add prelim support for running in openshift

Jeff McCormick · Jeff McCormick · commit ddfc3a2ac911 · 2017-06-20T13:38:46.000-05:00
diff --git a/docs/build.asciidoc b/docs/build.asciidoc
@@ -13,6 +13,7 @@ from source, you can download them from the following:
 == Requirements
 
 * Kubernetes 1.5.3+
+* Openshif Origin 1.5.1+
 * link:https://hub.docker.com/r/crunchydata/crunchy-postgres/[PostgreSQL 9.5+ Container]
 * link:https://hub.docker.com/r/crunchydata/crunchy-backup/[PostgreSQL Backup Container]
 
@@ -55,6 +56,46 @@ kubectl create clusterrolebinding permissive-binding \
 See https://kubernetes.io/docs/admin/authorization/rbac/ for more
 details on how to enable RBAC roles.
 
+To test the *postgres-operator* you will need a Kubernetes cluster
+
+== Openshift Origin Environment
+
+The postgres operator has been tested using Openshift Origin 1.5.1.
+
+The operator works the same as in a Kubernetes environment except
+that you have to configure the Origin permissions to allow 
+the operator to function.
+
+The HostPath volume is by default restricted in Origin, so you
+will have to grant access to the HostPath volume plugin for the
+operator to access the Docker socket as a HostPath volume.
+
+There is more than one way to alter the HostPath access, see:
+
+....
+oc edit scc restricted set allowHostDirVolumePlugin: true to let
+....
+
+This command will allow *all* pods to access HostPath volumes which
+may not be permissible in your environment.
+
+Alternatively you can create a service account, have the operator
+use that service account, and grant the service account access
+to use a HostPath volume.
+
+see the following links for examples:
+https://gitlab.com/gitlab-org/gitlab-ce/issues/24557
+https://docs.openshift.org/latest/admin_guide/manage_scc.html#use-the-hostpath-volume-plugin
+
+To test on an Origin system, you will need to specify
+a CMD environment variable with the value of *oc* as follows:
+....
+export CMD=oc
+....
+
+This will cause the *oc* command to be used within the operator
+startup script.
+
 == Create Project and Clone 
 In your .bashrc file, include the following:
 ....
diff --git a/examples/operator/cleanup.sh b/examples/operator/cleanup.sh
@@ -12,9 +12,9 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-kubectl delete configmap operator-conf
+$CMD delete configmap operator-conf
 
-kubectl --namespace=$NAMESPACE delete deployment postgres-operator
+$CMD --namespace=$NAMESPACE delete deployment postgres-operator
 
 sleep 10
 
diff --git a/examples/operator/deployment.json b/examples/operator/deployment.json
@@ -15,7 +15,6 @@
             "spec": {
                 "containers": [{
 	        "securityContext": {
-			"privileged": true
 		},
                     "name": "postgres-operator",
                     "image": "crunchydata/postgres-operator:centos7-1.2.0",
diff --git a/examples/operator/run.sh b/examples/operator/run.sh
@@ -15,19 +15,24 @@
 
 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 
-$DIR/cleanup.sh
 
 if [ -z "$NAMESPACE" ]; then
 	echo "NAMESPACE not set, using default"
 	export NAMESPACE=default
 fi
+if [ -z "$CMD" ]; then
+	echo "CMD not set, using kubectl"
+	export CMD=kubectl
+fi
 
-kubectl --namespace=$NAMESPACE get pvc crunchy-pvc
+$DIR/cleanup.sh
+
+$CMD --namespace=$NAMESPACE get pvc crunchy-pvc
 rc=$?
 
 if [ ! $rc -eq 0 ]; then
 	echo "crunchy-pvc does not exist...creating crunchy-pvc "
-	kubectl --namespace=$NAMESPACE create -f $DIR/crunchy-pvc.json
+	$CMD --namespace=$NAMESPACE create -f $DIR/crunchy-pvc.json
 	$DIR/create-pv.sh
 else
 	echo "crunchy-pvc already exists..."
@@ -39,14 +44,12 @@ if [ ! -d /data ]; then
 	sudo chmod 777 /data
 fi
 
-kubectl create configmap operator-conf \
+$CMD create configmap operator-conf \
 	--from-file=$COROOT/conf/postgres-operator/backup-job.json \
 	--from-file=$COROOT/conf/postgres-operator/pvc.json \
 	--from-file=$COROOT/conf/postgres-operator/cluster/1
 
-envsubst < $DIR/deployment.json | kubectl --namespace=$NAMESPACE create -f -
+envsubst < $DIR/deployment.json | $CMD --namespace=$NAMESPACE create -f -
 
 sleep 3
-kubectl get pod --selector=name=postgres-operator
-sleep 3
-kubectl logs --selector=name=postgres-operator
+$CMD get pod --selector=name=postgres-operator
diff --git a/operator/util/waituntil.go b/operator/util/waituntil.go
@@ -119,6 +119,7 @@ func WaitUntilDeploymentIsDeleted(clientset *kubernetes.Clientset, depname strin
 
 	conditions := []watch.ConditionFunc{
 		func(event watch.Event) (bool, error) {
+			log.Infof("waiting for deployment to be deleted got event=%v\n", event.Type)
 			if event.Type == watch.Deleted {
 				log.Info("deployment delete event received in WaitUntilDeploymentIsDeleted")
 				return true, nil
