[wip] support for custom service name (and disabling)

README.md

@@ -12,7 +12,6 @@ Deploy an ORAS registry (cache for workflow or experiment artifacts) as a servic
 - test with a simple dag (maybe snakemake kueue executor)
 - multiple pods for registry and using secret / shared storage use case
 
-
 ## License
 
 HPCIC DevTools is distributed under the terms of the MIT license.

api/v1alpha1/orascache_types.go

@@ -27,6 +27,10 @@ type OrasCacheSpec struct {
 	// +optional
 	Secrets Secrets `json:"secrets"`
 
+	// Customization for the headless service
+	// +optional
+	Service Service `json:"service"`
+
 	// Skip deploying the registry (stateful set) implying all references
 	// are for a remote (existing) registry
 	// +kubebuilder:default=true
@@ -35,6 +39,19 @@ type OrasCacheSpec struct {
 	Deploy bool `json:"deploy"`
 }
 
+type Service struct {
+
+	// The name for the headless service
+	// +optional
+	Name string `json:"name"`
+
+	// Skip creating the service if set to false
+	// This is useful if you are wanting to add the registry to an existing service
+	// +default=true
+	// +optional
+	Create bool `json:"create"`
+}
+
 type Secrets struct {
 
 	// Secrets for the environment for the ORAS operator sidecar pod to push

chart/templates/mutating-webhook-configuration.yaml

@@ -13,16 +13,19 @@ webhooks:
     service:
       name: '{{ include "chart.fullname" . }}-webhook-service'
       namespace: '{{ .Release.Namespace }}'
-      path: /mutate--v1-pod
+      path: /mutate-v1-sidecar
   failurePolicy: Fail
   name: morascache.kb.io
   rules:
   - apiGroups:
     - ""
+    - core
+    - batch
     apiVersions:
     - v1
     operations:
     - CREATE
     resources:
     - pods
+    - jobs
   sideEffects: None

chart/templates/orascache-crd.yaml

@@ -47,13 +47,38 @@ spec:
           spec:
             description: OrasCacheSpec defines the desired state of OrasCache
             properties:
+              deploy:
+                default: true
+                description: Skip deploying the registry (stateful set) implying all
+                  references are for a remote (existing) registry
+                type: boolean
               image:
                 default: ghcr.io/oras-project/registry:latest
                 description: Image is the oras registry to deploy
                 type: string
-              secret:
-                description: Secret for the registry REGISTRY_HTTP_SECRET
-                type: string
+              secrets:
+                description: Names of secrets for the operator
+                properties:
+                  orasEnv:
+                    description: Secrets for the environment for the ORAS operator sidecar
+                      pod to push e.g., oras pull -u username -p password myregistry.io/myimage:latest
+                      This should have ORAS_USER and ORAS_PASS
+                    type: string
+                  registryHttp:
+                    description: Secret for the registry REGISTRY_HTTP_SECRET
+                    type: string
+                type: object
+              service:
+                description: Customization for the headless service
+                properties:
+                  create:
+                    description: Skip creating the service if set to false This is useful
+                      if you are wanting to add the registry to an existing service
+                    type: boolean
+                  name:
+                    description: The name for the headless service
+                    type: string
+                type: object
             type: object
           status:
             description: OrasCacheStatus defines the observed state of OrasCache

chart/values.yaml

@@ -32,7 +32,7 @@ controllerManager:
         - ALL
     image:
       repository: ghcr.io/converged-computing/oras-operator
-      tag: latest
+      tag: test
     imagePullPolicy: Always
     resources:
       limits:

config/crd/bases/cache.converged-computing.github.io_orascaches.yaml

@@ -57,6 +57,18 @@ spec:
                     description: Secret for the registry REGISTRY_HTTP_SECRET
                     type: string
                 type: object
+              service:
+                description: Customization for the headless service
+                properties:
+                  create:
+                    description: Skip creating the service if set to false This is
+                      useful if you are wanting to add the registry to an existing
+                      service
+                    type: boolean
+                  name:
+                    description: The name for the headless service
+                    type: string
+                type: object
             type: object
           status:
             description: OrasCacheStatus defines the observed state of OrasCache

controllers/oras/orascache_controller.go

@@ -98,18 +98,21 @@ func (r *OrasCacheReconciler) ensureOrasCache(
 	spec *api.OrasCache,
 ) (ctrl.Result, error) {
 
-	// Create headless service for the API to use
+	// Create headless service for the API to use only if requested
 	// This must be created before the stateful set
-	selector := map[string]string{defaults.OrasSelectorKey: spec.Namespace}
-	result, err := r.exposeServices(ctx, spec, selector)
-	if err != nil {
-		return result, err
+	if spec.Spec.Service.Create {
+		selector := map[string]string{defaults.OrasSelectorKey: spec.Namespace}
+		result, err := r.exposeServices(ctx, spec, selector)
+		if err != nil {
+			return result, err
+		}
+
 	}
 
 	// The service running the oras registry is a stateful set
 	// But only deploy if we are requested to!
 	if spec.Spec.Deploy {
-		_, result, _, err = r.getStatefulSet(ctx, spec)
+		_, result, _, err := r.getStatefulSet(ctx, spec)
 		if err != nil {
 			return result, err
 		}

controllers/oras/statefulset.go

@@ -84,6 +84,12 @@ func (r *OrasCacheReconciler) createStatefulSet(
 		"Name:", spec.Name,
 	)
 
+	// The headless service selector is either the Namespace, or a custom one we've provided
+	serviceName := spec.Name
+	if spec.Spec.Service.Name != "" {
+		serviceName = spec.Spec.Service.Name
+	}
+
 	// start with one registry for now
 	var replicas int32 = 1
 	labels := map[string]string{
@@ -115,7 +121,7 @@ func (r *OrasCacheReconciler) createStatefulSet(
 					// RestartPolicy defaults to Always
 				},
 			},
-			ServiceName: spec.Name,
+			ServiceName: serviceName,
 			// Default UpdateStrategy is RollingUpdate
 		},
 	}

docs/getting_started/custom-resource-definition.md

@@ -54,6 +54,19 @@ spec:
   deploy: false 
 ```
 
+#### service
+
+There are a few handles to customize the service, namely to not create it (e.g., if you are adding to an existing service) or to customize the name.
+
+```yaml
+spec:
+  service:
+    name: my-custom-name
+    create: false
+```
+
+In the above, we would ask the operator to not create the service, and to instead use "my-custom-name."
+
 #### secrets
 
 There are several secrets that can be added, if needed.

examples/dist/oras-operator-arm.yaml

@@ -71,6 +71,16 @@ spec:
                     description: Secret for the registry REGISTRY_HTTP_SECRET
                     type: string
                 type: object
+              service:
+                description: Customization for the headless service
+                properties:
+                  create:
+                    description: Skip creating the service if set to false This is useful if you are wanting to add the registry to an existing service
+                    type: boolean
+                  name:
+                    description: The name for the headless service
+                    type: string
+                type: object
             type: object
           status:
             description: OrasCacheStatus defines the observed state of OrasCache

examples/dist/oras-operator-dev.yaml

@@ -71,6 +71,16 @@ spec:
                     description: Secret for the registry REGISTRY_HTTP_SECRET
                     type: string
                 type: object
+              service:
+                description: Customization for the headless service
+                properties:
+                  create:
+                    description: Skip creating the service if set to false This is useful if you are wanting to add the registry to an existing service
+                    type: boolean
+                  name:
+                    description: The name for the headless service
+                    type: string
+                type: object
             type: object
           status:
             description: OrasCacheStatus defines the observed state of OrasCache

examples/dist/oras-operator.yaml

@@ -71,6 +71,16 @@ spec:
                     description: Secret for the registry REGISTRY_HTTP_SECRET
                     type: string
                 type: object
+              service:
+                description: Customization for the headless service
+                properties:
+                  create:
+                    description: Skip creating the service if set to false This is useful if you are wanting to add the registry to an existing service
+                    type: boolean
+                  name:
+                    description: The name for the headless service
+                    type: string
+                type: object
             type: object
           status:
             description: OrasCacheStatus defines the observed state of OrasCache