcoded namespace with chart release This replaces the hardcoded namespace of "opentelemetry-operator-system" (under the {{ template "opentelemetry-operator.namespace" . }} helper definition) with the user-defined release namespace accessed through {{ .Release.Namespace }} --- .github/workflows/lint-test.yaml | 3 ++- charts/opentelemetry-operator/Chart.yaml | 2 +- charts/opentelemetry-operator/README.md | 20 +++---------------- .../release/release-checklist.md | 2 +- .../templates/_helpers.tpl | 7 ------- .../mutatingwebhookconfiguration.yaml | 8 ++++---- .../validatingwebhookconfiguration.yaml | 10 +++++----- .../templates/certmanager.yaml | 8 ++++---- .../templates/clusterrolebinding.yaml | 4 ++-- .../templates/deployment.yaml | 2 +- .../templates/namespace.yaml | 9 --------- .../templates/role.yaml | 2 +- .../templates/rolebinding.yaml | 4 ++-- .../templates/service.yaml | 4 ++-- .../templates/serviceaccount.yaml | 2 +- charts/opentelemetry-operator/values.yaml | 5 ----- 16 files changed, 29 insertions(+), 63 deletions(-) delete mode 100644 charts/opentelemetry-operator/templates/namespace.yaml diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index e48a99cd8..4e1a803d0 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -59,7 +59,8 @@ jobs: until kubectl get ns opentelemetry-operator-system 2>&1 | grep "namespaces \"opentelemetry-operator-system\" not found"; do sleep 1; done sudo curl -Lo /usr/local/bin/kubectl-kuttl https://github.com/kudobuilder/kuttl/releases/download/v0.11.1/kubectl-kuttl_0.11.1_linux_x86_64 sudo chmod +x /usr/local/bin/kubectl-kuttl - helm install my-opentelemetry-operator ./charts/opentelemetry-operator + kubectl create namespace opentelemetry-operator-system + helm install --namespace=opentelemetry-operator-system my-opentelemetry-operator ./charts/opentelemetry-operator kubectl wait --timeout=5m --for=condition=available deployment opentelemetry-operator-controller-manager -n opentelemetry-operator-system git clone https://github.com/open-telemetry/opentelemetry-operator.git kubectl kuttl test ./opentelemetry-operator/tests/e2e --config ./charts/opentelemetry-operator/release/kuttl-test.yaml diff --git a/charts/opentelemetry-operator/Chart.yaml b/charts/opentelemetry-operator/Chart.yaml index 332590905..9c9249bf9 100644 --- a/charts/opentelemetry-operator/Chart.yaml +++ b/charts/opentelemetry-operator/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: opentelemetry-operator -version: 0.5.4 +version: 0.6.0 description: OpenTelemetry Operator Helm chart for Kubernetes type: application home: https://opentelemetry.io/ diff --git a/charts/opentelemetry-operator/README.md b/charts/opentelemetry-operator/README.md index f82c1cb33..ac239721d 100644 --- a/charts/opentelemetry-operator/README.md +++ b/charts/opentelemetry-operator/README.md @@ -58,26 +58,18 @@ _See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation ## Install Chart -If you didn't create the namespace `opentelemetry-operator-system` before (steps in the third method to generate the TLS cert), -the OpenTelemetry Operator chart will be installed in the namespace automatically. The installation command example is as below. - ```console $ helm install \ my-opentelemetry-operator open-telemetry/opentelemetry-operator ``` -However, if you create the namespace and place the TLS cert in the desired secret, you will need to set `createNamespace` -to `false` to make sure Helm won't try to create an existing namespace, which would cause an error. Installation command example is as below. +If you created a custom namespace, like in the TLS Certificate Requirement section above, you will need to specify the namespace with the `--namespace` helm option: ```console -$ helm install \ - my-opentelemetry-operator open-telemetry/opentelemetry-operator \ - --set createNamespace=false +$ helm install --namespace opentelemetry-operator-system \ + my-opentelemetry-operator open-telemetry/opentelemetry-operator ``` -Note that `--namespace` option here won't affect where the OpenTelemetry Operator and other resources this chart contains are installed. -It will only affect on where the Helm chart release info is stored, which is `default` namespace by default. - _See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ ## Uninstall Chart @@ -98,12 +90,6 @@ The OpenTelemetry Collector CRD created by this chart won't be removed by defaul $ kubectl delete crd opentelemetrycollectors.opentelemetry.io ``` -If the namespace wasn't created by the Helm chart, you'll need to manually remove it as well: - -```console -$ kubectl delete ns opentelemetry-operator-system -``` - ## Upgrade Chart ```console diff --git a/charts/opentelemetry-operator/release/release-checklist.md b/charts/opentelemetry-operator/release/release-checklist.md index 66f0612b2..638244693 100644 --- a/charts/opentelemetry-operator/release/release-checklist.md +++ b/charts/opentelemetry-operator/release/release-checklist.md @@ -10,7 +10,7 @@ - [ ] If you see any template files need to be updated, update them to maintain consistency with the ones in the manifest (especially be careful with `role.yaml` and `clusterrole.yaml`). \ Create a new YAML file under `templates` directory if it doesn't exist. Use `{{ template "opentelemetry-operator.name" . }}` to represent the name of OTEL Operator which probably is `opentelemetry-operator` in the manifest. - Use `{{ template "opentelemetry-operator.namespace" . }}` to represent the namespace which probably is `opentelemetry-operator-system` in the manifest. + Use `{{ .Release.Namespace }}` to represent the namespace. - [ ] Update `README` if there is a breaking change in the Operator Helm chart - [ ] Bump chart version in `Chart.yaml` diff --git a/charts/opentelemetry-operator/templates/_helpers.tpl b/charts/opentelemetry-operator/templates/_helpers.tpl index bb7161814..349637e33 100644 --- a/charts/opentelemetry-operator/templates/_helpers.tpl +++ b/charts/opentelemetry-operator/templates/_helpers.tpl @@ -19,10 +19,3 @@ Selector labels app.kubernetes.io/name: {{ include "opentelemetry-operator.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} - -{{/* -Define the namespace where the resources in the chart will be installed. -*/}} -{{- define "opentelemetry-operator.namespace" -}} -opentelemetry-operator-system -{{- end -}} diff --git a/charts/opentelemetry-operator/templates/admission-webhooks/mutatingwebhookconfiguration.yaml b/charts/opentelemetry-operator/templates/admission-webhooks/mutatingwebhookconfiguration.yaml index 681977847..2c9a86c94 100644 --- a/charts/opentelemetry-operator/templates/admission-webhooks/mutatingwebhookconfiguration.yaml +++ b/charts/opentelemetry-operator/templates/admission-webhooks/mutatingwebhookconfiguration.yaml @@ -3,7 +3,7 @@ apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: annotations: - cert-manager.io/inject-ca-from: {{ printf "%s/%s-serving-cert" (include "opentelemetry-operator.namespace" .) (include "opentelemetry-operator.name" .) }} + cert-manager.io/inject-ca-from: {{ printf "%s/%s-serving-cert" .Release.Namespace (include "opentelemetry-operator.name" .) }} labels: app.kubernetes.io/name: opentelemetry-operator name: {{ template "opentelemetry-operator.name" . }}-mutating-webhook-configuration @@ -13,7 +13,7 @@ webhooks: clientConfig: service: name: {{ template "opentelemetry-operator.name" . }}-webhook-service - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} path: /mutate-opentelemetry-io-v1alpha1-instrumentation failurePolicy: Fail name: minstrumentation.kb.io @@ -33,7 +33,7 @@ webhooks: clientConfig: service: name: {{ template "opentelemetry-operator.name" . }}-webhook-service - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} path: /mutate-opentelemetry-io-v1alpha1-opentelemetrycollector failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }} name: mopentelemetrycollector.kb.io @@ -53,7 +53,7 @@ webhooks: clientConfig: service: name: {{ template "opentelemetry-operator.name" . }}-webhook-service - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} path: /mutate-v1-pod failurePolicy: Ignore name: mpod.kb.io diff --git a/charts/opentelemetry-operator/templates/admission-webhooks/validatingwebhookconfiguration.yaml b/charts/opentelemetry-operator/templates/admission-webhooks/validatingwebhookconfiguration.yaml index 2b9097ac3..ad3c7e3bb 100644 --- a/charts/opentelemetry-operator/templates/admission-webhooks/validatingwebhookconfiguration.yaml +++ b/charts/opentelemetry-operator/templates/admission-webhooks/validatingwebhookconfiguration.yaml @@ -3,7 +3,7 @@ apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: annotations: - cert-manager.io/inject-ca-from: {{ printf "%s/%s-serving-cert" (include "opentelemetry-operator.namespace" .) (include "opentelemetry-operator.name" .) }} + cert-manager.io/inject-ca-from: {{ printf "%s/%s-serving-cert" .Release.Namespace (include "opentelemetry-operator.name" .) }} labels: app.kubernetes.io/name: opentelemetry-operator name: {{ template "opentelemetry-operator.name" . }}-validating-webhook-configuration @@ -13,7 +13,7 @@ webhooks: clientConfig: service: name: {{ template "opentelemetry-operator.name" . }}-webhook-service - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} path: /validate-opentelemetry-io-v1alpha1-instrumentation failurePolicy: Fail name: vinstrumentationcreateupdate.kb.io @@ -33,7 +33,7 @@ webhooks: clientConfig: service: name: {{ template "opentelemetry-operator.name" . }}-webhook-service - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} path: /validate-opentelemetry-io-v1alpha1-instrumentation failurePolicy: Ignore name: vinstrumentationdelete.kb.io @@ -52,7 +52,7 @@ webhooks: clientConfig: service: name: {{ template "opentelemetry-operator.name" . }}-webhook-service - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} path: /validate-opentelemetry-io-v1alpha1-opentelemetrycollector failurePolicy: {{ .Values.admissionWebhooks.failurePolicy }} name: vopentelemetrycollectorcreateupdate.kb.io @@ -72,7 +72,7 @@ webhooks: clientConfig: service: name: {{ template "opentelemetry-operator.name" . }}-webhook-service - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} path: /validate-opentelemetry-io-v1alpha1-opentelemetrycollector failurePolicy: Ignore name: vopentelemetrycollectordelete.kb.io diff --git a/charts/opentelemetry-operator/templates/certmanager.yaml b/charts/opentelemetry-operator/templates/certmanager.yaml index cd2fac761..8fcd791e6 100644 --- a/charts/opentelemetry-operator/templates/certmanager.yaml +++ b/charts/opentelemetry-operator/templates/certmanager.yaml @@ -5,11 +5,11 @@ metadata: labels: app.kubernetes.io/name: opentelemetry-operator name: {{ template "opentelemetry-operator.name" . }}-serving-cert - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} spec: dnsNames: - - {{ template "opentelemetry-operator.name" . }}-webhook-service.{{ template "opentelemetry-operator.namespace" . }}.svc - - {{ template "opentelemetry-operator.name" . }}-webhook-service.{{ template "opentelemetry-operator.namespace" . }}.svc.cluster.local + - {{ template "opentelemetry-operator.name" . }}-webhook-service.{{ .Release.Namespace }}.svc + - {{ template "opentelemetry-operator.name" . }}-webhook-service.{{ .Release.Namespace }}.svc.cluster.local issuerRef: {{- if .Values.admissionWebhooks.certManager.issuerRef }} {{- toYaml .Values.admissionWebhooks.certManager.issuerRef | nindent 4 }} @@ -29,7 +29,7 @@ metadata: labels: app.kubernetes.io/name: opentelemetry-operator name: {{ template "opentelemetry-operator.name" . }}-selfsigned-issuer - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} spec: selfSigned: {} {{- end }} diff --git a/charts/opentelemetry-operator/templates/clusterrolebinding.yaml b/charts/opentelemetry-operator/templates/clusterrolebinding.yaml index ed43cfb43..44831f13c 100644 --- a/charts/opentelemetry-operator/templates/clusterrolebinding.yaml +++ b/charts/opentelemetry-operator/templates/clusterrolebinding.yaml @@ -11,7 +11,7 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "opentelemetry-operator.name" . }}-controller-manager - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -26,4 +26,4 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "opentelemetry-operator.name" . }}-controller-manager - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/opentelemetry-operator/templates/deployment.yaml b/charts/opentelemetry-operator/templates/deployment.yaml index 6c91e0abd..894e05a50 100644 --- a/charts/opentelemetry-operator/templates/deployment.yaml +++ b/charts/opentelemetry-operator/templates/deployment.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/name: opentelemetry-operator control-plane: controller-manager name: {{ template "opentelemetry-operator.name" . }}-controller-manager - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} spec: replicas: 1 selector: diff --git a/charts/opentelemetry-operator/templates/namespace.yaml b/charts/opentelemetry-operator/templates/namespace.yaml deleted file mode 100644 index 2b1fd230b..000000000 --- a/charts/opentelemetry-operator/templates/namespace.yaml +++ /dev/null @@ -1,9 +0,0 @@ -{{- if .Values.createNamespace }} -apiVersion: v1 -kind: Namespace -metadata: - labels: - app.kubernetes.io/name: opentelemetry-operator - control-plane: controller-manager - name: {{ template "opentelemetry-operator.namespace" . }} -{{- end }} diff --git a/charts/opentelemetry-operator/templates/role.yaml b/charts/opentelemetry-operator/templates/role.yaml index 4b777be8c..a538623cb 100644 --- a/charts/opentelemetry-operator/templates/role.yaml +++ b/charts/opentelemetry-operator/templates/role.yaml @@ -4,7 +4,7 @@ metadata: labels: app.kubernetes.io/name: opentelemetry-operator name: {{ template "opentelemetry-operator.name" . }}-leader-election-role - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} rules: - apiGroups: - "" diff --git a/charts/opentelemetry-operator/templates/rolebinding.yaml b/charts/opentelemetry-operator/templates/rolebinding.yaml index fabd6c7f1..46030e061 100644 --- a/charts/opentelemetry-operator/templates/rolebinding.yaml +++ b/charts/opentelemetry-operator/templates/rolebinding.yaml @@ -4,7 +4,7 @@ metadata: labels: app.kubernetes.io/name: opentelemetry-operator name: {{ template "opentelemetry-operator.name" . }}-leader-election-rolebinding - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -12,4 +12,4 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "opentelemetry-operator.name" . }}-controller-manager - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/opentelemetry-operator/templates/service.yaml b/charts/opentelemetry-operator/templates/service.yaml index 502f29f71..9a64483aa 100644 --- a/charts/opentelemetry-operator/templates/service.yaml +++ b/charts/opentelemetry-operator/templates/service.yaml @@ -5,7 +5,7 @@ metadata: app.kubernetes.io/name: opentelemetry-operator control-plane: controller-manager name: {{ template "opentelemetry-operator.name" . }}-controller-manager-metrics-service - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} spec: ports: - name: https @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/name: opentelemetry-operator name: {{ template "opentelemetry-operator.name" . }}-webhook-service - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} spec: ports: - port: 443 diff --git a/charts/opentelemetry-operator/templates/serviceaccount.yaml b/charts/opentelemetry-operator/templates/serviceaccount.yaml index 1af9598a1..2a48c09a7 100644 --- a/charts/opentelemetry-operator/templates/serviceaccount.yaml +++ b/charts/opentelemetry-operator/templates/serviceaccount.yaml @@ -4,4 +4,4 @@ metadata: labels: app.kubernetes.io/name: opentelemetry-operator name: {{ template "opentelemetry-operator.name" . }}-controller-manager - namespace: {{ template "opentelemetry-operator.namespace" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/opentelemetry-operator/values.yaml b/charts/opentelemetry-operator/values.yaml index 47bf5e0ed..4c318cb7b 100644 --- a/charts/opentelemetry-operator/values.yaml +++ b/charts/opentelemetry-operator/values.yaml @@ -6,11 +6,6 @@ ## nameOverride: "" -## Create the opentelemetry-operator-system namespace where the operator will be installed to. -## Disable this if you have already created the namespace. -## -createNamespace: true - ## Provide OpenTelemetry Operator manager container image and resources. ## manager: