Merge pull request #164 from tchellomello/unique_labels

Use k8s labels to create unique matchLabels for svc and deployments
2026-03-26 21:33:14 +00:00 · 2021-04-03 12:44:31 -04:00
parent 1309cc63c9 185238c199
commit 30db53d250
16 changed files with 96 additions and 17 deletions
--- a/molecule/default/asserts.yml
+++ b/molecule/default/asserts.yml
@@ -12,7 +12,10 @@
        kind: Pod
        namespace: example-awx
        label_selectors:
-          - app=awx
+          - "app.kubernetes.io/name=example-awx"
+          - "app.kubernetes.io/part-of=example-awx"
+          - "app.kubernetes.io/managed-by=awx-operator"
+          - "app.kubernetes.io/component=awx"
      register: tower_pods

    - name: Verify there is one AWX pod
--- a/molecule/test-local/converge.yml
+++ b/molecule/test-local/converge.yml
@@ -110,7 +110,7 @@
              kind="Deployment",
              api_version="apps/v1",
              namespace=custom_resource.metadata.namespace,
-              label_selector="app=awx")
+              label_selector="app.kubernetes.io/name=example-awx")
            }}'

        - name: get operator logs
--- a/molecule/test-minikube/converge.yml
+++ b/molecule/test-minikube/converge.yml
@@ -118,7 +118,7 @@
              kind="Deployment",
              api_version="apps/v1",
              namespace=custom_resource.metadata.namespace,
-              label_selector="app=awx")
+              label_selector="app.kubernetes.io/name=example-awx")
            }}'

        - name: get operator logs
--- a/roles/installer/tasks/main.yml
+++ b/roles/installer/tasks/main.yml
@@ -1,4 +1,8 @@
 ---
+- name: Get current version
+  set_fact:
+    tower_image_version: "{{ tower_image.split(':')[1] }}"
+
 - name: Include secret key configuration tasks
  include_tasks: secret_key_configuration.yml

@@ -46,7 +50,9 @@
    kind: Pod
    namespace: '{{ meta.namespace }}'
    label_selectors:
-      - "app={{ deployment_type }}"
+      - "app.kubernetes.io/name={{ meta.name }}"
+      - "app.kubernetes.io/managed-by=awx-operator"
+      - "app.kubernetes.io/component=awx"
  register: tower_pods
  until: "tower_pods['resources'][0]['status']['phase'] == 'Running'"
  delay: 5
--- a/roles/installer/tasks/migrate_data.yml
+++ b/roles/installer/tasks/migrate_data.yml
@@ -13,7 +13,7 @@
    kind: Pod
    namespace: '{{ meta.namespace }}'
    label_selectors:
-      - "app={{ meta.name }}-{{ deployment_type }}-postgres"
+      - "app.kubernetes.io/name={{ meta.name }}-postgres"
  register: postgres_pod
  until: "postgres_pod['resources'][0]['status']['phase'] == 'Running'"
  delay: 5
--- a/roles/installer/templates/tower_admin_password_secret.yaml.j2
+++ b/roles/installer/templates/tower_admin_password_secret.yaml.j2
@@ -4,5 +4,10 @@ kind: Secret
 metadata:
  name: '{{ meta.name }}-admin-password'
  namespace: '{{ meta.namespace }}'
+  labels:
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 stringData:
  password: '{{ lookup('password', '/dev/null length=32 chars=ascii_letters,digits') }}'
--- a/roles/installer/templates/tower_app_credentials.yaml.j2
+++ b/roles/installer/templates/tower_app_credentials.yaml.j2
@@ -5,6 +5,11 @@ kind: Secret
 metadata:
  name: '{{ meta.name }}-app-credentials'
  namespace: '{{ meta.namespace }}'
+  labels:
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 data:
  credentials_py: "{{ lookup('template', 'credentials.py.j2') | b64encode }}"
  ldap_py: "{{ lookup('template', 'ldap.py.j2') | b64encode }}"
--- a/roles/installer/templates/tower_broadcast_websocket_secret.yaml.j2
+++ b/roles/installer/templates/tower_broadcast_websocket_secret.yaml.j2
@@ -4,5 +4,10 @@ kind: Secret
 metadata:
  name: '{{ meta.name }}-broadcast-websocket'
  namespace: '{{ meta.namespace }}'
+  labels:
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 stringData:
  secret: '{{ lookup('password', '/dev/null length=32 chars=ascii_letters,digits') }}'
--- a/roles/installer/templates/tower_config.yaml.j2
+++ b/roles/installer/templates/tower_config.yaml.j2
@@ -6,7 +6,10 @@ metadata:
  name: '{{ meta.name }}-{{ deployment_type }}-configmap'
  namespace: '{{ meta.namespace }}'
  labels:
-    app: '{{ deployment_type }}'
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 data:
  environment: |
    AWX_SKIP_MIGRATIONS=true
--- a/roles/installer/templates/tower_deployment.yaml.j2
+++ b/roles/installer/templates/tower_deployment.yaml.j2
@@ -6,16 +6,26 @@ metadata:
  name: '{{ meta.name }}'
  namespace: '{{ meta.namespace }}'
  labels:
-    app: '{{ deployment_type }}'
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/version: '{{ tower_image_version }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 spec:
  replicas: {{ tower_replicas }}
  selector:
    matchLabels:
-      app: '{{ deployment_type }}'
+      app.kubernetes.io/name: '{{ meta.name }}'
+      app.kubernetes.io/managed-by: awx-operator
+      app.kubernetes.io/component: awx
  template:
    metadata:
      labels:
-        app: '{{ deployment_type }}'
+        app.kubernetes.io/name: '{{ meta.name }}'
+        app.kubernetes.io/version: '{{ tower_image_version }}'
+        app.kubernetes.io/part-of: '{{ meta.name }}'
+        app.kubernetes.io/managed-by: awx-operator
+        app.kubernetes.io/component: awx
    spec:
      serviceAccountName: '{{ meta.name }}'
 {% if tower_image_pull_secret %}
--- a/roles/installer/templates/tower_ingress.yaml.j2
+++ b/roles/installer/templates/tower_ingress.yaml.j2
@@ -5,6 +5,11 @@ kind: Ingress
 metadata:
  name: '{{ meta.name }}-ingress'
  namespace: '{{ meta.namespace }}'
+  labels:
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 {% if tower_ingress_annotations %}
  annotations:
    {{ tower_ingress_annotations | indent(width=4) }}
@@ -33,6 +38,11 @@ kind: Route
 metadata:
  name: '{{ meta.name }}'
  namespace: '{{ meta.namespace }}'
+  labels:
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 spec:
 {% if tower_route_host != '' %}
  host: {{ tower_route_host }}
--- a/roles/installer/templates/tower_postgres.yaml.j2
+++ b/roles/installer/templates/tower_postgres.yaml.j2
@@ -6,11 +6,16 @@ metadata:
  name: '{{ meta.name }}-postgres'
  namespace: '{{ meta.namespace }}'
  labels:
-    app: '{{ meta.name }}-{{ deployment_type }}-postgres'
+    app.kubernetes.io/name: '{{ meta.name }}-postgres'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: database
 spec:
  selector:
    matchLabels:
-      app: '{{ meta.name }}-{{ deployment_type }}-postgres'
+      app.kubernetes.io/name: '{{ meta.name }}-postgres'
+      app.kubernetes.io/managed-by: awx-operator
+      app.kubernetes.io/component: database
  serviceName: '{{ meta.name }}'
  replicas: 1
  updateStrategy:
@@ -18,7 +23,10 @@ spec:
  template:
    metadata:
      labels:
-        app: '{{ meta.name }}-{{ deployment_type }}-postgres'
+        app.kubernetes.io/name: '{{ meta.name }}-postgres'
+        app.kubernetes.io/part-of: '{{ meta.name }}'
+        app.kubernetes.io/managed-by: awx-operator
+        app.kubernetes.io/component: database
    spec:
      containers:
        - image: '{{ tower_postgres_image }}'
@@ -71,10 +79,15 @@ metadata:
  name: '{{ meta.name }}-postgres'
  namespace: '{{ meta.namespace }}'
  labels:
-    app: '{{ meta.name }}-{{ deployment_type }}-postgres'
+    app.kubernetes.io/name: '{{ meta.name }}-postgres'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: database
 spec:
  ports:
    - port: 5432
  clusterIP: None
  selector:
-    app: '{{ meta.name }}-{{ deployment_type }}-postgres'
+    app.kubernetes.io/name: '{{ meta.name }}-postgres'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: database
--- a/roles/installer/templates/tower_postgres_secret.yaml.j2
+++ b/roles/installer/templates/tower_postgres_secret.yaml.j2
@@ -5,6 +5,11 @@ kind: Secret
 metadata:
  name: '{{ meta.name }}-postgres-configuration'
  namespace: '{{ meta.namespace }}'
+  labels:
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 stringData:
  password: '{{ lookup('password', '/dev/null length=32 chars=ascii_letters,digits') }}'
  username: '{{ database_username }}'
--- a/roles/installer/templates/tower_secret_key.yaml.j2
+++ b/roles/installer/templates/tower_secret_key.yaml.j2
@@ -4,5 +4,10 @@ kind: Secret
 metadata:
  name: '{{ meta.name }}-secret-key'
  namespace: '{{ meta.namespace }}'
+  labels:
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 stringData:
  secret_key: '{{ lookup('password', '/dev/null length=32 chars=ascii_letters,digits') }}'
--- a/roles/installer/templates/tower_service.yaml.j2
+++ b/roles/installer/templates/tower_service.yaml.j2
@@ -5,7 +5,10 @@ metadata:
  name: '{{ meta.name }}-service'
  namespace: '{{ meta.namespace }}'
  labels:
-    app: '{{ deployment_type }}'
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 {% if tower_ingress_type | lower == 'loadbalancer' %}
  annotations:
    {{ tower_loadbalancer_annotations | indent(width=4) }}
@@ -36,7 +39,9 @@ spec:
      name: http
 {% endif %}
  selector:
-    app: '{{ deployment_type }}'
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 {% if tower_ingress_type | lower == "loadbalancer" %}
  type: LoadBalancer
 {% elif tower_ingress_type != "none" %}
--- a/roles/installer/templates/tower_service_account.yaml.j2
+++ b/roles/installer/templates/tower_service_account.yaml.j2
@@ -4,7 +4,11 @@ kind: ServiceAccount
 metadata:
  name: '{{ meta.name }}'
  namespace: '{{ meta.namespace }}'
-
+  labels:
+    app.kubernetes.io/name: '{{ meta.name }}'
+    app.kubernetes.io/part-of: '{{ meta.name }}'
+    app.kubernetes.io/managed-by: awx-operator
+    app.kubernetes.io/component: awx
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role