diff --git a/deploy/kubernetes/operator/config/manager/rss-controller.yaml b/deploy/kubernetes/operator/config/manager/rss-controller.yaml new file mode 100644 index 0000000000..8ed59d9658 --- /dev/null +++ b/deploy/kubernetes/operator/config/manager/rss-controller.yaml @@ -0,0 +1,128 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: rss-controller + namespace: kube-system +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: rss-controller-role +rules: + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch", "delete" ] + - apiGroups: [ "uniffle.apache.org" ] + resources: [ "remoteshuffleservices", "remoteshuffleservices/status" ] + verbs: [ "get", "list", "watch", "update" ] + - apiGroups: [ "admissionregistration.k8s.io" ] + resources: [ "validatingwebhookconfigurations", "mutatingwebhookconfigurations" ] + verbs: [ "get", "list", "watch", "update", "create", "delete" ] + - apiGroups: [ "" ] + resources: [ "configmaps", "secrets", "services", "serviceaccounts" ] + verbs: [ "get", "list", "watch", "update", "create", "delete", "patch" ] + - apiGroups: [ "apps" ] + resources: [ "deployments", "statefulsets" ] + verbs: [ "get", "list", "watch", "update", "create", "delete", "patch" ] + - apiGroups: [ "coordination.k8s.io" ] + resources: [ "leases" ] + verbs: [ "get", "list", "watch", "update", "create", "delete" ] + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "list", "watch", "create", "update", "patch" ] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: rss-controller-role-binding +subjects: + - kind: ServiceAccount + name: rss-controller + namespace: kube-system +roleRef: + kind: ClusterRole + name: rss-controller-role + apiGroup: rbac.authorization.k8s.io +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: rss-controller + namespace: kube-system +spec: + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 2 + type: RollingUpdate + selector: + matchLabels: + app: rss-controller + replicas: 1 + template: + metadata: + labels: + app: rss-controller + spec: + serviceAccountName: rss-controller + containers: + - name: rss-controller + image: ${rss-controller-image} + command: + - "./controller" + args: + - "--v=5" + ports: + - containerPort: 9876 + protocol: TCP + imagePullPolicy: "Always" + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + resources: + requests: + cpu: 500m + memory: 1024Mi + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - rss-controller + topologyKey: kubernetes.io/hostname diff --git a/deploy/kubernetes/operator/config/manager/rss-webhook.yaml b/deploy/kubernetes/operator/config/manager/rss-webhook.yaml new file mode 100644 index 0000000000..63b7e9016a --- /dev/null +++ b/deploy/kubernetes/operator/config/manager/rss-webhook.yaml @@ -0,0 +1,142 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: rss-webhook + namespace: kube-system +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: rss-webhook-role +rules: + - apiGroups: [ "" ] + resources: [ "pods" ] + verbs: [ "get", "list", "watch", "delete" ] + - apiGroups: [ "uniffle.apache.org" ] + resources: [ "remoteshuffleservices", "remoteshuffleservices/status" ] + verbs: [ "get", "list", "watch", "update" ] + - apiGroups: [ "admissionregistration.k8s.io" ] + resources: [ "validatingwebhookconfigurations", "mutatingwebhookconfigurations" ] + verbs: [ "get", "list", "watch", "update", "create", "delete" ] + - apiGroups: [ "" ] + resources: [ "configmaps", "secrets" ] + verbs: [ "get", "list", "watch", "update", "create", "delete" ] + - apiGroups: [ "coordination.k8s.io" ] + resources: [ "leases" ] + verbs: [ "get", "list", "watch", "update", "create", "delete" ] + - apiGroups: [ "" ] + resources: [ "events" ] + verbs: [ "list", "watch", "create", "update", "patch" ] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: rss-webhook-role-binding +subjects: + - kind: ServiceAccount + name: rss-webhook + namespace: kube-system +roleRef: + kind: ClusterRole + name: rss-webhook-role + apiGroup: rbac.authorization.k8s.io +--- +kind: Service +apiVersion: v1 +metadata: + name: rss-webhook + namespace: kube-system +spec: + type: NodePort + selector: + service: rss-webhook + ports: + - protocol: TCP + port: 443 + targetPort: 9876 + nodePort: 31777 +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: rss-webhook + namespace: kube-system +spec: + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 2 + type: RollingUpdate + selector: + matchLabels: + app: rss-webhook + replicas: 1 + template: + metadata: + labels: + app: rss-webhook + service: rss-webhook + spec: + serviceAccountName: rss-webhook + containers: + - name: rss-webhook + image: ${rss-webhook-image} + command: + - "./webhook" + args: + - "--ignore-rss=false" + - "--v=4" + ports: + - containerPort: 9876 + protocol: TCP + imagePullPolicy: "Always" + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + resources: + requests: + cpu: 500m + memory: 1024Mi + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - rss-webhook + topologyKey: kubernetes.io/hostname diff --git a/deploy/kubernetes/operator/examples/full-restart/rss-full-restart.yaml b/deploy/kubernetes/operator/examples/full-restart/rss-full-restart.yaml new file mode 100644 index 0000000000..4083fba65e --- /dev/null +++ b/deploy/kubernetes/operator/examples/full-restart/rss-full-restart.yaml @@ -0,0 +1,71 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +--- +apiVersion: uniffle.apache.org/v1alpha1 +kind: RemoteShuffleService +metadata: + name: rss-full-restart-demo + namespace: kube-system +spec: + configMapName: rss-full-restart-demo + coordinator: + image: "${rss-coordinator-image}" + initContainerImage: "busybox:latest" + rpcNodePort: + - 30001 + - 30011 + httpNodePort: + - 30002 + - 30012 + xmxSize: "10G" + configDir: "/data/rssadmin/rss/conf" + replicas: 1 + excludeNodesFilePath: "/data/rssadmin/rss/coo/exclude_nodes" + securityContext: + runAsUser: 1000 + fsGroup: 1000 + logHostPath: "/data/logs/rss/coordinator" + hostPathMounts: + /data/logs/rss/coordinator: /data/rssadmin/rss/logs + shuffleServer: + sync: true + replicas: 3 + image: "${rss-shuffle-server-image}" + initContainerImage: "busybox:latest" + upgradeStrategy: + type: "FullRestart" + xmxSize: "10G" + configDir: "/data/rssadmin/rss/conf" + securityContext: + runAsUser: 1000 + fsGroup: 1000 + logHostPath: "/data/logs/rss/shuffle-server" + hostPathMounts: + /data/logs/rss/shuffle-server: /data/rssadmin/rss/logs + /data/rssenv1/rssdata1: /data1 + /data/rssenv1/rssdata2: /data2 + /data/rssenv1/rssdata3: /data3 + /data/rssenv1/rssdata4: /data4 + /data/rssenv1/rssdata5: /data5 + /data/rssenv1/rssdata6: /data6 + /data/rssenv1/rssdata7: /data7 + /data/rssenv1/rssdata8: /data8 + /data/rssenv1/rssdata9: /data9 + /data/rssenv1/rssdata10: /data10 + /data/rssenv1/rssdata11: /data11 + /data/rssenv1/rssdata12: /data12 diff --git a/deploy/kubernetes/operator/examples/full-upgrade/rss-full-upgrade.yaml b/deploy/kubernetes/operator/examples/full-upgrade/rss-full-upgrade.yaml new file mode 100644 index 0000000000..a721557410 --- /dev/null +++ b/deploy/kubernetes/operator/examples/full-upgrade/rss-full-upgrade.yaml @@ -0,0 +1,71 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +--- +apiVersion: uniffle.apache.org/v1alpha1 +kind: RemoteShuffleService +metadata: + name: rss-full-upgrade-demo + namespace: kube-system +spec: + configMapName: rss-full-upgrade-demo + coordinator: + image: "${rss-coordinator-image}" + initContainerImage: "busybox:latest" + rpcNodePort: + - 30001 + - 30011 + httpNodePort: + - 30002 + - 30012 + xmxSize: "10G" + configDir: "/data/rssadmin/rss/conf" + replicas: 1 + excludeNodesFilePath: "/data/rssadmin/rss/coo/exclude_nodes" + securityContext: + runAsUser: 1000 + fsGroup: 1000 + logHostPath: "/data/logs/rss/coordinator" + hostPathMounts: + /data/logs/rss/coordinator: /data/rssadmin/rss/logs + shuffleServer: + sync: true + replicas: 3 + image: "${rss-shuffle-server-image}" + initContainerImage: "busybox:latest" + upgradeStrategy: + type: "FullUpgrade" + xmxSize: "10G" + configDir: "/data/rssadmin/rss/conf" + securityContext: + runAsUser: 1000 + fsGroup: 1000 + logHostPath: "/data/logs/rss/shuffle-server" + hostPathMounts: + /data/logs/rss/shuffle-server: /data/rssadmin/rss/logs + /data/rssenv1/rssdata1: /data1 + /data/rssenv1/rssdata2: /data2 + /data/rssenv1/rssdata3: /data3 + /data/rssenv1/rssdata4: /data4 + /data/rssenv1/rssdata5: /data5 + /data/rssenv1/rssdata6: /data6 + /data/rssenv1/rssdata7: /data7 + /data/rssenv1/rssdata8: /data8 + /data/rssenv1/rssdata9: /data9 + /data/rssenv1/rssdata10: /data10 + /data/rssenv1/rssdata11: /data11 + /data/rssenv1/rssdata12: /data12 diff --git a/deploy/kubernetes/operator/examples/partition-upgrade/rss-partition-upgrade.yaml b/deploy/kubernetes/operator/examples/partition-upgrade/rss-partition-upgrade.yaml new file mode 100644 index 0000000000..fa4bf71cec --- /dev/null +++ b/deploy/kubernetes/operator/examples/partition-upgrade/rss-partition-upgrade.yaml @@ -0,0 +1,72 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +--- +apiVersion: uniffle.apache.org/v1alpha1 +kind: RemoteShuffleService +metadata: + name: rss-parition-upgrade-demo + namespace: kube-system +spec: + configMapName: rss-parition-upgrade-demo + coordinator: + image: "${rss-coordinator-image}" + initContainerImage: "busybox:latest" + rpcNodePort: + - 30001 + - 30011 + httpNodePort: + - 30002 + - 30012 + xmxSize: "10G" + configDir: "/data/rssadmin/rss/conf" + replicas: 1 + excludeNodesFilePath: "/data/rssadmin/rss/coo/exclude_nodes" + securityContext: + runAsUser: 1000 + fsGroup: 1000 + logHostPath: "/data/logs/rss/coordinator" + hostPathMounts: + /data/logs/rss/coordinator: /data/rssadmin/rss/logs + shuffleServer: + sync: true + replicas: 3 + image: "${rss-shuffle-server-image}" + initContainerImage: "busybox:latest" + upgradeStrategy: + type: "PartitionUpgrade" + partition: 2 + xmxSize: "10G" + configDir: "/data/rssadmin/rss/conf" + securityContext: + runAsUser: 1000 + fsGroup: 1000 + logHostPath: "/data/logs/rss/shuffle-server" + hostPathMounts: + /data/logs/rss/shuffle-server: /data/rssadmin/rss/logs + /data/rssenv1/rssdata1: /data1 + /data/rssenv1/rssdata2: /data2 + /data/rssenv1/rssdata3: /data3 + /data/rssenv1/rssdata4: /data4 + /data/rssenv1/rssdata5: /data5 + /data/rssenv1/rssdata6: /data6 + /data/rssenv1/rssdata7: /data7 + /data/rssenv1/rssdata8: /data8 + /data/rssenv1/rssdata9: /data9 + /data/rssenv1/rssdata10: /data10 + /data/rssenv1/rssdata11: /data11 + /data/rssenv1/rssdata12: /data12 diff --git a/deploy/kubernetes/operator/examples/specific-upgrade/rss-specific-upgrade.yaml b/deploy/kubernetes/operator/examples/specific-upgrade/rss-specific-upgrade.yaml new file mode 100644 index 0000000000..c2fca59c46 --- /dev/null +++ b/deploy/kubernetes/operator/examples/specific-upgrade/rss-specific-upgrade.yaml @@ -0,0 +1,72 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +--- +apiVersion: uniffle.apache.org/v1alpha1 +kind: RemoteShuffleService +metadata: + name: rss-specific-upgrade-demo + namespace: kube-system +spec: + configMapName: rss-specific-upgrade-demo + coordinator: + image: "${rss-coordinator-image}" + initContainerImage: "busybox:latest" + rpcNodePort: + - 30001 + - 30011 + httpNodePort: + - 30002 + - 30012 + xmxSize: "10G" + configDir: "/data/rssadmin/rss/conf" + replicas: 1 + excludeNodesFilePath: "/data/rssadmin/rss/coo/exclude_nodes" + securityContext: + runAsUser: 1000 + fsGroup: 1000 + logHostPath: "/data/logs/rss/coordinator" + hostPathMounts: + /data/logs/rss/coordinator: /data/rssadmin/rss/logs + shuffleServer: + sync: true + replicas: 3 + image: "${rss-shuffle-server-image}" + initContainerImage: "busybox:latest" + upgradeStrategy: + type: "SpecificUpgrade" + specificNames: [ "rss-shuffle-server-demo-0" ] + xmxSize: "10G" + configDir: "/data/rssadmin/rss/conf" + securityContext: + runAsUser: 1000 + fsGroup: 1000 + logHostPath: "/data/logs/rss/shuffle-server" + hostPathMounts: + /data/logs/rss/shuffle-server: /data/rssadmin/rss/logs + /data/rssenv1/rssdata1: /data1 + /data/rssenv1/rssdata2: /data2 + /data/rssenv1/rssdata3: /data3 + /data/rssenv1/rssdata4: /data4 + /data/rssenv1/rssdata5: /data5 + /data/rssenv1/rssdata6: /data6 + /data/rssenv1/rssdata7: /data7 + /data/rssenv1/rssdata8: /data8 + /data/rssenv1/rssdata9: /data9 + /data/rssenv1/rssdata10: /data10 + /data/rssenv1/rssdata11: /data11 + /data/rssenv1/rssdata12: /data12