Skip to content

Commit

Permalink
Minor cleanup to AppTeam and CloudSQL compositions samples
Browse files Browse the repository at this point in the history
  • Loading branch information
ostrain committed Jul 23, 2024
1 parent bd2ca7d commit 0473ae6
Show file tree
Hide file tree
Showing 7 changed files with 57 additions and 31 deletions.
11 changes: 6 additions & 5 deletions experiments/compositions/samples/AppTeam/README.md
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
# AppTeam
# AppTeam

For now this would only work in CC from a specific project.
For now this will only work in CC from a specific project.

## [Platform Admin] Create a Context object

The first step is to create a context object in the namespace where AppTeam will be created.
The first step is to create a context object in the namespace where AppTeam will
be created.

```
kubectl apply -f - <<EOF
Expand All @@ -24,7 +25,7 @@ EOF
kubectl create -f composition/appteam.yaml
```

## [Platform Admin] Create a new team `clearing`
## [Platform Admin] Create a new team

Create a new `AppTeam` CR in the `config-control` namespace.

Expand Down Expand Up @@ -61,7 +62,7 @@ When done with testing, cleanup the resources by deleting the `AppTeam` CRs.
For now resources created in namespaces other than the `AppTeam` CR's namespace need to be manually cleaned up.

```
kubectl delete appteam clearing
kubectl delete appteam $TEAM_NAME
# to clean up objects not in the same namespace as facade
./cleanup_appteam.sh ${TEAM_NAME}
Expand Down
9 changes: 7 additions & 2 deletions experiments/compositions/samples/AppTeam/cleanup_appteam.sh
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,15 @@
# See the License for the specific language governing permissions and
# limitations under the License.


scriptpath=$(realpath $0)
base=$(dirname $scriptpath)

if [[ $# != 1 ]];
then
echo "usage: ./cleanup_appteam.sh <project>"
exit 1
fi

project=$1

kubectl delete appteams.facade.facade -n config-control ${project}
Expand All @@ -33,4 +38,4 @@ echo "waiting for project to be deleted ......"
sleep 30

kubectl delete configconnectorcontext.core.cnrm.cloud.google.com configconnectorcontext.core.cnrm.cloud.google.com -n ${project}
kubectl delete namespace ${project}
kubectl delete namespace ${project}
8 changes: 7 additions & 1 deletion experiments/compositions/samples/AppTeam/get_appteam.sh
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,12 @@
scriptpath=$(realpath $0)
base=$(dirname $scriptpath)

if [[ $# -lte 1 ]];
then
echo "usage: ./get_appteam.sh <project>"
exit 1
fi

project=$1
opmodifier=$2

Expand All @@ -41,4 +47,4 @@ kubectl get configconnectorcontext -n ${project} $opmodifier
echo
echo "Project ------------------------------------------"
kubectl get project ${project} -n config-control $opmodifier
echo
echo
15 changes: 8 additions & 7 deletions experiments/compositions/samples/CloudSQL/README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# CloudSQL
# CloudSQL

## [Platform Admin] Create the composition

Expand All @@ -8,13 +8,14 @@ kubectl create -f composition/hasql.yaml

## [Team Admin] Create CloudSQL instance

Please note we are creating this in `config-control` namespace for the sample.
If KCC is setup in a tenant namespace (say using `AppTeams` composition), then we can use the tenant namespace instead.
Please note we are creating this in `config-control` namespace for this sample.
If KCC is setup in a tenant namespace (say using the `AppTeam` sample
composition), then we can use the tenant namespace instead.

```
NAMESPACE=config-control
#NAMESPACE=<app-team's namespace>
kubectl apply -f - <<EOF
apiVersion: facade.compositions.google.com/v1
kind: CloudSQL
Expand All @@ -29,16 +30,16 @@ spec:
EOF
```

Verify the relevant resources are created succesfully
Verify the relevant resources are created succesfully by running:

```
./get_cloudsql.sh ${NAMESPACE}
```

## [Team Admin] Cleaning up

When done with testing, cleanup the resources by deleting the `CloudSQL` CRs.
When done with testing, clean up the resources by deleting the `CloudSQL` CRs:

```
kubectl delete cloudsql myteam -n ${NAMESPACE}
```
```
25 changes: 15 additions & 10 deletions experiments/compositions/samples/CloudSQL/cleanup_cloudsql.sh
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,11 @@
scriptpath=$(realpath $0)
base=$(dirname $scriptpath)

if [[ $# -ne 2 ]];
then
echo "usage: ./cleanup_cloudsql.sh <name> <namespace>"
exit 1
fi

name=$1
namespace=$2
Expand All @@ -25,14 +30,14 @@ kubectl delete -f cloudsqls.facade.facade -n $namespace ${name}

kubectl delete sqlinstances.sql.cnrm.cloud.google.com -n $namespace ${name}-db-main
kubectl delete sqlinstances.sql.cnrm.cloud.google.com -n $namespace ${name}-db-replica-us-central1
kubectl delete kmskeyring -n $namespace kmscryptokeyring-us-central1
kubectl delete kmskeyring -n $namespace kmscryptokeyring-us-east1
kubectl delete kmscryptokey -n $namespace kmscryptokey-enc-us-central1
kubectl delete kmscryptokey -n $namespace kmscryptokey-enc-us-east1
kubectl delete iampolicymember -n $namespace sql-kms-us-east1-policybinding
kubectl delete iampolicymember -n $namespace sql-kms-us-central1-policybinding
kubectl delete serviceidentity -n $namespace sqladmin.googleapis.com
kubectl delete services.serviceusage.cnrm.cloud.google.com -n $namespace cloudkms.googleapis.com
kubectl delete services.serviceusage.cnrm.cloud.google.com -n $namespace iam.googleapis.com
kubectl delete kmskeyring -n $namespace kmscryptokeyring-us-central1
kubectl delete kmskeyring -n $namespace kmscryptokeyring-us-east1
kubectl delete kmscryptokey -n $namespace kmscryptokey-enc-us-central1
kubectl delete kmscryptokey -n $namespace kmscryptokey-enc-us-east1
kubectl delete iampolicymember -n $namespace sql-kms-us-east1-policybinding
kubectl delete iampolicymember -n $namespace sql-kms-us-central1-policybinding
kubectl delete serviceidentity -n $namespace sqladmin.googleapis.com
kubectl delete services.serviceusage.cnrm.cloud.google.com -n $namespace cloudkms.googleapis.com
kubectl delete services.serviceusage.cnrm.cloud.google.com -n $namespace iam.googleapis.com
kubectl delete services.serviceusage.cnrm.cloud.google.com -n $namespace serviceusage.googleapis.com
kubectl delete services.serviceusage.cnrm.cloud.google.com -n $namespace sqladmin.googleapis.com
kubectl delete services.serviceusage.cnrm.cloud.google.com -n $namespace sqladmin.googleapis.com
8 changes: 7 additions & 1 deletion experiments/compositions/samples/CloudSQL/get_cloudsql.sh
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,12 @@
scriptpath=$(realpath $0)
base=$(dirname $scriptpath)

if [[ $# -ne 1 ]];
then
echo "usage: ./get_cloudsql.sh <namespace>"
exit 1
fi

namespace=$1

echo "ServiceIdentity ----------------------------------------"
Expand All @@ -35,4 +41,4 @@ echo "IAMPolicyMember ----------------------------------------"
kubectl get iampolicymember -n $namespace
echo
echo "ServiceUsage -------------------------------------------"
kubectl get services.serviceusage.cnrm.cloud.google.com -n $namespace
kubectl get services.serviceusage.cnrm.cloud.google.com -n $namespace
12 changes: 7 additions & 5 deletions experiments/compositions/samples/README.md
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
# Using Samples
# Using Samples

## Prerequisites

A Config Controller cluster with Composition installed.
A Config Controller cluster with Compositions installed.

## Personas/Roles

Expand All @@ -17,9 +17,11 @@ Team/App Owner/Admin:

## AppTeam: Setting up New Teams

This recipe creates a GCP project for the team as well as sets up KCC in namespace mode to manage the team project.
This recipe creates a GCP project for the team as well as sets up KCC in
namespace mode to manage the team project.

## SQLHA: Create CloudSQL in HA Mode

Use AppTeam recipe to create a team first.
Then use this recipe to setup CloudSQL in your project in HA mode.
This recipe sets up a CloudSQL instance in your project in HA mode. If you'd
like to create the instance in a tenant namespace, do the AppTeam sample first
to create one.

0 comments on commit 0473ae6

Please sign in to comment.