From c0d839ede853ef84089afb90199ce9b79744b3a8 Mon Sep 17 00:00:00 2001 From: Manish Kumar <30774250+manish-jangra@users.noreply.github.com> Date: Thu, 27 Feb 2025 15:12:35 +0530 Subject: [PATCH] KFLUXINFRA-1269: Adding Configuration to etcd defrag periodically This Pull Request will create following resources - - Namespace - ClusterRole - ClusterRoleBinding - ServiceAccount - CronJob that will run every 5 minutes Signed-off-by: Manish Kumar <30774250+manish-jangra@users.noreply.github.com> --- .../etcd-defrag/etcd-defrag.yaml | 40 +++++++++++++++++++ .../etcd-defrag/kustomization.yaml | 6 +++ .../infra-deployments/kustomization.yaml | 1 + .../delete-applications.yaml | 6 +++ .../delete-applications.yaml | 6 +++ .../delete-applications.yaml | 6 +++ configs/etcd-defrag/base/cluster-role.yaml | 28 +++++++++++++ configs/etcd-defrag/base/cronjob.yaml | 24 +++++++++++ configs/etcd-defrag/base/kustomization.yaml | 9 +++++ configs/etcd-defrag/base/namespace.yaml | 4 ++ configs/etcd-defrag/base/role-binding.yaml | 14 +++++++ configs/etcd-defrag/base/serviceaccount.yaml | 6 +++ .../etcd-defrag/production/kustomization.yaml | 4 ++ .../etcd-defrag/staging/kustomization.yaml | 4 ++ 14 files changed, 158 insertions(+) create mode 100644 argo-cd-apps/base/member/infra-deployments/etcd-defrag/etcd-defrag.yaml create mode 100644 argo-cd-apps/base/member/infra-deployments/etcd-defrag/kustomization.yaml create mode 100644 configs/etcd-defrag/base/cluster-role.yaml create mode 100644 configs/etcd-defrag/base/cronjob.yaml create mode 100644 configs/etcd-defrag/base/kustomization.yaml create mode 100644 configs/etcd-defrag/base/namespace.yaml create mode 100644 configs/etcd-defrag/base/role-binding.yaml create mode 100644 configs/etcd-defrag/base/serviceaccount.yaml create mode 100644 configs/etcd-defrag/production/kustomization.yaml create mode 100644 configs/etcd-defrag/staging/kustomization.yaml diff --git a/argo-cd-apps/base/member/infra-deployments/etcd-defrag/etcd-defrag.yaml b/argo-cd-apps/base/member/infra-deployments/etcd-defrag/etcd-defrag.yaml new file mode 100644 index 00000000000..fb4122c6b20 --- /dev/null +++ b/argo-cd-apps/base/member/infra-deployments/etcd-defrag/etcd-defrag.yaml @@ -0,0 +1,40 @@ +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: etcd-defrag +spec: + generators: + - merge: + mergeKeys: + - nameNormalized + generators: + - clusters: + values: + sourceRoot: configs/etcd-defrag + environment: staging + - list: + elements: [] + template: + metadata: + name: etcd-defrag-{{nameNormalized}} + spec: + project: default + source: + path: '{{values.sourceRoot}}/{{values.environment}}' + repoURL: https://github.com/redhat-appstudio/infra-deployments.git + targetRevision: main + destination: + namespace: default + server: '{{server}}' + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true + retry: + limit: -1 + backoff: + duration: 10s + factor: 2 + maxDuration: 3m diff --git a/argo-cd-apps/base/member/infra-deployments/etcd-defrag/kustomization.yaml b/argo-cd-apps/base/member/infra-deployments/etcd-defrag/kustomization.yaml new file mode 100644 index 00000000000..6d8768c9d4b --- /dev/null +++ b/argo-cd-apps/base/member/infra-deployments/etcd-defrag/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- etcd-defrag.yaml +components: + - ../../../../k-components/deploy-to-member-cluster-merge-generator diff --git a/argo-cd-apps/base/member/infra-deployments/kustomization.yaml b/argo-cd-apps/base/member/infra-deployments/kustomization.yaml index c7936958aab..df0dc0670eb 100644 --- a/argo-cd-apps/base/member/infra-deployments/kustomization.yaml +++ b/argo-cd-apps/base/member/infra-deployments/kustomization.yaml @@ -9,6 +9,7 @@ resources: - build-service - pipeline-service - build-templates + - etcd-defrag - internal-services - image-controller - multi-platform-controller diff --git a/argo-cd-apps/overlays/konflux-public-production/delete-applications.yaml b/argo-cd-apps/overlays/konflux-public-production/delete-applications.yaml index 49d5e10e79a..fc46cdbf020 100644 --- a/argo-cd-apps/overlays/konflux-public-production/delete-applications.yaml +++ b/argo-cd-apps/overlays/konflux-public-production/delete-applications.yaml @@ -31,3 +31,9 @@ kind: ApplicationSet metadata: name: kyverno $patch: delete +--- +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: etcd-defrag +$patch: delete diff --git a/argo-cd-apps/overlays/production-downstream/delete-applications.yaml b/argo-cd-apps/overlays/production-downstream/delete-applications.yaml index 7f82121bc6a..1b4ba0057d3 100644 --- a/argo-cd-apps/overlays/production-downstream/delete-applications.yaml +++ b/argo-cd-apps/overlays/production-downstream/delete-applications.yaml @@ -61,3 +61,9 @@ kind: ApplicationSet metadata: name: kyverno $patch: delete +--- +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: etcd-defrag +$patch: delete diff --git a/argo-cd-apps/overlays/staging-downstream/delete-applications.yaml b/argo-cd-apps/overlays/staging-downstream/delete-applications.yaml index 4a22c42ac00..9985feef036 100644 --- a/argo-cd-apps/overlays/staging-downstream/delete-applications.yaml +++ b/argo-cd-apps/overlays/staging-downstream/delete-applications.yaml @@ -49,3 +49,9 @@ kind: ApplicationSet metadata: name: nvme-storage-configurator $patch: delete +--- +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: etcd-defrag +$patch: delete diff --git a/configs/etcd-defrag/base/cluster-role.yaml b/configs/etcd-defrag/base/cluster-role.yaml new file mode 100644 index 00000000000..3e687fa5bd0 --- /dev/null +++ b/configs/etcd-defrag/base/cluster-role.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: etcd-maintenance-role +rules: +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - get + - create + - delete + - watch +- apiGroups: + - "" + resources: + - pods/attach + verbs: + - create +- apiGroups: + - "" + resources: + - pods/log + verbs: + - get diff --git a/configs/etcd-defrag/base/cronjob.yaml b/configs/etcd-defrag/base/cronjob.yaml new file mode 100644 index 00000000000..0ec24f666c4 --- /dev/null +++ b/configs/etcd-defrag/base/cronjob.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: batch/v1 +kind: CronJob +metadata: + name: etcd-maintenance + namespace: etcd-maintenance +spec: + schedule: "*/15 * * * *" + jobTemplate: + spec: + template: + spec: + serviceAccountName: etcd-maintenance + restartPolicy: OnFailure + containers: + - name: etcd-maintenance + image: registry.redhat.io/openshift4/ose-cli + imagePullPolicy: IfNotPresent + command: + - /bin/sh + - -c + - | + etcd_pod=$(oc get pod -l app=etcd -oname -n openshift-etcd | awk -F"/" 'NR==1{ print $2 }') + oc -n openshift-etcd debug pod/${etcd_pod} --image=quay.io/konflux-ci/etcd-defrag:dc8f64b3e0268d3d85132be0c66495d718362157 --one-container=true -- /bin/sh -c "chmod +x /opt/defrag.sh && /opt/defrag.sh" diff --git a/configs/etcd-defrag/base/kustomization.yaml b/configs/etcd-defrag/base/kustomization.yaml new file mode 100644 index 00000000000..df25ecb6341 --- /dev/null +++ b/configs/etcd-defrag/base/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: etcd-maintenance +resources: + - namespace.yaml + - cluster-role.yaml + - role-binding.yaml + - serviceaccount.yaml + - cronjob.yaml diff --git a/configs/etcd-defrag/base/namespace.yaml b/configs/etcd-defrag/base/namespace.yaml new file mode 100644 index 00000000000..00cd3f83bdb --- /dev/null +++ b/configs/etcd-defrag/base/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: etcd-maintenance diff --git a/configs/etcd-defrag/base/role-binding.yaml b/configs/etcd-defrag/base/role-binding.yaml new file mode 100644 index 00000000000..a37c32b90a5 --- /dev/null +++ b/configs/etcd-defrag/base/role-binding.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: etcd-maintenance-binding + namespace: etcd-maintenance +subjects: +- kind: ServiceAccount + name: etcd-maintenance + namespace: etcd-maintenance +roleRef: + kind: ClusterRole + name: etcd-maintenance-role + apiGroup: rbac.authorization.k8s.io diff --git a/configs/etcd-defrag/base/serviceaccount.yaml b/configs/etcd-defrag/base/serviceaccount.yaml new file mode 100644 index 00000000000..24d52ced706 --- /dev/null +++ b/configs/etcd-defrag/base/serviceaccount.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: etcd-maintenance + namespace: etcd-maintenance diff --git a/configs/etcd-defrag/production/kustomization.yaml b/configs/etcd-defrag/production/kustomization.yaml new file mode 100644 index 00000000000..27bb5cb0b48 --- /dev/null +++ b/configs/etcd-defrag/production/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../base diff --git a/configs/etcd-defrag/staging/kustomization.yaml b/configs/etcd-defrag/staging/kustomization.yaml new file mode 100644 index 00000000000..27bb5cb0b48 --- /dev/null +++ b/configs/etcd-defrag/staging/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../base