From cdd7372c895383687fe409dacbf96934345c8c80 Mon Sep 17 00:00:00 2001 From: MegaByte875 Date: Thu, 12 Oct 2023 17:08:11 +0800 Subject: [PATCH] update operator chart and doc format --- README.md | 25 ++++++++++--------- .../controller-manager-deployment.yaml | 12 +++------ .../templates/scheduler-deployment.yaml | 12 +++++++++ charts/nebula-operator/values.yaml | 3 --- doc/user/webhook.md | 20 +++++++-------- 5 files changed, 38 insertions(+), 34 deletions(-) diff --git a/README.md b/README.md index 0365f65e..ac40f0e1 100644 --- a/README.md +++ b/README.md @@ -221,18 +221,19 @@ nebula-storaged-2 1/1 Running 0 19s ``` ## Guidelines - -[Custom config](doc/user/custom_config.md) - -[Log guide](doc/user/log_guide.md) - -[Storage guide](doc/user/storage_guide.md) - -[SSL guide](doc/user/ssl_guide.md) - -[ngctl guide](doc/user/ngctl_guide.md) - -[PersistentVolume reclaim guide](doc/user/pv_reclaim.md) +- [Graphd HPA](doc/user/nebula_autoscaler.md) +- [Admission webhook](doc/user/webhook.md) +- [Custom flags](doc/user/custom_config.md) +- [Custom port](doc/user/nebula_port.md) +- [Log](doc/user/log_guide.md) +- [Storaged](doc/user/storage_guide.md) +- [PV reclaim](doc/user/pv_reclaim.md) +- [PV expansion](doc/user/pv_expansion.md) +- [mTLS](doc/user/ssl_guide.md) +- [Security context](doc/user/security_context.md) +- [ngctl](doc/user/ngctl_guide.md) +- [nebula-console](doc/user/nebula_console.md) +- [nebula-exporter](doc/user/nebula_exporter.md) ## FAQ diff --git a/charts/nebula-operator/templates/controller-manager-deployment.yaml b/charts/nebula-operator/templates/controller-manager-deployment.yaml index 70cf00ae..4b484b38 100644 --- a/charts/nebula-operator/templates/controller-manager-deployment.yaml +++ b/charts/nebula-operator/templates/controller-manager-deployment.yaml @@ -26,18 +26,14 @@ spec: command: - /usr/local/bin/controller-manager args: - {{- if .Values.syncPeriod }} - --sync-period={{ .Values.syncPeriod }} - {{- end }} - {{- if .Values.concurrentNebulaClusterSyncs }} - --concurrent-nebulacluster-syncs={{ .Values.concurrentNebulaClusterSyncs }} - {{- end }} - {{- if .Values.concurrentNebulaRestoreSyncs }} - --concurrent-nebularestore-syncs={{ .Values.concurrentNebulaRestoreSyncs }} - {{- end }} - --leader-elect - --leader-elect-resource-namespace={{ template "nebula-operator.namespace" . }} - - --enable-admission-webhook={{ .Values.admissionWebhook.create | default false }} + - --enable-admission-webhook={{ .Values.admissionWebhook.create }} + - --webhook-secure-port={{ .Values.admissionWebhook.webhookBindPort }} + - --enable-kruise-scheme={{ .Values.enableKruiseScheme }} {{- if or .Values.kubernetesClusterDomain .Values.controllerManager.env }} env: {{- if .Values.kubernetesClusterDomain }} @@ -80,9 +76,7 @@ spec: command: - /usr/local/bin/autoscaler args: - {{- if .Values.concurrentAutoscalerSyncs }} - --concurrent-autoscaler-syncs={{ .Values.concurrentAutoscalerSyncs }} - {{- end }} - --health-probe-bind-address=:8091 - --metrics-bind-address=:8090 - --leader-elect diff --git a/charts/nebula-operator/templates/scheduler-deployment.yaml b/charts/nebula-operator/templates/scheduler-deployment.yaml index 3fa6d314..430bba0d 100644 --- a/charts/nebula-operator/templates/scheduler-deployment.yaml +++ b/charts/nebula-operator/templates/scheduler-deployment.yaml @@ -64,5 +64,17 @@ spec: configMap: name: scheduler-config restartPolicy: Always + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} diff --git a/charts/nebula-operator/values.yaml b/charts/nebula-operator/values.yaml index 623d9081..f2cda3c5 100644 --- a/charts/nebula-operator/values.yaml +++ b/charts/nebula-operator/values.yaml @@ -49,9 +49,6 @@ enableKruiseScheme: false # Period at which the controller forces the repopulation of its local object stores. (default 0h30m0s) syncPeriod: 0h30m0s -# Namespace the controller watches for updates to Kubernetes objects, If empty, all namespaces are watched. -watchNamespace: - # The number of NebulaCluster objects that are allowed to sync concurrently. (default 5) concurrentNebulaClusterSyncs: 5 diff --git a/doc/user/webhook.md b/doc/user/webhook.md index d902fc87..2e9b2dce 100644 --- a/doc/user/webhook.md +++ b/doc/user/webhook.md @@ -94,36 +94,36 @@ status: ``` ### Validate rules -- Append storage volume +Append storage volume ```shell $ kubectl patch nc nebula --type='merge' --patch '{"spec": {"storaged": {"dataVolumeClaims":[{"resources": {"requests": {"storage": "2Gi"}}, "storageClassName": "local-path"},{"resources": {"requests": {"storage": "3Gi"}}, "storageClassName": "fask-disks"}]}}}' Error from server: admission webhook "nebulaclustervalidating.nebula-graph.io" denied the request: spec.storaged.dataVolumeClaims: Forbidden: storaged dataVolumeClaims is immutable -- ``` +``` -- Shrink PV +Shrink PV ```shell $ kubectl patch nc nebula --type='merge' --patch '{"spec": {"storaged": {"dataVolumeClaims":[{"resources": {"requests": {"storage": "1Gi"}}, "storageClassName": "fast-disks"}]}}}' Error from server: admission webhook "nebulaclustervalidating.nebula-graph.io" denied the request: spec.storaged.dataVolumeClaims: Invalid value: resource.Quantity{i:resource.int64Amount{value:1073741824, scale:0}, d:resource.infDecAmount{Dec:(*inf.Dec)(nil)}, s:"1Gi", Format:"BinarySI"}: data volume size can only be increased -- ``` +``` -- Modify thrift ports +Modify thrift ports ```shell $ kubectl patch nc nebula --type='merge' --patch '{"spec": {"graphd": {"port": 8669}}}' Error from server: admission webhook "nebulaclustervalidating.nebula-graph.io" denied the request: spec.graphd.port: Invalid value: 8669: field is immutable -- ``` +``` -- Intermediate state scaling +Scale in intermediate state ```shell $ kubectl patch nc nebula --type='merge' --patch '{"spec": {"storaged": {"replicas": 5}}}' nebulacluster.apps.nebula-graph.io/nebula patched $ kubectl patch nc nebula --type='merge' --patch '{"spec": {"storaged": {"replicas": 3}}}' Error from server: admission webhook "nebulaclustervalidating.nebula-graph.io" denied the request: [spec.storaged: Forbidden: field is immutable while in ScaleOut phase, spec.storaged.replicas: Invalid value: 3: field is immutable while not in Running phase] -- ``` +``` -- HA mode +HA mode ```shell # Create a nebula cluster with 2 graphd, 3 metad, and 3 storaged to meet the minimum HA configuration requirement. $ kubectl annotate nc nebula nebula-graph.io/ha-mode=true $ kubectl patch nc nebula --type='merge' --patch '{"spec": {"graphd": {"replicas":1}}}' Error from server: admission webhook "nebulaclustervalidating.nebula-graph.io" denied the request: spec.graphd.replicas: Invalid value: 1: should be at least 2 in HA mode -- ``` \ No newline at end of file +``` \ No newline at end of file