Support multiple namespaces

deploy/role.yaml

@@ -1,5 +1,26 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
+metadata:
+  name: vitess-operator-subcontroller
+  namespace: example
+rules:
+- apiGroups:
+  - planetscale.com
+  resources:
+  - vitessshards
+  - vitessshards/status
+  - vitessshards/finalizers
+  - vitessbackups
+  - vitessbackups/status
+  - vitessbackups/finalizers
+  - vitessbackupstorages
+  - vitessbackupstorages/status
+  - vitessbackupstorages/finalizers
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
 metadata:
   name: vitess-operator
 rules:

deploy/role_binding.yaml

@@ -1,11 +1,26 @@
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: vitess-operator
+  name: vitess-operator-subcontroller
+  namespace: example
 subjects:
-- kind: ServiceAccount
-  name: vitess-operator
+  - kind: ServiceAccount
+    name: vitess-operator
+    namespace: example
 roleRef:
   kind: Role
+  name: vitess-operator-subcontroller
+  apiGroup: rbac.authorization.k8s.io
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: vitess-operator
+subjects:
+  - kind: ServiceAccount
+    name: vitess-operator
+    namespace: default
+roleRef:
+  kind: ClusterRole
   name: vitess-operator
   apiGroup: rbac.authorization.k8s.io

deploy/service_account.yaml

@@ -2,3 +2,9 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: vitess-operator
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: vitess-operator
+  namespace: example

test/endtoend/backup_restore_test.sh

@@ -81,14 +81,14 @@ echo "Make temporary directory for the test"
 mkdir -p -m 777 ./vtdataroot/backup
 echo "Building the docker image"
 docker build -f build/Dockerfile.release -t vitess-operator-pr:latest .
-echo "Setting up the kind config"
 setupKindConfig
 createKindCluster
 
 cd "$PWD/test/endtoend/operator"
 killall kubectl
 setupKubectlAccessForCI
 
+createExampleNamespace
 get_started "operator-latest.yaml" "101_initial_cluster_backup.yaml"
 verifyVtGateVersion "22.0.0"
 checkSemiSyncSetup

test/endtoend/backup_schedule_test.sh

@@ -15,7 +15,7 @@ function checkVitessBackupScheduleStatusWithTimeout() {
   regex=$1
 
   for i in {1..1200} ; do
-    if [[ $(kubectl get VitessBackupSchedule | grep -E "${regex}" | wc -l) -eq 1 ]]; then
+    if [[ $(kubectl get VitessBackupSchedule -n example | grep -E "${regex}" | wc -l) -eq 1 ]]; then
       echo "$regex found"
       return
     fi
@@ -37,7 +37,7 @@ function verifyListBackupsOutputWithSchedule() {
   for i in {1..6} ; do
     # Ensure that we can view the backup files from the host.
     docker exec -it $(docker container ls --format '{{.Names}}' | grep kind) chmod o+rwx -R /backup > /dev/null
-    backupCount=$(kubectl get vtb --no-headers | wc -l)
+    backupCount=$(kubectl get vtb -n example --no-headers | wc -l)
     echo "Found ${backupCount} backups"
     if [[ "${backupCount}" -ge 7 ]]; then 
       break
@@ -68,6 +68,7 @@ cd "$PWD/test/endtoend/operator"
 killall kubectl
 setupKubectlAccessForCI
 
+createExampleNamespace
 get_started "operator-latest.yaml" "101_initial_cluster_backup_schedule.yaml"
 verifyVtGateVersion "22.0.0"
 checkSemiSyncSetup

test/endtoend/hpa_test.sh

@@ -5,7 +5,7 @@ source ./test/endtoend/utils.sh
 
 function verifyHpaCount() {
   expectedCount=$1
-  count=$(kubectl get hpa --no-headers | wc -l)
+  count=$(kubectl get hpa -n example --no-headers | wc -l)
   if [[ "$count" -eq "$expectedCount" ]]; then
     echo "HorizontalPodAutoscaler count is $count"
     return 0
@@ -17,7 +17,7 @@ function verifyHpaCount() {
 function verifyHpaWithTimeout() {
   regex=$1
   for i in {1..600} ; do
-    out=$(kubectl get hpa --no-headers)
+    out=$(kubectl get hpa -n example --no-headers)
     echo "$out" | grep -E "$regex" > /dev/null 2>&1
     if [[ $? -eq 0 ]]; then
       echo "HorizontalPodAutoscaler $regex found"
@@ -41,6 +41,7 @@ cd "$PWD/test/endtoend/operator"
 killall kubectl
 setupKubectlAccessForCI
 
+createExampleNamespace
 get_started "operator-latest.yaml" "101_initial_cluster_autoscale.yaml"
 verifyVtGateVersion "22.0.0"
 checkSemiSyncSetup

test/endtoend/operator/101_initial_cluster.yaml

@@ -6,6 +6,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   images:
     vtctld: vitess/lite:v21.0.0
@@ -96,6 +97,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: example-cluster-config
+  namespace: example
 type: Opaque
 stringData:
   users.json: |

test/endtoend/operator/101_initial_cluster_autoscale.yaml

@@ -6,6 +6,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   images:
     vtctld: vitess/lite:latest
@@ -96,6 +97,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: example-cluster-config
+  namespace: example
 type: Opaque
 stringData:
   users.json: |

test/endtoend/operator/101_initial_cluster_backup.yaml

@@ -6,6 +6,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   backup:
     engine: xtrabackup
@@ -104,6 +105,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: example-cluster-config
+  namespace: example
 type: Opaque
 stringData:
   users.json: |

test/endtoend/operator/101_initial_cluster_backup_schedule.yaml

@@ -6,6 +6,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   backup:
     engine: xtrabackup
@@ -135,6 +136,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: example-cluster-config
+  namespace: example
 type: Opaque
 stringData:
   users.json: |

test/endtoend/operator/101_initial_cluster_unmanaged_tablet.yaml

@@ -6,6 +6,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   images:
     vtctld: vitess/lite:latest
@@ -94,6 +95,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: example-cluster-config
+  namespace: example
 type: Opaque
 stringData:
   users.json: |
@@ -210,6 +212,7 @@ apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: mysql-pv-claim
+  namespace: example
 spec:
   accessModes:
     - ReadWriteOnce
@@ -221,6 +224,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: mysql
+  namespace: example
   labels:
     app: mysql
 spec:
@@ -234,6 +238,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: mysql
+  namespace: example
 spec:
   replicas: 1
   selector:

test/endtoend/operator/101_initial_cluster_vtorc_vtadmin.yaml

@@ -6,6 +6,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   images:
     vtctld: vitess/lite:latest
@@ -111,6 +112,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: example-cluster-config
+  namespace: example
 type: Opaque
 stringData:
   users.json: |

test/endtoend/operator/102_keyspace_teardown.yaml

@@ -6,6 +6,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   backup:
     engine: xtrabackup

test/endtoend/operator/201_customer_tablets.yaml

@@ -2,6 +2,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   images:
     vtctld: vitess/lite:latest

test/endtoend/operator/302_new_shards.yaml

@@ -2,6 +2,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   images:
     vtctld: vitess/lite:latest

test/endtoend/operator/306_down_shard_0.yaml

@@ -2,6 +2,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   images:
     vtctld: vitess/lite:latest

test/endtoend/operator/cluster_autoscale.yaml

@@ -6,6 +6,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   images:
     vtctld: vitess/lite:latest

test/endtoend/operator/cluster_upgrade.yaml

@@ -6,6 +6,7 @@ apiVersion: planetscale.com/v2
 kind: VitessCluster
 metadata:
   name: example
+  namespace: example
 spec:
   images:
     vtctld: vitess/lite:latest

test/endtoend/operator/operator-latest.yaml

@@ -7537,11 +7537,38 @@ spec:
 ---
 apiVersion: v1
 kind: ServiceAccount
+metadata:
+  name: vitess-operator
+  namespace: example
+---
+apiVersion: v1
+kind: ServiceAccount
 metadata:
   name: vitess-operator
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
+metadata:
+  name: vitess-operator-backup-storage
+  namespace: example
+rules:
+  - apiGroups:
+      - planetscale.com
+    resources:
+      - vitessshards
+      - vitessshards/status
+      - vitessshards/finalizers
+      - vitessbackups
+      - vitessbackups/status
+      - vitessbackups/finalizers
+      - vitessbackupstorages
+      - vitessbackupstorages/status
+      - vitessbackupstorages/finalizers
+    verbs:
+      - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
 metadata:
   name: vitess-operator
 rules:
@@ -7631,14 +7658,29 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: vitess-operator
+  name: vitess-operator-backup-storage
+  namespace: example
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
+  name: vitess-operator-backup-storage
+subjects:
+  - kind: ServiceAccount
+    name: vitess-operator
+    namespace: example
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: vitess-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
   name: vitess-operator
 subjects:
   - kind: ServiceAccount
     name: vitess-operator
+    namespace: default
 ---
 apiVersion: scheduling.k8s.io/v1
 description: Vitess components (vttablet, vtgate, vtctld, etcd)
@@ -7678,9 +7720,7 @@ spec:
             - vitess-operator
           env:
             - name: WATCH_NAMESPACE
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.namespace
+              value: "default,example"
             - name: POD_NAME
               valueFrom:
                 fieldRef: