Closed khansaad closed 3 weeks ago
@msvinaykumar Tested it on resource hub cluster, able to see it working on openshift as well
saakhan:autotune$ ./deploy.sh -m crc -c openshift -i quay.io/kruize/autotune_operator:0.0.22_mvp
### Installing kruize for openshift
use yaml build - 0
Warning: resource namespaces/openshift-tuning is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
namespace/openshift-tuning configured
serviceaccount/kruize-sa created
clusterrolebinding.rbac.authorization.k8s.io/autotune-scc-crb created
storageclass.storage.k8s.io/manual created
persistentvolume/postgres-pv-volume created
persistentvolumeclaim/postgres-pv-claim created
configmap/kruizeconfig created
Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "postgres" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "postgres" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "postgres" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "postgres" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
deployment.apps/postgres-deployment created
service/postgres-service created
Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (containers "wait-for-postgres", "kruize" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (containers "wait-for-postgres", "kruize" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or containers "wait-for-postgres", "kruize" must set securityContext.runAsNonRoot=true), seccompProfile (pod or containers "wait-for-postgres", "kruize" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
deployment.apps/kruize created
service/kruize created
cronjob.batch/create-partition-cronjob created
cronjob.batch/kruize-delete-partition-cronjob created
servicemonitor.monitoring.coreos.com/kruize-service-monitor created
configmap/nginx-config created
service/kruize-ui-nginx-service created
Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "kruize-ui-nginx-container" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "kruize-ui-nginx-container" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "kruize-ui-nginx-container" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "kruize-ui-nginx-container" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
pod/kruize-ui-nginx-pod created
clusterrolebinding.rbac.authorization.k8s.io/kruize-monitoring-view created
Info: Waiting for kruize to come up.....
kruize-578b775f9d-lhbwq 0/1 Init:0/1 0 9s
kruize-578b775f9d-lhbwq 0/1 PodInitializing 0 16s
kruize-578b775f9d-lhbwq 1/1 Running 0 22s
Info: kruize deploy succeeded: Running
kruize-578b775f9d-lhbwq 1/1 Running 0 25s
kruize-ui-nginx-pod 1/1 Running 0 19s
saakhan:autotune$ oc get pods
NAME READY STATUS RESTARTS AGE
kruize-578b775f9d-lhbwq 1/1 Running 0 32s
kruize-ui-nginx-pod 1/1 Running 0 26s
postgres-deployment-79cd88468-47p6z 1/1 Running 0 33s
@khansaad can we change the name of the postgres service to kruize-db
or something like that. The current naming convention makes this ambiguous as to which deployment that it belong to
@khansaad can we change the name of the postgres service to
kruize-db
or something like that. The current naming convention makes this ambiguous as to which deployment that it belong to
Updated now!
@khansaad can we change the name of the postgres service to
kruize-db
or something like that. The current naming convention makes this ambiguous as to which deployment that it belong toUpdated now!
@khansaad Thanks for the update, can you also change the name of postgres-deployment
@khansaad can we change the name of the postgres service to
kruize-db
or something like that. The current naming convention makes this ambiguous as to which deployment that it belong toUpdated now!
@khansaad Thanks for the update, can you also change the name of
postgres-deployment
Done!
@khansaad Sorry can you grep for the name postgres in the manifest files and update it something more relevant wherever appropriate, thanks!
@khansaad Looks like the PR check test scripts might need to be updated as well
Add
initContainer
in Kruize pod to check postGres pod readinessDescription
This PR will do the following changes -
initContainer
which checks for the postgres pod service based and starts the main kruize container only when a successful connection is established.Type of change
How has this been tested?
Test Configuration
Checklist :dart:
Additional information