Add un/deploy make targets for deployments using kubectl.

This made it necessary to separate the RBAC and ServiceAccount
maifests for controller and varnish.

We now have deploy and undeploy targets for both controller and
Varnish that use helm or kubectl, depending on whether the make
variable DEPLOY=kubectl is set.

deploy/Makefile

@@ -88,8 +88,8 @@ deploy-controller-helm:
 		--set vikingController.image.tag=$(CONTROLLER_TAG)
 
 deploy-controller-kubectl:
-	@kubectl apply -f serviceaccount.yaml
-	@kubectl apply -f rbac.yaml
+	@kubectl apply -f serviceaccount-controller.yaml
+	@kubectl apply -f rbac-controller.yaml
 	@kubectl apply -f varnishcfg-crd.yaml
 	@kubectl apply -f backendcfg-crd.yaml
 	@kubectl apply -f controller.yaml
@@ -110,6 +110,22 @@ deploy-service-helm:
 		--set vikingService.haproxy.image.repository=$(HAPROXY_IMAGE) \
 		--set vikingService.haproxy.image.tag=$(HAPROXY_TAG)
 
+deploy-service-kubectl:
+	@kubectl apply -f serviceaccount-varnish.yaml
+	@kubectl apply -f rbac-varnish.yaml
+	@kubectl apply -f adm-secret.yaml
+	@kubectl apply -f varnish.yaml
+	@kubectl apply -f admin-svc.yaml
+	@kubectl apply -f nodeport.yaml
+
+deploy-service:
+
+ifeq ($(DEPLOY),kubectl)
+deploy-service: deploy-service-kubectl
+else
+deploy-service: deploy-service-helm
+endif
+
 # TESTOPTS are passed to varnishtest, e.g.: make TESTOPTS=-v verify
 verify:
 	$(mkdir)/verify.sh
@@ -120,8 +136,29 @@ undeploy-service-helm:
 	@kubectl wait pod --timeout=$(WAIT_TIMEOUT) \
 		-l app.kubernetes.io/name=varnish-ingress --for=delete
 
+undeploy-service-kubectl:
+	@kubectl delete -f rbac-varnish.yaml
+	@kubectl delete -f serviceaccount-varnish.yaml
+	@kubectl delete -f nodeport.yaml
+	@kubectl delete -f admin-svc.yaml
+	@kubectl delete -f varnish.yaml
+	@kubectl delete -f adm-secret.yaml
+	@echo Waiting for viking-service Pods to be deleted
+	@kubectl wait pod --timeout=$(WAIT_TIMEOUT) \
+		-l app=varnish-ingress --for=delete
+
+undeploy-service:
+
+ifeq ($(DEPLOY),kubectl)
+undeploy-service: undeploy-service-kubectl
+else
+undeploy-service: undeploy-service-helm
+endif
+
 undeploy-controller-helm:
 	@helm uninstall viking-controller --namespace kube-system
+	@kubectl delete crd backendconfigs.ingress.varnish-cache.org
+	@kubectl delete crd varnishconfigs.ingress.varnish-cache.org
 	@echo Waiting for the viking-controller Pod to be deleted
 	@kubectl wait pod --timeout=$(WAIT_TIMEOUT) -n kube-system \
 		-l app.kubernetes.io/name=viking-controller --for=delete
@@ -130,8 +167,8 @@ undeploy-controller-kubectl:
 	@kubectl delete -f controller.yaml
 	@kubectl delete -f backendcfg-crd.yaml
 	@kubectl delete -f varnishcfg-crd.yaml
-	@kubectl delete -f rbac.yaml
-	@kubectl delete -f serviceaccount.yaml
+	@kubectl delete -f rbac-controller.yaml
+	@kubectl delete -f serviceaccount-controller.yaml
 	@echo Waiting for the viking-controller Pod to be deleted
 	@kubectl wait pod --timeout=$(WAIT_TIMEOUT) -n kube-system \
 		-l app=varnish-ingress-controller --for=delete
@@ -144,6 +181,8 @@ else
 undeploy-controller: undeploy-controller-helm
 endif
 
-deploy-helm: deploy-controller-helm deploy-service-helm
+deploy: deploy-controller deploy-service
+
+undeploy: undeploy-service undeploy-controller
 
-undeploy-helm: undeploy-service-helm undeploy-controller-helm
+.PHONY: all $(MAKECMDGOALS)

deploy/clear.sh

@@ -6,9 +6,9 @@ kubectl delete -f backendcfg-crd.yaml
 
 kubectl delete -f varnishcfg-crd.yaml
 
-kubectl delete -f rbac.yaml
+kubectl delete -f rbac-controller.yaml
 
-kubectl delete -f serviceaccount.yaml
+kubectl delete -f serviceaccount-controller.yaml
 
 kubectl wait --timeout=2m pod -n kube-system -l app=varnish-ingress-controller \
         --for=delete

deploy/deploy.sh

 #! /bin/bash -ex
 
+kubectl apply -f serviceaccount-varnish.yaml
+
+kubectl apply -f rbac-varnish.yaml
+
 kubectl apply -f adm-secret.yaml
 
 kubectl apply -f varnish.yaml

deploy/init.sh

 #! /bin/bash -ex
 
-kubectl apply -f serviceaccount.yaml
+kubectl apply -f serviceaccount-controller.yaml
 
-kubectl apply -f rbac.yaml
+kubectl apply -f rbac-controller.yaml
 
 kubectl apply -f varnishcfg-crd.yaml
 

deploy/rbac.yaml → deploy/rbac-controller.yaml

@@ -64,20 +64,6 @@ rules:
   verbs:
   - update
 ---
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
-  name: varnish-ingress
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - get
-  - list
-  - watch
----
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
@@ -90,16 +76,3 @@ roleRef:
   kind: ClusterRole
   name: varnish-ingress-controller
   apiGroup: rbac.authorization.k8s.io
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
-  name: varnish-ingress
-subjects:
-- kind: ServiceAccount
-  namespace: default
-  name: varnish-ingress
-roleRef:
-  kind: ClusterRole
-  name: varnish-ingress
-  apiGroup: rbac.authorization.k8s.io

deploy/rbac-varnish.yaml

+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: varnish-ingress
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - get
+  - list
+  - watch
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: varnish-ingress
+subjects:
+- kind: ServiceAccount
+  namespace: default
+  name: varnish-ingress
+roleRef:
+  kind: ClusterRole
+  name: varnish-ingress
+  apiGroup: rbac.authorization.k8s.io

deploy/serviceaccount.yaml → deploy/serviceaccount-controller.yaml

@@ -3,9 +3,3 @@ kind: ServiceAccount
 metadata:
   name: varnish-ingress-controller
   namespace: kube-system
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: varnish-ingress
-  namespace: default
\ No newline at end of file

deploy/serviceaccount-varnish.yaml

+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: varnish-ingress
+  namespace: default

deploy/undeploy.sh

@@ -11,5 +11,9 @@ kubectl delete -f varnish.yaml
 
 kubectl delete -f adm-secret.yaml
 
+kubectl delete -f rbac-varnish.yaml
+
+kubectl delete -f serviceaccount-varnish.yaml
+
 echo Waiting until varnish-ingress Pods are deleted
 wait_until_deleted app=varnish-ingress