diff --git a/stacks/gopaddle-lite/clusterrole.yaml b/stacks/gopaddle-lite/clusterrole.yaml deleted file mode 100644 index 3e931fa6..00000000 --- a/stacks/gopaddle-lite/clusterrole.yaml +++ /dev/null @@ -1,344 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRole","metadata":{"annotations":{},"name":"gopaddle"},"rules":[{"apiGroups":["apps"],"resources":["deployments","statefulsets","replicasets","daemonsets","configmaps","endpoints","limitranges","namespaces","nodes","persistentvolumeclaims","persistentvolumes","pods","replicationcontrollers","resourcequotas","secrets","services"],"verbs":["get","list","watch","create","update","patch","delete","deletecollection"]},{"apiGroups":["batch"],"resources":["jobs","cronjobs"],"verbs":["get","list","watch","create","update","patch","delete","deletecollection"]},{"apiGroups":["autoscaling"],"resources":["horizontalpodautoscalers"],"verbs":["get","list","watch","create","update","patch","delete","deletecollection"]},{"apiGroups":[""],"resources":["rollBacks","namespaces","services","configmaps","secrets","pods","pods/log","pods/status","persistentVolumes","persistentVolumeClaims","networkpolicies","serviceaccounts","endpoints","limitranges","persistentvolumeclaims","persistentvolumes","replicationcontrollers","resourcequotas","ingresses","nodes/proxy","events","bindings"],"verbs":["get","list","watch","create","update","patch","delete","deletecollection"]},{"apiGroups":["extensions","networking.k8s.io"],"resources":["networkpolicies","ingresses","ingresses/status","daemonsets","deployments","replicasets","daemonsets/status","deployments/scale","deployments/status","replicasets/scale","replicasets/status","replicationcontrollers/scale"],"verbs":["get","list","watch","create","update","patch","delete","deletecollection"]},{"apiGroups":["extensions","networking.k8s.io"],"resources":["ingressclasses"],"verbs":["get","list","watch","update"]},{"apiGroups":["extensions"],"resources":["daemonsets","deployments","replicasets","ingresses/status"],"verbs":["get","list","watch","create","update","patch","delete","deletecollection"]},{"apiGroups":["storage.k8s.io"],"resources":["storageclasses"],"verbs":["get","list","watch","create","update","patch","delete","deletecollection"]},{"apiGroups":["rbac.authorization.k8s.io"],"resources":["roles","rolebindings","clusterroles","clusterrolebindings"],"verbs":["get","list","watch","create","update","patch","delete","deletecollection"]},{"apiGroups":[""],"resources":["nodes"],"verbs":["get","list","watch","update"]},{"nonResourceURLs":["/metrics","/api/*/v1/*/application/clusterInfo/*/datacollector/eventhandler"],"verbs":["get"]},{"apiGroups":[""],"resources":["namespaces","namespaces/status","nodes","persistentvolumeclaims","persistentvolumeclaims/status","pods","services","services/status","resourcequotas","replicationcontrollers","replicationcontrollers/scale","replicationcontrollers/status","limitranges","persistentvolumeclaims","persistentvolumes","endpoints","secrets","configmaps","resourcequotas/status"],"verbs":["list","get","watch"]},{"apiGroups":["extensions"],"resources":["daemonsets","deployments","replicasets"],"verbs":["list","watch"]},{"apiGroups":["apps"],"resources":["statefulsets"],"verbs":["get","list","watch"]},{"apiGroups":["batch"],"resources":["cronjobs","jobs","jobs/status","cronjobs/status"],"verbs":["list","watch","get"]},{"apiGroups":["autoscaling"],"resources":["horizontalpodautoscalers","horizontalpodautoscalers/status"],"verbs":["list","get","watch"]},{"apiGroups":[""],"resourceNames":["ingress-controller-leader"],"resources":["configmaps"],"verbs":["get","update"]},{"apiGroups":[""],"resources":["configmaps"],"verbs":["create"]},{"apiGroups":["apps"],"resources":["controllerrevisions","daemonsets/status","deployments/scale","deployments/status","statefulsets/scale","statefulsets/status","replicasets/scale","replicasets/status"],"verbs":["get","list","watch"]},{"apiGroups":["discovery.k8s.io"],"resources":["endpointslices"],"verbs":["get","list","watch"]},{"apiGroups":["policy"],"resources":["poddisruptionbudgets","poddisruptionbudgets/status"],"verbs":["get","list","watch"]},{"apiGroups":["acme.cert-manager.io"],"resources":["challenges","orders"],"verbs":["get","list","watch"]},{"apiGroups":["cert-manager.io"],"resources":["certificaterequests","issuers","certificates"],"verbs":["get","list","watch"]},{"apiGroups":["metrics.k8s.io"],"resources":["nodes","pods"],"verbs":["get","list","watch"]},{"apiGroups":[""],"resources":["pods/exec"],"verbs":["create"]}]} - name: gopaddle -rules: -- apiGroups: - - "" - resources: - - volumeattachments - verbs: - - list - - watch -- apiGroups: - - apps - resources: - - deployments - - statefulsets - - replicasets - - daemonsets - - configmaps - - endpoints - - limitranges - - namespaces - - nodes - - persistentvolumeclaims - - persistentvolumes - - pods - - replicationcontrollers - - resourcequotas - - secrets - - services - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - deletecollection -- apiGroups: - - batch - resources: - - jobs - - cronjobs - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - deletecollection -- apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - deletecollection -- apiGroups: - - "" - resources: - - rollBacks - - namespaces - - services - - configmaps - - secrets - - pods - - pods/log - - pods/status - - persistentVolumes - - persistentVolumeClaims - - networkpolicies - - serviceaccounts - - endpoints - - limitranges - - persistentvolumeclaims - - persistentvolumes - - replicationcontrollers - - resourcequotas - - ingresses - - nodes/proxy - - events - - bindings - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - deletecollection -- apiGroups: - - extensions - - networking.k8s.io - resources: - - networkpolicies - - ingresses - - ingresses/status - - daemonsets - - deployments - - replicasets - - daemonsets/status - - deployments/scale - - deployments/status - - replicasets/scale - - replicasets/status - - replicationcontrollers/scale - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - deletecollection -- apiGroups: - - extensions - - networking.k8s.io - resources: - - ingressclasses - verbs: - - get - - list - - watch - - update -- apiGroups: - - extensions - resources: - - daemonsets - - deployments - - replicasets - - ingresses/status - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - deletecollection -- apiGroups: - - storage.k8s.io - resources: - - storageclasses - - volumeattachments - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - deletecollection -- apiGroups: - - rbac.authorization.k8s.io - resources: - - roles - - rolebindings - - clusterroles - - clusterrolebindings - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - deletecollection -- apiGroups: - - "" - resources: - - nodes - verbs: - - get - - list - - watch - - update -- nonResourceURLs: - - /metrics - - /api/*/v1/*/application/clusterInfo/*/datacollector/eventhandler - verbs: - - get -- apiGroups: - - "" - resources: - - namespaces - - namespaces/status - - nodes - - persistentvolumeclaims - - persistentvolumeclaims/status - - pods - - services - - services/status - - resourcequotas - - replicationcontrollers - - replicationcontrollers/scale - - replicationcontrollers/status - - limitranges - - persistentvolumeclaims - - persistentvolumes - - endpoints - - secrets - - configmaps - - resourcequotas/status - - storageclasses - verbs: - - list - - get - - watch -- apiGroups: - - extensions - resources: - - daemonsets - - deployments - - replicasets - verbs: - - list - - watch -- apiGroups: - - apps - resources: - - statefulsets - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - cronjobs - - jobs - - jobs/status - - cronjobs/status - verbs: - - list - - watch - - get -- apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers - - horizontalpodautoscalers/status - verbs: - - list - - get - - watch -- apiGroups: - - "" - resourceNames: - - ingress-controller-leader - resources: - - configmaps - verbs: - - get - - update -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create -- apiGroups: - - apps - resources: - - controllerrevisions - - daemonsets/status - - deployments/scale - - deployments/status - - statefulsets/scale - - statefulsets/status - - replicasets/scale - - replicasets/status - verbs: - - get - - list - - watch -- apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - get - - list - - watch -- apiGroups: - - policy - resources: - - poddisruptionbudgets - - poddisruptionbudgets/status - verbs: - - get - - list - - watch -- apiGroups: - - acme.cert-manager.io - resources: - - challenges - - orders - verbs: - - get - - list - - watch -- apiGroups: - - cert-manager.io - resources: - - certificaterequests - - issuers - - certificates - verbs: - - get - - list - - watch -- apiGroups: - - metrics.k8s.io - resources: - - nodes - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - pods/exec - verbs: - - create diff --git a/stacks/gopaddle-lite/clusterrolebinding.yaml b/stacks/gopaddle-lite/clusterrolebinding.yaml deleted file mode 100644 index d556eb5e..00000000 --- a/stacks/gopaddle-lite/clusterrolebinding.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - annotations: - kubectl.kubernetes.io/last-applied-configuration: | - {"apiVersion":"rbac.authorization.k8s.io/v1","kind":"ClusterRoleBinding","metadata":{"annotations":{},"name":"gopaddle"},"roleRef":{"apiGroup":"rbac.authorization.k8s.io","kind":"ClusterRole","name":"gopaddle"},"subjects":[{"kind":"ServiceAccount","name":"default","namespace":"gp-lite-4-2"}]} - name: gopaddle -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: gopaddle -subjects: -- kind: ServiceAccount - name: default - namespace: gp-lite-4-2 diff --git a/stacks/gopaddle-lite/deploy.sh b/stacks/gopaddle-lite/deploy.sh index 8a2b32a7..bebc0515 100755 --- a/stacks/gopaddle-lite/deploy.sh +++ b/stacks/gopaddle-lite/deploy.sh @@ -11,35 +11,18 @@ helm repo update > /dev/null ################################################################################ # chart ################################################################################ -STACK="gp-lite-4-2" -CHART="gopaddle/gp-installer" -CHART_VERSION="4.2.6" -NAMESPACE="gp-lite-4-2" +STACK="gopaddle" +CHART="gopaddle/gopaddle" +CHART_VERSION="5.0" +NAMESPACE="gopaddle" if [ -z "${MP_KUBERNETES}" ]; then # use local version of values.yml ROOT_DIR=$(git rev-parse --show-toplevel) values="$ROOT_DIR/stacks/gopaddle-lite/values.yml" - clusterrole="$ROOT_DIR/stacks/gopaddle-lite/clusterrole.yaml" - clusterrolebinding="$ROOT_DIR/stacks/gopaddle-lite/clusterrolebinding.yaml" else # use github hosted master version of values.yml values="https://raw.githubusercontent.com/digitalocean/marketplace-kubernetes/master/stacks/gopaddle-lite/values.yml" - clusterrole="https://raw.githubusercontent.com/digitalocean/marketplace-kubernetes/master/stacks/gopaddle-lite/clusterrole.yaml" - clusterrolebinding="https://raw.githubusercontent.com/digitalocean/marketplace-kubernetes/master/stacks/gopaddle-lite/clusterrolebinding.yaml" -fi - -kubectl apply -f "$clusterrole" -kubectl apply -f "$clusterrolebinding" - -# Get the first node's external IP, if it exists -FIRST_NODE_EXT_IP=$(kubectl get nodes -o jsonpath='{$.items[0].status.addresses[?(@.type=="ExternalIP")].address}' 2>/dev/null) - -# If there's no external IP, get the internal IP -if [ -z "$FIRST_NODE_EXT_IP" ]; then - FIRST_NODE_IP=$(kubectl get nodes -o jsonpath='{$.items[0].status.addresses[?(@.type=="InternalIP")].address}' 2>/dev/null) -else - FIRST_NODE_IP="$FIRST_NODE_EXT_IP" fi helm upgrade "$STACK" "$CHART" \ @@ -49,5 +32,4 @@ helm upgrade "$STACK" "$CHART" \ --timeout 15m0s \ --namespace "$NAMESPACE" \ --values "$values" \ - --set global.cluster.nodeIP="$FIRST_NODE_IP" \ --version "$CHART_VERSION" diff --git a/stacks/gopaddle-lite/uninstall.sh b/stacks/gopaddle-lite/uninstall.sh index 71fac918..0d79f1c9 100755 --- a/stacks/gopaddle-lite/uninstall.sh +++ b/stacks/gopaddle-lite/uninstall.sh @@ -5,31 +5,12 @@ set -e ################################################################################ # chart ################################################################################ -STACK="gp-lite-4-2" -NAMESPACE="gp-lite-4-2" -ADDON_NAMESPACE="gopaddle-servers" -ADDON_CLUSTER_ROLE="gopaddle:nginx-ingress-clusterrole" -ADDON_CLUSTER_ROLEBINDING="gopaddle:event-exporter-rb" - -if [ -z "${MP_KUBERNETES}" ]; then - # use local version of values.yml - ROOT_DIR=$(git rev-parse --show-toplevel) - clusterrole="$ROOT_DIR/stacks/gopaddle-lite/clusterrole.yaml" - clusterrolebinding="$ROOT_DIR/stacks/gopaddle-lite/clusterrolebinding.yaml" -else - # use github hosted master version of values.yml - clusterrole="https://raw.githubusercontent.com/digitalocean/marketplace-kubernetes/master/stacks/gopaddle-lite/clusterrole.yaml" - clusterrolebinding="https://raw.githubusercontent.com/digitalocean/marketplace-kubernetes/master/stacks/gopaddle-lite/clusterrolebinding.yaml" -fi - -kubectl delete -f "$clusterrole" --ignore-not-found=true -kubectl delete -f "$clusterrolebinding" --ignore-not-found=true +STACK="gopaddle" +NAMESPACE="gopaddle" helm uninstall "$STACK" \ --namespace "$NAMESPACE" kubectl delete ns "$NAMESPACE" --ignore-not-found=true -kubectl delete ns "$ADDON_NAMESPACE" --ignore-not-found=true -kubectl delete clusterrole "$ADDON_CLUSTER_ROLE" --ignore-not-found=true -kubectl delete clusterrolebinding "$ADDON_CLUSTER_ROLEBINDING" --ignore-not-found=true - +kubectl delete clusterrole gopaddle --ignore-not-found=true +kubectl delete clusterrolebinding gopaddle --ignore-not-found=true diff --git a/stacks/gopaddle-lite/upgrade.sh b/stacks/gopaddle-lite/upgrade.sh index 8b6f5197..d5d38fdc 100755 --- a/stacks/gopaddle-lite/upgrade.sh +++ b/stacks/gopaddle-lite/upgrade.sh @@ -11,10 +11,10 @@ helm repo update > /dev/null ################################################################################ # chart ################################################################################ -STACK="gp-lite-4-2" -CHART="gopaddle/gp-installer" -NAMESPACE="gp-lite-4-2" -CHART_VERSION="4.2.6" +OLD_STACK="gp-lite-4-2" +OLD_CHART="gopaddle/gp-installer" +OLD_NAMESPACE="gp-lite-4-2" +CHART_VERSION="5" if [ -z "${MP_KUBERNETES}" ]; then @@ -26,18 +26,9 @@ else values="https://raw.githubusercontent.com/digitalocean/marketplace-kubernetes/master/stacks/gopaddle-lite/values.yml" fi -# Get the first node's external IP, if it exists -FIRST_NODE_EXT_IP=$(kubectl get nodes -o jsonpath='{$.items[0].status.addresses[?(@.type=="ExternalIP")].address}' 2>/dev/null) +kubectl delete all --all --namespace "$OLD_NAMESPACE" --ignore-not-found=true -# If there's no external IP, get the internal IP -if [ -z "$FIRST_NODE_EXT_IP" ]; then - FIRST_NODE_IP=$(kubectl get nodes -o jsonpath='{$.items[0].status.addresses[?(@.type=="InternalIP")].address}' 2>/dev/null) -else - FIRST_NODE_IP="$FIRST_NODE_EXT_IP" -fi - -helm upgrade "$STACK" "$CHART" \ - --namespace "$NAMESPACE" \ +helm upgrade "$OLD_STACK" "$OLD_CHART" \ + --namespace "$OLD_NAMESPACE" \ --values "$values" \ - --set global.cluster.nodeIP="$FIRST_NODE_IP" \ --version "$CHART_VERSION" diff --git a/stacks/gopaddle-lite/values.yml b/stacks/gopaddle-lite/values.yml index 7cbaa455..857b8183 100644 --- a/stacks/gopaddle-lite/values.yml +++ b/stacks/gopaddle-lite/values.yml @@ -1,144 +1,2 @@ -# gopaddle/gopaddle-lite -global: - # ****************************************************** - # installer: Parameters required to install the required gopaddle edition and the depepdency charts - # - edition: Possible values - 'Enterprise' or 'Lite' - # (1) Enterprise - Installs the Enterprise edition of gopaddle - # (2) Lite - Install the community edition of gopaddle - # - chart: Sub-chart to be installed. - # 'gp-core' sub-chart has the gopaddle core services. - # 'rabbitmq' sub-chart has the rabbitmq service required for gopaddle build agent. - # Order of installation: gp-core services require rabbitmq services to be up and running. - # Install 'rabbitmq' chart before installing 'gp-core'. - # (1) gp-core - installs the services under 'gp-core' dependency chart - # (2) rabbitmq - installs the services under 'rabbitmq' dependency chart. - # ****************************************************** - installer: - edition: lite - arch: adm64 - chart: - gp-core: true - rabbitmq: true - - # ****************************************************** - # airgapped: Parameters to configure when gopaddle is installed in airgapped mode - # - enabled: Set it to 'true' to enable airgapped installation - # ie., when OUTBOUND access from the cluster to the internet is limited - # Pre-requisite: Load the gopaddle images to the cluster local cache (or) in to private - # Docker Registry before installing the chart - # - imageRegistryType: Possible values 'local' or 'private'. - # (1) local - docker images from the node's container cache are used - # (2) private - images are pulled from the private docker registry. - # - imageRegistryInfo: Paramaters to access Docker Private Registry - # - registryUrl: registry endpoint. - # Eg. registry.gopaddle.io:30710 to pull the gopaddle build agent and the add-ons - # - repoPath: project and repository path where gopaddle build agent and add-ons images are available. - # Eg. /gp-registry-group/gp-registry-project - # - authType: Authentication type to access the Docker Private Registry. - # Possible values: 'dockerConfig' (or) 'basic' - # - dockerConfig: base64 string of docker auth configuration - # step 1: docker login - # step 2: cat ~/.docker/config.json | base64 - # - basicAuth: username and password configuration of the Docker Private Registry - # - imageSecret: Kubernetes secret with the docker config to access the Docker Registry. - # imageSecret is required to pull gopaddle core images from the Docker Registry - # step 1: kubectl create ns gp-onprem-4-2 - # step 2: docker login - # step 3: kubectl create secret generic gp-onprem-4-2-image-secret \ - # --from-file=.dockerconfigjson=~/.docker/config.json \ - # --type=kubernetes.io/dockerconfigjson -n gp-onprem-4-2 - # ****************************************************** - airgapped: - enabled: false - imageRegistryType: local - imageRegistryInfo: - registryUrl: #registry.gopaddle.io:30710 - repoPath: #/gp-registry-group/gp-registry-project - authType: basic - dockerConfig: #base64 docker config - basicAuth: - registryUserName: #root - registryPassword: #password - imageSecret: #secretname - - # ****************************************************** - # routingType: Possible values 'NodePortWithOutIngress' (or) 'NodePortWithIngress' (or) 'LoadBalancer' - # 1. NodePortWithOutIngress - gopaddle endpoints are accessed without ingress routes. - # Ports : 30000 - RabbitMQ, 30003 - GUI dashboard, 30004 - API gateway - # Websockets: 30005 - CostManager, 30006 - ActivityManager - # 2. NodePortWithIngress - gopaddle endpoints are accessed with ingress routes. - # Ports : 30000 - RabbitMQ, 30001 - HTTP, 30002 - HTTPS - # Requires TLS and domain configuration - # 3. LoadBalancer - gopaddle endpoints are accessed with ingress and Loadbalancer. - # Ports : 30000 - RabbitMQ, 80 - HTTPS, 443 - HTTPS - # Requires TLS and domain configuration - # ****************************************************** - routingType: NodePortWithOutIngress - - # ****************************************************** - # accessMode: Possible values 'public' (or) 'private' - # (1) public - when INBOUND access to the gopaddle endpoint is possible - # (2) private - when INBOUND access to the gopaddle endpoint is limited - # ****************************************************** - accessMode: private - - # ****************************************************** - # staticIP: Static IP to use as gopaddle endpoint across Kubernetes Cluster restarts. - # Applicable for routingTypes 'NodePortWithOutIngress' and 'NodePortWithIngress' - # ****************************************************** - #staticIP: - - # ****************************************************** - # cluster: Provider type of the Kubernetes cluster - # Possible values: 'hpe' (or) 'other' - # (1) hpe - HPE Ezmeral Container Runtime (v5.3 with Kubernetes version 1.18.6). - # In case of HPE, gopaddle installs kubectl-hpecp tool v3.4.14 in gopaddle services - # (2) other - microk8s or any other opensource compatible Kubernetes environment - # ****************************************************** - cluster: - provider: other - - # ****************************************************** - # nodeSelector: Select one or more nodes on which gopaddle services can be installed. - # kubernetes.io/hostname - hostname Label of the node on which gopaddle service can be installed. - # 'kubernetes.io/hostname' can be replaced with any labelSelector supported by Kubernetes cluster - # When no nodeSelector is set, Kubernetes can schedule gopaddle services on any eligible node in the cluster. - # ****************************************************** - #nodeSelector: - # kubernetes.io/hostname: "" - - # ****************************************************** - # storageClassName: When provided, the storage class will be used to provision gopaddle's stateful services - # Possible values: microk8s-hostpath (or) any storageClass available in the cluster. - # When ignored, default storageClass in the cluster will be used. - # ****************************************************** - #storageClassName: microk8s-hostpath - storageClassName: do-block-storage - - # ****************************************************** - # gopaddle: DNS and TLS configurations for the gopaddle gateway service - # domainName - Required when routingType is 'NodePortWithIngress' (or) 'LoadBalancer' - # https: Possible values 'true' (or) 'false' - # Enable https to access gopaddle dashboard on HTTPS endpoint - # step 1: kubectl create ns gp-onprem-4-2 - # step 2: kubectl create secret tls gp-onprem-4-2-lb-portal-tls \ - # --cert= --key= -n gp-onprem-4-2 - # ****************************************************** - gopaddle: - domainName: - secretName: gp-onprem-4-2-lb-portal-tls - https: false - - # ****************************************************** - # gopaddleWebhook: DNS and TLS configurations for the gopaddle webhook service - # domainName - Required when routingType is 'NodePortWithIngress' (or) 'LoadBalancer' - # https: Possible values 'true' (or) 'false' - # Enable https to use Continuous Integration - # step 1: kubectl create ns gp-onprem-4-2 - # step 2: kubectl create secret tls gp-onprem-4-2-lb-webhook-tls \ - # --cert= --key= -n gp-onprem-4-2 - # ****************************************************** - gopaddleWebhook: - domainName: - secretName: gp-onprem-4-2-lb-webhook-tls - https: false +CLUSTER_TYPE: "k8s" # CLUSTER_TYPE - docker or k8s +imageTag: "5.0"