Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add DeploymentTracker CustomResourceDefinition and configure RBAC for deployment-tracker service account. #3

Merged
merged 1 commit into from
Oct 24, 2024
Merged

Add DeploymentTracker CustomResourceDefinition and configure RBAC for deployment-tracker service account. #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
124 changes: 116 additions & 8 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,24 +56,120 @@ helm install deploy-watcher ddukbg/k8s-deploy-watcher \
### 수동 설치

```bash
# 저장소 클론
git clone https://github.com/ddukbg/k8s-deploy-watcher.git
cd k8s-deploy-watcher

# CRD 및 RBAC 설치
# 1. CRD 및 RBAC 설정 적용
kubectl apply -f config/crd/deployment_tracker.yaml
kubectl apply -f config/rbac/
kubectl apply -f config/rbac/role.yaml
kubectl apply -f config/rbac/role_binding.yaml

# 2. Operator Deployment 생성 및 적용
cat <<EOF > config/manager/manager.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: k8s-deploy-watcher
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: k8s-deploy-watcher
template:
metadata:
labels:
app: k8s-deploy-watcher
spec:
serviceAccountName: deployment-tracker
containers:
- name: manager
image: ${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/k8s-deploy-watcher:latest
ports:
- containerPort: 8080
name: metrics
- containerPort: 8081
name: health
livenessProbe:
httpGet:
path: /healthz
port: 8081
readinessProbe:
httpGet:
path: /readyz
port: 8081
resources:
limits:
cpu: 500m
memory: 256Mi
requests:
cpu: 200m
memory: 128Mi
EOF

# Operator 배포
kubectl apply -f config/manager/manager.yaml

# 3. Operator Pod 실행 상태 확인
kubectl get pods -l app=k8s-deploy-watcher
kubectl logs -l app=k8s-deploy-watcher

# 4. 테스트용 Deployment 생성
cat <<EOF > nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
EOF

kubectl apply -f nginx-deployment.yaml

# 5. DeploymentTracker CR 생성
cat <<EOF > tracker-example.yaml
apiVersion: ddukbg.k8s/v1alpha1
kind: DeploymentTracker
metadata:
name: nginx-tracker
spec:
deploymentName: nginx
namespace: default
notify:
slack: "https://hooks.slack.com/services/YOUR-WEBHOOK-URL"
retryCount: 3
alertOnFail: true
EOF

kubectl apply -f tracker-example.yaml

# 6. DeploymentTracker 상태 확인
kubectl get deploymenttracker
kubectl describe deploymenttracker nginx-tracker

# 7. 배포 변경으로 테스트
kubectl set image deployment/nginx nginx=nginx:1.25.0

# 8. 로그 및 Slack 알림 확인
kubectl logs -l app=k8s-deploy-watcher
```

## 📋 사용 방법

### 1. DeploymentTracker 리소스 생성

```yaml
apiVersion: ddukbg/v1alpha1
# Deployment 단일 대상으로 지정
apiVersion: ddukbg.k8s/v1alpha1
kind: DeploymentTracker
metadata:
name: my-app-tracker
Expand All @@ -87,6 +183,18 @@ spec:
alertOnFail: true
```

```yaml
# All 모든 배포 대상으로 지정(미구현)
apiVersion: ddukbg/v1alpha1
kind: DeploymentTracker
metadata:
name: all-deployments-tracker
spec:
notify:
slack: "https://hooks.slack.com/services/..."
email: "[email protected]"
```

### 2. 상태 확인

```bash
Expand Down
7 changes: 7 additions & 0 deletions chart/k8s-deploy-watcher/templates/serviceaccount.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.name | default "deployment-tracker" }}
namespace: {{ .Values.serviceAccount.namespace | default "default" }}
labels:
app: {{ .Chart.Name }}
16 changes: 8 additions & 8 deletions config/crd/deployment_tracker.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: deploymenttrackers.ddukbg
name: deploymenttrackers.ddukbg.k8s
spec:
group: ddukbg
group: ddukbg.k8s
names:
kind: DeploymentTracker
plural: deploymenttrackers
Expand All @@ -15,7 +15,7 @@ spec:
- name: v1alpha1
served: true
storage: true
additionalPrinterColumns: # 추가: kubectl get 명령어에서 보이는 컬럼
additionalPrinterColumns:
- name: Ready
type: boolean
jsonPath: .status.ready
Expand All @@ -25,11 +25,11 @@ spec:
schema:
openAPIV3Schema:
type: object
required: ["spec"] # spec을 필수값으로 지정
required: ["spec"]
properties:
spec:
type: object
required: ["deploymentName"] # deploymentName을 필수값으로 지정
required: ["deploymentName"]
properties:
deploymentName:
type: string
Expand All @@ -40,10 +40,10 @@ spec:
properties:
slack:
type: string
pattern: '^https://hooks\.slack\.com/services/.*$' # Slack URL 형식 검증
pattern: '^https://hooks\.slack\.com/services/.*$'
email:
type: string
pattern: '^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$' # 이메일 형식 검증
pattern: '^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
retryCount:
type: integer
minimum: 0
Expand All @@ -65,4 +65,4 @@ spec:
message:
type: string
subresources:
status: {} # status 서브리소스 활성화
status: {}
39 changes: 39 additions & 0 deletions config/manager/manager.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: k8s-deploy-watcher
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: k8s-deploy-watcher
template:
metadata:
labels:
app: k8s-deploy-watcher
spec:
serviceAccountName: deployment-tracker
containers:
- name: manager
image: ddukbg/k8s-deploy-watcher:latest
ports:
- containerPort: 8080
name: metrics
- containerPort: 8081
name: health
livenessProbe:
httpGet:
path: /healthz
port: 8081
readinessProbe:
httpGet:
path: /readyz
port: 8081
resources:
limits:
cpu: 500m
memory: 256Mi
requests:
cpu: 200m
memory: 128Mi
5 changes: 5 additions & 0 deletions config/manager/serviceaccount.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: deployment-tracker
namespace: default
4 changes: 2 additions & 2 deletions config/rbac/role.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ kind: ClusterRole
metadata:
name: deployment-tracker-role
rules:
- apiGroups: ["ddukbg"]
- apiGroups: ["ddukbg.k8s"]
resources: ["deploymenttrackers"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["apps"]
Expand All @@ -12,6 +12,6 @@ rules:
- apiGroups: [""]
resources: ["events"]
verbs: ["create"]
- apiGroups: ["ddukbg"]
- apiGroups: ["ddukbg.k8s"]
resources: ["deploymenttrackers/status"]
verbs: ["get", "update", "patch"]
Loading