Skip to content

Commit

Permalink
NETOBSERV-1908 Be able to customize namespace (#103)
Browse files Browse the repository at this point in the history
* allow custom namespace

* remove duplicate in dockerfile
  • Loading branch information
jpinsonneau authored Dec 13, 2024
1 parent a3ae803 commit a88001f
Show file tree
Hide file tree
Showing 8 changed files with 48 additions and 23 deletions.
1 change: 0 additions & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,6 @@ RUN mkdir -p output
FROM --platform=linux/$TARGETARCH registry.access.redhat.com/ubi9/ubi:9.4
WORKDIR /

COPY --from=builder /opt/app-root/build .
COPY --from=builder /opt/app-root/build .
COPY --from=builder /tmp/oc /usr/bin/oc
COPY --from=builder /tmp/kubectl /usr/bin/kubectl
Expand Down
14 changes: 11 additions & 3 deletions commands/netobserv
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,14 @@ if [ -z "${runBackground+x}" ]; then runBackground="false"; fi
# options such as filters, background etc
options=""

# namespace for this run
namespace="netobserv-cli"

if [ -n "$NETOBSERV_NAMESPACE" ]; then
echo "using custom namespace $NETOBSERV_NAMESPACE"
namespace="$NETOBSERV_NAMESPACE"
fi

# CLI image to use
img="quay.io/netobserv/network-observability-cli:main"

Expand Down Expand Up @@ -134,7 +142,7 @@ fi

echo "Running network-observability-cli get-$command... "
${K8S_CLI_BIN} run \
-n netobserv-cli \
-n $namespace \
collector \
--image=$img\
--image-pull-policy='Always' \
Expand All @@ -143,14 +151,14 @@ ${K8S_CLI_BIN} run \
--command -- $runCommand

${K8S_CLI_BIN} wait \
-n netobserv-cli \
-n $namespace \
--for=condition=Ready pod/collector || exit 1

captureStarted=true

if [ -n "${execCommand}" ]; then
${K8S_CLI_BIN} exec -i --tty \
-n netobserv-cli \
-n $namespace \
collector \
-- $execCommand
else
Expand Down
2 changes: 1 addition & 1 deletion res/collector-service.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v1
kind: Service
metadata:
name: collector
namespace: netobserv-cli
namespace: "{{NAMESPACE}}"
spec:
selector:
run: collector
Expand Down
4 changes: 2 additions & 2 deletions res/flow-capture.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: DaemonSet
metadata:
name: netobserv-cli
namespace: netobserv-cli
namespace: "{{NAMESPACE}}"
labels:
app: netobserv-cli
spec:
Expand Down Expand Up @@ -131,7 +131,7 @@ spec:
"write":{
"type":"grpc",
"grpc":{
"targetHost":"collector.netobserv-cli.svc.cluster.local",
"targetHost":"{{TARGET_HOST}}",
"targetPort":9999
}
}
Expand Down
2 changes: 1 addition & 1 deletion res/namespace.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
kind: Namespace
apiVersion: v1
metadata:
name: netobserv-cli
name: "{{NAME}}"
labels:
app: netobserv
pod-security.kubernetes.io/enforce: privileged
Expand Down
4 changes: 2 additions & 2 deletions res/packet-capture.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: apps/v1
kind: DaemonSet
metadata:
name: netobserv-cli
namespace: netobserv-cli
namespace: "{{NAMESPACE}}"
labels:
app: netobserv-cli
spec:
Expand Down Expand Up @@ -115,7 +115,7 @@ spec:
"write":{
"type":"grpc",
"grpc":{
"targetHost":"collector.netobserv-cli.svc.cluster.local",
"targetHost":"{{TARGET_HOST}}",
"targetPort":9999
}
}
Expand Down
8 changes: 4 additions & 4 deletions res/service-account.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,13 @@ apiVersion: v1
kind: ServiceAccount
metadata:
name: netobserv-cli
namespace: netobserv-cli
namespace: "{{NAMESPACE}}"
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: netobserv-cli
namespace: netobserv-cli
namespace: "{{NAMESPACE}}"
rules:
# allow running in privileged
- apiGroups:
Expand Down Expand Up @@ -53,11 +53,11 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: netobserv-cli
namespace: netobserv-cli
namespace: "{{NAMESPACE}}"
subjects:
- kind: ServiceAccount
name: netobserv-cli
namespace: netobserv-cli
namespace: "{{NAMESPACE}}"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
Expand Down
36 changes: 27 additions & 9 deletions scripts/functions.sh
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,17 @@ skipCleanup=false
K8S_CLI_BIN_PATH=$(which oc 2>/dev/null || which kubectl 2>/dev/null)
K8S_CLI_BIN=$(basename "${K8S_CLI_BIN_PATH}")

# namespace for this run
namespace="netobserv-cli"

if [ -n "$NETOBSERV_NAMESPACE" ]; then
echo "using custom namespace $NETOBSERV_NAMESPACE"
namespace="$NETOBSERV_NAMESPACE"
fi

# collector target host
targetHost="collector.$namespace.svc.cluster.local"

# eBPF agent image to use
agentImg="quay.io/netobserv/netobserv-ebpf-agent:main"

Expand All @@ -36,20 +47,24 @@ function loadYAMLs() {
if [ -f ./res/namespace.yml ]; then
namespaceYAML="$(cat ./res/namespace.yml)"
fi
namespaceYAML="${namespaceYAML/"{{NAME}}"/${namespace}}"

saYAML='
saYAMLContent
'
if [ -f ./res/service-account.yml ]; then
saYAML="$(cat ./res/service-account.yml)"
fi
saYAML="${saYAML//"{{NAMESPACE}}"/${namespace}}"

flowAgentYAML='
flowAgentYAMLContent
'
if [ -f ./res/flow-capture.yml ]; then
flowAgentYAML="$(cat ./res/flow-capture.yml)"
fi
flowAgentYAML="${flowAgentYAML/"{{NAMESPACE}}"/${namespace}}"
flowAgentYAML="${flowAgentYAML/"{{TARGET_HOST}}"/${targetHost}}"
flowAgentYAML="${flowAgentYAML/"{{AGENT_IMAGE_URL}}"/${agentImg}}"

packetAgentYAML='
Expand All @@ -58,6 +73,8 @@ function loadYAMLs() {
if [ -f ./res/packet-capture.yml ]; then
packetAgentYAML="$(cat ./res/packet-capture.yml)"
fi
packetAgentYAML="${packetAgentYAML/"{{NAMESPACE}}"/${namespace}}"
packetAgentYAML="${packetAgentYAML/"{{TARGET_HOST}}"/${targetHost}}"
packetAgentYAML="${packetAgentYAML/"{{AGENT_IMAGE_URL}}"/${agentImg}}"

collectorServiceYAML='
Expand All @@ -66,6 +83,7 @@ function loadYAMLs() {
if [ -f ./res/collector-service.yml ]; then
collectorServiceYAML="$(cat ./res/collector-service.yml)"
fi
collectorServiceYAML="${collectorServiceYAML/"{{NAMESPACE}}"/${namespace}}"
}

function clusterIsReady() {
Expand All @@ -83,7 +101,7 @@ function clusterIsReady() {

function namespaceFound() {
# ensure namespace doesn't exist, else we should not override content
if ${K8S_CLI_BIN} get namespace netobserv-cli --ignore-not-found=true | grep -q "netobserv-cli"; then
if ${K8S_CLI_BIN} get namespace "$namespace" --ignore-not-found=true | grep -q "$namespace"; then
return 0
else
return 1
Expand All @@ -110,7 +128,7 @@ function setup {
fi

if namespaceFound; then
printf "netobserv-cli namespace already exists. Ensure someone else is not running another capture on this cluster. Else use 'oc netobserv cleanup' to remove the namespace first.\n" >&2
printf "%s namespace already exists. Ensure someone else is not running another capture on this cluster. Else use 'oc netobserv cleanup' to remove the namespace first.\n" "$namespace" >&2
skipCleanup="true"
exit 1
fi
Expand All @@ -119,7 +137,7 @@ function setup {
loadYAMLs

# apply yamls
echo "creating netobserv-cli namespace"
echo "creating $namespace namespace"
echo "$namespaceYAML" | ${K8S_CLI_BIN} apply -f -

echo "creating service account"
Expand Down Expand Up @@ -152,28 +170,28 @@ function setup {
}

function follow {
${K8S_CLI_BIN} logs collector -n netobserv-cli -f
${K8S_CLI_BIN} logs collector -n "$namespace" -f
}

function copyOutput {
echo "Copying collector output files..."
mkdir -p ./output
${K8S_CLI_BIN} cp -n netobserv-cli collector:output ./output
${K8S_CLI_BIN} cp -n "$namespace" collector:output ./output
}

function deleteDaemonset {
printf "\nDeleting daemonset... "
${K8S_CLI_BIN} delete daemonset netobserv-cli -n netobserv-cli --ignore-not-found=true
${K8S_CLI_BIN} delete daemonset netobserv-cli -n "$namespace" --ignore-not-found=true
}

function deletePod {
printf "\nDeleting pod... "
${K8S_CLI_BIN} delete pod collector -n netobserv-cli --ignore-not-found=true
${K8S_CLI_BIN} delete pod collector -n "$namespace" --ignore-not-found=true
}

function deleteNamespace {
printf "\nDeleting namespace... "
${K8S_CLI_BIN} delete namespace netobserv-cli --ignore-not-found=true
${K8S_CLI_BIN} delete namespace "$namespace" --ignore-not-found=true
}

function cleanup {
Expand Down Expand Up @@ -593,6 +611,6 @@ function check_args_and_apply() {
done

${K8S_CLI_BIN} apply -f "$2"
${K8S_CLI_BIN} rollout status daemonset netobserv-cli -n netobserv-cli --timeout 60s
${K8S_CLI_BIN} rollout status daemonset netobserv-cli -n "$namespace" --timeout 60s
rm -rf ${MANIFEST_OUTPUT_PATH}
}

0 comments on commit a88001f

Please sign in to comment.