Merge remote-tracking branch 'origin/master' into quinteros

ManageIQ · Oct 26, 2023 · 1b3a74d · 1b3a74d
2 parents b6894d3 + 13812b3
commit 1b3a74d
Show file tree

Hide file tree

Showing 16 changed files with 201 additions and 104 deletions.
diff --git a/.github/workflows/build_pods.yaml b/.github/workflows/build_pods.yaml
@@ -9,7 +9,7 @@ jobs:
     if: github.repository_owner == 'ManageIQ'
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: Set up Go
       uses: actions/setup-go@v4
       with:

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -14,7 +14,7 @@ jobs:
         ruby-version:
         - '3.0'
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: Before install
       run: bin/before_install
     - name: Set up Ruby

diff --git a/.github/workflows/go_dependencies.yaml b/.github/workflows/go_dependencies.yaml
@@ -9,7 +9,7 @@ jobs:
   go_dependencies:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - name: Set up Go
       uses: actions/setup-go@v4
       with:

diff --git a/images/manageiq-base/Dockerfile b/images/manageiq-base/Dockerfile
@@ -47,10 +47,10 @@ RUN dnf config-manager --setopt=tsflags=nodocs --setopt=install_weak_deps=False
       httpd \
       mod_ssl \
       https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
-      https://rpm.manageiq.org/release/17-quinteros/el8/noarch/manageiq-release-17.0-1.el8.noarch.rpm && \
+      https://rpm.manageiq.org/release/18-radjabov/el8/noarch/manageiq-release-18.0-1.el8.noarch.rpm && \
     dnf -y update && \
     dnf -y module enable postgresql:13 ruby:3.0 && \
-    if [[ "$RELEASE_BUILD" != "true" ]]; then dnf config-manager --enable manageiq-17-quinteros-nightly; fi && \
+    if [[ "$RELEASE_BUILD" != "true" ]]; then dnf config-manager --enable manageiq-18-radjabov-nightly; fi && \
     dnf config-manager --setopt=ubi-8-*.exclude=dracut*,net-snmp*,redhat-release* --save && \
     if [[ "$LOCAL_RPM" = "true" ]]; then /create_local_yum_repo.sh; fi && \
     dnf -y install \

diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/httpd.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/httpd.go
@@ -8,6 +8,7 @@ import (
 
 	miqv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1"
 	tlstools "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1/helpers/tlstools"
+	miqutilsv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1/miqutils"
 	routev1 "github.com/openshift/api/route/v1"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
@@ -470,6 +471,8 @@ func HttpdDeployment(client client.Client, cr *miqv1alpha1.ManageIQ, scheme *run
 			deployment.Spec.Template.Spec.Volumes = addOrUpdateVolume(deployment.Spec.Template.Spec.Volumes, corev1.Volume{Name: volumeName, VolumeSource: corev1.VolumeSource{Secret: &secretVolumeSource}})
 		}
 
+		miqutilsv1alpha1.SetDeploymentNodeAffinity(deployment, client)
+
 		return nil
 	}
 

diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/kafka.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/kafka.go
@@ -4,6 +4,7 @@ import (
 	"context"
 
 	miqv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1"
+	miqutilsv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1/miqutils"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	resource "k8s.io/apimachinery/pkg/api/resource"
@@ -197,7 +198,7 @@ func ZookeeperService(cr *miqv1alpha1.ManageIQ, scheme *runtime.Scheme) (*corev1
 	return service, f
 }
 
-func KafkaDeployment(cr *miqv1alpha1.ManageIQ, scheme *runtime.Scheme) (*appsv1.Deployment, controllerutil.MutateFn, error) {
+func KafkaDeployment(cr *miqv1alpha1.ManageIQ, client client.Client, scheme *runtime.Scheme) (*appsv1.Deployment, controllerutil.MutateFn, error) {
 	deploymentLabels := map[string]string{
 		"name": "kafka",
 		"app":  cr.Spec.AppName,
@@ -315,13 +316,15 @@ func KafkaDeployment(cr *miqv1alpha1.ManageIQ, scheme *runtime.Scheme) (*appsv1.
 				},
 			},
 		}
+		miqutilsv1alpha1.SetDeploymentNodeAffinity(deployment, client)
+
 		return nil
 	}
 
 	return deployment, f, nil
 }
 
-func ZookeeperDeployment(cr *miqv1alpha1.ManageIQ, scheme *runtime.Scheme) (*appsv1.Deployment, controllerutil.MutateFn, error) {
+func ZookeeperDeployment(cr *miqv1alpha1.ManageIQ, client client.Client, scheme *runtime.Scheme) (*appsv1.Deployment, controllerutil.MutateFn, error) {
 	deploymentLabels := map[string]string{
 		"name": "zookeeper",
 		"app":  cr.Spec.AppName,
@@ -398,6 +401,8 @@ func ZookeeperDeployment(cr *miqv1alpha1.ManageIQ, scheme *runtime.Scheme) (*app
 				},
 			},
 		}
+		miqutilsv1alpha1.SetDeploymentNodeAffinity(deployment, client)
+
 		return nil
 	}
 

diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/memcached.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/memcached.go
@@ -2,6 +2,7 @@ package miqtools
 
 import (
 	miqv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1"
+	miqutilsv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1/miqutils"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -103,6 +104,8 @@ func NewMemcachedDeployment(cr *miqv1alpha1.ManageIQ, scheme *runtime.Scheme, cl
 			deployment.Spec.Template.Spec.Containers[0].Env = addOrUpdateEnvVar(deployment.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{Name: "MEMCACHED_EXTRA_PARAMETERS", Value: "-Z -o ssl_chain_cert=/root/server.crt -o ssl_key=/root/server.key -p 11211"})
 		}
 
+		miqutilsv1alpha1.SetDeploymentNodeAffinity(deployment, client)
+
 		return nil
 	}
 

diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/operator.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/operator.go
@@ -4,6 +4,7 @@ import (
 	"context"
 
 	miqv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1"
+	miqutilsv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1/miqutils"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	rbacv1 "k8s.io/api/rbac/v1"
@@ -14,7 +15,10 @@ import (
 )
 
 func ManageOperator(cr *miqv1alpha1.ManageIQ, client client.Client) (*appsv1.Deployment, controllerutil.MutateFn) {
-	deployment := operatorDeployment(cr, client)
+	podName := os.Getenv("POD_NAME")
+	pod := miqutilsv1alpha1.FindPodByName(client, cr.Namespace, podName)
+	replicaSet := miqutilsv1alpha1.FindReplicaSetByName(client, cr.Namespace, pod.ObjectMeta.OwnerReferences[0].Name)
+	deployment := miqutilsv1alpha1.FindDeploymentByName(client, cr.Namespace, replicaSet.ObjectMeta.OwnerReferences[0].Name)
 
 	f := func() error {
 		addAppLabel(cr.Spec.AppName, &deployment.ObjectMeta)
@@ -106,38 +110,10 @@ func ManageOperatorRoleBinding(cr *miqv1alpha1.ManageIQ, client client.Client) (
 	return operatorRoleBinding, f
 }
 
-func operatorPod(cr *miqv1alpha1.ManageIQ, client client.Client) *corev1.Pod {
-	operatorPodName := os.Getenv("POD_NAME")
-	podKey := types.NamespacedName{Namespace: cr.Namespace, Name: operatorPodName}
-	pod := &corev1.Pod{}
-	client.Get(context.TODO(), podKey, pod)
-
-	return pod
-}
-
-func operatorReplicaSet(cr *miqv1alpha1.ManageIQ, client client.Client) *appsv1.ReplicaSet {
-	pod := operatorPod(cr, client)
-	operatorReplicaSetName := pod.ObjectMeta.OwnerReferences[0].Name
-	replicaSetKey := types.NamespacedName{Namespace: cr.Namespace, Name: operatorReplicaSetName}
-	replicaSet := &appsv1.ReplicaSet{}
-	client.Get(context.TODO(), replicaSetKey, replicaSet)
-
-	return replicaSet
-}
-
-func operatorDeployment(cr *miqv1alpha1.ManageIQ, client client.Client) *appsv1.Deployment {
-	replicaSet := operatorReplicaSet(cr, client)
-	operatorDeploymentName := replicaSet.ObjectMeta.OwnerReferences[0].Name
-	deploymentKey := types.NamespacedName{Namespace: cr.Namespace, Name: operatorDeploymentName}
-	deployment := &appsv1.Deployment{}
-	client.Get(context.TODO(), deploymentKey, deployment)
-
-	return deployment
-}
-
 func operatorServiceAccount(cr *miqv1alpha1.ManageIQ, client client.Client) *corev1.ServiceAccount {
-	deployment := operatorDeployment(cr, client)
-	operatorServiceAccountName := deployment.Spec.Template.Spec.ServiceAccountName
+	podName := os.Getenv("POD_NAME")
+	pod := miqutilsv1alpha1.FindPodByName(client, cr.Namespace, podName)
+	operatorServiceAccountName := pod.Spec.ServiceAccountName
 	serviceAccountKey := types.NamespacedName{Namespace: cr.Namespace, Name: operatorServiceAccountName}
 	serviceAccount := &corev1.ServiceAccount{}
 	client.Get(context.TODO(), serviceAccountKey, serviceAccount)

diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/orchestrator.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/orchestrator.go
@@ -4,6 +4,7 @@ import (
 	"context"
 
 	miqv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1"
+	miqutilsv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1/miqutils"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	rbacv1 "k8s.io/api/rbac/v1"
@@ -322,6 +323,8 @@ func OrchestratorDeployment(cr *miqv1alpha1.ManageIQ, scheme *runtime.Scheme, cl
 		}}
 		deployment.Spec.Template.Spec.Volumes = addOrUpdateVolume(deployment.Spec.Template.Spec.Volumes, corev1.Volume{Name: "database-secret", VolumeSource: corev1.VolumeSource{Secret: &databaseSecretVolumeSource}})
 
+		miqutilsv1alpha1.SetDeploymentNodeAffinity(deployment, client)
+
 		return nil
 	}
 

diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/postgresql.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/postgresql.go
@@ -4,6 +4,7 @@ import (
 	"context"
 
 	miqv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1"
+	miqutilsv1alpha1 "github.com/ManageIQ/manageiq-pods/manageiq-operator/api/v1alpha1/miqutils"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	resource "k8s.io/apimachinery/pkg/api/resource"
@@ -286,6 +287,8 @@ func PostgresqlDeployment(cr *miqv1alpha1.ManageIQ, client client.Client, scheme
 
 		addInternalCertificate(cr, deployment, client, "postgresql", "/opt/app-root/src/certificates")
 
+		miqutilsv1alpha1.SetDeploymentNodeAffinity(deployment, client)
+
 		return nil
 	}
 

diff --git a/manageiq-operator/api/v1alpha1/miqutils/find.go b/manageiq-operator/api/v1alpha1/miqutils/find.go
@@ -0,0 +1,33 @@
+package miqutils
+
+import (
+	"context"
+	appsv1 "k8s.io/api/apps/v1"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+func FindPodByName(client client.Client, namespace string, name string) *corev1.Pod {
+	podKey := types.NamespacedName{Namespace: namespace, Name: name}
+	pod := &corev1.Pod{}
+	client.Get(context.TODO(), podKey, pod)
+
+	return pod
+}
+
+func FindReplicaSetByName(client client.Client, namespace string, name string) *appsv1.ReplicaSet {
+	replicaSetKey := types.NamespacedName{Namespace: namespace, Name: name}
+	replicaSet := &appsv1.ReplicaSet{}
+	client.Get(context.TODO(), replicaSetKey, replicaSet)
+
+	return replicaSet
+}
+
+func FindDeploymentByName(client client.Client, namespace string, name string) *appsv1.Deployment {
+	deploymentKey := types.NamespacedName{Namespace: namespace, Name: name}
+	deployment := &appsv1.Deployment{}
+	client.Get(context.TODO(), deploymentKey, deployment)
+
+	return deployment
+}
diff --git a/manageiq-operator/api/v1alpha1/miqutils/node_affinity.go b/manageiq-operator/api/v1alpha1/miqutils/node_affinity.go
@@ -0,0 +1,61 @@
+package miqutils
+
+import (
+	appsv1 "k8s.io/api/apps/v1"
+	corev1 "k8s.io/api/core/v1"
+	"os"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+func OperatorNodeAffinityArchValues(deployment *appsv1.Deployment, client client.Client) []string {
+	podName := os.Getenv("POD_NAME")
+	pod := FindPodByName(client, deployment.ObjectMeta.Namespace, podName)
+	values := []string{"amd64"}
+
+	if pod.Spec.Affinity == nil {
+		// In case we don't find the operator pod (local testing) or it doesn't have affinities
+		return values
+	}
+
+	nodeSelectorTerms := pod.Spec.Affinity.NodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms
+
+	for _, selector := range nodeSelectorTerms {
+		for _, matchExpression := range selector.MatchExpressions {
+			if matchExpression.Key == "kubernetes.io/arch" {
+				values = matchExpression.Values
+			}
+		}
+	}
+
+	return values
+}
+
+func SetDeploymentNodeAffinity(deployment *appsv1.Deployment, client client.Client) {
+	operatorNodeAffinityArchValues := OperatorNodeAffinityArchValues(deployment, client)
+	if len(operatorNodeAffinityArchValues) == 0 {
+		// We're running local, can't find the operator pod, or it doesn't have any affinities to use as a template.  Skip it.
+		return
+	}
+
+	matchExpression := corev1.NodeSelectorRequirement{
+		Key:      "kubernetes.io/arch",
+		Operator: corev1.NodeSelectorOpIn,
+		Values:   operatorNodeAffinityArchValues,
+	}
+
+	matchExpressions := []corev1.NodeSelectorRequirement{matchExpression}
+
+	nodeSelectorTerm := corev1.NodeSelectorTerm{
+		MatchExpressions: matchExpressions,
+	}
+
+	nodeSelectionTerms := []corev1.NodeSelectorTerm{nodeSelectorTerm}
+
+	deployment.Spec.Template.Spec.Affinity = &corev1.Affinity{
+		NodeAffinity: &corev1.NodeAffinity{
+			RequiredDuringSchedulingIgnoredDuringExecution: &corev1.NodeSelector{
+				NodeSelectorTerms: nodeSelectionTerms,
+			},
+		},
+	}
+}
diff --git a/manageiq-operator/config/manager/manager.yaml b/manageiq-operator/config/manager/manager.yaml
@@ -12,6 +12,15 @@ spec:
       labels:
         name: manageiq-operator
     spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: kubernetes.io/arch
+                operator: In
+                values:
+                - amd64
       serviceAccountName: manageiq-operator
       containers:
         - name: manageiq-operator