Refactor Kustomize deployment

[NicolasT]

First stab at some of the changes suggested in https://github.com/container-object-storage-interface/cosi-controller-manager/pull/9:

• Add some standard labels to all deployed object
• Split out a base layer and a fullstack layer on top of it
• Don't force IfNotPresent imagePullPolicy which one potentially doesn't want for latest images (we could patch this in a dev layer?)
• Don't override image names with the image that's already hard-coded in the basic manifest

See: https://github.com/kubernetes-sigs/container-object-storage-interface-controller/issues/23 See: https://github.com/kubernetes-sigs/container-object-storage-interface-controller/issues/21 See: https://github.com/kubernetes-sigs/container-object-storage-interface-controller/issues/11

[k8s-ci-robot]

Welcome @NicolasT!

It looks like this is your first PR to kubernetes-sigs/container-object-storage-interface-controller 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/container-object-storage-interface-controller has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. :smiley:

[k8s-ci-robot]

Hi @NicolasT. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[NicolasT]

Looks like I can't add this PR to a specific (GitHub) Milestone or Project myself, so this won't show up in the project planning boards for now.

[NicolasT]

The original deployment manifests use two namespaces to deploy the stack, one for the controller (objectstorage-system), one for the provisioner (objectstorage-provisioner-ns). Is this a separation we want to keep? I get how in production clusters one may want to run them in separate namespaces, though for the fullstack layer, which includes the controller as well as the sample-provisioner, I'd suggest to keep things together.

[NicolasT]

For reference, here's a diff between a rendering of the manifest as found in the master branch at this point in time, and the deploy/fullstack layer as introduced by this PR:

--- master      2020-12-17 18:34:13.137046719 +0000                                                                                                                                                                                                                                                                           
+++ refactor-kustomize-deployment       2020-12-17 18:34:25.455373200 +0000                                                                                                                                                                                                                                                   
@@ -1,6 +1,11 @@                                                                                                                                                                                                                                                                                                              
 apiVersion: v1                                                                                                                                                                                                                                                                                                               
 kind: Namespace                                                                                                                                                                                                                                                                                                              
 metadata:                                                                                                                                                                                                                                                                                                                    
+  name: objectstorage-provisioner-ns                                                                                                                                                                                                                                                                                         
+---                                                                                                                                                                                                                                                                                                                          
+apiVersion: v1                                                                                                                                                                                                                                                                                                               
+kind: Namespace                                                                                                                                                                                                                                                                                                              
+metadata:                                                                                                                                                                                                                                                                                                                    
   name: objectstorage-system                                                                                                                                                                                                                                                                                                 
 ---                                                                                                                                                                                                                                                                                                                          
 apiVersion: apiextensions.k8s.io/v1                                                                                                                                                                                                                                                                                          
@@ -554,12 +559,22 @@                                                                                                                                                                                                                                                                                                         
 apiVersion: v1                                                                                                                                                                                                                                                                                                               
 kind: ServiceAccount                                                                                                                                                                                                                                                                                                         
 metadata:                                                                                                                                                                                                                                                                                                                    
+  labels:                                                                                                                                                                                                                                                                                                                    
+    app.kubernetes.io/component: controller                                                                                                                                                                                                                                                                                  
+    app.kubernetes.io/name: container-object-storage-interface-controller                                                                                                                                                                                                                                                    
+    app.kubernetes.io/part-of: container-object-storage-interface                                                                                                                                                                                                                                                            
+    app.kubernetes.io/version: main                                                                                                                                                                                                                                                                                          
   name: objectstorage-controller-sa                                                                                                                                                                                                                                                                                          
   namespace: objectstorage-system                                                                                                                                                                                                                                                                                            
 ---                                                                                                                                                                                                                                                                                                                          
 apiVersion: rbac.authorization.k8s.io/v1                                                                                                                                                                                                                                                                                     
 kind: Role                                                                                                                                                                                                                                                                                                                   
 metadata:                                                                                                                                                                                                                                                                                                                    
+  labels:                                                                                                                                                                                                                                                                                                                    
+    app.kubernetes.io/component: controller                                                                                                                                                                                                                                                                                  
+    app.kubernetes.io/name: container-object-storage-interface-controller                                                                                                                                                                                                                                                    
+    app.kubernetes.io/part-of: container-object-storage-interface                                                                                                                                                                                                                                                            
+    app.kubernetes.io/version: main                                                                                                                                                                                                                                                                                          
   name: objectstorage-controller                                                                                                                                                                                                                                                                                             
   namespace: objectstorage-system                                                                                                                                                                                                                                                                                            
 rules:
@@ -578,6 +593,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: container-object-storage-interface-controller
+    app.kubernetes.io/part-of: container-object-storage-interface
+    app.kubernetes.io/version: main
   name: objectstorage-controller-role
 rules:
 - apiGroups:
@@ -623,6 +643,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: container-object-storage-interface-controller
+    app.kubernetes.io/part-of: container-object-storage-interface
+    app.kubernetes.io/version: main
   name: objectstorage-controller
   namespace: objectstorage-system
 roleRef:
@@ -637,6 +662,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: container-object-storage-interface-controller
+    app.kubernetes.io/part-of: container-object-storage-interface
+    app.kubernetes.io/version: main
   name: system:objectstorage-controller
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -703,13 +733,20 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/name: container-object-storage-interface-controller
+    app.kubernetes.io/part-of: container-object-storage-interface
+    app.kubernetes.io/version: main
   name: objectstorage-controller
   namespace: objectstorage-system
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: objectstorage-controller
+      app.kubernetes.io/component: controller
+      app.kubernetes.io/name: container-object-storage-interface-controller
+      app.kubernetes.io/part-of: container-object-storage-interface
   strategy:
     rollingUpdate:
       maxSurge: 1
@@ -717,10 +754,12 @@
   template:
     metadata:
       labels:
-        app: objectstorage-controller
+        app.kubernetes.io/component: controller
+        app.kubernetes.io/name: container-object-storage-interface-controller
+        app.kubernetes.io/part-of: container-object-storage-interface
+        app.kubernetes.io/version: main
     spec:
       containers:
       - image: quay.io/containerobjectstorage/objectstorage-controller:latest
-        imagePullPolicy: IfNotPresent
         name: objectstorage-controller
       serviceAccountName: objectstorage-controller-sa

[tparikh]

/lgtm

@wlan0 and @brahmaroutu thoughts on namespace changes?

[k8s-ci-robot]

@tparikh: changing LGTM is restricted to collaborators

In response to [this](https://github.com/kubernetes-sigs/container-object-storage-interface-controller/pull/26#issuecomment-747626880): >/lgtm > >@wlan0 and @brahmaroutu thoughts on namespace changes? Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[NicolasT]

@wlan0 and @brahmaroutu thoughts on namespace changes?

Note current PR doesn't make any changes to namespaces being used (except for creating the one the sample provisioner wants to be deployed in, though one could argue that one should get its own Kustomize in its repo which we can then reference...).

[wlan0]

Yeah you’ve just removed the hard coded namespace.

[wlan0]

/lgtm

[wlan0]

/ok-to-test

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: NicolasT, wlan0

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes-sigs/container-object-storage-interface-controller/blob/master/OWNERS)~~ [wlan0] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment