From f2d74e5f2c05fbd0dd87beb48a95a901c3474db2 Mon Sep 17 00:00:00 2001 From: kabicin <37311900+kabicin@users.noreply.github.com> Date: Wed, 21 May 2025 12:14:30 -0400 Subject: [PATCH 1/4] Document ArgoCD install process --- .../1.4.3/kustomize-argo-cd/README.adoc | 46 ++++++++++++ .../kustomize-rco-all-namespaces.yaml | 69 ++++++++++++++++++ .../kustomize-rco-another-namespace.yaml | 70 +++++++++++++++++++ .../kustomize-rco-own-namespace.yaml | 45 ++++++++++++ deploy/releases/1.4.3/readme.adoc | 12 ++-- 5 files changed, 238 insertions(+), 4 deletions(-) create mode 100644 deploy/releases/1.4.3/kustomize-argo-cd/README.adoc create mode 100644 deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-all-namespaces.yaml create mode 100644 deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-another-namespace.yaml create mode 100644 deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-own-namespace.yaml diff --git a/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc b/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc new file mode 100644 index 00000000..27f0ea5b --- /dev/null +++ b/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc @@ -0,0 +1,46 @@ += Installing the Runtime Component Operator using kustomize with Argo CD + +This directory contains configuration files that helps installing the Runtime Component operator +using `kustomize` with link:++https://argoproj.github.io/argo-cd/++[Argo CD]. These configurations +are useful when using link:++https://github.com/redhat-developer/gitops-operator++[Red Hat® OpenShift® GitOps Operator] to manage link:++https://argo-cd.readthedocs.io/en/stable/user-guide/++[Argo CD Applications] within a Red Hat® OpenShift® Container Platform cluster. + +Red Hat® OpenShift® GitOps is based on the open source project link:++https://argoproj.github.io/argo-cd/++[Argo CD] and provides a similar set of features to what the upstream offers, with additional automation and integration into Red Hat® OpenShift® Container Platform. Hence, these configurations are also transferable when using link:++https://argocd-operator.readthedocs.io/en/latest/++[Argo CD Operator] standalone within a Kubernetes cluster. + +== Installation + +1. Install link:++https://github.com/redhat-developer/gitops-operator++[Red Hat® OpenShift® GitOps Operator] from OpenShift® UI into the `openshift-gitops` namespace. +2. Grant cluster-admin permissions for the GitOps operator to be able to create Custom Resource Definitions for Runtime Component operator. + + + oc adm policy add-cluster-role-to-user cluster-admin system:serviceaccount:openshift-gitops:openshift-gitops-argocd-application-controller -n openshift-gitops + +3. Follow the steps below for one of the three install modes: + +- link:++#installing-and-watching-own-namespace++[Installing and watching own namespace], +- link:++#installing-and-watching-another-namespace++[Installing and watching another namespace], or +- link:++#installing-and-watching-all-namespaces++[Installing and watching all namespaces] + +3. You can choose to modify the default namespace(s) by updating `.spec.source.kustomize.namespace` **and** `.spec.destination.namespace` in the `Application` custom resource(s). +4. (Optional) Ignore runtime artifacts generated by Runtime Component operator such as the `runtime-component-operator` ConfigMap by editing the Application custom resource. + +== Installing and watching own namespace + +=== kustomize-rco-own-namespace.yaml +This ArgoCD Application installs the operator into the 'runtime-component' namespace, +and the operator watches for Runtime Component custom resource instances only in its own namespace. Create a namespace called 'runtime-component' for the operator. +To install, run: `kubectl apply -f kustomize-rco-own-namespace.yaml` and to uninstall, run: `kubectl delete -f kustomize-rco-own-namespace.yaml` + + +== Installing and watching another namespace + +=== kustomize-rco-another-namespace.yaml +These ArgoCD Applications install the operator into the namespace 'rco-ns', but configures it to +watch for Runtime Component custom resource instances in a different namespace called 'rco-watched-ns'. To install, run: `kubectl apply -f kustomize-rco-another-namespace.yaml` + +== Installing and watching all namespaces + +=== kustomize-rco-all-namespaces.yaml +This ArgoCD Application installs the operator into the 'runtime-component' namespace, +but configures it to watch for Runtime Component custom resource instances in any namespaces. +Compared to the OwnNamespace configuration, this Application requires additional ClusterRoles and ClusterRoleBindings. +To install, run: `kubectl apply -f kustomize-rco-all-namespaces.yaml` \ No newline at end of file diff --git a/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-all-namespaces.yaml b/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-all-namespaces.yaml new file mode 100644 index 00000000..141fafc6 --- /dev/null +++ b/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-all-namespaces.yaml @@ -0,0 +1,69 @@ +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + name: runtime-component-operator + namespace: openshift-gitops +spec: + sourceRepos: + - 'https://github.com/application-stacks/runtime-component-operator' + destinations: + - namespace: '!kube-*' + server: '*' + - namespace: '!openshift-[!o][!p][!e][!r][!a][!t][!o][!r][!s]*' + server: '*' + - namespace: '!openshift-apiserver' + server: '*' + - namespace: '!openshift-kni-infra' + server: '*' + - namespace: '!openshift-[a-z][a-z][a-z][a-z][a-z][a-z][a-z][a-z]' + server: '*' + - namespace: '!openshift-[a-z][a-z][a-z][a-z][a-z][a-z][a-z]' + server: '*' + - namespace: '!openshift-[a-z][a-z][a-z][a-z][a-z][a-z]' + server: '*' + - namespace: '!openshift-[a-z][a-z][a-z][a-z][a-z]' + server: '*' + - namespace: '!openshift-[a-z][a-z][a-z][a-z]' + server: '*' + - namespace: '!openshift-[a-z][a-z][a-z]' + server: '*' + - namespace: '!openshift-[a-z][a-z]' + server: '*' + - namespace: '!openshift-[a-z]' + server: '*' + - namespace: '*' + server: '*' + clusterResourceWhitelist: + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + - group: rbac.authorization.k8s.io + kind: ClusterRole + - group: rbac.authorization.k8s.io + kind: ClusterRoleBinding + - group: '' + kind: Namespace +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: runtime-component-operator + namespace: openshift-gitops +spec: + project: runtime-component-operator + source: + path: deploy/releases/1.4.3/kustomize/overlays/watch-all-namespaces + repoURL: 'https://github.com/application-stacks/runtime-component-operator' + targetRevision: HEAD + kustomize: + namespace: runtime-component + destination: + namespace: runtime-component + server: 'https://kubernetes.default.svc' + ignoreDifferences: + - group: '' + kind: ConfigMap + name: runtime-component-operator + syncPolicy: + syncOptions: + - ServerSideApply=true + - CreateNamespace=true \ No newline at end of file diff --git a/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-another-namespace.yaml b/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-another-namespace.yaml new file mode 100644 index 00000000..d487f661 --- /dev/null +++ b/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-another-namespace.yaml @@ -0,0 +1,70 @@ +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + name: runtime-component-operator + namespace: openshift-gitops +spec: + sourceRepos: + - 'https://github.com/application-stacks/runtime-component-operator' + destinations: + - namespace: '!kube-*' + server: '*' + - namespace: '!openshift-*' + server: '*' + - namespace: '*' + server: '*' + clusterResourceWhitelist: + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + - group: '' + kind: Namespace +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: runtime-component-operator + namespace: openshift-gitops +spec: + project: runtime-component-operator + source: + path: deploy/releases/1.4.3/kustomize/overlays/watch-another-namespace/rco-ns + repoURL: 'https://github.com/application-stacks/runtime-component-operator' + targetRevision: HEAD + kustomize: + namespace: rco-ns + destination: + namespace: rco-ns + server: 'https://kubernetes.default.svc' + ignoreDifferences: + - group: '' + kind: ConfigMap + name: runtime-component-operator + syncPolicy: + syncOptions: + - ServerSideApply=true + - CreateNamespace=true +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: runtime-component-watched-namespace + namespace: openshift-gitops +spec: + project: runtime-component-operator + source: + path: deploy/releases/1.4.3/kustomize/overlays/watch-another-namespace/rco-watched-ns + repoURL: 'https://github.com/application-stacks/runtime-component-operator' + targetRevision: HEAD + kustomize: + namespace: rco-watched-ns + destination: + namespace: rco-watched-ns + server: 'https://kubernetes.default.svc' + ignoreDifferences: + - group: '' + kind: ConfigMap + name: runtime-component-operator + syncPolicy: + syncOptions: + - ServerSideApply=true + - CreateNamespace=true \ No newline at end of file diff --git a/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-own-namespace.yaml b/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-own-namespace.yaml new file mode 100644 index 00000000..5c507961 --- /dev/null +++ b/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-own-namespace.yaml @@ -0,0 +1,45 @@ +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + name: runtime-component-operator + namespace: openshift-gitops +spec: + sourceRepos: + - 'https://github.com/application-stacks/runtime-component-operator' + destinations: + - namespace: '!kube-*' + server: '*' + - namespace: '!openshift-*' + server: '*' + - namespace: '*' + server: '*' + clusterResourceWhitelist: + - group: apiextensions.k8s.io + kind: CustomResourceDefinition + - group: '' + kind: Namespace +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: runtime-component-operator + namespace: openshift-gitops +spec: + project: runtime-component-operator + source: + path: deploy/releases/1.4.3/kustomize/base + repoURL: 'https://github.com/application-stacks/runtime-component-operator' + targetRevision: HEAD + kustomize: + namespace: runtime-component + destination: + namespace: runtime-component + server: 'https://kubernetes.default.svc' + ignoreDifferences: + - group: '' + kind: ConfigMap + name: runtime-component-operator + syncPolicy: + syncOptions: + - ServerSideApply=true + - CreateNamespace=true \ No newline at end of file diff --git a/deploy/releases/1.4.3/readme.adoc b/deploy/releases/1.4.3/readme.adoc index 1637f307..87472216 100644 --- a/deploy/releases/1.4.3/readme.adoc +++ b/deploy/releases/1.4.3/readme.adoc @@ -33,13 +33,17 @@ spec: sourceNamespace: openshift-marketplace ``` -=== Option 2: Install using kubectl +=== Option 2: Install using kustomize -See the instructions link:++kubectl/++[here]. +See the instructions link:++kustomize/++[here]. -=== Option 3: Install using kustomize +=== Option 3: Install using kustomize with Argo CD -See the instructions link:++kustomize/++[here]. +See the instructions link:++kustomize-argo-cd/++[here]. + +=== Option 4: Install using kubectl + +See the instructions link:++kubectl/++[here]. == Limitations From 5aa13620b2d978c918147f4d8654ab71eaad57f9 Mon Sep 17 00:00:00 2001 From: kabicin <37311900+kabicin@users.noreply.github.com> Date: Wed, 21 May 2025 12:21:04 -0400 Subject: [PATCH 2/4] Update watched namespace Application naming --- deploy/releases/1.4.3/kustomize-argo-cd/README.adoc | 3 +-- .../kustomize-argo-cd/kustomize-rco-another-namespace.yaml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc b/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc index 27f0ea5b..89e5b93c 100644 --- a/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc +++ b/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc @@ -27,8 +27,7 @@ Red Hat® OpenShift® GitOps is based on the open source project link:++https:// === kustomize-rco-own-namespace.yaml This ArgoCD Application installs the operator into the 'runtime-component' namespace, -and the operator watches for Runtime Component custom resource instances only in its own namespace. Create a namespace called 'runtime-component' for the operator. -To install, run: `kubectl apply -f kustomize-rco-own-namespace.yaml` and to uninstall, run: `kubectl delete -f kustomize-rco-own-namespace.yaml` +and the operator watches for Runtime Component custom resource instances only in its own namespace. To install, run: `kubectl apply -f kustomize-rco-own-namespace.yaml` and to uninstall, run: `kubectl delete -f kustomize-rco-own-namespace.yaml` == Installing and watching another namespace diff --git a/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-another-namespace.yaml b/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-another-namespace.yaml index d487f661..7fc40ee6 100644 --- a/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-another-namespace.yaml +++ b/deploy/releases/1.4.3/kustomize-argo-cd/kustomize-rco-another-namespace.yaml @@ -47,7 +47,7 @@ spec: apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: runtime-component-watched-namespace + name: runtime-component-operator-watched-namespace namespace: openshift-gitops spec: project: runtime-component-operator From 963909c72a088383cdd208efc368825954fa6198 Mon Sep 17 00:00:00 2001 From: kabicin <37311900+kabicin@users.noreply.github.com> Date: Wed, 21 May 2025 12:23:53 -0400 Subject: [PATCH 3/4] Update README.adoc --- deploy/releases/1.4.3/kustomize-argo-cd/README.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc b/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc index 89e5b93c..b1432498 100644 --- a/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc +++ b/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc @@ -8,7 +8,7 @@ Red Hat® OpenShift® GitOps is based on the open source project link:++https:// == Installation -1. Install link:++https://github.com/redhat-developer/gitops-operator++[Red Hat® OpenShift® GitOps Operator] from OpenShift® UI into the `openshift-gitops` namespace. +1. Install link:++https://github.com/redhat-developer/gitops-operator++[Red Hat® OpenShift® GitOps Operator] from OpenShift® UI into the `openshift-gitops-operator` namespace. 2. Grant cluster-admin permissions for the GitOps operator to be able to create Custom Resource Definitions for Runtime Component operator. From 1ed13de752379fcfa4795f3661321d118e970925 Mon Sep 17 00:00:00 2001 From: kabicin <37311900+kabicin@users.noreply.github.com> Date: Wed, 21 May 2025 14:49:34 -0400 Subject: [PATCH 4/4] Update README.adoc --- deploy/releases/1.4.3/kustomize-argo-cd/README.adoc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc b/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc index b1432498..977def34 100644 --- a/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc +++ b/deploy/releases/1.4.3/kustomize-argo-cd/README.adoc @@ -26,20 +26,20 @@ Red Hat® OpenShift® GitOps is based on the open source project link:++https:// == Installing and watching own namespace === kustomize-rco-own-namespace.yaml -This ArgoCD Application installs the operator into the 'runtime-component' namespace, +This Argo CD Application installs the operator into the 'runtime-component' namespace, and the operator watches for Runtime Component custom resource instances only in its own namespace. To install, run: `kubectl apply -f kustomize-rco-own-namespace.yaml` and to uninstall, run: `kubectl delete -f kustomize-rco-own-namespace.yaml` == Installing and watching another namespace === kustomize-rco-another-namespace.yaml -These ArgoCD Applications install the operator into the namespace 'rco-ns', but configures it to +These Argo CD Applications install the operator into the namespace 'rco-ns', but configures it to watch for Runtime Component custom resource instances in a different namespace called 'rco-watched-ns'. To install, run: `kubectl apply -f kustomize-rco-another-namespace.yaml` == Installing and watching all namespaces === kustomize-rco-all-namespaces.yaml -This ArgoCD Application installs the operator into the 'runtime-component' namespace, +This Argo CD Application installs the operator into the 'runtime-component' namespace, but configures it to watch for Runtime Component custom resource instances in any namespaces. Compared to the OwnNamespace configuration, this Application requires additional ClusterRoles and ClusterRoleBindings. To install, run: `kubectl apply -f kustomize-rco-all-namespaces.yaml` \ No newline at end of file