From cf77249028fe232bbff0b26643879b3ea087c207 Mon Sep 17 00:00:00 2001 From: Joel Smith Date: Mon, 18 Sep 2023 17:57:27 -0600 Subject: [PATCH] Use installed namespace if WATCH_NAMESPACE not set Also, allow the operator to be installed in either OwnNamespace or AllNamespaces installMode for better flexibility on where the operator can be installed. Signed-off-by: Joel Smith --- README.md | 8 ++++++- .../manifests/keda.clusterserviceversion.yaml | 8 +++++-- .../bases/keda.clusterserviceversion.yaml | 8 +++++-- main.go | 23 +++++++++++++++---- 4 files changed, 37 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index e94d84f56..82fab9fe4 100644 --- a/README.md +++ b/README.md @@ -69,6 +69,12 @@ Only custom resource named `keda` in the namespace where the operator was installed (typically, `keda`) will trigger the installation, reconfiguration, or removal of the KEDA Controller resources. +The operator will behave in this manner whether it is installed with the +`AllNamespaces` or `OwnNamespace` install mode. While the operator more +closely matches the `OwnNamespace` semantics, `AllNamespaces` is a +supported installation mode to allow it to be installed to namespaces with +existing `OperatorGroups` which require that installation mode. + There should be only one KEDA Controller in the cluster. ### `KedaController` Spec @@ -412,7 +418,7 @@ spec: ## Uninstallation ### How to uninstall KEDA Controller -Locate installed `KEDA` Operator in `keda` namespace and then remove created `KedaController` resoure or simply delete the `KedaController` resource: +Locate installed `KEDA` Operator in `keda` namespace and then remove created `KedaController` resource or simply delete the `KedaController` resource: ```bash kubectl delete -n keda -f config/samples/keda_v1alpha1_kedacontroller.yaml diff --git a/bundle/manifests/keda.clusterserviceversion.yaml b/bundle/manifests/keda.clusterserviceversion.yaml index 7b7b760db..23207d244 100644 --- a/bundle/manifests/keda.clusterserviceversion.yaml +++ b/bundle/manifests/keda.clusterserviceversion.yaml @@ -454,7 +454,11 @@ spec: `KedaController` resource, please refer to [KedaController Example](https://github.com/kedacore/keda-olm-operator#kedacontroller-spec) for more deatils on available options.\n\nOnly resource named `keda` in the namespace where the KEDA OLM Operator is installed (typically `keda`) will trigger the installation, - reconfiguration or removal of the KEDA Controller resource.\n\nThere could be + reconfiguration or removal of the KEDA Controller resource.\n\nThe operator will behave + in this manner whether it is installed with the AllNamespaces or OwnNamespace install + mode. While the operator more closely matches the OwnNamespace semantics, AllNamespaces + is a supported installation mode to allow it to be installed to namespaces with + existing OperatorGroups which require that installation mode.\n\nThere should be only one KEDA Controller in the cluster. \n" displayName: KEDA icon: @@ -630,7 +634,7 @@ spec: type: SingleNamespace - supported: false type: MultiNamespace - - supported: false + - supported: true type: AllNamespaces keywords: - keda diff --git a/config/manifests/bases/keda.clusterserviceversion.yaml b/config/manifests/bases/keda.clusterserviceversion.yaml index 8ca94f492..bc2e6a504 100644 --- a/config/manifests/bases/keda.clusterserviceversion.yaml +++ b/config/manifests/bases/keda.clusterserviceversion.yaml @@ -454,7 +454,11 @@ spec: `KedaController` resource, please refer to [KedaController Example](https://github.com/kedacore/keda-olm-operator#kedacontroller-spec) for more deatils on available options.\n\nOnly resource named `keda` in the namespace where the KEDA OLM Operator is installed (typically `keda`) will trigger the installation, - reconfiguration or removal of the KEDA Controller resource.\n\nThere could be + reconfiguration or removal of the KEDA Controller resource.\n\nThe operator will behave + in this manner whether it is installed with the AllNamespaces or OwnNamespace install + mode. While the operator more closely matches the OwnNamespace semantics, AllNamespaces + is a supported installation mode to allow it to be installed to namespaces with + existing OperatorGroups which require that installation mode.\n\nThere should be only one KEDA Controller in the cluster. \n" displayName: KEDA icon: @@ -626,7 +630,7 @@ spec: serviceAccountName: keda-olm-operator strategy: deployment installModes: - - supported: false + - supported: true type: OwnNamespace - supported: false type: SingleNamespace diff --git a/main.go b/main.go index 2785b3f6d..757d55dad 100644 --- a/main.go +++ b/main.go @@ -21,6 +21,7 @@ import ( "fmt" "os" "runtime" + "strings" // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) // to ensure that exec-entrypoint and run can make use of them. @@ -46,6 +47,10 @@ var ( setupLog = ctrl.Log.WithName("setup") ) +const ( + serviceAccountNamespaceFile = "/var/run/secrets/kubernetes.io/serviceaccount/namespace" +) + func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) @@ -134,12 +139,20 @@ func main() { } // getWatchNamespace returns the namespace the operator should be watching for changes -// it tries to read this information from env variable `WATCH_NAMESPACE` -// if not set, namespace `keda` is used +// It tries to read this information from env variable `WATCH_NAMESPACE`. If not set +// or empty, it attempts to determine which namespace it is running in via the +// automounted service account data. If unavailable, namespace `keda` is used func getWatchNamespace() string { - ns, found := os.LookupEnv("WATCH_NAMESPACE") - if !found { - return "keda" + var ns string + var found bool + if ns, found = os.LookupEnv("WATCH_NAMESPACE"); found && len(ns) > 0 { + setupLog.Info(fmt.Sprintf("Using watch namespace '%s' from environment variable WATCH_NAMESPACE", ns)) + } else if nsBytes, err := os.ReadFile(serviceAccountNamespaceFile); err == nil { + ns = strings.TrimSpace(string(nsBytes)) + setupLog.Info(fmt.Sprintf("Using watch namespace '%s' from service account namespace specified in %s", ns, serviceAccountNamespaceFile)) + } else { + ns = "keda" + setupLog.Info(fmt.Sprintf("Using default watch namespace '%s'", ns)) } return ns }