Red Hat certification updates (#109)

* Setting version to 3.0 (major changes)
* Removed support for Helm v2, now supporting only Helm v3
* Added support to define extra env variables for the PubSub+ container
* Fixed request to /SEMP path when testing management host (was an issue when TLS enabled)
* Fixed setup config-sync to apply to all VPNs
* Added Helm test to chart
* Added schema to chart
* Added kubeVersion to chart
* Added license to chart root

Author: bczoma

.github/workflows/build-test.yml

@@ -10,7 +10,7 @@ jobs:
   deploy:
     name: K8s QuickStart CI test
     runs-on: ubuntu-latest
-    timeout-minutes: 20
+    timeout-minutes: 30
 
     steps:
     - name: Set env and tools
@@ -51,11 +51,10 @@ jobs:
 
     - name: Deploy HA broker and test
       run: |
-        REPO=$(echo ${{ secrets.BROKER_DOCKER_IMAGE_REF }} | cut -d ":" -f 1)
-        TAG=$(echo ${{ secrets.BROKER_DOCKER_IMAGE_REF }} | cut -d ":" -f 2)
+        REPO=solace/solace-pubsub-standard
+        TAG=latest
         openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=*"
         kubectl create secret tls test-tls --key="tls.key" --cert="tls.crt"
-        
         helm install my-release pubsubplus --set solace.size=dev,solace.redundancy=true,tls.enabled=true,tls.serverCertificatesSecret=test-tls,solace.usernameAdminPassword=admin,image.repository=$REPO,image.tag=$TAG
         kubectl get statefulset,svc,pods,pvc,pv --show-labels
         echo "Waiting for broker to become active"
@@ -64,6 +63,7 @@ jobs:
         until kubectl get pods --show-labels | grep pubsubplus-1 | grep -m 1 -E '1/1'; do sleep 10; done
         until kubectl get pods --show-labels | grep pubsubplus-2 | grep -m 1 -E '1/1'; do sleep 10; done
         until kubectl get pods --show-labels | grep pubsubplus- | grep -m 1 -E 'active=true'; do sleep 10; done
+        helm test my-release | grep Phase | grep Succeeded
         kubectl get statefulset,svc,pods,pvc,pv --show-labels
         bash -c 'if [[ `kubectl get po --show-labels | grep -c "1/1"` -ne 3 ]]; then echo "Some pods are not ready!"; kubectl get po --show-labels; exit 1; fi'
         export url="$(kubectl get statefulset,svc,pods,pvc,pv --show-labels | grep LoadBalancer | awk '{print $4}')"; echo $url
@@ -76,6 +76,31 @@ jobs:
         curl -k -sS -u admin:admin https://$url:1943/SEMP -d "<rpc><show><config-sync></config-sync></show></rpc>"
         if [[ -z `curl -sS -u admin:admin http://$url:8080/SEMP -d "<rpc><show><config-sync></config-sync></show></rpc>" | grep "<oper-status>Up</oper-status>"` ]] ; then echo "config-sync not up!"; exit 1; fi
         helm list
+
+    - name: Upgrade HA broker and test
+      run: |
+        REPO=solace/solace-pubsub-standard
+        UPGRADETAG=$(wget -q https://registry.hub.docker.com/v1/repositories/solace/solace-pubsub-standard/tags -O -  | sed -e 's/[][]//g' -e 's/"//g' -e 's/ //g' | tr '}' '\n'  | awk -F: '{print $3}' | sort -t "." -k1,1n -k2,2n -k3,3n | tail -1)
+        helm upgrade my-release pubsubplus --set solace.size=dev,solace.redundancy=true,tls.enabled=true,tls.serverCertificatesSecret=test-tls,solace.usernameAdminPassword=admin,image.repository=$REPO,image.tag=$UPGRADETAG
+        kubectl get statefulset,svc,pods,pvc,pv --show-labels
+        echo "Waiting for broker to become active after upgrade"
+        statefulset_name=$(kubectl get statefulset | grep pubsubplus |  awk '{print $1}')
+        until kubectl rollout status statefulset $statefulset_name -w | grep "rolling update complete"; do sleep 10; done
+        until kubectl get pods --show-labels | grep pubsubplus-0 | grep -m 1 -E '1/1'; do sleep 10; done
+        until kubectl get pods --show-labels | grep pubsubplus-1 | grep -m 1 -E '1/1'; do sleep 10; done
+        until kubectl get pods --show-labels | grep pubsubplus-2 | grep -m 1 -E '1/1'; do sleep 10; done
+        until kubectl get pods --show-labels | grep pubsubplus- | grep -m 1 -E 'active=true'; do sleep 10; done
+        helm test my-release | grep Phase | grep Succeeded
+        kubectl get statefulset,svc,pods,pvc,pv --show-labels
+        bash -c 'if [[ `kubectl get po --show-labels | grep -c "1/1"` -ne 3 ]]; then echo "Some pods are not ready!"; kubectl get po --show-labels; exit 1; fi'
+        export url="$(kubectl get statefulset,svc,pods,pvc,pv --show-labels | grep LoadBalancer | awk '{print $4}')"; echo $url
+        pubSubTools/sdkperf_c -cip=tcp://$url:55555 -mn=10000 -mr=0 -ptl=t1 -stl=t1 | grep "Total Messages"
+        pubSubTools/sdkperf_c -cip=tcps://$url:55443 -mn=10000 -mr=0 -ptl=t1 -stl=t1 | grep "Total Messages"
+        sleep 10
+        curl -k -sS -u admin:admin https://$url:1943/SEMP -d "<rpc><show><redundancy></redundancy></show></rpc>"
+        curl -k -sS -u admin:admin https://$url:1943/SEMP -d "<rpc><show><config-sync></config-sync></show></rpc>"
+        if [[ -z `curl -sS -u admin:admin http://$url:8080/SEMP -d "<rpc><show><config-sync></config-sync></show></rpc>" | grep "<oper-status>Up</oper-status>"` ]] ; then echo "config-sync not up!"; exit 1; fi
+        helm list
         helm delete $(helm list | grep deployed | awk '{print $1}')
         kubectl delete pvc --all
 
@@ -88,15 +113,27 @@ jobs:
         helm install --generate-name pubsubplus-ha --dry-run
         helm lint pubsubplus-dev
         helm install --generate-name pubsubplus-dev --dry-run
+        helm lint pubsubplus-openshift
+        helm install --generate-name pubsubplus-openshift --dry-run
+        helm lint pubsubplus-openshift-ha
+        helm install --generate-name pubsubplus-openshift-ha --dry-run
+        helm lint pubsubplus-openshift-dev
+        helm install --generate-name pubsubplus-openshift-dev --dry-run
 
     - name: Publish artifacts
       run: |
+        # Two groups of Helm repos are created:
+        # 1 - for general Helm charts that are hosted by Solace from gh-pages
+        # 2 - for OpenShift variants that will be further submitted to OpenShift repo
         git config --global user.name "GitHub Actions Automation"
         git config --global user.email "<>"
         mkdir gh-pages; # Now update gh-pages
         if [ ${{ github.ref }} == 'refs/heads/master' ] && [ ${{ github.repository_owner }} == 'SolaceProducts' ] ; then
           echo "Using master on SolaceProducts"
           git clone --quiet --branch=gh-pages https://${{ secrets.GH_TOKEN }}@github.com/SolaceProducts/pubsubplus-kubernetes-quickstart gh-pages > /dev/null 2>&1
+          rm -rf gh-pages/helm-charts-openshift; mkdir -p gh-pages/helm-charts-openshift
+          mv pubsubplus-openshift-*.tgz gh-pages/helm-charts-openshift/
+          helm repo index gh-pages/helm-charts-openshift/ --url https://solaceproducts.github.io/pubsubplus-kubernetes-quickstart/helm-charts-openshift
           mv pubsubplus-*.tgz gh-pages/helm-charts/
           helm repo index gh-pages/helm-charts/ --url https://solaceproducts.github.io/pubsubplus-kubernetes-quickstart/helm-charts
           pushd gh-pages
@@ -109,6 +146,9 @@ jobs:
         elif [ ${{ github.ref }} != 'refs/heads/gh-pages' ] && [ ${{ github.repository_owner }} != 'SolaceProducts' ] ; then
           echo "Using $TESTRUNBRANCH on ${{ github.repository_owner }}"
           git clone --quiet --branch=gh-pages https://${{ secrets.GH_TOKEN }}@github.com/${{ github.repository }} gh-pages > /dev/null 2>&1
+          rm -rf gh-pages/helm-charts-openshift; mkdir -p gh-pages/helm-charts-openshift
+          mv pubsubplus-openshift-*.tgz gh-pages/helm-charts-openshift/
+          helm repo index gh-pages/helm-charts-openshift/ --url https://solacedev.github.io/pubsubplus-kubernetes-quickstart/helm-charts-openshift
           mv pubsubplus-*.tgz gh-pages/helm-charts/
           helm repo index gh-pages/helm-charts/ --url https://solacedev.github.io/pubsubplus-kubernetes-quickstart/helm-charts
           pushd gh-pages

README.md

@@ -15,7 +15,7 @@ Detailed documentation is provided in the [Solace PubSub+ Software Event Broker
 This document is applicable to any platform supporting Kubernetes, with specific hints on how to set up a simple MiniKube deployment on a Linux-based machine. To view examples of other Kubernetes platforms see:
 
 - [Deploying a Solace PubSub+ Software Event Broker HA group onto a Google Kubernetes Engine](//github.com/SolaceProducts/solace-gke-quickstart )
-- [Deploying a Solace PubSub+ Software Event Broker HA Group onto an OpenShift 3.11 platform](//github.com/SolaceProducts/solace-openshift-quickstart )
+- [Deploying a Solace PubSub+ Software Event Broker HA Group onto an OpenShift 4 platform](//github.com/SolaceProducts/solace-openshift-quickstart )
 - Deploying a Solace PubSub+ Software Event Broker HA Group onto Amazon EKS (Amazon Elastic Container Service for Kubernetes): follow the [AWS documentation](//docs.aws.amazon.com/eks/latest/userguide/getting-started.html ) to set up EKS then this guide to deploy.
 - [Install a Solace PubSub+ Software Event Broker onto a Pivotal Container Service (PKS) cluster](//github.com/SolaceProducts/solace-pks )
 - Deploying a Solace PubSub+ Software Event Broker HA Group onto Azure Kubernetes Service (AKS): follow the [Azure documentation](//docs.microsoft.com/en-us/azure/aks/ ) to deploy an AKS cluster then this guide to deploy.
@@ -51,39 +51,13 @@ kubectl get nodes
 ### 2. Install and configure Helm
 
 Follow the [Helm Installation notes of your target release](https://github.com/helm/helm/releases) for your platform.
-Note that Helm is transitioning from v2 to v3. Some deployments still use v2. The event broker can be deployed using either version, however concurrent use of v2 and v3 from the same command-line environment is not supported.
+Note: Helm v2 is no longer supported. For Helm v2 support refer to [earlier versions of the chart](https://github.com/SolaceProducts/pubsubplus-kubernetes-quickstart/releases).
 
 On Linux a simple option to set up the latest stable release is to run:
 
-(Click on the arrow to open instructions for Helm v2 or v3)
-
-<details><summary><b>Instructions for Helm v2 setup</b></summary>
-<p>
-
-```bash
-curl -sSL https://raw.githubusercontent.com/helm/helm/master/scripts/get | bash
-```
-
-Deploy Tiller, Helm's in-cluster operator:
-```bash
-# This enables getting started on most platforms by granting Tiller cluster-admin privileges
-kubectl -n kube-system create serviceaccount tiller
-kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
-helm init --wait --service-account=tiller --upgrade # this may take some time
-```
-Warning: [more restricted Tiller privileges](/docs/PubSubPlusK8SDeployment.md#install-and-setup-the-helm-package-manager) are recommended in a production environment.
-</p>
-</details>
-
-<details><summary><b>Instructions for Helm v3 setup</b></summary>
-<p>
-
 ```bash
 curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
 ```
-</p>
-</details>
-
 
 Helm is configured properly if the command `helm version` returns no error.
 
@@ -98,34 +72,6 @@ Helm is configured properly if the command `helm version` returns no error.
 - Generally, for configuration options and ways to override default configuration values (using `--set` is one the options), consult the [PubSub+ Software Event Broker Helm Chart Reference](/pubsubplus/README.md#configuration).
 - Use one of the following chart variants to create a deployment: 
 
-(Click on the arrow to open instructions for Helm v2 or v3)
-
-<details><summary><b>Install using Helm v2</b></summary>
-<p>
-
-a) Create a Solace PubSub+ Software Event Broker deployment for development purposes using `pubsubplus-dev`. It requires a minimum of 1 CPU and 3.6 GB of memory be available to the event broker pod.
-```bash
-# Deploy PubSub+ Software Event Broker Standard edition for developers
-helm install --name my-release solacecharts/pubsubplus-dev
-```
-
-b) Create a Solace PubSub+ standalone deployment, supporting 100 connections scaling using `pubsubplus`. A minimum of 2 CPUs and 3.6 GB of memory must be available to the event broker pod.
-```bash
-# Deploy PubSub+ Software Event Broker Standard edition, standalone
-helm install --name my-release solacecharts/pubsubplus
-```
-
-c) Create a Solace PubSub+ HA deployment, supporting 100 connections scaling using `pubsubplus-ha`. The minimum resource requirements are 2 CPU and 3.6 GB of memory available to each of the three event broker pods.
-```bash
-# Deploy PubSub+ Software Event Broker Standard edition, HA
-helm install --name my-release solacecharts/pubsubplus-ha
-```
-</p>
-</details>
-
-<details><summary><b>Install using Helm v3</b></summary>
-<p>
-
 a) Create a Solace PubSub+ Software Event Broker deployment for development purposes using `pubsubplus-dev`. It requires a minimum of 1 CPU and 2 GB of memory available to the event broker pod.
 ```bash
 # Deploy PubSub+ Software Event Broker Standard edition for developers
@@ -143,8 +89,6 @@ c) Create a Solace PubSub+ HA deployment, supporting 100 connections scaling usi
 # Deploy PubSub+ Software Event Broker Standard edition, HA
 helm install my-release solacecharts/pubsubplus-ha
 ```
-</p>
-</details>
 
 The above options will start the deployment and write related information and notes to the screen.