From 2f880697616f7a48df48b96e924e25b67d9a6b29 Mon Sep 17 00:00:00 2001 From: Lionel Villard Date: Fri, 14 Feb 2020 14:35:40 -0500 Subject: [PATCH] add config for namespace-scoped in-mem channel (#2555) * add config for namespace-scoped in-mem channel * fix link * add warning about having only one in-mem controller installed * code review changes * fix build * add cleanup instruction --- .../100-config-event-dispatcher.yaml | 1 + .../200-addressable-resolver-clusterrole.yaml | 1 + ...0-channelable-manipulator-clusterrole.yaml | 1 + .../200-controller-clusterrole.yaml | 90 +++++++++++++++++++ .../200-dispatcher-clusterrole.yaml | 1 + .../200-serviceaccount.yaml | 1 + .../201-clusterrolebinding.yaml | 1 + .../300-in-memory-channel.yaml | 1 + .../in-memory-channel-ns/500-controller.yaml | 59 ++++++++++++ .../channels/in-memory-channel-ns/README.md | 60 +++++++++++++ .../200-dispatcher-serviceaccount.yaml | 21 +++++ .../in-memory-channel/200-serviceaccount.yaml | 9 -- .../201-clusterrolebinding.yaml | 18 ---- .../201-dispatcher-clusterrolebinding.yaml | 29 ++++++ config/channels/in-memory-channel/README.md | 4 +- hack/release.sh | 1 + 16 files changed, 270 insertions(+), 28 deletions(-) create mode 120000 config/channels/in-memory-channel-ns/100-config-event-dispatcher.yaml create mode 120000 config/channels/in-memory-channel-ns/200-addressable-resolver-clusterrole.yaml create mode 120000 config/channels/in-memory-channel-ns/200-channelable-manipulator-clusterrole.yaml create mode 100644 config/channels/in-memory-channel-ns/200-controller-clusterrole.yaml create mode 120000 config/channels/in-memory-channel-ns/200-dispatcher-clusterrole.yaml create mode 120000 config/channels/in-memory-channel-ns/200-serviceaccount.yaml create mode 120000 config/channels/in-memory-channel-ns/201-clusterrolebinding.yaml create mode 120000 config/channels/in-memory-channel-ns/300-in-memory-channel.yaml create mode 100644 config/channels/in-memory-channel-ns/500-controller.yaml create mode 100644 config/channels/in-memory-channel-ns/README.md create mode 100644 config/channels/in-memory-channel/200-dispatcher-serviceaccount.yaml create mode 100644 config/channels/in-memory-channel/201-dispatcher-clusterrolebinding.yaml diff --git a/config/channels/in-memory-channel-ns/100-config-event-dispatcher.yaml b/config/channels/in-memory-channel-ns/100-config-event-dispatcher.yaml new file mode 120000 index 00000000000..84311dd9028 --- /dev/null +++ b/config/channels/in-memory-channel-ns/100-config-event-dispatcher.yaml @@ -0,0 +1 @@ +../in-memory-channel/100-config-event-dispatcher.yaml \ No newline at end of file diff --git a/config/channels/in-memory-channel-ns/200-addressable-resolver-clusterrole.yaml b/config/channels/in-memory-channel-ns/200-addressable-resolver-clusterrole.yaml new file mode 120000 index 00000000000..2e4f8115ac2 --- /dev/null +++ b/config/channels/in-memory-channel-ns/200-addressable-resolver-clusterrole.yaml @@ -0,0 +1 @@ +../in-memory-channel/200-addressable-resolver-clusterrole.yaml \ No newline at end of file diff --git a/config/channels/in-memory-channel-ns/200-channelable-manipulator-clusterrole.yaml b/config/channels/in-memory-channel-ns/200-channelable-manipulator-clusterrole.yaml new file mode 120000 index 00000000000..80d6a6b7b92 --- /dev/null +++ b/config/channels/in-memory-channel-ns/200-channelable-manipulator-clusterrole.yaml @@ -0,0 +1 @@ +../in-memory-channel/200-channelable-manipulator-clusterrole.yaml \ No newline at end of file diff --git a/config/channels/in-memory-channel-ns/200-controller-clusterrole.yaml b/config/channels/in-memory-channel-ns/200-controller-clusterrole.yaml new file mode 100644 index 00000000000..c6e96f5f1c8 --- /dev/null +++ b/config/channels/in-memory-channel-ns/200-controller-clusterrole.yaml @@ -0,0 +1,90 @@ +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: imc-controller + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - messaging.knative.dev + resources: + - inmemorychannels + - inmemorychannels/status + verbs: + - get + - list + - watch + - update + - apiGroups: + - messaging.knative.dev + resources: + - inmemorychannels/finalizers + verbs: + - update + - apiGroups: + - "" + resources: + - services + - serviceaccounts + verbs: &everything + - get + - list + - watch + - create + - update + - patch + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - "rbac.authorization.k8s.io" + resources: + - rolebindings + verbs: *everything + - apiGroups: + - apps + resources: + - deployments + verbs: *everything + - apiGroups: + - apps + resources: + - deployments/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/config/channels/in-memory-channel-ns/200-dispatcher-clusterrole.yaml b/config/channels/in-memory-channel-ns/200-dispatcher-clusterrole.yaml new file mode 120000 index 00000000000..d7a7b6db7e1 --- /dev/null +++ b/config/channels/in-memory-channel-ns/200-dispatcher-clusterrole.yaml @@ -0,0 +1 @@ +../in-memory-channel/200-dispatcher-clusterrole.yaml \ No newline at end of file diff --git a/config/channels/in-memory-channel-ns/200-serviceaccount.yaml b/config/channels/in-memory-channel-ns/200-serviceaccount.yaml new file mode 120000 index 00000000000..28669866935 --- /dev/null +++ b/config/channels/in-memory-channel-ns/200-serviceaccount.yaml @@ -0,0 +1 @@ +../in-memory-channel/200-serviceaccount.yaml \ No newline at end of file diff --git a/config/channels/in-memory-channel-ns/201-clusterrolebinding.yaml b/config/channels/in-memory-channel-ns/201-clusterrolebinding.yaml new file mode 120000 index 00000000000..2fb00b2ccdc --- /dev/null +++ b/config/channels/in-memory-channel-ns/201-clusterrolebinding.yaml @@ -0,0 +1 @@ +../in-memory-channel/201-clusterrolebinding.yaml \ No newline at end of file diff --git a/config/channels/in-memory-channel-ns/300-in-memory-channel.yaml b/config/channels/in-memory-channel-ns/300-in-memory-channel.yaml new file mode 120000 index 00000000000..4311e3e73df --- /dev/null +++ b/config/channels/in-memory-channel-ns/300-in-memory-channel.yaml @@ -0,0 +1 @@ +../in-memory-channel/300-in-memory-channel.yaml \ No newline at end of file diff --git a/config/channels/in-memory-channel-ns/500-controller.yaml b/config/channels/in-memory-channel-ns/500-controller.yaml new file mode 100644 index 00000000000..23eda7deb8b --- /dev/null +++ b/config/channels/in-memory-channel-ns/500-controller.yaml @@ -0,0 +1,59 @@ +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: imc-controller + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + replicas: 1 + selector: + matchLabels: &labels + messaging.knative.dev/channel: in-memory-channel + messaging.knative.dev/role: controller + template: + metadata: + labels: *labels + spec: + serviceAccountName: imc-controller + containers: + - name: controller + image: knative.dev/eventing/cmd/in_memory/channel_controller + + env: + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/inmemorychannel-controller + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: DISPATCHER_SCOPE + value: namespace + - name: DISPATCHER_IMAGE + value: knative.dev/eventing/cmd/in_memory/channel_dispatcher + securityContext: + allowPrivilegeEscalation: false + + ports: + - name: metrics + containerPort: 9090 + - name: profiling + containerPort: 8008 diff --git a/config/channels/in-memory-channel-ns/README.md b/config/channels/in-memory-channel-ns/README.md new file mode 100644 index 00000000000..7d59d762c4b --- /dev/null +++ b/config/channels/in-memory-channel-ns/README.md @@ -0,0 +1,60 @@ +# Namespace-Scoped In-Memory Channels + +Namespace-scoped in-memory channels share the same characteristics as the +[in-memory channels](../in-memory-channel/README.md). The only difference is the in-memory +dispatcher is installed in the same namespace as the channel. + +### Deployment steps: + +1. Setup [Knative Eventing](../../../DEVELOPMENT.md). +1. Apply the `InMemoryChannel` CRD and controller. + ```shell + ko apply -f config/channels/in-memory-channel-ns + ``` +1. Create InMemoryChannels + + ```sh + kubectl apply --filename - << END + apiVersion: messaging.knative.dev/v1alpha1 + kind: InMemoryChannel + metadata: + name: foo + END + ``` + +IMPORTANT: make sure you don't have the [cluster-scoped in-memory channels](../in-memory-channel/README.md) +configuration deployed in your cluster. Pick one or the other, but not both at the same time! + +### Components + +The major components are: + +- InMemoryChannel Controller +- InMemoryChannel Dispatcher + +```shell +kubectl get deployment -n knative-eventing imc-controller +``` + +The InMemoryChannel Dispatcher receives and distributes all events. There is +one Dispatcher per namespace. + +```shell +kubectl get deployment -n default imc-dispatcher +``` + +### Cleanup + +To remove the in-memory channel component, do: + +```shell +kubectl delete -f config/channels/in-memory-channel-ns +``` + +To remove the InMemoryChannel Dispatcher deployments, do: + +```shell +kubectl delete deployments imc-dispatcher +``` + +in all namespaces you installed channels. diff --git a/config/channels/in-memory-channel/200-dispatcher-serviceaccount.yaml b/config/channels/in-memory-channel/200-dispatcher-serviceaccount.yaml new file mode 100644 index 00000000000..ecc1e51d809 --- /dev/null +++ b/config/channels/in-memory-channel/200-dispatcher-serviceaccount.yaml @@ -0,0 +1,21 @@ +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: imc-dispatcher + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel diff --git a/config/channels/in-memory-channel/200-serviceaccount.yaml b/config/channels/in-memory-channel/200-serviceaccount.yaml index 9193538973d..6f197468399 100644 --- a/config/channels/in-memory-channel/200-serviceaccount.yaml +++ b/config/channels/in-memory-channel/200-serviceaccount.yaml @@ -18,12 +18,3 @@ metadata: namespace: knative-eventing labels: eventing.knative.dev/release: devel - ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: imc-dispatcher - namespace: knative-eventing - labels: - eventing.knative.dev/release: devel diff --git a/config/channels/in-memory-channel/201-clusterrolebinding.yaml b/config/channels/in-memory-channel/201-clusterrolebinding.yaml index 48332db0a72..79d90d9a4b3 100644 --- a/config/channels/in-memory-channel/201-clusterrolebinding.yaml +++ b/config/channels/in-memory-channel/201-clusterrolebinding.yaml @@ -25,21 +25,3 @@ roleRef: kind: ClusterRole name: imc-controller apiGroup: rbac.authorization.k8s.io - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: imc-dispatcher - labels: - eventing.knative.dev/release: devel -subjects: - - kind: ServiceAccount - name: imc-dispatcher - namespace: knative-eventing -roleRef: - kind: ClusterRole - name: imc-dispatcher - apiGroup: rbac.authorization.k8s.io - diff --git a/config/channels/in-memory-channel/201-dispatcher-clusterrolebinding.yaml b/config/channels/in-memory-channel/201-dispatcher-clusterrolebinding.yaml new file mode 100644 index 00000000000..dbf3e4d6be0 --- /dev/null +++ b/config/channels/in-memory-channel/201-dispatcher-clusterrolebinding.yaml @@ -0,0 +1,29 @@ +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: imc-dispatcher + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: imc-dispatcher + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: imc-dispatcher + apiGroup: rbac.authorization.k8s.io + diff --git a/config/channels/in-memory-channel/README.md b/config/channels/in-memory-channel/README.md index 4ed0e74c9af..8a69d4f0e75 100644 --- a/config/channels/in-memory-channel/README.md +++ b/config/channels/in-memory-channel/README.md @@ -25,11 +25,13 @@ characterics: ``` 1. Create InMemoryChannels - ```yaml + ```shell + kubectl apply --filename - << END apiVersion: messaging.knative.dev/v1alpha1 kind: InMemoryChannel metadata: name: foo + END ``` ### Components diff --git a/hack/release.sh b/hack/release.sh index 7cc5dd99b92..42a79c7b5f3 100755 --- a/hack/release.sh +++ b/hack/release.sh @@ -26,6 +26,7 @@ COMPONENTS=( ["eventing-crds.yaml"]="config/core/resources" ["channel-broker.yaml"]="config/brokers/channel-broker" ["in-memory-channel.yaml"]="config/channels/in-memory-channel" + ["in-memory-channel-namespace.yaml"]="config/channels/in-memory-channel-ns" ) readonly COMPONENTS