Skip to content

Commit

Permalink
Merge pull request #323 from reidmv/stormforge
Browse files Browse the repository at this point in the history
Add StormForge add-on
  • Loading branch information
elamaran11 authored Dec 12, 2024
2 parents 8d5a27c + 192b1ca commit ad3ec57
Show file tree
Hide file tree
Showing 7 changed files with 219 additions and 0 deletions.
22 changes: 22 additions & 0 deletions eks-anywhere-common/Addons/Partner/StormForge/external-secret.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: stormforge-external-secret
namespace: stormforge
spec:
refreshInterval: 5m
secretStoreRef:
name: eksa-secret-store
kind: ClusterSecretStore
target:
name: stormforge-auth-secret
data:
- secretKey: clientID
remoteRef:
key: stormforge-secrets
property: clientID
- secretKey: clientSecret
remoteRef:
key: stormforge-secrets
property: clientSecret
9 changes: 9 additions & 0 deletions eks-anywhere-common/Addons/Partner/StormForge/namespace.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: stormforge
labels:
aws.conformance.vendor: stormforge
aws.conformance.vendor-solution: optimize-live
aws.conformance.vendor-solution-version: 2.16.1
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: stormforge-agent-release
namespace: stormforge
spec:
releaseName: stormforge-agent
chart:
spec:
chart: stormforge-agent
reconcileStrategy: ChartVersion
sourceRef:
kind: HelmRepository
name: stormforge-charts
namespace: flux-system
version: 2.16.1
interval: 5m0s
targetNamespace: stormforge
valuesFrom:
- kind: ConfigMap
name: stormforge-clustername
valuesKey: clusterName
targetPath: clusterName
- kind: Secret
name: stormforge-auth-secret
valuesKey: clientID
targetPath: authorization.clientID
- kind: Secret
name: stormforge-auth-secret
valuesKey: clientSecret
targetPath: authorization.clientSecret
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: stormforge-applier-release
namespace: stormforge
spec:
releaseName: stormforge-applier
chart:
spec:
chart: stormforge-applier
reconcileStrategy: ChartVersion
sourceRef:
kind: HelmRepository
name: stormforge-charts
namespace: flux-system
version: 2.6.0
interval: 5m0s
targetNamespace: stormforge
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: stormforge-configmaps-admin
namespace: stormforge
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: stormforge-configmaps-admin
namespace: stormforge
rules:
- apiGroups: [""] # "" indicates the core API group
resources: ["configmaps"]
verbs: ["*"] # full access
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: stormforge-configmaps-admin
namespace: stormforge
subjects:
- kind: ServiceAccount
name: stormforge-configmaps-admin
namespace: stormforge
roleRef:
kind: Role
name: stormforge-configmaps-admin
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: Job
metadata:
name: stormforge-cluster-name
namespace: stormforge
spec:
template:
spec:
restartPolicy: Never
serviceAccountName: stormforge-configmaps-admin
containers:
- name: generate-name
image: bitnami/kubectl:1.31
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
command:
- '/bin/sh'
- '-c'
- |
cm_name=stormforge-clustername
cluster_name="eksa-test-$(LC_ALL=C tr -dc a-z0-9 </dev/urandom | head -c 7; echo)"
kubectl create configmap "$cm_name" -n "$NAMESPACE" --from-literal clusterName="$cluster_name"
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: stormforge-charts
namespace: flux-system
spec:
type: "oci"
interval: 5m0s
url: oci://registry.stormforge.io/library
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: stormforge-test-cronjob
namespace: stormforge
spec:
schedule: "0 8 * * *" # Daily @ 8:00am
jobTemplate:
spec:
backoffLimit: 4
template:
spec:
activeDeadlineSeconds: 1800
restartPolicy: Never
containers:
- name: stormforge-test-job
image: badouralix/curl-jq:alpine
env:
- name: CLI_VERSION
value: "5.1.9"
envFrom:
- secretRef:
name: stormforge-agent-auth
- secretRef:
name: stormforge-agent-env
resources:
requests:
cpu: 10m
memory: 224Mi
command:
- '/bin/sh'
- '-c'
- |
# Setup: Fetch the StormForge CLI tool
while :; do
[ "$(uname -sm)" = "Linux aarch64" ] && arch=arm64 || arch=amd64
curl -L "https://downloads.stormforge.io/stormforge-cli/v${CLI_VERSION}/stormforge_${CLI_VERSION}_linux_${arch}.tar.gz" | tar -xz
if [ $? = 0 ]; then
chmod a+x ./stormforge
mv ./stormforge /usr/local/bin
break
fi
sleep 5
done
# Tidy: delete any old and inactive eksa test clusters that may still be registered
stormforge get clusters --state Inactive -o json \
| jq -r '.items[].name | select(. | test("^eksa-test-"))' \
| xargs --no-run-if-empty stormforge delete clusters
# Validate: when the cluster name has been registered, is not Inactive, and
# shows both products connected, then Optimize Live is working.
while :; do
echo "checking for stormforge-agent, stormforge-applier registration on $STORMFORGE_CLUSTER_NAME"
if stormforge get cluster "$STORMFORGE_CLUSTER_NAME" -o json \
| jq -e 'all(.items[];
(.status.phase == "Created")
and
all(.stormforge.products | map(.name);
any(index("stormforge-agent"))
and
any(index("stormforge-applier")) ))'
then
echo "successfully connected ${STORMFORGE_CLUSTER_NAME} to StormForge backend"
break
fi
sleep 5
done
# Success! (failure is handled by spec.activeDeadlineSeconds)
exit 0

0 comments on commit ad3ec57

Please sign in to comment.