ARO-RP/README.md

197 строки
7.6 KiB
Markdown
Исходник Обычный вид История

2019-12-17 04:26:21 +03:00
# Azure Red Hat OpenShift Resource Provider
2019-10-16 06:29:17 +03:00
2020-11-11 02:50:39 +03:00
## Welcome!
2019-10-16 06:29:17 +03:00
2020-11-11 02:50:39 +03:00
For information relating to the generally available Azure Red Hat OpenShift v4
2019-12-16 19:52:38 +03:00
service, please see the following links:
2019-10-16 06:29:17 +03:00
2019-12-16 19:52:38 +03:00
* https://azure.microsoft.com/en-us/services/openshift/
* https://www.openshift.com/products/azure-openshift
* https://docs.microsoft.com/en-us/azure/openshift/
2020-11-11 02:50:39 +03:00
* https://docs.openshift.com/aro/4/welcome/index.html
2019-10-16 06:29:17 +03:00
2019-12-16 19:56:29 +03:00
2019-12-16 19:52:38 +03:00
## Quickstarts
2019-10-16 06:29:17 +03:00
* If you are an end user and want to create an Azure Red Hat OpenShift 4
2020-11-11 02:50:39 +03:00
cluster, follow [Create, access, and manage an Azure Red Hat OpenShift 4
Cluster][1].
2019-10-28 23:56:18 +03:00
2019-12-16 19:52:38 +03:00
* If you want to deploy a development RP, follow [deploy development
RP](docs/deploy-development-rp.md).
[1]: https://docs.microsoft.com/en-us/azure/openshift/howto-using-azure-redhat-openshift
2019-12-16 19:56:29 +03:00
2019-12-17 04:31:16 +03:00
## Contributing
This project welcomes contributions and suggestions. Most contributions require
you to agree to a Contributor License Agreement (CLA) declaring that you have
the right to, and actually do, grant us the rights to use your contribution. For
details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether
you need to provide a CLA and decorate the PR appropriately (e.g., label,
comment). Simply follow the instructions provided by the bot. You will only need
to do this once across all repositories using our CLA.
This project has adopted the [Microsoft Open Source Code of
Conduct](https://opensource.microsoft.com/codeofconduct/). For more information
see the [Code of Conduct
FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact
[opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional
questions or comments.
2019-12-16 19:52:38 +03:00
## Repository map
* .pipelines: CI workflows using Azure pipelines.
2019-12-22 20:47:29 +03:00
* cmd/aro: RP entrypoint.
2019-10-28 23:56:18 +03:00
2019-12-16 19:52:38 +03:00
* deploy: ARM templates to deploy RP in development and production.
2019-12-03 21:40:36 +03:00
2019-12-16 19:52:38 +03:00
* docs: Documentation.
2019-10-28 23:56:18 +03:00
2019-12-16 19:52:38 +03:00
* hack: Build scripts and utilities.
2019-10-19 04:20:51 +03:00
2019-12-16 19:52:38 +03:00
* pkg: RP source code:
2019-12-16 19:52:38 +03:00
* pkg/api: RP internal and external API definitions.
2019-10-28 23:56:18 +03:00
2019-12-16 19:52:38 +03:00
* pkg/backend: RP backend workers.
2019-10-28 23:56:18 +03:00
2021-03-18 05:17:42 +03:00
* pkg/bootstraplogging: Bootstrap logging configuration
2019-12-16 19:52:38 +03:00
* pkg/client: Autogenerated ARO service Go client.
2021-03-18 05:17:42 +03:00
* pkg/cluster: Cluster create/update/delete operations wrapper for OCP installer.
2019-12-16 19:52:38 +03:00
* pkg/database: RP CosmosDB wrapper layer.
2019-10-28 23:56:18 +03:00
2019-12-16 19:52:38 +03:00
* pkg/deploy: /deploy ARM template generation code.
2019-12-16 19:52:38 +03:00
* pkg/env: RP environment-specific shims for running in production,
development or test
2019-12-04 16:17:27 +03:00
2019-12-16 19:52:38 +03:00
* pkg/frontend: RP frontend webserver.
2019-12-04 16:17:27 +03:00
* pkg/metrics: Handles RP metrics via statsd.
2019-12-22 20:47:29 +03:00
* pkg/mirror: OpenShift release mirror tooling.
* pkg/monitor: Monitors running clusters.
* pkg/operator/controllers: A list of controllers instantiated by the operator
component.
* alertwebhook: Ensures that the receiver endpoint defined in the
`alertmanager-main` secret matches the webserver endpoint at
aro-operator-master.openshift-azure-operator:8080, to avoid the
`AlertmanagerReceiversNotConfigured` warning.
2021-03-18 05:17:42 +03:00
* checker: Watches the `Cluster` resource for changes and updates conditions
of the resource based on checks mentioned below
* internetchecker: validate outbound internet connectivity to the nodes
* serviceprincipalchecker: validate cluster service principal has the
correct role/permissions
* clusteroperatoraro: Ensures that the ARO cluster object is consistent and
immutable
2021-03-18 05:17:42 +03:00
* dnsmasq: Ensures that a dnsmasq systemd service is defined as a machineconfig for all
nodes. The dnsmasq config contains records for azure load balancers such as api, api-int and *.apps domains so they will resolve even if custom DNS on the VNET is set.
* genevalogging: Ensures all the Geneva logging resources in the
`openshift-azure-logging` namespace matches the pre-defined specification
found in `pkg/operator/controllers/genevalogging/genevalogging.go`.
2021-09-25 06:01:46 +03:00
* imageconfig: Ensures that required registries are not blocked in `image.config`
* machine: validate machine objects have the correct provider spec,
vm type, vm image, disk size, three master nodes exist, and the number of worker nodes
match the desired worker replicas
* machineset: Ensures that a minimum of two worker replicas are met.
* machinehealthcheck: Ensures the MachineHealthCheck resource is running as configured. See [machinehealthcheck/doc.go](pkg/operator/controllers/machinehealthcheck/doc.go)
* More information around the MHC CR can be found [in openshift documentation of MHC](https://docs.openshift.com/container-platform/4.9/machine_management/deploying-machine-health-checks.html)
2021-03-18 05:17:42 +03:00
* monitoring: Ensures that the OpenShift monitoring configuration in the `openshift-monitoring` namespace is consistent and immutable.
* node: Force deletes pods when a node fails to drain for 1 hour. It should clear up any pods that refuse to be evicted on a drain due to violating a pod disruption budget.
* pullsecret: Ensures that the ACR credentials in the
`openshift-config/pull-secret` secret match those in the
`openshift/azure-operator/cluster` secret.
2021-03-18 05:17:42 +03:00
* rbac: Ensures that the `aro-sre` clusterrole and clusterrolebinding exist and are consistent.
2020-11-12 21:22:57 +03:00
* routefix: Ensures all the routefix resources in the namespace
`openshift-azure-routefix` remain on the cluster.
2021-09-30 04:28:31 +03:00
* subnets: Ensures that the Network Security Groups (NSGs) are correct, and updates the Azure Machine Provider spec with subnet, vnet, and Network Resource Group.
2021-03-18 05:17:42 +03:00
* workaround: Applies a set of temporay workarounds to the ARO cluster.
* previewfeature: Allows toggling certain features that are not yet enabled by default.
2021-03-18 05:17:42 +03:00
* pkg/portal: Portal for running promql queries against a cluster or requesting a kubeconfig for a cluster.
* pkg/proxy: Proxy service for portal kubeconfig cluster access.
* pkg/swagger: Swagger specification generation code.
2019-11-18 09:00:37 +03:00
2019-12-16 19:52:38 +03:00
* pkg/util: Utility libraries.
2019-12-04 16:17:27 +03:00
2019-12-16 19:52:38 +03:00
* python: Autogenerated ARO service Python client and `az aro` client extension.
2019-11-18 09:00:37 +03:00
2019-12-16 19:52:38 +03:00
* swagger: Autogenerated ARO service Swagger specification.
2019-10-19 04:20:51 +03:00
2019-12-16 19:52:38 +03:00
* test: End-to-end tests.
2019-10-28 23:56:18 +03:00
2019-12-16 19:52:38 +03:00
* vendor: Vendored Go libraries.
2019-10-16 06:29:17 +03:00
2019-12-16 19:56:29 +03:00
2019-10-16 06:29:17 +03:00
## Basic architecture
* pkg/frontend is intended to become a spec-compliant RP web server. It is
backed by CosmosDB. Incoming PUT/DELETE requests are written to the database
2019-10-19 04:20:51 +03:00
with an non-terminal (Updating/Deleting) provisioningState.
2019-10-16 06:29:17 +03:00
2019-10-18 21:46:27 +03:00
* pkg/backend reads documents with non-terminal provisioningStates,
asynchronously updates them and finally updates document with a terminal
provisioningState (Succeeded/Failed). The backend updates the document with a
heartbeat - if this fails, the document will be picked up by a different
worker.
2019-10-16 06:29:17 +03:00
* As CosmosDB does not support document patch, care is taken to correctly pass
through any fields in the internal model which the reader is unaware of (see
`github.com/ugorji/go/codec.MissingFielder`). This is intended to help in
upgrade cases and (in the future) with multiple microservices reading from the
database in parallel.
* Care is taken to correctly use optimistic concurrency to avoid document
corruption through concurrent writes (see `RetryOnPreconditionFailed`).
* The pkg/api architecture differs somewhat from
`github.com/openshift/openshift-azure`: the intention is to fix the broken
merge semantics and try pushing validation into the versioned APIs to improve
error reporting.
2019-10-19 04:20:51 +03:00
* Everything is intended to be crash/restart/upgrade-safe, horizontally
scaleable, upgradeable...
2019-11-14 04:08:34 +03:00
2019-11-18 09:00:37 +03:00
## Useful links
2019-11-18 09:05:38 +03:00
* https://github.com/Azure/azure-resource-manager-rpc
2019-11-18 09:00:37 +03:00
2019-11-18 09:05:38 +03:00
* https://github.com/microsoft/api-guidelines
2019-11-18 09:00:37 +03:00
2019-11-18 09:05:38 +03:00
* https://docs.microsoft.com/en-gb/rest/api/cosmos-db
2019-11-18 09:00:37 +03:00
* https://github.com/jewzaam/go-cosmosdb