diff --git a/migration-cluster-day2/charts/migration-cluster-day2/templates/image-registry.yaml b/migration-cluster-day2/charts/migration-cluster-day2/templates/image-registry.yaml index b11bb75..a316c04 100644 --- a/migration-cluster-day2/charts/migration-cluster-day2/templates/image-registry.yaml +++ b/migration-cluster-day2/charts/migration-cluster-day2/templates/image-registry.yaml @@ -34,8 +34,6 @@ roleRef: name: migration-cluster-day2-installer apiGroup: rbac.authorization.k8s.io --- - ---- # pvc for the image registry for RWO - used with LVM storage backend kind: PersistentVolumeClaim apiVersion: v1 @@ -46,6 +44,7 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "5" spec: + storageClassName: lvms-vg1-1 accessModes: - ReadWriteOnce resources: @@ -53,8 +52,6 @@ spec: # we require the image registry for building the vddk image, we don't need more than # 50Gi at the moment storage: 40Gi - - --- apiVersion: batch/v1 kind: Job diff --git a/migration-cluster-day2/charts/migration-cluster-day2/templates/lvm-storage-operator.yaml b/migration-cluster-day2/charts/migration-cluster-day2/templates/lvm-storage-operator.yaml index 8640a2a..bfe9c3b 100644 --- a/migration-cluster-day2/charts/migration-cluster-day2/templates/lvm-storage-operator.yaml +++ b/migration-cluster-day2/charts/migration-cluster-day2/templates/lvm-storage-operator.yaml @@ -1,43 +1,3 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: {{ .Values.lvmsOperator.subscription.namespace }} - # prevent the namespace deletion because in some sceneraious the namespace - # is not removed and stays in terminating state. - annotations: - argocd.argoproj.io/sync-wave: "-1" - labels: - argocd.argoproj.io/managed-by: openshift-gitops ---- -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - name: lvm-storage-operator-group - namespace: {{ .Values.lvmsOperator.subscription.namespace }} - labels: {{ include "migration-cluster-day2.labels" . | nindent 4 }} - annotations: - argocd.argoproj.io/sync-wave: "1" -spec: - targetNamespaces: - - {{ .Values.lvmsOperator.subscription.namespace }} ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - name: lvm-storage-operator - namespace: {{ .Values.lvmsOperator.subscription.namespace }} - labels: {{ include "migration-cluster-day2.labels" . | nindent 4 }} - annotations: - argocd.argoproj.io/sync-wave: "1" -spec: - channel: {{ .Values.lvmsOperator.subscription.channel }} - installPlanApproval: Automatic - name: lvms-operator - source: redhat-operators - sourceNamespace: openshift-marketplace ---- - allowVolumeExpansion: true apiVersion: storage.k8s.io/v1 kind: StorageClass @@ -56,28 +16,4 @@ parameters: topolvm.io/device-class: vg1 provisioner: topolvm.io reclaimPolicy: Delete -volumeBindingMode: WaitForFirstConsumer - ---- -apiVersion: lvm.topolvm.io/v1alpha1 -kind: LVMCluster -metadata: - annotations: - argocd.argoproj.io/sync-wave: "2" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - finalizers: - - lvmcluster.topolvm.io - generation: 1 - name: lvmcluster - namespace: {{ .Values.lvmsOperator.subscription.namespace }} - labels: {{ include "migration-cluster-day2.labels" . | nindent 4 }} -spec: - storage: - deviceClasses: - - fstype: xfs - name: vg1 - thinPoolConfig: - chunkSizeCalculationPolicy: Static - name: thin-pool-1 - overprovisionRatio: 10 - sizePercent: 90 +volumeBindingMode: WaitForFirstConsumer \ No newline at end of file diff --git a/migration-cluster-day2/charts/migration-cluster-day2/templates/mtv-init.yaml b/migration-cluster-day2/charts/migration-cluster-day2/templates/mtv-init.yaml index 91157bf..30fc2a6 100644 --- a/migration-cluster-day2/charts/migration-cluster-day2/templates/mtv-init.yaml +++ b/migration-cluster-day2/charts/migration-cluster-day2/templates/mtv-init.yaml @@ -61,4 +61,13 @@ spec: kind: "Service" name: mtv-init weight: null +--- +apiVersion: v1 +kind: Secret +metadata: + name: vmware-credentials + namespace: {{ .Values.mtvOperator.subscription.namespace }} + annotations: + argocd.argoproj.io/sync-wave: "2" + diff --git a/migration-cluster-day2/charts/migration-cluster-day2/templates/mtv-operator.yaml b/migration-cluster-day2/charts/migration-cluster-day2/templates/mtv-operator.yaml deleted file mode 100644 index 4f8f89e..0000000 --- a/migration-cluster-day2/charts/migration-cluster-day2/templates/mtv-operator.yaml +++ /dev/null @@ -1,59 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: {{ .Values.mtvOperator.subscription.namespace }} - # prevent the namespace deletion because in some sceneraious the namespace - # is not removed and stays in terminating state. - annotations: - argocd.argoproj.io/sync-wave: "-1" - labels: - argocd.argoproj.io/managed-by: openshift-gitops ---- -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - name: migration - namespace: {{ .Values.mtvOperator.subscription.namespace }} - annotations: - argocd.argoproj.io/sync-wave: "1" -spec: - targetNamespaces: - - {{ .Values.mtvOperator.subscription.namespace }} ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - name: mtv-operator - namespace: {{ .Values.mtvOperator.subscription.namespace }} - annotations: - argocd.argoproj.io/sync-wave: "1" -spec: - channel: {{ .Values.mtvOperator.subscription.channel }} - installPlanApproval: Automatic - name: mtv-operator - source: redhat-operators - sourceNamespace: openshift-marketplace ---- -apiVersion: forklift.konveyor.io/v1beta1 -kind: ForkliftController -metadata: - name: forklift-controller - namespace: {{ .Values.mtvOperator.subscription.namespace }} - annotations: - argocd.argoproj.io/sync-wave: "2" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - feature_ui_plugin: "true" - feature_validation: "true" - feature_volume_populator: "true" ---- -apiVersion: v1 -kind: Secret -metadata: - name: vmware-credentials - namespace: {{ .Values.mtvOperator.subscription.namespace }} - annotations: - argocd.argoproj.io/sync-wave: "2" ---- - diff --git a/migration-cluster-day2/custom-manifests/0gitops.yaml b/migration-cluster-day2/custom-manifests/0gitops.yaml new file mode 100644 index 0000000..11574f8 --- /dev/null +++ b/migration-cluster-day2/custom-manifests/0gitops.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: openshift-gitops-operator +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: openshift-gitops-operator + namespace: openshift-gitops-operator +spec: + upgradeStrategy: Default +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: openshift-gitops-operator + namespace: openshift-gitops-operator +spec: + channel: latest + installPlanApproval: Automatic + name: openshift-gitops-operator + source: redhat-operators + sourceNamespace: openshift-marketplace diff --git a/migration-cluster-day2/custom-manifests/1rolebindings.yaml b/migration-cluster-day2/custom-manifests/1rolebindings.yaml new file mode 100644 index 0000000..2e761d1 --- /dev/null +++ b/migration-cluster-day2/custom-manifests/1rolebindings.yaml @@ -0,0 +1,127 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: namespace-manager +rules: + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "create", "update", "delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: namespace-manager-binding +subjects: + - kind: ServiceAccount + name: openshift-gitops-argocd-application-controller + namespace: openshift-gitops +roleRef: + kind: ClusterRole + name: namespace-manager + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: persistentvolumeclaim-manager + namespace: openshift-image-registry +rules: + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "create", "update", "delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: persistentvolumeclaim-manager-binding + namespace: openshift-image-registry +subjects: + - kind: ServiceAccount + name: openshift-gitops-argocd-application-controller + namespace: openshift-gitops +roleRef: + kind: Role + name: persistentvolumeclaim-manager + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: job-manager +rules: + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["get", "create", "update", "delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: job-manager-binding +subjects: + - kind: ServiceAccount + name: openshift-gitops-argocd-application-controller + namespace: openshift-gitops +roleRef: + kind: ClusterRole + name: job-manager + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: argocd-application-controller +rules: + - apiGroups: [""] + resources: ["serviceaccounts", "services", "secrets"] + verbs: ["create", "get", "list", "update", "delete", "patch"] + - apiGroups: ["apps"] + resources: ["deployments"] + verbs: ["create", "get", "list", "update", "delete", "patch"] + - apiGroups: ["route.openshift.io"] + resources: ["routes"] + verbs: ["create", "get", "list", "update", "delete", "patch"] + - apiGroups: ["image.openshift.io"] + resources: ["imagestreams"] + verbs: ["create", "get", "list", "update", "delete", "patch"] + - apiGroups: ["build.openshift.io"] + resources: ["buildconfigs"] + verbs: ["create", "get", "list", "update", "delete", "patch"] + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: argocd-application-controller-binding +subjects: + - kind: ServiceAccount + name: openshift-gitops-argocd-application-controller + namespace: openshift-gitops +roleRef: + kind: ClusterRole + name: argocd-application-controller + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: argocd-secrets-role + namespace: openshift-mtv +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["create", "get", "list", "update", "delete", "patch"] + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: argocd-secrets-rolebinding + namespace: openshift-mtv +subjects: + - kind: ServiceAccount + name: openshift-gitops-argocd-application-controller + namespace: openshift-gitops +roleRef: + kind: Role + name: argocd-secrets-role + apiGroup: rbac.authorization.k8s.io