From 09d5056f2de970fd01153b01c91ff3f202df5f32 Mon Sep 17 00:00:00 2001 From: Zike Yang Date: Tue, 24 Jun 2025 22:34:30 +0800 Subject: [PATCH 1/2] Add FS Operator doc --- operator/DEVELOPER.md | 112 ++++++ operator/Dockerfile | 1 + operator/README.md | 341 +++++++++++------- operator/TUTORIAL.md | 314 ++++++++++++++++ .../chart/templates/manager/manager.yaml | 5 +- .../chart/templates/pulsar/service.yaml | 24 ++ .../chart/templates/pulsar/statefulset.yaml | 88 +++++ operator/deploy/chart/values.yaml | 23 ++ operator/examples/function.yaml | 17 + operator/examples/package.yaml | 26 +- operator/go.mod | 2 +- operator/hack/helm.patch | 162 ++++++++- operator/scripts/install-cert-manager.sh | 43 +++ 13 files changed, 1011 insertions(+), 147 deletions(-) create mode 100644 operator/DEVELOPER.md create mode 100644 operator/TUTORIAL.md create mode 100644 operator/deploy/chart/templates/pulsar/service.yaml create mode 100644 operator/deploy/chart/templates/pulsar/statefulset.yaml create mode 100644 operator/examples/function.yaml create mode 100755 operator/scripts/install-cert-manager.sh diff --git a/operator/DEVELOPER.md b/operator/DEVELOPER.md new file mode 100644 index 0000000..2caee21 --- /dev/null +++ b/operator/DEVELOPER.md @@ -0,0 +1,112 @@ +## Getting Started + +### Prerequisites + +- go version v1.23.0+ +- docker version 17.03+. +- kubectl version v1.11.3+. +- Access to a Kubernetes v1.11.3+ cluster. + +### To Deploy on the cluster + +**Build and push your image to the location specified by `IMG`:** + +```sh +make docker-build docker-push IMG=/operator:tag +``` + +**NOTE:** This image ought to be published in the personal registry you specified. +And it is required to have access to pull the image from the working environment. +Make sure you have the proper permission to the registry if the above commands don't work. + +**Install the CRDs into the cluster:** + +```sh +make install +``` + +**Deploy the Manager to the cluster with the image specified by `IMG`:** + +```sh +make deploy IMG=/operator:tag +``` + +> **NOTE**: If you encounter RBAC errors, you may need to grant yourself cluster-admin +> privileges or be logged in as admin. + +**Create instances of your solution** +You can apply the samples (examples) from the config/sample: + +```sh +kubectl apply -k config/samples/ +``` + +> **NOTE**: Ensure that the samples has default values to test it out. + +### To Uninstall + +**Delete the instances (CRs) from the cluster:** + +```sh +kubectl delete -k config/samples/ +``` + +**Delete the APIs(CRDs) from the cluster:** + +```sh +make uninstall +``` + +**UnDeploy the controller from the cluster:** + +```sh +make undeploy +``` + +## Project Distribution + +Following the options to release and provide this solution to the users. + +### By providing a bundle with all YAML files + +1. Build the installer for the image built and published in the registry: + + ```sh + make build-installer IMG=/operator:tag + ``` + + **NOTE:** The makefile target mentioned above generates an 'install.yaml' + file in the dist directory. This file contains all the resources built + with Kustomize, which are necessary to install this project without its + dependencies. + +2. Using the installer + + Users can just run 'kubectl apply -f ' to install + the project, i.e.: + + ```sh + kubectl apply -f https://raw.githubusercontent.com//operator//dist/install.yaml + ``` + +### By providing a Helm Chart + +1. Build the chart using the optional helm plugin + + ```sh + kubebuilder edit --plugins=helm/v1-alpha + ``` + +2. See that a chart was generated under 'dist/chart', and users + can obtain this solution from there. + +**NOTE:** If you change the project, you need to update the Helm Chart +using the same command above to sync the latest changes. Furthermore, +if you create webhooks, you need to use the above command with +the '--force' flag and manually ensure that any custom configuration +previously added to 'dist/chart/values.yaml' or 'dist/chart/manager/manager.yaml' +is manually re-applied afterwards. + +**NOTE:** Run `make help` for more information on all potential `make` targets + +More information can be found via the [Kubebuilder Documentation](https://book.kubebuilder.io/introduction.html) \ No newline at end of file diff --git a/operator/Dockerfile b/operator/Dockerfile index 348b837..a407f65 100644 --- a/operator/Dockerfile +++ b/operator/Dockerfile @@ -15,6 +15,7 @@ RUN go mod download COPY cmd/main.go cmd/main.go COPY api/ api/ COPY internal/ internal/ +COPY utils/ utils/ # Build # the GOARCH has not a default value to allow the binary be built according to the host where the command diff --git a/operator/README.md b/operator/README.md index a12fa68..68ca56f 100644 --- a/operator/README.md +++ b/operator/README.md @@ -1,195 +1,295 @@ -# operator +# Function Stream Operator FunctionStream Operator is a Kubernetes operator designed to manage custom resources for serverless function orchestration and package management on Kubernetes clusters. -## Description +## 🚀 Get Started Now! + +**New to FunctionStream Operator?** This step-by-step tutorial will guide you through everything you need to know. + +## What is FunctionStream Operator? This project provides a Kubernetes operator that automates the lifecycle of custom resources such as Functions and Packages. It enables users to define, deploy, and manage serverless functions and their dependencies using Kubernetes-native APIs. The operator ensures that the desired state specified in custom resources is reflected in the actual cluster state, supporting extensibility and integration with cloud-native workflows. -## Deploying with Helm Chart - -The recommended way to deploy the FunctionStream Operator is using the provided Helm chart. This method simplifies -installation, upgrades, and configuration management. +## 📋 Prerequisites -### Prerequisites +Before you begin, ensure you have: - [Helm](https://helm.sh/) v3.0+ -- Access to a Kubernetes v1.11.3+ cluster +- Access to a Kubernetes v1.19+ cluster +- `kubectl` configured to communicate with your cluster +- cert-manager (required for TLS certificates) -### Installation +## 🛠️ Installation -1. **Clone this repository (if using the local chart):** +The recommended way to deploy the FunctionStream Operator is using the provided Helm chart. - ```sh - git clone https://github.com/FunctionStream/function-stream.git - cd function-stream/operator - ``` +### 1. Install cert-manager -2. **Install the operator using Helm:** +The FunctionStream Operator requires cert-manager for TLS certificates: - ```sh - helm install fs ./deploy/chart \ - --namespace fs --create-namespace - ``` - This will install the operator in the `fs` namespace with the release name `fs`. +```sh +./scripts/install-cert-manager.sh +``` -3. **(Optional) Customize your deployment:** - - You can override default values by editing `deploy/chart/values.yaml`, by providing your own values file, or by - using the `--set` flag. - - To use your own values file: +### 2. Deploy the Operator - ```sh - helm install fs ./deploy/chart \ - --namespace fs --create-namespace \ - -f my-values.yaml - ``` +**Option A: With Pulsar Standalone (Recommended for testing)** +```bash +helm install fs ./deploy/chart \ + --namespace fs --create-namespace \ + --set pulsar.standalone.enable=true +``` - - To override values from the command line: +**Option B: With External Pulsar Cluster** +```bash +helm install fs ./deploy/chart \ + --namespace fs --create-namespace \ + --set pulsar.serviceUrl=pulsar://your-pulsar-cluster:6650 +``` - ```sh - helm install fs ./deploy/chart \ - --namespace fs \ - --set controllerManager.replicas=2 - ``` +### 3. Verify Installation - - For a full list of configurable options, see [`deploy/chart/values.yaml`](deploy/chart/values.yaml). +```bash +kubectl get pods -n fs +kubectl get crd | grep functionstream +``` -### Upgrading +## 📖 Next Steps -To upgrade the operator after making changes or pulling a new chart version: +
-```sh -helm upgrade fs ./deploy/chart \ - --namespace fs -``` +### 🎯 **Ready to deploy your first function?** -### Uninstallation +**[📖 Complete Tutorial](TUTORIAL.md)** - Your step-by-step guide to success! -To uninstall the operator and all associated resources: +
-```sh -helm uninstall fs --namespace fs -``` +This comprehensive tutorial will teach you how to: +- ✅ Create your first package and function +- ✅ Test your deployment with real examples +- ✅ Monitor and troubleshoot issues +- ✅ Understand advanced configurations +- ✅ Follow best practices -> **Note:** By default, CRDs are retained after uninstall. You can control this behavior via the `crd.keep` value in -`values.yaml`. +**Estimated time**: 15-20 minutes -## Getting Started +## 📁 Examples -### Prerequisites +Ready-to-use examples are available: -- go version v1.23.0+ -- docker version 17.03+. -- kubectl version v1.11.3+. -- Access to a Kubernetes v1.11.3+ cluster. +- `examples/package.yaml` - Sample package definition +- `examples/function.yaml` - Sample function that uses the package -### To Deploy on the cluster +## 📚 Documentation -**Build and push your image to the location specified by `IMG`:** +### Getting Started +- **[📖 Complete Tutorial](TUTORIAL.md)** - Step-by-step guide with detailed explanations -```sh -make docker-build docker-push IMG=/operator:tag -``` +### Development +- **[🔧 Developer Guide](DEVELOPER.md)** - Information for contributors and developers -**NOTE:** This image ought to be published in the personal registry you specified. -And it is required to have access to pull the image from the working environment. -Make sure you have the proper permission to the registry if the above commands don't work. +## Configuration -**Install the CRDs into the cluster:** +#### Pulsar Configuration -```sh -make install -``` +The chart supports two modes for Pulsar: -**Deploy the Manager to the cluster with the image specified by `IMG`:** +##### 1. Pulsar Standalone Mode -```sh -make deploy IMG=/operator:tag +When `pulsar.standalone.enable=true`, the chart will: + +- Deploy a Pulsar standalone StatefulSet in the same namespace +- Create persistent storage for Pulsar data and logs +- Expose Pulsar service on ports 6650 (Pulsar) and 8080 (Admin) +- Automatically configure the operator to connect to the standalone Pulsar + +```yaml +pulsar: + standalone: + enable: true + image: + repository: apachepulsar/pulsar + tag: "3.4.0" + resources: + limits: + cpu: 1000m + memory: 2Gi + requests: + cpu: 500m + memory: 1Gi + storage: + size: 10Gi + storageClass: "" # Use default storage class if empty + service: + type: ClusterIP + ports: + pulsar: 6650 + admin: 8080 ``` -> **NOTE**: If you encounter RBAC errors, you may need to grant yourself cluster-admin -> privileges or be logged in as admin. +##### 2. External Pulsar Mode -**Create instances of your solution** -You can apply the samples (examples) from the config/sample: +When `pulsar.standalone.enable=false` (default), you can specify an external Pulsar cluster: -```sh -kubectl apply -k config/samples/ +```yaml +pulsar: + serviceUrl: pulsar://your-pulsar-cluster:6650 + authPlugin: "" # Optional: Pulsar authentication plugin + authParams: "" # Optional: Pulsar authentication parameters ``` -> **NOTE**: Ensure that the samples has default values to test it out. +#### Manager Configuration + +```yaml +controllerManager: + replicas: 1 + container: + image: + repository: functionstream/operator + tag: latest + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi +``` -### To Uninstall +#### Other Features -**Delete the instances (CRs) from the cluster:** +- **RBAC**: Enable/disable RBAC permissions +- **CRDs**: Control CRD installation and retention +- **Metrics**: Enable metrics export +- **Webhooks**: Enable admission webhooks +- **Prometheus**: Enable ServiceMonitor for Prometheus +- **Cert-Manager**: Enable cert-manager integration +- **Network Policies**: Enable network policies -```sh -kubectl delete -k config/samples/ +### Accessing Pulsar + +#### When Using Pulsar Standalone + +The Pulsar standalone service is exposed as: + +- **Pulsar Service**: `pulsar-standalone:6650` +- **Admin Interface**: `pulsar-standalone:8080` + +You can access the admin interface by port-forwarding: + +```bash +kubectl port-forward svc/pulsar-standalone 8080:8080 ``` -**Delete the APIs(CRDs) from the cluster:** +Then visit `http://localhost:8080` in your browser. -```sh -make uninstall +#### Pulsar Client Configuration + +When using Pulsar standalone, your Pulsar clients should connect to: + +``` +pulsar://pulsar-standalone:6650 ``` -**UnDeploy the controller from the cluster:** +### Storage -```sh -make undeploy +When Pulsar standalone is enabled, the chart creates two PersistentVolumeClaims: + +- `pulsar-data`: For Pulsar data storage +- `pulsar-logs`: For Pulsar logs storage + +Both use the same storage size and storage class configuration. + +### Troubleshooting + +#### Certificate Mounting Issues + +If you encounter errors like: + +``` +Warning FailedMount 95s (x9 over 3m43s) kubelet MountVolume.SetUp failed for volume "metrics-certs" : secret "metrics-server-cert" not found +Warning FailedMount 95s (x9 over 3m43s) kubelet MountVolume.SetUp failed for volume "webhook-cert" : secret "webhook-server-cert" not found ``` -## Project Distribution +This happens because cert-manager is not installed or not running in your cluster. The operator requires cert-manager to +create TLS certificates for webhooks and metrics. -Following the options to release and provide this solution to the users. +**Solution:** -### By providing a bundle with all YAML files +1. **Verify cert-manager installation:** + ```bash + kubectl get pods -n cert-manager + ``` + All cert-manager pods should be in `Running` status. -1. Build the installer for the image built and published in the registry: +2. **Check cert-manager namespace exists:** + ```bash + kubectl get namespace cert-manager + ``` - ```sh - make build-installer IMG=/operator:tag - ``` +3. **If cert-manager is not installed, install it:** + ```bash + # Using the provided script + chmod +x scripts/install-cert-manager.sh + ./scripts/install-cert-manager.sh + + # Or manually + kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.yaml + ``` - **NOTE:** The makefile target mentioned above generates an 'install.yaml' - file in the dist directory. This file contains all the resources built - with Kustomize, which are necessary to install this project without its - dependencies. +4. **Wait for cert-manager to be ready:** + ```bash + kubectl wait --for=jsonpath='{.status.phase}=Running' pods -l app.kubernetes.io/instance=cert-manager -n cert-manager --timeout=300s + ``` -2. Using the installer +5. **Reinstall the operator after cert-manager is ready:** + ```bash + helm uninstall fs -n fs + helm install fs ./deploy/chart --namespace fs --create-namespace + ``` + +#### Check cert-manager Status + +To verify that cert-manager is working correctly: + +```bash +# Check cert-manager pods +kubectl get pods -n cert-manager - Users can just run 'kubectl apply -f ' to install - the project, i.e.: +# Check cert-manager CRDs +kubectl get crd | grep cert-manager - ```sh - kubectl apply -f https://raw.githubusercontent.com//operator//dist/install.yaml - ``` +# Check cert-manager logs +kubectl logs -n cert-manager -l app.kubernetes.io/name=cert-manager +``` + +### Upgrading -### By providing a Helm Chart +To upgrade the operator after making changes or pulling a new chart version: -1. Build the chart using the optional helm plugin +```sh +helm upgrade fs ./deploy/chart \ + --namespace fs +``` - ```sh - kubebuilder edit --plugins=helm/v1-alpha - ``` +### Uninstallation -2. See that a chart was generated under 'dist/chart', and users - can obtain this solution from there. +To uninstall the operator and all associated resources: -**NOTE:** If you change the project, you need to update the Helm Chart -using the same command above to sync the latest changes. Furthermore, -if you create webhooks, you need to use the above command with -the '--force' flag and manually ensure that any custom configuration -previously added to 'dist/chart/values.yaml' or 'dist/chart/manager/manager.yaml' -is manually re-applied afterwards. +```bash +helm uninstall fs -n fs +``` -**NOTE:** Run `make help` for more information on all potential `make` targets +**Note**: -More information can be found via the [Kubebuilder Documentation](https://book.kubebuilder.io/introduction.html) +- By default, CRDs are deleted during uninstall. If you want to retain CRDs after uninstall, set `crd.keep: true` in + your values file. Be aware that retaining CRDs will also prevent the deletion of any custom resources (Functions, + Packages, etc.) that depend on these CRDs. +- If you enabled Pulsar standalone, the persistent volumes will remain unless you manually delete them. ## License @@ -205,5 +305,4 @@ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and -limitations under the License. - +limitations under the License. \ No newline at end of file diff --git a/operator/TUTORIAL.md b/operator/TUTORIAL.md new file mode 100644 index 0000000..842f2e5 --- /dev/null +++ b/operator/TUTORIAL.md @@ -0,0 +1,314 @@ +# FunctionStream Operator Tutorial + +Welcome to the FunctionStream Operator tutorial! This guide will walk you through creating and deploying your first serverless function using the FunctionStream Operator on Kubernetes. + +## Overview + +FunctionStream Operator is a Kubernetes operator that manages custom resources for serverless function orchestration and package management. In this tutorial, you'll learn how to: + +- Deploy a Package resource that defines a reusable function module +- Deploy a Function resource that instantiates the package +- Monitor and manage your deployed functions +- Understand the architecture and components + +## Prerequisites + +Before you begin, ensure you have: + +- A Kubernetes cluster (v1.19+) with kubectl configured +- FunctionStream Operator installed (see [Installation Guide](README.md)) +- Basic understanding of Kubernetes concepts + +Follow the [Installation Guide](README.md) to set up the FunctionStream Operator if you haven't done so already. + +## Step 1: Verify Installation + +First, let's verify that the FunctionStream Operator is properly installed: + +```bash +# Check if the operator namespace exists +kubectl get namespace fs + +# Verify operator pods are running +kubectl get pods -n fs + +# Check that Custom Resource Definitions are installed +kubectl get crd | grep functionstream +``` + +Expected output: +``` +NAME READY STATUS RESTARTS AGE +fs-pulsar-standalone-0 1/1 Running 1 21h +operator-controller-manager-c99489d8b-zk78h 1/1 Running 0 21h + +NAME CREATED AT +functions.fs.functionstream.github.io 2025-06-23T14:53:30Z +packages.fs.functionstream.github.io 2025-06-23T14:53:30Z +``` + +## Step 2: Create Your First Package + +A Package defines a reusable function module with its container image and available functions. Let's create a simple "current time" package: + +```yaml +# examples/package.yaml +apiVersion: fs.functionstream.github.io/v1alpha1 +kind: Package +metadata: + name: current-time +spec: + displayName: Get Current Time + logo: "" + description: "A function for getting the current time." + functionType: + cloud: + image: "functionstream/time-function:latest" + modules: + getCurrentTime: + displayName: Get Current Time + description: "A tool that returns the current time." +``` + +### Package Components Explained + +- **`displayName`**: Human-readable name for the package +- **`description`**: Detailed description of what the package does +- **`functionType.cloud.image`**: Docker image containing the function code +- **`modules`**: Available functions within the package + - Each module has a unique key (e.g., `getCurrentTime`) + - Modules can have their own display names and descriptions + +### Deploy the Package + +```bash +kubectl apply -f examples/package.yaml +``` + +Verify the package was created: + +```bash +kubectl get packages +kubectl describe package current-time +``` + +Expected output: +``` +NAME AGE +current-time 21h + +Name: current-time +Namespace: default +Spec: + Description: A function for getting the current time. + Display Name: Get Current Time + Function Type: + Cloud: + Image: functionstream/time-function:latest + Modules: + Get Current Time: + Description: A tool that returns the current time. + Display Name: Get Current Time +``` + +## Step 3: Create Your First Function + +A Function instantiates a package with specific configuration and request sources. Let's create a function that uses our current-time package: + +```yaml +# examples/function.yaml +apiVersion: fs.functionstream.github.io/v1alpha1 +kind: Function +metadata: + name: current-time-function +spec: + displayName: Get Current Time Function + package: current-time + module: getCurrentTime + requestSource: # RPC + pulsar: + topic: request_current_time + source: + pulsar: + topic: current_time_source + sink: + pulsar: + topic: current_time_sink +``` + +### Function Components Explained + +- **`package`**: References the package name to instantiate +- **`module`**: Specifies which module from the package to use +- **`requestSource.pulsar.topic`**: Pulsar topic that triggers the function +- **`displayName`**: Human-readable name for the function instance + +### Deploy the Function + +```bash +kubectl apply -f examples/function.yaml +``` + +Verify the function was created: + +```bash +kubectl get functions +kubectl describe function current-time-function +``` + +Expected output: +``` +NAME AGE +current-time-function 21h + +Name: current-time-function +Namespace: default +Labels: package=current-time +Spec: + Display Name: Get Current Time Function + Module: getCurrentTime + Package: current-time + Request Source: + Pulsar: + Topic: request_current_time +Status: + Available Replicas: 1 + Ready Replicas: 1 + Replicas: 1 + Updated Replicas: 1 +``` + +## Step 4: Monitor Function Deployment + +The operator automatically creates Kubernetes resources to run your function. Let's check what was created: + +```bash +# Check the function pod +kubectl get pods -l function=current-time-function + +# Check the deployment +kubectl get deployments -l function=current-time-function +``` + +Expected output: +``` +NAME READY STATUS RESTARTS AGE +function-current-time-function-b8b89f856-brvx7 1/1 Running 0 21h + +NAME READY UP-TO-DATE AVAILABLE AGE +function-current-time-function 1/1 1 1 21h +``` + +## Step 5: Test Your Function + +Now let's test the function by sending a message to the Pulsar topic. First, let's access Pulsar: + +```bash +# Port forward Pulsar service +kubectl port-forward svc/fs-pulsar-standalone 6650:6650 -n fs & +kubectl port-forward svc/fs-pulsar-standalone 8080:8080 -n fs & +``` + +### Using Pulsar Admin Interface + +1. Open your browser and navigate to `http://localhost:8080` +2. You'll see the Pulsar admin interface +3. Navigate to "Topics" to see the `request_current_time` topic + +### Using Pulsar Client + +You can test the function by shelling into the Pulsar standalone pod: + +```bash +# Shell into the Pulsar standalone pod +kubectl exec -it fs-pulsar-standalone-0 -n fs -- bash +``` + +**1. Start a consumer in a separate terminal window** + +Open a new terminal window and shell into the Pulsar pod: + +```bash +kubectl exec -it fs-pulsar-standalone-0 -n fs -- bash +``` + +Then start consuming messages from the function output topic: + +```bash +# Start consuming messages from the function output topic +pulsar-client consume current_time_sink -s "test-subscription" +``` + +This will start listening for messages from the function's output topic. + +**2. Send a test message in another terminal window** + +In your original terminal window (or another terminal), shell into the Pulsar pod and send a test message: + +```bash +kubectl exec -it fs-pulsar-standalone-0 -n fs -- bash +``` + +Then send a test message to trigger the function: + +```bash +# Send a test message to trigger the function +pulsar-client produce request_current_time -m "{}" +``` + +You should see the function process the message and output the current time to the `current_time_sink` topic, which will appear in your consumer window. + +``` +publishTime:[1750775397910], eventTime:[1750775397907], key:[null], properties:[], content:{"result": "The current time is 2025-06-24 14:29:57 ."} +``` + +## Step 6: Cleanup + +When you're done testing, clean up the resources: + +```bash +# Delete the function +kubectl delete function current-time-function + +# Delete the package +kubectl delete package current-time + +# Verify cleanup +kubectl get packages +kubectl get functions +kubectl get pods -l function=current-time-function +``` + +## Troubleshooting + +### Common Issues + +1. **Package Not Found** + ``` + Error: package "current-time" not found + ``` + **Solution**: Ensure the package is created before the function + +2. **Image Pull Errors** + ``` + Error: ImagePullBackOff + ``` + **Solution**: Check if the container image exists and is accessible + +3. **Pulsar Connection Issues** + ``` + Error: Failed to connect to Pulsar + ``` + **Solution**: Verify Pulsar is running and accessible + +### Debug Commands + +```bash +# Check operator logs +kubectl logs -n fs -l app.kubernetes.io/name=operator + +# Check function pod events +kubectl describe pod -l function=current-time-function +``` + +Congratulations! You've successfully deployed your first serverless function using FunctionStream Operator. The operator handled all the complexity of managing Kubernetes resources, scaling, and integration with Pulsar, allowing you to focus on your function logic. \ No newline at end of file diff --git a/operator/deploy/chart/templates/manager/manager.yaml b/operator/deploy/chart/templates/manager/manager.yaml index bb1146f..ce6c11d 100644 --- a/operator/deploy/chart/templates/manager/manager.yaml +++ b/operator/deploy/chart/templates/manager/manager.yaml @@ -36,7 +36,10 @@ spec: image: {{ .Values.controllerManager.container.image.repository }}:{{ .Values.controllerManager.container.image.tag }} imagePullPolicy: {{ .Values.controllerManager.container.imagePullPolicy }} env: - {{- if .Values.pulsar.serviceUrl }} + {{- if .Values.pulsar.standalone.enable }} + - name: PULSAR_SERVICE_URL + value: pulsar://{{ .Release.Name }}-pulsar-standalone.{{ .Release.Namespace }}.svc.cluster.local:6650 + {{- else if .Values.pulsar.serviceUrl }} - name: PULSAR_SERVICE_URL value: {{ .Values.pulsar.serviceUrl }} {{- end }} diff --git a/operator/deploy/chart/templates/pulsar/service.yaml b/operator/deploy/chart/templates/pulsar/service.yaml new file mode 100644 index 0000000..a460cbc --- /dev/null +++ b/operator/deploy/chart/templates/pulsar/service.yaml @@ -0,0 +1,24 @@ +{{- if .Values.pulsar.standalone.enable }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-pulsar-standalone + namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} + app: pulsar-standalone +spec: + type: {{ .Values.pulsar.standalone.service.type }} + ports: + - name: pulsar + port: {{ .Values.pulsar.standalone.service.ports.pulsar }} + targetPort: 6650 + protocol: TCP + - name: admin + port: {{ .Values.pulsar.standalone.service.ports.admin }} + targetPort: 8080 + protocol: TCP + selector: + {{- include "chart.selectorLabels" . | nindent 4 }} + app: pulsar-standalone +{{- end }} \ No newline at end of file diff --git a/operator/deploy/chart/templates/pulsar/statefulset.yaml b/operator/deploy/chart/templates/pulsar/statefulset.yaml new file mode 100644 index 0000000..c9722f5 --- /dev/null +++ b/operator/deploy/chart/templates/pulsar/statefulset.yaml @@ -0,0 +1,88 @@ +{{- if .Values.pulsar.standalone.enable }} +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ .Release.Name }}-pulsar-standalone + namespace: {{ .Release.Namespace }} + labels: + {{- include "chart.labels" . | nindent 4 }} + app: pulsar-standalone + app.kubernetes.io/component: messaging +spec: + serviceName: {{ .Release.Name }}-pulsar-standalone + replicas: 1 + selector: + matchLabels: + {{- include "chart.selectorLabels" . | nindent 6 }} + app: pulsar-standalone + template: + metadata: + labels: + {{- include "chart.labels" . | nindent 8 }} + app: pulsar-standalone + app.kubernetes.io/component: messaging + spec: + containers: + - name: pulsar + image: {{ .Values.pulsar.standalone.image.repository }}:{{ .Values.pulsar.standalone.image.tag }} + command: + - sh + - -c + - | + # Initialize Pulsar standalone + bin/pulsar standalone -nfw -nss + ports: + - name: pulsar + containerPort: 6650 + protocol: TCP + - name: admin + containerPort: 8080 + protocol: TCP + env: + - name: PULSAR_GC + value: "-XX:+UseG1GC -XX:MaxGCPauseMillis=10" + resources: + {{- toYaml .Values.pulsar.standalone.resources | nindent 12 }} + volumeMounts: + - name: pulsar-data + mountPath: /pulsar/data + - name: pulsar-logs + mountPath: /pulsar/logs + livenessProbe: + httpGet: + path: /admin/v2/brokers/health + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 30 + timeoutSeconds: 5 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /admin/v2/brokers/health + port: 8080 + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 3 + failureThreshold: 3 + volumeClaimTemplates: + - metadata: + name: pulsar-data + spec: + accessModes: ["ReadWriteOnce"] + {{- if .Values.pulsar.standalone.storage.storageClass }} + storageClassName: {{ .Values.pulsar.standalone.storage.storageClass }} + {{- end }} + resources: + requests: + storage: {{ .Values.pulsar.standalone.storage.size }} + - metadata: + name: pulsar-logs + spec: + accessModes: ["ReadWriteOnce"] + {{- if .Values.pulsar.standalone.storage.storageClass }} + storageClassName: {{ .Values.pulsar.standalone.storage.storageClass }} + {{- end }} + resources: + requests: + storage: {{ .Values.pulsar.standalone.storage.size }} +{{- end }} \ No newline at end of file diff --git a/operator/deploy/chart/values.yaml b/operator/deploy/chart/values.yaml index 6b2dcf6..734155f 100644 --- a/operator/deploy/chart/values.yaml +++ b/operator/deploy/chart/values.yaml @@ -83,7 +83,30 @@ certmanager: networkPolicy: enable: false +# [PULSAR]: Pulsar configuration pulsar: + # Enable Pulsar standalone cluster deployment + standalone: + enable: false + image: + repository: apachepulsar/pulsar + tag: "latest" + resources: + limits: + cpu: 1000m + memory: 2Gi + requests: + cpu: 500m + memory: 1Gi + storage: + size: 10Gi + storageClass: "" + service: + type: ClusterIP + ports: + pulsar: 6650 + admin: 8080 + # External Pulsar cluster configuration (used when standalone.enable is false) serviceUrl: pulsar://your-pulsar-cluster:6650 authPlugin: "" authParams: "" diff --git a/operator/examples/function.yaml b/operator/examples/function.yaml new file mode 100644 index 0000000..1698f04 --- /dev/null +++ b/operator/examples/function.yaml @@ -0,0 +1,17 @@ +apiVersion: fs.functionstream.github.io/v1alpha1 +kind: Function +metadata: + name: current-time-function +spec: + displayName: Get Current Time Function + package: current-time + module: getCurrentTime + requestSource: # RPC + pulsar: + topic: request_current_time + sources: + - pulsar: + topic: current_time_source + sink: + pulsar: + topic: current_time_sink diff --git a/operator/examples/package.yaml b/operator/examples/package.yaml index 27125f5..fbef849 100644 --- a/operator/examples/package.yaml +++ b/operator/examples/package.yaml @@ -1,27 +1,15 @@ apiVersion: fs.functionstream.github.io/v1alpha1 kind: Package metadata: - name: my-function + name: current-time spec: - displayName: My sample function + displayName: Get Current Time logo: "" - description: "A function package for string processing." + description: "A function for getting the current time." functionType: cloud: - image: "my-function:latest" + image: "functionstream/time-function:latest" modules: - string: - displayName: String Manipulation Function - description: "Appends an exclamation mark to the input string" - sourceSchema: | - type: object - properties: - text: - type: string - required: - - text - sinkSchema: | - type: object - properties: - result: - type: string + getCurrentTime: + displayName: Get Current Time + description: "A tool that returns the current time." diff --git a/operator/go.mod b/operator/go.mod index e45e671..849a861 100644 --- a/operator/go.mod +++ b/operator/go.mod @@ -10,6 +10,7 @@ require ( github.com/onsi/gomega v1.36.1 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.32.1 + k8s.io/apiextensions-apiserver v0.32.1 k8s.io/apimachinery v0.32.1 k8s.io/client-go v0.32.1 sigs.k8s.io/controller-runtime v0.20.4 @@ -88,7 +89,6 @@ require ( google.golang.org/protobuf v1.35.1 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - k8s.io/apiextensions-apiserver v0.32.1 // indirect k8s.io/apiserver v0.32.1 // indirect k8s.io/component-base v0.32.1 // indirect k8s.io/klog/v2 v2.130.1 // indirect diff --git a/operator/hack/helm.patch b/operator/hack/helm.patch index 8e79d6f..bf837f4 100644 --- a/operator/hack/helm.patch +++ b/operator/hack/helm.patch @@ -25,17 +25,20 @@ index 221f200..2eac6b8 100644 +annotations: + category: "Operators" diff --git a/dist/chart/templates/manager/manager.yaml b/deploy/chart/templates/manager/manager.yaml -index 7f6c891..bb1146f 100644 +index 7f6c891..ce6c11d 100644 --- a/dist/chart/templates/manager/manager.yaml +++ b/deploy/chart/templates/manager/manager.yaml -@@ -34,13 +34,26 @@ spec: +@@ -34,13 +34,29 @@ spec: command: - /manager image: {{ .Values.controllerManager.container.image.repository }}:{{ .Values.controllerManager.container.image.tag }} - {{- if .Values.controllerManager.container.env }} + imagePullPolicy: {{ .Values.controllerManager.container.imagePullPolicy }} env: -+ {{- if .Values.pulsar.serviceUrl }} ++ {{- if .Values.pulsar.standalone.enable }} ++ - name: PULSAR_SERVICE_URL ++ value: pulsar://{{ .Release.Name }}-pulsar-standalone.{{ .Release.Namespace }}.svc.cluster.local:6650 ++ {{- else if .Values.pulsar.serviceUrl }} + - name: PULSAR_SERVICE_URL + value: {{ .Values.pulsar.serviceUrl }} + {{- end }} @@ -57,8 +60,134 @@ index 7f6c891..bb1146f 100644 livenessProbe: {{- toYaml .Values.controllerManager.container.livenessProbe | nindent 12 }} readinessProbe: +diff --git a/deploy/chart/templates/pulsar/service.yaml b/deploy/chart/templates/pulsar/service.yaml +new file mode 100644 +index 0000000..a460cbc +--- /dev/null ++++ b/deploy/chart/templates/pulsar/service.yaml +@@ -0,0 +1,24 @@ ++{{- if .Values.pulsar.standalone.enable }} ++apiVersion: v1 ++kind: Service ++metadata: ++ name: {{ .Release.Name }}-pulsar-standalone ++ namespace: {{ .Release.Namespace }} ++ labels: ++ {{- include "chart.labels" . | nindent 4 }} ++ app: pulsar-standalone ++spec: ++ type: {{ .Values.pulsar.standalone.service.type }} ++ ports: ++ - name: pulsar ++ port: {{ .Values.pulsar.standalone.service.ports.pulsar }} ++ targetPort: 6650 ++ protocol: TCP ++ - name: admin ++ port: {{ .Values.pulsar.standalone.service.ports.admin }} ++ targetPort: 8080 ++ protocol: TCP ++ selector: ++ {{- include "chart.selectorLabels" . | nindent 4 }} ++ app: pulsar-standalone ++{{- end }} +\ No newline at end of file +diff --git a/deploy/chart/templates/pulsar/statefulset.yaml b/deploy/chart/templates/pulsar/statefulset.yaml +new file mode 100644 +index 0000000..c9722f5 +--- /dev/null ++++ b/deploy/chart/templates/pulsar/statefulset.yaml +@@ -0,0 +1,88 @@ ++{{- if .Values.pulsar.standalone.enable }} ++apiVersion: apps/v1 ++kind: StatefulSet ++metadata: ++ name: {{ .Release.Name }}-pulsar-standalone ++ namespace: {{ .Release.Namespace }} ++ labels: ++ {{- include "chart.labels" . | nindent 4 }} ++ app: pulsar-standalone ++ app.kubernetes.io/component: messaging ++spec: ++ serviceName: {{ .Release.Name }}-pulsar-standalone ++ replicas: 1 ++ selector: ++ matchLabels: ++ {{- include "chart.selectorLabels" . | nindent 6 }} ++ app: pulsar-standalone ++ template: ++ metadata: ++ labels: ++ {{- include "chart.labels" . | nindent 8 }} ++ app: pulsar-standalone ++ app.kubernetes.io/component: messaging ++ spec: ++ containers: ++ - name: pulsar ++ image: {{ .Values.pulsar.standalone.image.repository }}:{{ .Values.pulsar.standalone.image.tag }} ++ command: ++ - sh ++ - -c ++ - | ++ # Initialize Pulsar standalone ++ bin/pulsar standalone -nfw -nss ++ ports: ++ - name: pulsar ++ containerPort: 6650 ++ protocol: TCP ++ - name: admin ++ containerPort: 8080 ++ protocol: TCP ++ env: ++ - name: PULSAR_GC ++ value: "-XX:+UseG1GC -XX:MaxGCPauseMillis=10" ++ resources: ++ {{- toYaml .Values.pulsar.standalone.resources | nindent 12 }} ++ volumeMounts: ++ - name: pulsar-data ++ mountPath: /pulsar/data ++ - name: pulsar-logs ++ mountPath: /pulsar/logs ++ livenessProbe: ++ httpGet: ++ path: /admin/v2/brokers/health ++ port: 8080 ++ initialDelaySeconds: 60 ++ periodSeconds: 30 ++ timeoutSeconds: 5 ++ failureThreshold: 3 ++ readinessProbe: ++ httpGet: ++ path: /admin/v2/brokers/health ++ port: 8080 ++ initialDelaySeconds: 30 ++ periodSeconds: 10 ++ timeoutSeconds: 3 ++ failureThreshold: 3 ++ volumeClaimTemplates: ++ - metadata: ++ name: pulsar-data ++ spec: ++ accessModes: ["ReadWriteOnce"] ++ {{- if .Values.pulsar.standalone.storage.storageClass }} ++ storageClassName: {{ .Values.pulsar.standalone.storage.storageClass }} ++ {{- end }} ++ resources: ++ requests: ++ storage: {{ .Values.pulsar.standalone.storage.size }} ++ - metadata: ++ name: pulsar-logs ++ spec: ++ accessModes: ["ReadWriteOnce"] ++ {{- if .Values.pulsar.standalone.storage.storageClass }} ++ storageClassName: {{ .Values.pulsar.standalone.storage.storageClass }} ++ {{- end }} ++ resources: ++ requests: ++ storage: {{ .Values.pulsar.standalone.storage.size }} ++{{- end }} +\ No newline at end of file diff --git a/dist/chart/values.yaml b/deploy/chart/values.yaml -index 9357643..6b2dcf6 100644 +index 9357643..734155f 100644 --- a/dist/chart/values.yaml +++ b/deploy/chart/values.yaml @@ -3,8 +3,9 @@ controllerManager: @@ -72,12 +201,35 @@ index 9357643..6b2dcf6 100644 args: - "--leader-elect" - "--metrics-bind-address=:8443" -@@ -81,3 +82,8 @@ certmanager: +@@ -81,3 +82,31 @@ certmanager: # [NETWORK POLICIES]: To enable NetworkPolicies set true networkPolicy: enable: false + ++# [PULSAR]: Pulsar configuration +pulsar: ++ # Enable Pulsar standalone cluster deployment ++ standalone: ++ enable: false ++ image: ++ repository: apachepulsar/pulsar ++ tag: "latest" ++ resources: ++ limits: ++ cpu: 1000m ++ memory: 2Gi ++ requests: ++ cpu: 500m ++ memory: 1Gi ++ storage: ++ size: 10Gi ++ storageClass: "" ++ service: ++ type: ClusterIP ++ ports: ++ pulsar: 6650 ++ admin: 8080 ++ # External Pulsar cluster configuration (used when standalone.enable is false) + serviceUrl: pulsar://your-pulsar-cluster:6650 + authPlugin: "" + authParams: "" diff --git a/operator/scripts/install-cert-manager.sh b/operator/scripts/install-cert-manager.sh new file mode 100755 index 0000000..01a83b0 --- /dev/null +++ b/operator/scripts/install-cert-manager.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +# FunctionStream Operator - cert-manager installation script +# This script installs cert-manager which is required for the operator to work properly + +set -e + +echo "FunctionStream Operator - cert-manager installation script" +echo "==========================================================" + +# Check if kubectl is available +if ! command -v kubectl &> /dev/null; then + echo "Error: kubectl is not installed or not in PATH" + exit 1 +fi + +# Check if we can connect to the cluster +if ! kubectl cluster-info &> /dev/null; then + echo "Error: Cannot connect to Kubernetes cluster" + exit 1 +fi + +echo "Installing cert-manager..." + +# Install cert-manager +kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.0/cert-manager.yaml + +echo "Waiting for cert-manager to be ready..." + +# Wait for cert-manager namespace to be created +kubectl wait --for=jsonpath='{.status.phase}=Active' namespace/cert-manager --timeout=60s + +# Wait for cert-manager pods to be ready +kubectl wait --for=jsonpath='{.status.phase}=Running' pods -l app.kubernetes.io/instance=cert-manager -n cert-manager --timeout=300s + + +echo "cert-manager installation completed successfully!" +echo "" +echo "You can now install the FunctionStream operator:" +echo " helm install fs ./deploy/chart" +echo "" +echo "Or if you want to install with Pulsar standalone:" +echo " helm install fs ./deploy/chart --set pulsar.standalone.enable=true" \ No newline at end of file From 31ec878e518ed3ce05064e0b7b13c911c045231d Mon Sep 17 00:00:00 2001 From: Zike Yang Date: Sat, 28 Jun 2025 10:52:32 +0800 Subject: [PATCH 2/2] Update helm chart --- .../chart/templates/pulsar/statefulset.yaml | 19 +-- .../templates/rbac/metrics_auth_role.yaml | 2 +- .../rbac/metrics_auth_role_binding.yaml | 2 +- .../templates/rbac/metrics_reader_role.yaml | 2 +- .../deploy/chart/templates/rbac/role.yaml | 2 +- .../chart/templates/rbac/role_binding.yaml | 4 +- operator/deploy/chart/values.yaml | 8 +- operator/hack/helm.patch | 110 ++++++++++++++---- operator/scripts/install-cert-manager.sh | 4 +- 9 files changed, 105 insertions(+), 48 deletions(-) diff --git a/operator/deploy/chart/templates/pulsar/statefulset.yaml b/operator/deploy/chart/templates/pulsar/statefulset.yaml index c9722f5..a7f7ef8 100644 --- a/operator/deploy/chart/templates/pulsar/statefulset.yaml +++ b/operator/deploy/chart/templates/pulsar/statefulset.yaml @@ -38,16 +38,13 @@ spec: - name: admin containerPort: 8080 protocol: TCP - env: - - name: PULSAR_GC - value: "-XX:+UseG1GC -XX:MaxGCPauseMillis=10" resources: {{- toYaml .Values.pulsar.standalone.resources | nindent 12 }} + {{- if .Values.pulsar.standalone.storage.persistence.enabled }} volumeMounts: - name: pulsar-data mountPath: /pulsar/data - - name: pulsar-logs - mountPath: /pulsar/logs + {{- end }} livenessProbe: httpGet: path: /admin/v2/brokers/health @@ -64,6 +61,7 @@ spec: periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 + {{- if .Values.pulsar.standalone.storage.persistence.enabled }} volumeClaimTemplates: - metadata: name: pulsar-data @@ -75,14 +73,5 @@ spec: resources: requests: storage: {{ .Values.pulsar.standalone.storage.size }} - - metadata: - name: pulsar-logs - spec: - accessModes: ["ReadWriteOnce"] - {{- if .Values.pulsar.standalone.storage.storageClass }} - storageClassName: {{ .Values.pulsar.standalone.storage.storageClass }} - {{- end }} - resources: - requests: - storage: {{ .Values.pulsar.standalone.storage.size }} + {{- end }} {{- end }} \ No newline at end of file diff --git a/operator/deploy/chart/templates/rbac/metrics_auth_role.yaml b/operator/deploy/chart/templates/rbac/metrics_auth_role.yaml index b0c7913..decef92 100755 --- a/operator/deploy/chart/templates/rbac/metrics_auth_role.yaml +++ b/operator/deploy/chart/templates/rbac/metrics_auth_role.yaml @@ -4,7 +4,7 @@ kind: ClusterRole metadata: labels: {{- include "chart.labels" . | nindent 4 }} - name: operator-metrics-auth-role + name: {{ .Release.Name }}-operator-metrics-auth-role rules: - apiGroups: - authentication.k8s.io diff --git a/operator/deploy/chart/templates/rbac/metrics_auth_role_binding.yaml b/operator/deploy/chart/templates/rbac/metrics_auth_role_binding.yaml index a13f6a6..0172099 100755 --- a/operator/deploy/chart/templates/rbac/metrics_auth_role_binding.yaml +++ b/operator/deploy/chart/templates/rbac/metrics_auth_role_binding.yaml @@ -4,7 +4,7 @@ kind: ClusterRoleBinding metadata: labels: {{- include "chart.labels" . | nindent 4 }} - name: operator-metrics-auth-rolebinding + name: {{ .Release.Name }}-operator-metrics-auth-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/operator/deploy/chart/templates/rbac/metrics_reader_role.yaml b/operator/deploy/chart/templates/rbac/metrics_reader_role.yaml index 1f0a0f5..f5655e7 100755 --- a/operator/deploy/chart/templates/rbac/metrics_reader_role.yaml +++ b/operator/deploy/chart/templates/rbac/metrics_reader_role.yaml @@ -4,7 +4,7 @@ kind: ClusterRole metadata: labels: {{- include "chart.labels" . | nindent 4 }} - name: operator-metrics-reader + name: {{ .Release.Name }}-operator-metrics-reader rules: - nonResourceURLs: - "/metrics" diff --git a/operator/deploy/chart/templates/rbac/role.yaml b/operator/deploy/chart/templates/rbac/role.yaml index 3ae0961..a32998a 100755 --- a/operator/deploy/chart/templates/rbac/role.yaml +++ b/operator/deploy/chart/templates/rbac/role.yaml @@ -5,7 +5,7 @@ kind: ClusterRole metadata: labels: {{- include "chart.labels" . | nindent 4 }} - name: operator-manager-role + name: functionstream-operator-manager-role rules: - apiGroups: - apps diff --git a/operator/deploy/chart/templates/rbac/role_binding.yaml b/operator/deploy/chart/templates/rbac/role_binding.yaml index a4f2cfa..77c8250 100755 --- a/operator/deploy/chart/templates/rbac/role_binding.yaml +++ b/operator/deploy/chart/templates/rbac/role_binding.yaml @@ -4,11 +4,11 @@ kind: ClusterRoleBinding metadata: labels: {{- include "chart.labels" . | nindent 4 }} - name: operator-manager-rolebinding + name: {{ .Release.Name }}-functionstream-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: operator-manager-role + name: functionstream-operator-manager-role subjects: - kind: ServiceAccount name: {{ .Values.controllerManager.serviceAccountName }} diff --git a/operator/deploy/chart/values.yaml b/operator/deploy/chart/values.yaml index 734155f..4851d3b 100644 --- a/operator/deploy/chart/values.yaml +++ b/operator/deploy/chart/values.yaml @@ -39,7 +39,7 @@ controllerManager: seccompProfile: type: RuntimeDefault terminationGracePeriodSeconds: 10 - serviceAccountName: operator-controller-manager + serviceAccountName: functionstream-operator # [RBAC]: To enable RBAC (Permissions) configurations rbac: @@ -92,13 +92,13 @@ pulsar: repository: apachepulsar/pulsar tag: "latest" resources: - limits: - cpu: 1000m - memory: 2Gi requests: cpu: 500m memory: 1Gi storage: + # Enable persistence for Pulsar data + persistence: + enabled: false size: 10Gi storageClass: "" service: diff --git a/operator/hack/helm.patch b/operator/hack/helm.patch index bf837f4..fab1f6f 100644 --- a/operator/hack/helm.patch +++ b/operator/hack/helm.patch @@ -93,10 +93,10 @@ index 0000000..a460cbc \ No newline at end of file diff --git a/deploy/chart/templates/pulsar/statefulset.yaml b/deploy/chart/templates/pulsar/statefulset.yaml new file mode 100644 -index 0000000..c9722f5 +index 0000000..a7f7ef8 --- /dev/null +++ b/deploy/chart/templates/pulsar/statefulset.yaml -@@ -0,0 +1,88 @@ +@@ -0,0 +1,77 @@ +{{- if .Values.pulsar.standalone.enable }} +apiVersion: apps/v1 +kind: StatefulSet @@ -137,16 +137,13 @@ index 0000000..c9722f5 + - name: admin + containerPort: 8080 + protocol: TCP -+ env: -+ - name: PULSAR_GC -+ value: "-XX:+UseG1GC -XX:MaxGCPauseMillis=10" + resources: + {{- toYaml .Values.pulsar.standalone.resources | nindent 12 }} ++ {{- if .Values.pulsar.standalone.storage.persistence.enabled }} + volumeMounts: + - name: pulsar-data + mountPath: /pulsar/data -+ - name: pulsar-logs -+ mountPath: /pulsar/logs ++ {{- end }} + livenessProbe: + httpGet: + path: /admin/v2/brokers/health @@ -163,6 +160,7 @@ index 0000000..c9722f5 + periodSeconds: 10 + timeoutSeconds: 3 + failureThreshold: 3 ++ {{- if .Values.pulsar.standalone.storage.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: pulsar-data @@ -174,20 +172,81 @@ index 0000000..c9722f5 + resources: + requests: + storage: {{ .Values.pulsar.standalone.storage.size }} -+ - metadata: -+ name: pulsar-logs -+ spec: -+ accessModes: ["ReadWriteOnce"] -+ {{- if .Values.pulsar.standalone.storage.storageClass }} -+ storageClassName: {{ .Values.pulsar.standalone.storage.storageClass }} -+ {{- end }} -+ resources: -+ requests: -+ storage: {{ .Values.pulsar.standalone.storage.size }} ++ {{- end }} +{{- end }} \ No newline at end of file +diff --git a/dist/chart/templates/rbac/metrics_auth_role.yaml b/deploy/chart/templates/rbac/metrics_auth_role.yaml +index b0c7913..decef92 100755 +--- a/dist/chart/templates/rbac/metrics_auth_role.yaml ++++ b/deploy/chart/templates/rbac/metrics_auth_role.yaml +@@ -4,7 +4,7 @@ kind: ClusterRole + metadata: + labels: + {{- include "chart.labels" . | nindent 4 }} +- name: operator-metrics-auth-role ++ name: {{ .Release.Name }}-operator-metrics-auth-role + rules: + - apiGroups: + - authentication.k8s.io +diff --git a/dist/chart/templates/rbac/metrics_auth_role_binding.yaml b/deploy/chart/templates/rbac/metrics_auth_role_binding.yaml +index a13f6a6..0172099 100755 +--- a/dist/chart/templates/rbac/metrics_auth_role_binding.yaml ++++ b/deploy/chart/templates/rbac/metrics_auth_role_binding.yaml +@@ -4,7 +4,7 @@ kind: ClusterRoleBinding + metadata: + labels: + {{- include "chart.labels" . | nindent 4 }} +- name: operator-metrics-auth-rolebinding ++ name: {{ .Release.Name }}-operator-metrics-auth-rolebinding + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole +diff --git a/dist/chart/templates/rbac/metrics_reader_role.yaml b/deploy/chart/templates/rbac/metrics_reader_role.yaml +index 1f0a0f5..f5655e7 100755 +--- a/dist/chart/templates/rbac/metrics_reader_role.yaml ++++ b/deploy/chart/templates/rbac/metrics_reader_role.yaml +@@ -4,7 +4,7 @@ kind: ClusterRole + metadata: + labels: + {{- include "chart.labels" . | nindent 4 }} +- name: operator-metrics-reader ++ name: {{ .Release.Name }}-operator-metrics-reader + rules: + - nonResourceURLs: + - "/metrics" +diff --git a/dist/chart/templates/rbac/role.yaml b/deploy/chart/templates/rbac/role.yaml +index 3ae0961..a32998a 100755 +--- a/dist/chart/templates/rbac/role.yaml ++++ b/deploy/chart/templates/rbac/role.yaml +@@ -5,7 +5,7 @@ kind: ClusterRole + metadata: + labels: + {{- include "chart.labels" . | nindent 4 }} +- name: operator-manager-role ++ name: functionstream-operator-manager-role + rules: + - apiGroups: + - apps +diff --git a/dist/chart/templates/rbac/role_binding.yaml b/deploy/chart/templates/rbac/role_binding.yaml +index a4f2cfa..77c8250 100755 +--- a/dist/chart/templates/rbac/role_binding.yaml ++++ b/deploy/chart/templates/rbac/role_binding.yaml +@@ -4,11 +4,11 @@ kind: ClusterRoleBinding + metadata: + labels: + {{- include "chart.labels" . | nindent 4 }} +- name: operator-manager-rolebinding ++ name: {{ .Release.Name }}-functionstream-operator-manager-rolebinding + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole +- name: operator-manager-role ++ name: functionstream-operator-manager-role + subjects: + - kind: ServiceAccount + name: {{ .Values.controllerManager.serviceAccountName }} diff --git a/dist/chart/values.yaml b/deploy/chart/values.yaml -index 9357643..734155f 100644 +index 9357643..4851d3b 100644 --- a/dist/chart/values.yaml +++ b/deploy/chart/values.yaml @@ -3,8 +3,9 @@ controllerManager: @@ -201,6 +260,15 @@ index 9357643..734155f 100644 args: - "--leader-elect" - "--metrics-bind-address=:8443" +@@ -38,7 +39,7 @@ controllerManager: + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 10 +- serviceAccountName: operator-controller-manager ++ serviceAccountName: functionstream-operator + + # [RBAC]: To enable RBAC (Permissions) configurations + rbac: @@ -81,3 +82,31 @@ certmanager: # [NETWORK POLICIES]: To enable NetworkPolicies set true networkPolicy: @@ -215,13 +283,13 @@ index 9357643..734155f 100644 + repository: apachepulsar/pulsar + tag: "latest" + resources: -+ limits: -+ cpu: 1000m -+ memory: 2Gi + requests: + cpu: 500m + memory: 1Gi + storage: ++ # Enable persistence for Pulsar data ++ persistence: ++ enabled: false + size: 10Gi + storageClass: "" + service: diff --git a/operator/scripts/install-cert-manager.sh b/operator/scripts/install-cert-manager.sh index 01a83b0..f61fae5 100755 --- a/operator/scripts/install-cert-manager.sh +++ b/operator/scripts/install-cert-manager.sh @@ -37,7 +37,7 @@ kubectl wait --for=jsonpath='{.status.phase}=Running' pods -l app.kubernetes.io/ echo "cert-manager installation completed successfully!" echo "" echo "You can now install the FunctionStream operator:" -echo " helm install fs ./deploy/chart" +echo " helm install fs ./deploy/chart -n fs --create-namespace" echo "" echo "Or if you want to install with Pulsar standalone:" -echo " helm install fs ./deploy/chart --set pulsar.standalone.enable=true" \ No newline at end of file +echo " helm install fs ./deploy/chart --set pulsar.standalone.enable=true -n fs --create-namespace" \ No newline at end of file