diff --git a/README.md b/README.md index 79d6b3b..0354aad 100644 --- a/README.md +++ b/README.md @@ -3,53 +3,24 @@ DO : make build -## Deploy in k8s (dev) +## Summary -While a registry with all of the OC docker images has not been set-up we can export this image to k3s ctr +oc-monitord is a daemon which can be run : +- as a binary +- as a container -> docker save oc-monitord:latest | sudo k3s ctr images import - - -Then in the pod manifest for oc-monitord use : - -``` -image: docker.io/library/oc-monitord -imagePullPolicy: Never -``` - -Not doing so will end up in the pod having a `ErrorImagePull` - -## Allow argo to create services - -In order for monitord to expose **open cloud services** on the node, we need to give him permission to create **k8s services**. - -For that we can update the RBAC configuration for a role already created by argo : - -### Manually edit the rbac authorization - -> kubectl edit roles.rbac.authorization.k8s.io -n argo argo-role - -In rules add a new entry : - -``` -- apiGroups: - - "" - resources: - - services - verbs: - - get - - create -``` - -### Patch the rbac authorization with a one liner - -> kubectl patch role argo-role -n argo --type='json' -p='[{"op": "add", "path": "/rules/-", "value": {"apiGroups": [""], "resources": ["services"], "verbs": ["get","create"]}}]' - -### Check wether the modification is effective - -> kubectl auth can-i create services --as=system:serviceaccount:argo:argo -n argo - -This command **must return "yes"** +It is used to perform several actions regarding the execution of an Open Cloud workflow : +- generating a YAML file that can be interpreted by **Argo Workflow** to create and execute pods in a kubernetes environment +- setting up the different resources needed to execute a workflow over several peers/kubernetes nodes with **Admiralty** : token, secrets, targets and sources +- creating the workflow and logging the output from + - Argo watch, which gives informations about the workflow in general (phase, number of steps executed, status...) + - Pods : which are the logs generated by the pods +To execute, the daemon needs several options : +- **-u** : +- **-m** : +- **-d** : +- **-e** : # Notes features/admiralty-docker @@ -60,13 +31,15 @@ This command **must return "yes"** - decide that no peer can have "http://localhost" as its url and use an attribute from the peer object or isMyself() from oc-lib if a peer is the current host. -## TODO +## TODO -- [ ] Allow the front to known on which IP the service are reachable +- [ ] Allow the front to known on which IP the service are reachable - currently doing it by using `kubectl get nodes -o wide` +- [ ] Implement writing and reading from S3 bucket/MinIO when a data resource is linked to a compute resource. -### Adding ingress handling to support reverse proxing + +### Adding ingress handling to support reverse proxing - Test wether ingress-nginx is running or not - Do something if not found : stop running and send error log OR start installation diff --git a/docs/admiralty_naming_multi_peer.jpg b/docs/admiralty_naming_multi_peer.jpg new file mode 100644 index 0000000..9cda8e5 Binary files /dev/null and b/docs/admiralty_naming_multi_peer.jpg differ diff --git a/docs/admiralty_setup_schema.jpg b/docs/admiralty_setup_schema.jpg new file mode 100644 index 0000000..4727575 Binary files /dev/null and b/docs/admiralty_setup_schema.jpg differ