From 1fd848ba7df8a77225b7e57efb77aa84ca1e91ae Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Tue, 23 Jul 2024 14:15:36 +0200 Subject: [PATCH 01/26] Local dev, add codeowners file --- .github/CODEOWNERS | 1 + config/manager/manager.yaml | 2 +- config/samples/memgraph_v1_ha.yaml | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 .github/CODEOWNERS diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..adcfaf6 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1 @@ +as51340 diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 0c3aa93..67c8c77 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -25,7 +25,7 @@ spec: runAsNonRoot: true containers: - args: - image: memgraph/kubernetes-operator:0.0.3 # TODO: (andi) Try to specify this in a single place, currently used by kustomization.yaml and Makefile + image: memgraph/kubernetes-operator:0.0.3 # NOTE If you change this, you also need to update kustomization.yaml name: manager securityContext: readOnlyRootFilesystem: true diff --git a/config/samples/memgraph_v1_ha.yaml b/config/samples/memgraph_v1_ha.yaml index d03e35a..3e276ea 100644 --- a/config/samples/memgraph_v1_ha.yaml +++ b/config/samples/memgraph_v1_ha.yaml @@ -102,7 +102,7 @@ spec: image: pullPolicy: IfNotPresent repository: memgraph/memgraph - tag: 2.18.0 + tag: 2.18.0_27_0b62e6a73 probes: liveness: initialDelaySeconds: 30 From 56f10a70e177fdc0b63c18a1d1a2254de820cd7d Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Tue, 23 Jul 2024 14:36:20 +0200 Subject: [PATCH 02/26] Go path --- .dockerignore | 3 + .golangci.yml | 40 ++++ Dockerfile | 36 ++- LICENSE | 201 ---------------- Makefile | 219 +++++++++++------ PROJECT | 11 +- README.md | 93 +++++-- cmd/main.go | 137 +++++++++++ .../crd/bases/memgraph.com_memgraphhas.yaml | 44 ---- config/crd/kustomization.yaml | 6 - config/default/kustomization.yaml | 140 ++++++++++- config/default/manager_auth_proxy_patch.yaml | 39 +++ config/default/manager_config_patch.yaml | 10 + config/manager/kustomization.yaml | 8 +- config/manager/manager.yaml | 77 ++++-- config/manager/namespace.yaml | 10 +- config/manifests/kustomization.yaml | 21 ++ config/prometheus/kustomization.yaml | 2 + config/prometheus/monitor.yaml | 25 ++ .../rbac/auth_proxy_client_clusterrole.yaml | 16 ++ config/rbac/auth_proxy_role.yaml | 24 ++ config/rbac/auth_proxy_role_binding.yaml | 19 ++ config/rbac/auth_proxy_service.yaml | 21 ++ config/rbac/kustomization.yaml | 14 ++ config/rbac/leader_election_role.yaml | 44 ++++ config/rbac/leader_election_role_binding.yaml | 19 ++ config/rbac/role.yaml | 74 +----- config/rbac/role_binding.yaml | 15 +- config/rbac/service_account.yaml | 11 +- config/samples/kustomization.yaml | 2 - config/samples/memgraph_v1_ha.yaml | 115 --------- docs/installation.md | 68 ------ go.mod | 73 ++++++ go.sum | 226 ++++++++++++++++++ hack/boilerplate.go.txt | 15 ++ helm-charts | 1 - test/e2e/e2e_suite_test.go | 32 +++ test/e2e/e2e_test.go | 121 ++++++++++ test/utils/utils.go | 140 +++++++++++ watches.yaml | 6 - 40 files changed, 1536 insertions(+), 642 deletions(-) create mode 100644 .dockerignore create mode 100644 .golangci.yml delete mode 100644 LICENSE create mode 100644 cmd/main.go delete mode 100644 config/crd/bases/memgraph.com_memgraphhas.yaml delete mode 100644 config/crd/kustomization.yaml create mode 100644 config/default/manager_auth_proxy_patch.yaml create mode 100644 config/default/manager_config_patch.yaml create mode 100644 config/prometheus/kustomization.yaml create mode 100644 config/prometheus/monitor.yaml create mode 100644 config/rbac/auth_proxy_client_clusterrole.yaml create mode 100644 config/rbac/auth_proxy_role.yaml create mode 100644 config/rbac/auth_proxy_role_binding.yaml create mode 100644 config/rbac/auth_proxy_service.yaml create mode 100644 config/rbac/leader_election_role.yaml create mode 100644 config/rbac/leader_election_role_binding.yaml delete mode 100644 config/samples/kustomization.yaml delete mode 100644 config/samples/memgraph_v1_ha.yaml delete mode 100644 docs/installation.md create mode 100644 go.mod create mode 100644 go.sum create mode 100644 hack/boilerplate.go.txt delete mode 160000 helm-charts create mode 100644 test/e2e/e2e_suite_test.go create mode 100644 test/e2e/e2e_test.go create mode 100644 test/utils/utils.go delete mode 100644 watches.yaml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..a3aab7a --- /dev/null +++ b/.dockerignore @@ -0,0 +1,3 @@ +# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file +# Ignore build and test binaries. +bin/ diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 0000000..aed8644 --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,40 @@ +run: + deadline: 5m + allow-parallel-runners: true + +issues: + # don't skip warning about doc comments + # don't exclude the default set of lint + exclude-use-default: false + # restore some of the defaults + # (fill in the rest as needed) + exclude-rules: + - path: "api/*" + linters: + - lll + - path: "internal/*" + linters: + - dupl + - lll +linters: + disable-all: true + enable: + - dupl + - errcheck + - exportloopref + - goconst + - gocyclo + - gofmt + - goimports + - gosimple + - govet + - ineffassign + - lll + - misspell + - nakedret + - prealloc + - staticcheck + - typecheck + - unconvert + - unparam + - unused diff --git a/Dockerfile b/Dockerfile index 509b516..b078298 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,33 @@ # Build the manager binary -FROM quay.io/operator-framework/helm-operator:v1.35.0 +FROM golang:1.20 AS builder +ARG TARGETOS +ARG TARGETARCH -ENV HOME=/opt/helm -COPY watches.yaml ${HOME}/watches.yaml -COPY helm-charts ${HOME}/helm-charts -WORKDIR ${HOME} +WORKDIR /workspace +# Copy the Go Modules manifests +COPY go.mod go.mod +COPY go.sum go.sum +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download + +# Copy the go source +COPY cmd/main.go cmd/main.go +COPY api/ api/ +COPY internal/controller/ internal/controller/ + +# Build +# the GOARCH has not a default value to allow the binary be built according to the host where the command +# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO +# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore, +# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform. +RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +FROM gcr.io/distroless/static:nonroot +WORKDIR / +COPY --from=builder /workspace/manager . +USER 65532:65532 + +ENTRYPOINT ["/manager"] diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 261eeb9..0000000 --- a/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/Makefile b/Makefile index 219db0a..6bf2889 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ # To re-generate a bundle for another specific version without changing the standard setup, you can: # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2) # - use environment variables to overwrite this value (e.g export VERSION=0.0.2) -VERSION ?= 0.0.3 +VERSION ?= 0.0.1 # CHANNELS define the bundle channels used in the bundle. # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable") @@ -28,8 +28,8 @@ BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) # This variable is used to construct full image tags for bundle and catalog images. # # For example, running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both -# my.domain/kubernetes-operator-bundle:$VERSION and my.domain/kubernetes-operator-catalog:$VERSION. -IMAGE_TAG_BASE ?= memgraph/kubernetes-operator +# com/kubernetes-operator-bundle:$VERSION and com/kubernetes-operator-catalog:$VERSION. +IMAGE_TAG_BASE ?= com/kubernetes-operator # BUNDLE_IMG defines the image:tag used for the bundle. # You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=/:) @@ -51,16 +51,36 @@ endif OPERATOR_SDK_VERSION ?= v1.35.0 # Image URL to use all building/pushing image targets -IMG ?= $(IMAGE_TAG_BASE):$(VERSION) +IMG ?= controller:latest +# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. +ENVTEST_K8S_VERSION = 1.28.3 + +# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) +ifeq (,$(shell go env GOBIN)) +GOBIN=$(shell go env GOPATH)/bin +else +GOBIN=$(shell go env GOBIN) +endif + +# CONTAINER_TOOL defines the container tool to be used for building images. +# Be aware that the target commands are only tested with Docker which is +# scaffolded by default. However, you might want to replace it to use other +# tools. (i.e. podman) +CONTAINER_TOOL ?= docker + +# Setting SHELL to bash allows bash commands to be executed by recipes. +# Options are set to exit when a recipe line exits non-zero or a piped command fails. +SHELL = /usr/bin/env bash -o pipefail +.SHELLFLAGS = -ec .PHONY: all -all: docker-build +all: build ##@ General # The help target prints out all targets with their descriptions organized # beneath their categories. The categories are represented by '##@' and the -# target descriptions by '##'. The awk commands is responsible for reading the +# target descriptions by '##'. The awk command is responsible for reading the # entire set of makefiles included in this invocation, looking for lines of the # file as xyz: ## something, and then pretty-format the target and help. Then, # if there's a line with ##@ something, that gets pretty-printed as a category. @@ -73,87 +93,146 @@ all: docker-build help: ## Display this help. @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) +##@ Development + +.PHONY: manifests +manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. + $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases + +.PHONY: generate +generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. + $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." + +.PHONY: fmt +fmt: ## Run go fmt against code. + go fmt ./... + +.PHONY: vet +vet: ## Run go vet against code. + go vet ./... + +.PHONY: test +test: manifests generate fmt vet envtest ## Run tests. + KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test $$(go list ./... | grep -v /e2e) -coverprofile cover.out + +# Utilize Kind or modify the e2e tests to load the image locally, enabling compatibility with other vendors. +.PHONY: test-e2e # Run the e2e tests against a Kind k8s instance that is spun up. +test-e2e: + go test ./test/e2e/ -v -ginkgo.v + +GOLANGCI_LINT = $(shell pwd)/bin/golangci-lint +GOLANGCI_LINT_VERSION ?= v1.54.2 +golangci-lint: + @[ -f $(GOLANGCI_LINT) ] || { \ + set -e ;\ + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(shell dirname $(GOLANGCI_LINT)) $(GOLANGCI_LINT_VERSION) ;\ + } + +.PHONY: lint +lint: golangci-lint ## Run golangci-lint linter & yamllint + $(GOLANGCI_LINT) run + +.PHONY: lint-fix +lint-fix: golangci-lint ## Run golangci-lint linter and perform fixes + $(GOLANGCI_LINT) run --fix + ##@ Build +.PHONY: build +build: manifests generate fmt vet ## Build manager binary. + go build -o bin/manager cmd/main.go + .PHONY: run -run: helm-operator ## Run against the configured Kubernetes cluster in ~/.kube/config - $(HELM_OPERATOR) run +run: manifests generate fmt vet ## Run a controller from your host. + go run ./cmd/main.go +# If you wish to build the manager image targeting other platforms you can use the --platform flag. +# (i.e. docker build --platform linux/arm64). However, you must enable docker buildKit for it. +# More info: https://docs.docker.com/develop/develop-images/build_enhancements/ .PHONY: docker-build docker-build: ## Build docker image with the manager. - docker build -t ${IMG} . + $(CONTAINER_TOOL) build -t ${IMG} . .PHONY: docker-push docker-push: ## Push docker image with the manager. - docker push ${IMG} + $(CONTAINER_TOOL) push ${IMG} -# PLATFORMS defines the target platforms for the manager image be build to provide support to multiple +# PLATFORMS defines the target platforms for the manager image be built to provide support to multiple # architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to: -# - able to use docker buildx . More info: https://docs.docker.com/build/buildx/ -# - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/ -# - be able to push the image for your registry (i.e. if you do not inform a valid value via IMG=> than the export will fail) -# To properly provided solutions that supports more than one platform you should use this option. +# - be able to use docker buildx. More info: https://docs.docker.com/build/buildx/ +# - have enabled BuildKit. More info: https://docs.docker.com/develop/develop-images/build_enhancements/ +# - be able to push the image to your registry (i.e. if you do not set a valid value via IMG=> then the export will fail) +# To adequately provide solutions that are compatible with multiple platforms, you should consider using this option. PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le .PHONY: docker-buildx docker-buildx: ## Build and push docker image for the manager for cross-platform support - - docker buildx create --name project-v3-builder - docker buildx use project-v3-builder - - docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile . - - docker buildx rm project-v3-builder + # copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile + sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross + - $(CONTAINER_TOOL) buildx create --name project-v3-builder + $(CONTAINER_TOOL) buildx use project-v3-builder + - $(CONTAINER_TOOL) buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross . + - $(CONTAINER_TOOL) buildx rm project-v3-builder + rm Dockerfile.cross ##@ Deployment +ifndef ignore-not-found + ignore-not-found = false +endif + .PHONY: install -install: kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/crd | kubectl apply -f - +install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config. + $(KUSTOMIZE) build config/crd | $(KUBECTL) apply -f - .PHONY: uninstall -uninstall: kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/crd | kubectl delete -f - +uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. + $(KUSTOMIZE) build config/crd | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f - .PHONY: deploy -deploy: kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. - cd config/manager && $(KUSTOMIZE) edit set image memgraph-kubernetes-operator=${IMG} - $(KUSTOMIZE) build config/default | kubectl apply -f - +deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. + cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} + $(KUSTOMIZE) build config/default | $(KUBECTL) apply -f - .PHONY: undeploy -undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. - $(KUSTOMIZE) build config/default | kubectl delete -f - +undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. + $(KUSTOMIZE) build config/default | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f - -OS := $(shell uname -s | tr '[:upper:]' '[:lower:]') -ARCH := $(shell uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/') +##@ Build Dependencies -.PHONY: kustomize -KUSTOMIZE = $(shell pwd)/bin/kustomize -kustomize: ## Download kustomize locally if necessary. -ifeq (,$(wildcard $(KUSTOMIZE))) -ifeq (,$(shell which kustomize 2>/dev/null)) - @{ \ - set -e ;\ - mkdir -p $(dir $(KUSTOMIZE)) ;\ - curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.2.1/kustomize_v5.2.1_$(OS)_$(ARCH).tar.gz | \ - tar xzf - -C bin/ ;\ - } -else -KUSTOMIZE = $(shell which kustomize) -endif -endif +## Location to install dependencies to +LOCALBIN ?= $(shell pwd)/bin +$(LOCALBIN): + mkdir -p $(LOCALBIN) -.PHONY: helm-operator -HELM_OPERATOR = $(shell pwd)/bin/helm-operator -helm-operator: ## Download helm-operator locally if necessary, preferring the $(pwd)/bin path over global if both exist. -ifeq (,$(wildcard $(HELM_OPERATOR))) -ifeq (,$(shell which helm-operator 2>/dev/null)) - @{ \ - set -e ;\ - mkdir -p $(dir $(HELM_OPERATOR)) ;\ - curl -sSLo $(HELM_OPERATOR) https://github.com/operator-framework/operator-sdk/releases/download/v1.35.0/helm-operator_$(OS)_$(ARCH) ;\ - chmod +x $(HELM_OPERATOR) ;\ - } -else -HELM_OPERATOR = $(shell which helm-operator) -endif -endif +## Tool Binaries +KUBECTL ?= kubectl +KUSTOMIZE ?= $(LOCALBIN)/kustomize +CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen +ENVTEST ?= $(LOCALBIN)/setup-envtest + +## Tool Versions +KUSTOMIZE_VERSION ?= v5.2.1 +CONTROLLER_TOOLS_VERSION ?= v0.13.0 + +.PHONY: kustomize +kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. If wrong version is installed, it will be removed before downloading. +$(KUSTOMIZE): $(LOCALBIN) + @if test -x $(LOCALBIN)/kustomize && ! $(LOCALBIN)/kustomize version | grep -q $(KUSTOMIZE_VERSION); then \ + echo "$(LOCALBIN)/kustomize version is not expected $(KUSTOMIZE_VERSION). Removing it before installing."; \ + rm -rf $(LOCALBIN)/kustomize; \ + fi + test -s $(LOCALBIN)/kustomize || GOBIN=$(LOCALBIN) GO111MODULE=on go install sigs.k8s.io/kustomize/kustomize/v5@$(KUSTOMIZE_VERSION) + +.PHONY: controller-gen +controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary. If wrong version is installed, it will be overwritten. +$(CONTROLLER_GEN): $(LOCALBIN) + test -s $(LOCALBIN)/controller-gen && $(LOCALBIN)/controller-gen --version | grep -q $(CONTROLLER_TOOLS_VERSION) || \ + GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_TOOLS_VERSION) + +.PHONY: envtest +envtest: $(ENVTEST) ## Download envtest-setup locally if necessary. +$(ENVTEST): $(LOCALBIN) + test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest .PHONY: operator-sdk OPERATOR_SDK ?= $(LOCALBIN)/operator-sdk @@ -163,7 +242,8 @@ ifeq (, $(shell which operator-sdk 2>/dev/null)) @{ \ set -e ;\ mkdir -p $(dir $(OPERATOR_SDK)) ;\ - curl -sSLo $(OPERATOR_SDK) https://github.com/operator-framework/operator-sdk/releases/download/$(OPERATOR_SDK_VERSION)/operator-sdk_$(OS)_$(ARCH) ;\ + OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \ + curl -sSLo $(OPERATOR_SDK) https://github.com/operator-framework/operator-sdk/releases/download/$(OPERATOR_SDK_VERSION)/operator-sdk_$${OS}_$${ARCH} ;\ chmod +x $(OPERATOR_SDK) ;\ } else @@ -172,9 +252,9 @@ endif endif .PHONY: bundle -bundle: kustomize operator-sdk ## Generate bundle manifests and metadata, then validate generated files. +bundle: manifests kustomize operator-sdk ## Generate bundle manifests and metadata, then validate generated files. $(OPERATOR_SDK) generate kustomize manifests -q - cd config/manager && $(KUSTOMIZE) edit set image memgraph-kubernetes-operator=$(IMG) + cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG) $(KUSTOMIZE) build config/manifests | $(OPERATOR_SDK) generate bundle $(BUNDLE_GEN_FLAGS) $(OPERATOR_SDK) bundle validate ./bundle @@ -194,7 +274,8 @@ ifeq (,$(shell which opm 2>/dev/null)) @{ \ set -e ;\ mkdir -p $(dir $(OPM)) ;\ - curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.23.0/$(OS)-$(ARCH)-opm ;\ + OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \ + curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.23.0/$${OS}-$${ARCH}-opm ;\ chmod +x $(OPM) ;\ } else @@ -225,13 +306,3 @@ catalog-build: opm ## Build a catalog image. .PHONY: catalog-push catalog-push: ## Push a catalog image. $(MAKE) docker-push IMG=$(CATALOG_IMG) - -HELMIFY ?= helmify - -.PHONY: helmify -helmify: $(HELMIFY) ## Download helmify locally if necessary. -$(HELMIFY): $(LOCALBIN) - test -s $(LOCALBIN)/helmify || GOBIN=$(LOCALBIN) go install github.com/arttor/helmify/cmd/helmify@latest - -helm: config/manifests kustomize helmify - $(KUSTOMIZE) build config/default | $(HELMIFY) diff --git a/PROJECT b/PROJECT index ca9ee0b..ad5b30a 100644 --- a/PROJECT +++ b/PROJECT @@ -4,17 +4,10 @@ # More info: https://book.kubebuilder.io/reference/project-config.html domain: com layout: -- helm.sdk.operatorframework.io/v1 +- go.kubebuilder.io/v4 plugins: manifests.sdk.operatorframework.io/v2: {} scorecard.sdk.operatorframework.io/v2: {} projectName: kubernetes-operator -resources: -- api: - crdVersion: v1 - namespaced: true - domain: com - group: memgraph - kind: MemgraphHA - version: v1 +repo: github.com/memgraph/kubernetes-operator version: "3" diff --git a/README.md b/README.md index 4e63d94..91e5a33 100644 --- a/README.md +++ b/README.md @@ -1,27 +1,90 @@ -# Memgraph Kubernetes Operator +# kubernetes-operator +// TODO(user): Add simple overview of use/purpose -## Introduction +## Description +// TODO(user): An in-depth paragraph about your project and overview of use -Memgraph Kubernetes Operator is WIP. You can currently install the operator and manage the deployment of Memgraph's High Availability cluster -through it. +## Getting Started -## Table of Contents +### Prerequisites +- go version v1.20.0+ +- docker version 17.03+. +- kubectl version v1.11.3+. +- Access to a Kubernetes v1.11.3+ cluster. -- [Prerequisites](#prerequisites) -- [Documentation](#documentation) -- [License](#license) +### To Deploy on the cluster +**Build and push your image to the location specified by `IMG`:** -## Prerequisites +```sh +make docker-build docker-push IMG=/kubernetes-operator:tag +``` -We use Go version 1.22.5 (not needed at the moment). Check out here how to [install Go](https://go.dev/doc/install). -The current Helm version used is v3.14.4. +**NOTE:** This image ought to be published in the personal registry you specified. +And it is required to have access to pull the image from the working environment. +Make sure you have the proper permission to the registry if the above commands don’t work. -## Documentation +**Install the CRDs into the cluster:** -Check our [Documentation](/docs) to start using our Kubernetes operator. +```sh +make install +``` -1. [Install the Memgraph Kubernetes Operator](docs/installation.md) +**Deploy the Manager to the cluster with the image specified by `IMG`:** + +```sh +make deploy IMG=/kubernetes-operator:tag +``` + +> **NOTE**: If you encounter RBAC errors, you may need to grant yourself cluster-admin +privileges or be logged in as admin. + +**Create instances of your solution** +You can apply the samples (examples) from the config/sample: + +```sh +kubectl apply -k config/samples/ +``` + +>**NOTE**: Ensure that the samples has default values to test it out. + +### To Uninstall +**Delete the instances (CRs) from the cluster:** + +```sh +kubectl delete -k config/samples/ +``` + +**Delete the APIs(CRDs) from the cluster:** + +```sh +make uninstall +``` + +**UnDeploy the controller from the cluster:** + +```sh +make undeploy +``` + +## Contributing +// TODO(user): Add detailed information on how you would like others to contribute to this project + +**NOTE:** Run `make help` for more information on all potential `make` targets + +More information can be found via the [Kubebuilder Documentation](https://book.kubebuilder.io/introduction.html) ## License -Please check the [LICENSE](LICENSE) file +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/cmd/main.go b/cmd/main.go new file mode 100644 index 0000000..f844039 --- /dev/null +++ b/cmd/main.go @@ -0,0 +1,137 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package main + +import ( + "crypto/tls" + "flag" + "os" + + // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) + // to ensure that exec-entrypoint and run can make use of them. + _ "k8s.io/client-go/plugin/pkg/client/auth" + + "k8s.io/apimachinery/pkg/runtime" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + clientgoscheme "k8s.io/client-go/kubernetes/scheme" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/healthz" + "sigs.k8s.io/controller-runtime/pkg/log/zap" + metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" + "sigs.k8s.io/controller-runtime/pkg/webhook" + //+kubebuilder:scaffold:imports +) + +var ( + scheme = runtime.NewScheme() + setupLog = ctrl.Log.WithName("setup") +) + +func init() { + utilruntime.Must(clientgoscheme.AddToScheme(scheme)) + + //+kubebuilder:scaffold:scheme +} + +func main() { + var metricsAddr string + var enableLeaderElection bool + var probeAddr string + var secureMetrics bool + var enableHTTP2 bool + flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.") + flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.") + flag.BoolVar(&enableLeaderElection, "leader-elect", false, + "Enable leader election for controller manager. "+ + "Enabling this will ensure there is only one active controller manager.") + flag.BoolVar(&secureMetrics, "metrics-secure", false, + "If set the metrics endpoint is served securely") + flag.BoolVar(&enableHTTP2, "enable-http2", false, + "If set, HTTP/2 will be enabled for the metrics and webhook servers") + opts := zap.Options{ + Development: true, + } + opts.BindFlags(flag.CommandLine) + flag.Parse() + + ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts))) + + // if the enable-http2 flag is false (the default), http/2 should be disabled + // due to its vulnerabilities. More specifically, disabling http/2 will + // prevent from being vulnerable to the HTTP/2 Stream Cancelation and + // Rapid Reset CVEs. For more information see: + // - https://github.com/advisories/GHSA-qppj-fm5r-hxr3 + // - https://github.com/advisories/GHSA-4374-p667-p6c8 + disableHTTP2 := func(c *tls.Config) { + setupLog.Info("disabling http/2") + c.NextProtos = []string{"http/1.1"} + } + + tlsOpts := []func(*tls.Config){} + if !enableHTTP2 { + tlsOpts = append(tlsOpts, disableHTTP2) + } + + webhookServer := webhook.NewServer(webhook.Options{ + TLSOpts: tlsOpts, + }) + + mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{ + Scheme: scheme, + Metrics: metricsserver.Options{ + BindAddress: metricsAddr, + SecureServing: secureMetrics, + TLSOpts: tlsOpts, + }, + WebhookServer: webhookServer, + HealthProbeBindAddress: probeAddr, + LeaderElection: enableLeaderElection, + LeaderElectionID: "a5adec69.com", + // LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily + // when the Manager ends. This requires the binary to immediately end when the + // Manager is stopped, otherwise, this setting is unsafe. Setting this significantly + // speeds up voluntary leader transitions as the new leader don't have to wait + // LeaseDuration time first. + // + // In the default scaffold provided, the program ends immediately after + // the manager stops, so would be fine to enable this option. However, + // if you are doing or is intended to do any operation such as perform cleanups + // after the manager stops then its usage might be unsafe. + // LeaderElectionReleaseOnCancel: true, + }) + if err != nil { + setupLog.Error(err, "unable to start manager") + os.Exit(1) + } + + //+kubebuilder:scaffold:builder + + if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil { + setupLog.Error(err, "unable to set up health check") + os.Exit(1) + } + if err := mgr.AddReadyzCheck("readyz", healthz.Ping); err != nil { + setupLog.Error(err, "unable to set up ready check") + os.Exit(1) + } + + setupLog.Info("starting manager") + if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { + setupLog.Error(err, "problem running manager") + os.Exit(1) + } +} diff --git a/config/crd/bases/memgraph.com_memgraphhas.yaml b/config/crd/bases/memgraph.com_memgraphhas.yaml deleted file mode 100644 index 91f4c22..0000000 --- a/config/crd/bases/memgraph.com_memgraphhas.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: memgraphhas.memgraph.com -spec: - group: memgraph.com - names: - kind: MemgraphHA - listKind: MemgraphHAList - plural: memgraphhas - singular: memgraphha - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: MemgraphHA is the Schema for the memgraphhas API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of MemgraphHA - type: object - x-kubernetes-preserve-unknown-fields: true - status: - description: Status defines the observed state of MemgraphHA - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: true - storage: true - subresources: - status: {} diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml deleted file mode 100644 index a7ddb23..0000000 --- a/config/crd/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# This kustomization.yaml is not intended to be run by itself, -# since it depends on service name and namespace that are out of this kustomize package. -# It should be run by config/default -resources: -- bases/memgraph.com_memgraphhas.yaml -#+kubebuilder:scaffold:crdkustomizeresource diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index da8437b..aad6b2d 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,8 +1,142 @@ -namespace: memgraph-operator-system +# Adds namespace to all resources. +namespace: kubernetes-operator-system -namePrefix: "" +# Value of this field is prepended to the +# names of all resources, e.g. a deployment named +# "wordpress" becomes "alices-wordpress". +# Note that it should also match with the prefix (text before '-') of the namespace +# field above. +namePrefix: kubernetes-operator- + +# Labels to add to all resources and selectors. +#labels: +#- includeSelectors: true +# pairs: +# someName: someValue resources: -- ../crd +#- ../crd - ../rbac - ../manager +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in +# crd/kustomization.yaml +#- ../webhook +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. +#- ../certmanager +# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. +#- ../prometheus + +patches: +# Protect the /metrics endpoint by putting it behind auth. +# If you want your controller-manager to expose the /metrics +# endpoint w/o any authn/z, please comment the following line. +- path: manager_auth_proxy_patch.yaml + +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in +# crd/kustomization.yaml +#- path: manager_webhook_patch.yaml + +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. +# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. +# 'CERTMANAGER' needs to be enabled to use ca injection +#- path: webhookcainjection_patch.yaml + +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. +# Uncomment the following replacements to add the cert-manager CA injection annotations +#replacements: +# - source: # Add cert-manager annotation to ValidatingWebhookConfiguration, MutatingWebhookConfiguration and CRDs +# kind: Certificate +# group: cert-manager.io +# version: v1 +# name: serving-cert # this name should match the one in certificate.yaml +# fieldPath: .metadata.namespace # namespace of the certificate CR +# targets: +# - select: +# kind: ValidatingWebhookConfiguration +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 0 +# create: true +# - select: +# kind: MutatingWebhookConfiguration +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 0 +# create: true +# - select: +# kind: CustomResourceDefinition +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 0 +# create: true +# - source: +# kind: Certificate +# group: cert-manager.io +# version: v1 +# name: serving-cert # this name should match the one in certificate.yaml +# fieldPath: .metadata.name +# targets: +# - select: +# kind: ValidatingWebhookConfiguration +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 1 +# create: true +# - select: +# kind: MutatingWebhookConfiguration +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 1 +# create: true +# - select: +# kind: CustomResourceDefinition +# fieldPaths: +# - .metadata.annotations.[cert-manager.io/inject-ca-from] +# options: +# delimiter: '/' +# index: 1 +# create: true +# - source: # Add cert-manager annotation to the webhook Service +# kind: Service +# version: v1 +# name: webhook-service +# fieldPath: .metadata.name # namespace of the service +# targets: +# - select: +# kind: Certificate +# group: cert-manager.io +# version: v1 +# fieldPaths: +# - .spec.dnsNames.0 +# - .spec.dnsNames.1 +# options: +# delimiter: '.' +# index: 0 +# create: true +# - source: +# kind: Service +# version: v1 +# name: webhook-service +# fieldPath: .metadata.namespace # namespace of the service +# targets: +# - select: +# kind: Certificate +# group: cert-manager.io +# version: v1 +# fieldPaths: +# - .spec.dnsNames.0 +# - .spec.dnsNames.1 +# options: +# delimiter: '.' +# index: 1 +# create: true diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml new file mode 100644 index 0000000..70c3437 --- /dev/null +++ b/config/default/manager_auth_proxy_patch.yaml @@ -0,0 +1,39 @@ +# This patch inject a sidecar container which is a HTTP proxy for the +# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: kube-rbac-proxy + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0 + args: + - "--secure-listen-address=0.0.0.0:8443" + - "--upstream=http://127.0.0.1:8080/" + - "--logtostderr=true" + - "--v=0" + ports: + - containerPort: 8443 + protocol: TCP + name: https + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - name: manager + args: + - "--health-probe-bind-address=:8081" + - "--metrics-bind-address=127.0.0.1:8080" + - "--leader-elect" diff --git a/config/default/manager_config_patch.yaml b/config/default/manager_config_patch.yaml new file mode 100644 index 0000000..f6f5891 --- /dev/null +++ b/config/default/manager_config_patch.yaml @@ -0,0 +1,10 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index c774522..ac75006 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,9 +1,3 @@ resources: -- namespace.yaml - manager.yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -images: -- name: memgraph-kubernetes-operator - newName: memgraph/kubernetes-operator - newTag: 0.0.3 +- namespace.yaml diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 67c8c77..fa3b39c 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -1,38 +1,83 @@ apiVersion: apps/v1 kind: Deployment metadata: - namespace: memgraph-operator-system - annotations: - email: engineering@memgraph.io + name: controller-manager + namespace: system labels: - owner: Memgraph - name: memgraph-kubernetes-operator + control-plane: controller-manager + app.kubernetes.io/name: deployment + app.kubernetes.io/instance: controller-manager + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize spec: - replicas: 1 selector: matchLabels: - name: memgraph-kubernetes-operator - strategy: - rollingUpdate: - maxUnavailable: 1 - type: RollingUpdate + control-plane: controller-manager + replicas: 1 template: metadata: + annotations: + kubectl.kubernetes.io/default-container: manager labels: - name: memgraph-kubernetes-operator + control-plane: controller-manager spec: + # TODO(user): Uncomment the following code to configure the nodeAffinity expression + # according to the platforms which are supported by your solution. + # It is considered best practice to support multiple architectures. You can + # build your manager image using the makefile target docker-buildx. + # affinity: + # nodeAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: kubernetes.io/arch + # operator: In + # values: + # - amd64 + # - arm64 + # - ppc64le + # - s390x + # - key: kubernetes.io/os + # operator: In + # values: + # - linux securityContext: runAsNonRoot: true + # TODO(user): For common cases that do not require escalating privileges + # it is recommended to ensure that all your Pods/Containers are restrictive. + # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted + # Please uncomment the following code if your project does NOT have to work on old Kubernetes + # versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ). + # seccompProfile: + # type: RuntimeDefault containers: - - args: - image: memgraph/kubernetes-operator:0.0.3 # NOTE If you change this, you also need to update kustomization.yaml + - command: + - /manager + args: + - --leader-elect + image: controller:latest name: manager securityContext: - readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: - "ALL" + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + # TODO(user): Configure the resources accordingly based on the project requirements. + # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ resources: limits: cpu: 500m @@ -40,5 +85,5 @@ spec: requests: cpu: 10m memory: 64Mi - serviceAccountName: memgraph-kubernetes-operator + serviceAccountName: controller-manager terminationGracePeriodSeconds: 10 diff --git a/config/manager/namespace.yaml b/config/manager/namespace.yaml index 64458ee..887c395 100644 --- a/config/manager/namespace.yaml +++ b/config/manager/namespace.yaml @@ -1,4 +1,12 @@ apiVersion: v1 kind: Namespace metadata: - name: memgraph-operator-system + labels: + control-plane: controller-manager + app.kubernetes.io/name: namespace + app.kubernetes.io/instance: system + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: system diff --git a/config/manifests/kustomization.yaml b/config/manifests/kustomization.yaml index e8b968a..ff5d4f8 100644 --- a/config/manifests/kustomization.yaml +++ b/config/manifests/kustomization.yaml @@ -5,3 +5,24 @@ resources: - ../default - ../samples - ../scorecard + +# [WEBHOOK] To enable webhooks, uncomment all the sections with [WEBHOOK] prefix. +# Do NOT uncomment sections with prefix [CERTMANAGER], as OLM does not support cert-manager. +# These patches remove the unnecessary "cert" volume and its manager container volumeMount. +#patchesJson6902: +#- target: +# group: apps +# version: v1 +# kind: Deployment +# name: controller-manager +# namespace: system +# patch: |- +# # Remove the manager container's "cert" volumeMount, since OLM will create and mount a set of certs. +# # Update the indices in this path if adding or removing containers/volumeMounts in the manager's Deployment. +# - op: remove + +# path: /spec/template/spec/containers/0/volumeMounts/0 +# # Remove the "cert" volume, since OLM will create and mount a set of certs. +# # Update the indices in this path if adding or removing volumes in the manager's Deployment. +# - op: remove +# path: /spec/template/spec/volumes/0 diff --git a/config/prometheus/kustomization.yaml b/config/prometheus/kustomization.yaml new file mode 100644 index 0000000..ed13716 --- /dev/null +++ b/config/prometheus/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- monitor.yaml diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml new file mode 100644 index 0000000..7d5f441 --- /dev/null +++ b/config/prometheus/monitor.yaml @@ -0,0 +1,25 @@ +# Prometheus Monitor Service (Metrics) +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + control-plane: controller-manager + app.kubernetes.io/name: servicemonitor + app.kubernetes.io/instance: controller-manager-metrics-monitor + app.kubernetes.io/component: metrics + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: controller-manager-metrics-monitor + namespace: system +spec: + endpoints: + - path: /metrics + port: https + scheme: https + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + tlsConfig: + insecureSkipVerify: true + selector: + matchLabels: + control-plane: controller-manager diff --git a/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml new file mode 100644 index 0000000..6bfe0a9 --- /dev/null +++ b/config/rbac/auth_proxy_client_clusterrole.yaml @@ -0,0 +1,16 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: metrics-reader + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: metrics-reader +rules: +- nonResourceURLs: + - "/metrics" + verbs: + - get diff --git a/config/rbac/auth_proxy_role.yaml b/config/rbac/auth_proxy_role.yaml new file mode 100644 index 0000000..2ff84ee --- /dev/null +++ b/config/rbac/auth_proxy_role.yaml @@ -0,0 +1,24 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: proxy-role + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create diff --git a/config/rbac/auth_proxy_role_binding.yaml b/config/rbac/auth_proxy_role_binding.yaml new file mode 100644 index 0000000..b7f3ab0 --- /dev/null +++ b/config/rbac/auth_proxy_role_binding.yaml @@ -0,0 +1,19 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/name: clusterrolebinding + app.kubernetes.io/instance: proxy-rolebinding + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: proxy-role +subjects: +- kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/config/rbac/auth_proxy_service.yaml b/config/rbac/auth_proxy_service.yaml new file mode 100644 index 0000000..cdd7723 --- /dev/null +++ b/config/rbac/auth_proxy_service.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + app.kubernetes.io/name: service + app.kubernetes.io/instance: controller-manager-metrics-service + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: controller-manager-metrics-service + namespace: system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 664fcac..731832a 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,4 +1,18 @@ resources: +# All RBAC will be applied under this service account in +# the deployment namespace. You may comment out this resource +# if your manager will use a service account that exists at +# runtime. Be sure to update RoleBinding and ClusterRoleBinding +# subjects if changing service account names. - service_account.yaml - role.yaml - role_binding.yaml +- leader_election_role.yaml +- leader_election_role_binding.yaml +# Comment the following 4 lines if you want to disable +# the auth proxy (https://github.com/brancz/kube-rbac-proxy) +# which protects your /metrics endpoint. +- auth_proxy_service.yaml +- auth_proxy_role.yaml +- auth_proxy_role_binding.yaml +- auth_proxy_client_clusterrole.yaml diff --git a/config/rbac/leader_election_role.yaml b/config/rbac/leader_election_role.yaml new file mode 100644 index 0000000..ddf76ba --- /dev/null +++ b/config/rbac/leader_election_role.yaml @@ -0,0 +1,44 @@ +# permissions to do leader election. +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/name: role + app.kubernetes.io/instance: leader-election-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: leader-election-role +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml new file mode 100644 index 0000000..55647f2 --- /dev/null +++ b/config/rbac/leader_election_role_binding.yaml @@ -0,0 +1,19 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/name: rolebinding + app.kubernetes.io/instance: leader-election-rolebinding + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: leader-election-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: leader-election-role +subjects: +- kind: ServiceAccount + name: controller-manager + namespace: system diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index b3073c9..01a58c5 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -1,67 +1,15 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: memgraph-kubernetes-operator + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: manager-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: manager-role rules: -## -## Base operator rules -## -# We need to get namespaces so the operator can read namespaces to ensure they exist -- apiGroups: - - "" - resources: - - namespaces - verbs: - - get -# We need to manage Helm release secrets -- apiGroups: - - "" - resources: - - secrets - verbs: - - "*" -# We need to create events on CRs about things happening during reconciliation -- apiGroups: - - "" - resources: - - events - verbs: - - create - -## -## Rules for memgraph.com/v1, Kind: MemgraphHA -## -- apiGroups: - - memgraph.com - resources: - - memgraphhas - - memgraphhas/status - - memgraphhas/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- verbs: - - "*" - apiGroups: - - "apps" - resources: - - "statefulsets" -- verbs: - - "*" - apiGroups: - - "batch" - resources: - - "jobs" -- verbs: - - "*" - apiGroups: - - "" - resources: - - "services" - -#+kubebuilder:scaffold:rules +- apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml index 9fded4b..9eecc5e 100644 --- a/config/rbac/role_binding.yaml +++ b/config/rbac/role_binding.yaml @@ -1,12 +1,19 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: memgraph-kubernetes-operator + labels: + app.kubernetes.io/name: clusterrolebinding + app.kubernetes.io/instance: manager-rolebinding + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: memgraph-kubernetes-operator + name: manager-role subjects: - kind: ServiceAccount - name: memgraph-kubernetes-operator - namespace: memgraph-operator-system + name: controller-manager + namespace: system diff --git a/config/rbac/service_account.yaml b/config/rbac/service_account.yaml index f81938c..06eefef 100644 --- a/config/rbac/service_account.yaml +++ b/config/rbac/service_account.yaml @@ -1,5 +1,12 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: memgraph-kubernetes-operator - namespace: memgraph-operator-system + labels: + app.kubernetes.io/name: serviceaccount + app.kubernetes.io/instance: controller-manager-sa + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: controller-manager + namespace: system diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml deleted file mode 100644 index e0823f5..0000000 --- a/config/samples/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- memgraph_v1_ha.yaml diff --git a/config/samples/memgraph_v1_ha.yaml b/config/samples/memgraph_v1_ha.yaml deleted file mode 100644 index 3e276ea..0000000 --- a/config/samples/memgraph_v1_ha.yaml +++ /dev/null @@ -1,115 +0,0 @@ -apiVersion: memgraph.com/v1 -kind: MemgraphHA -metadata: - name: memgraphha-sample -spec: - coordinators: - - id: "1" - boltPort: 7687 - managementPort: 10000 - coordinatorPort: 12000 - args: - - --experimental-enabled=high-availability - - --coordinator-id=1 - - --coordinator-port=12000 - - --management-port=10000 - - --bolt-port=7687 - - --also-log-to-stderr - - --log-level=TRACE - - --coordinator-hostname=memgraph-coordinator-1.default.svc.cluster.local - - --log-file=/var/log/memgraph/memgraph.log - - --nuraft-log-file=/var/log/memgraph/memgraph.log - - - id: "2" - boltPort: 7687 - managementPort: 10000 - coordinatorPort: 12000 - args: - - --experimental-enabled=high-availability - - --coordinator-id=2 - - --coordinator-port=12000 - - --management-port=10000 - - --bolt-port=7687 - - --also-log-to-stderr - - --log-level=TRACE - - --coordinator-hostname=memgraph-coordinator-2.default.svc.cluster.local - - --log-file=/var/log/memgraph/memgraph.log - - --nuraft-log-file=/var/log/memgraph/memgraph.log - - - id: "3" - boltPort: 7687 - managementPort: 10000 - coordinatorPort: 12000 - args: - - --experimental-enabled=high-availability - - --coordinator-id=3 - - --coordinator-port=12000 - - --management-port=10000 - - --bolt-port=7687 - - --also-log-to-stderr - - --log-level=TRACE - - --coordinator-hostname=memgraph-coordinator-3.default.svc.cluster.local - - --log-file=/var/log/memgraph/memgraph.log - - --nuraft-log-file=/var/log/memgraph/memgraph.log - - - data: - - id: "0" - boltPort: 7687 - managementPort: 10000 - replicationPort: 20000 - args: - - --experimental-enabled=high-availability - - --management-port=10000 - - --bolt-port=7687 - - --also-log-to-stderr - - --log-level=TRACE - - --log-file=/var/log/memgraph/memgraph.log - - - id: "1" - boltPort: 7687 - managementPort: 10000 - replicationPort: 20000 - args: - - --experimental-enabled=high-availability - - --management-port=10000 - - --bolt-port=7687 - - --also-log-to-stderr - - --log-level=TRACE - - --log-file=/var/log/memgraph/memgraph.log - - memgraph: - data: - volumeClaim: - storagePVCClassName: "" - storagePVC: true - storagePVCSize: 1Gi - logPVCClassName: "" - logPVC: true - logPVCSize: 256Mi - coordinators: - volumeClaim: - logPVCClassName: "" - logPVC: true - logPVCSize: 256Mi - storagePVCClassName: "" - storagePVC: true - storagePVCSize: 1Gi - - env: - MEMGRAPH_ENTERPRISE_LICENSE: "${MEMGRAPH_ENTERPRISE_LICENSE}" - MEMGRAPH_ORGANIZATION_NAME: "${MEMGRAPH_ORGANIZATION_NAME}" - image: - pullPolicy: IfNotPresent - repository: memgraph/memgraph - tag: 2.18.0_27_0b62e6a73 - probes: - liveness: - initialDelaySeconds: 30 - periodSeconds: 10 - readiness: - initialDelaySeconds: 5 - periodSeconds: 5 - startup: - failureThreshold: 30 - periodSeconds: 10 diff --git a/docs/installation.md b/docs/installation.md deleted file mode 100644 index bec8eac..0000000 --- a/docs/installation.md +++ /dev/null @@ -1,68 +0,0 @@ -# Install Memgraph Kubernetes Operator - -All described installation options will run the Operator inside the cluster. - - -Make sure to clone this repository with its submodule (helm-charts). - -```bash -git clone --recurse-submodules git@github.com:memgraph/kubernetes-operator.git -``` - -## Install K8 resources - -```bash -kubectl apply -k config/default -``` - -This command will use operator's image from Memgraph's DockerHub and create all necessary Kubernetes resources for running an operator. - -## Verify installation - -Installation using any of options described above will cause creating Kubernetes ServiceAccount, RoleBinding, Role, Deployment and Pods all in newly created all in newly created all in newly created -namespace `memgraph-operator-system`. You can check your resources with: - -```bash -kubectl get serviceaccounts -n memgraph-operator-system -kubectl get clusterrolebindings -n memgraph-operator-system -kubectl get clusterroles -n memgraph-operator-system -kubectl get deployments -n memgraph-operator-system -kubectl get pods -n memgraph-operator-system -``` - -CustomResourceDefinition `memgraphhas.memgraph.com`, whose job is to monitor CustomResource `MemgraphHA`, will also get created and you can verify -this with: - -```bash -kubectl get crds -A -``` - -## Start Memgraph High Availability Cluster - -We already provide sample cluster in `config/samples/memgraph_v1_ha.yaml`. You only need to set your license information by setting -environment variables `MEMGRAPH_ORGANIZATION_NAME` and `MEMGRAPH_ENTERPRISE_LICENSE` in your local environment with: - -```bash -export MEMGRAPH_ORGANIZATION_NAME="" -export MEMGRAPH_ENTERPRISE_LICENSE="" -``` - -Start Memgraph HA cluster with `envsubst < config/samples/memgraph_v1_ha.yaml | kubectl apply -f -`. (The `envsubst command` is a part of the `gettext` package.) -Instead of using `envsubst` command, you can directly set environment variables in `config/samples/memgraph_v1_ha.yaml`. - - -After ~40s, you should be able to see instances in the output of `kubectl get pods -A`: - - -You can now find URL of any coordinator instances by running e.g `minikube service list` and connect to see the state of the cluster by running -`show instances;`: -![image](https://github.com/memgraph/kubernetes-operator/assets/53269502/c68d52e2-19f7-4e45-8ff0-fc2ee662c64b) - - -## Clear resources - -```bash -kubectl delete -f config/samples/memgraph_v1_ha.yaml -kubectl delete pvc --all # Or leave them if you want to use persistent storage -kubectl delete -k config/default -``` diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..c0b92a8 --- /dev/null +++ b/go.mod @@ -0,0 +1,73 @@ +module github.com/memgraph/kubernetes-operator + +go 1.20 + +require ( + github.com/onsi/ginkgo/v2 v2.11.0 + github.com/onsi/gomega v1.27.10 + k8s.io/apimachinery v0.28.3 + k8s.io/client-go v0.28.3 + sigs.k8s.io/controller-runtime v0.16.3 +) + +require ( + github.com/beorn7/perks v1.0.1 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/evanphx/json-patch/v5 v5.6.0 // indirect + github.com/fsnotify/fsnotify v1.6.0 // indirect + github.com/go-logr/logr v1.2.4 // indirect + github.com/go-logr/zapr v1.2.4 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect + github.com/gogo/protobuf v1.3.2 // indirect + github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect + github.com/golang/protobuf v1.5.3 // indirect + github.com/google/gnostic-models v0.6.8 // indirect + github.com/google/go-cmp v0.5.9 // indirect + github.com/google/gofuzz v1.2.0 // indirect + github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect + github.com/google/uuid v1.3.0 // indirect + github.com/imdario/mergo v0.3.6 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/pkg/errors v0.9.1 // indirect + github.com/prometheus/client_golang v1.16.0 // indirect + github.com/prometheus/client_model v0.4.0 // indirect + github.com/prometheus/common v0.44.0 // indirect + github.com/prometheus/procfs v0.10.1 // indirect + github.com/spf13/pflag v1.0.5 // indirect + go.uber.org/multierr v1.11.0 // indirect + go.uber.org/zap v1.25.0 // indirect + golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect + golang.org/x/net v0.17.0 // indirect + golang.org/x/oauth2 v0.8.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/term v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect + golang.org/x/time v0.3.0 // indirect + golang.org/x/tools v0.9.3 // indirect + gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect + google.golang.org/appengine v1.6.7 // indirect + google.golang.org/protobuf v1.30.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect + k8s.io/api v0.28.3 // indirect + k8s.io/apiextensions-apiserver v0.28.3 // indirect + k8s.io/component-base v0.28.3 // indirect + k8s.io/klog/v2 v2.100.1 // indirect + k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect + k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect + sigs.k8s.io/yaml v1.3.0 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..8e8882f --- /dev/null +++ b/go.sum @@ -0,0 +1,226 @@ +github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= +github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= +github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= +github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= +github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= +github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= +github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= +github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= +github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= +github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28= +github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= +github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU= +github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= +github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= +github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= +github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= +github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= +github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= +github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= +github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= +github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= +github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= +go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= +go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= +go.uber.org/zap v1.25.0 h1:4Hvk6GtkucQ790dqmj7l1eEnRdKm3k3ZUrUMS2d5+5c= +go.uber.org/zap v1.25.0/go.mod h1:JIAUzQIH94IC4fOJQm7gMmBJP5k7wQfdcnYdPoEXJYk= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA= +golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= +golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= +golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM= +golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= +gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= +google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= +google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM= +k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc= +k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08= +k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc= +k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A= +k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8= +k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4= +k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo= +k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= +k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= +k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= +k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= +k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= +k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= +k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= +sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= +sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= +sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= +sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/hack/boilerplate.go.txt b/hack/boilerplate.go.txt new file mode 100644 index 0000000..759b82a --- /dev/null +++ b/hack/boilerplate.go.txt @@ -0,0 +1,15 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ diff --git a/helm-charts b/helm-charts deleted file mode 160000 index 3fecad8..0000000 --- a/helm-charts +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 3fecad84b3c3fecd9c2ef19b942f4fc4065ce6f6 diff --git a/test/e2e/e2e_suite_test.go b/test/e2e/e2e_suite_test.go new file mode 100644 index 0000000..63e2784 --- /dev/null +++ b/test/e2e/e2e_suite_test.go @@ -0,0 +1,32 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package e2e + +import ( + "fmt" + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" +) + +// Run e2e tests using the Ginkgo runner. +func TestE2E(t *testing.T) { + RegisterFailHandler(Fail) + fmt.Fprintf(GinkgoWriter, "Starting kubernetes-operator suite\n") + RunSpecs(t, "e2e suite") +} diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go new file mode 100644 index 0000000..8e55b96 --- /dev/null +++ b/test/e2e/e2e_test.go @@ -0,0 +1,121 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package e2e + +import ( + "fmt" + "os/exec" + "time" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + "github.com/memgraph/kubernetes-operator/test/utils" +) + +const namespace = "kubernetes-operator-system" + +var _ = Describe("controller", Ordered, func() { + BeforeAll(func() { + By("installing prometheus operator") + Expect(utils.InstallPrometheusOperator()).To(Succeed()) + + By("installing the cert-manager") + Expect(utils.InstallCertManager()).To(Succeed()) + + By("creating manager namespace") + cmd := exec.Command("kubectl", "create", "ns", namespace) + _, _ = utils.Run(cmd) + }) + + AfterAll(func() { + By("uninstalling the Prometheus manager bundle") + utils.UninstallPrometheusOperator() + + By("uninstalling the cert-manager bundle") + utils.UninstallCertManager() + + By("removing manager namespace") + cmd := exec.Command("kubectl", "delete", "ns", namespace) + _, _ = utils.Run(cmd) + }) + + Context("Operator", func() { + It("should run successfully", func() { + var controllerPodName string + var err error + + // projectimage stores the name of the image used in the example + var projectimage = "example.com/kubernetes-operator:v0.0.1" + + By("building the manager(Operator) image") + cmd := exec.Command("make", "docker-build", fmt.Sprintf("IMG=%s", projectimage)) + _, err = utils.Run(cmd) + ExpectWithOffset(1, err).NotTo(HaveOccurred()) + + By("loading the the manager(Operator) image on Kind") + err = utils.LoadImageToKindClusterWithName(projectimage) + ExpectWithOffset(1, err).NotTo(HaveOccurred()) + + By("installing CRDs") + cmd = exec.Command("make", "install") + _, err = utils.Run(cmd) + + By("deploying the controller-manager") + cmd = exec.Command("make", "deploy", fmt.Sprintf("IMG=%s", projectimage)) + _, err = utils.Run(cmd) + ExpectWithOffset(1, err).NotTo(HaveOccurred()) + + By("validating that the controller-manager pod is running as expected") + verifyControllerUp := func() error { + // Get pod name + + cmd = exec.Command("kubectl", "get", + "pods", "-l", "control-plane=controller-manager", + "-o", "go-template={{ range .items }}"+ + "{{ if not .metadata.deletionTimestamp }}"+ + "{{ .metadata.name }}"+ + "{{ \"\\n\" }}{{ end }}{{ end }}", + "-n", namespace, + ) + + podOutput, err := utils.Run(cmd) + ExpectWithOffset(2, err).NotTo(HaveOccurred()) + podNames := utils.GetNonEmptyLines(string(podOutput)) + if len(podNames) != 1 { + return fmt.Errorf("expect 1 controller pods running, but got %d", len(podNames)) + } + controllerPodName = podNames[0] + ExpectWithOffset(2, controllerPodName).Should(ContainSubstring("controller-manager")) + + // Validate pod status + cmd = exec.Command("kubectl", "get", + "pods", controllerPodName, "-o", "jsonpath={.status.phase}", + "-n", namespace, + ) + status, err := utils.Run(cmd) + ExpectWithOffset(2, err).NotTo(HaveOccurred()) + if string(status) != "Running" { + return fmt.Errorf("controller pod in %s status", status) + } + return nil + } + EventuallyWithOffset(1, verifyControllerUp, time.Minute, time.Second).Should(Succeed()) + + }) + }) +}) diff --git a/test/utils/utils.go b/test/utils/utils.go new file mode 100644 index 0000000..2df8b9d --- /dev/null +++ b/test/utils/utils.go @@ -0,0 +1,140 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package utils + +import ( + "fmt" + "os" + "os/exec" + "strings" + + . "github.com/onsi/ginkgo/v2" //nolint:golint,revive +) + +const ( + prometheusOperatorVersion = "v0.68.0" + prometheusOperatorURL = "https://github.com/prometheus-operator/prometheus-operator/" + + "releases/download/%s/bundle.yaml" + + certmanagerVersion = "v1.5.3" + certmanagerURLTmpl = "https://github.com/jetstack/cert-manager/releases/download/%s/cert-manager.yaml" +) + +func warnError(err error) { + fmt.Fprintf(GinkgoWriter, "warning: %v\n", err) +} + +// InstallPrometheusOperator installs the prometheus Operator to be used to export the enabled metrics. +func InstallPrometheusOperator() error { + url := fmt.Sprintf(prometheusOperatorURL, prometheusOperatorVersion) + cmd := exec.Command("kubectl", "create", "-f", url) + _, err := Run(cmd) + return err +} + +// Run executes the provided command within this context +func Run(cmd *exec.Cmd) ([]byte, error) { + dir, _ := GetProjectDir() + cmd.Dir = dir + + if err := os.Chdir(cmd.Dir); err != nil { + fmt.Fprintf(GinkgoWriter, "chdir dir: %s\n", err) + } + + cmd.Env = append(os.Environ(), "GO111MODULE=on") + command := strings.Join(cmd.Args, " ") + fmt.Fprintf(GinkgoWriter, "running: %s\n", command) + output, err := cmd.CombinedOutput() + if err != nil { + return output, fmt.Errorf("%s failed with error: (%v) %s", command, err, string(output)) + } + + return output, nil +} + +// UninstallPrometheusOperator uninstalls the prometheus +func UninstallPrometheusOperator() { + url := fmt.Sprintf(prometheusOperatorURL, prometheusOperatorVersion) + cmd := exec.Command("kubectl", "delete", "-f", url) + if _, err := Run(cmd); err != nil { + warnError(err) + } +} + +// UninstallCertManager uninstalls the cert manager +func UninstallCertManager() { + url := fmt.Sprintf(certmanagerURLTmpl, certmanagerVersion) + cmd := exec.Command("kubectl", "delete", "-f", url) + if _, err := Run(cmd); err != nil { + warnError(err) + } +} + +// InstallCertManager installs the cert manager bundle. +func InstallCertManager() error { + url := fmt.Sprintf(certmanagerURLTmpl, certmanagerVersion) + cmd := exec.Command("kubectl", "apply", "-f", url) + if _, err := Run(cmd); err != nil { + return err + } + // Wait for cert-manager-webhook to be ready, which can take time if cert-manager + // was re-installed after uninstalling on a cluster. + cmd = exec.Command("kubectl", "wait", "deployment.apps/cert-manager-webhook", + "--for", "condition=Available", + "--namespace", "cert-manager", + "--timeout", "5m", + ) + + _, err := Run(cmd) + return err +} + +// LoadImageToKindCluster loads a local docker image to the kind cluster +func LoadImageToKindClusterWithName(name string) error { + cluster := "kind" + if v, ok := os.LookupEnv("KIND_CLUSTER"); ok { + cluster = v + } + kindOptions := []string{"load", "docker-image", name, "--name", cluster} + cmd := exec.Command("kind", kindOptions...) + _, err := Run(cmd) + return err +} + +// GetNonEmptyLines converts given command output string into individual objects +// according to line breakers, and ignores the empty elements in it. +func GetNonEmptyLines(output string) []string { + var res []string + elements := strings.Split(output, "\n") + for _, element := range elements { + if element != "" { + res = append(res, element) + } + } + + return res +} + +// GetProjectDir will return the directory where the project is +func GetProjectDir() (string, error) { + wd, err := os.Getwd() + if err != nil { + return wd, err + } + wd = strings.Replace(wd, "/test/e2e", "", -1) + return wd, nil +} diff --git a/watches.yaml b/watches.yaml deleted file mode 100644 index 3078f4f..0000000 --- a/watches.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# Use the 'create api' subcommand to add watches to this file. -- group: memgraph.com # The group of the Custom Resource that will be watched - version: v1 # The version of the Custom Resource that will be watched - kind: MemgraphHA # The kind of the Custom Resource that will be watched - chart: helm-charts/charts/memgraph-high-availability # Path to the chart that will be used when reconciling -#+kubebuilder:scaffold:watch From 8abc3c69e58690d990c9afd45989c384a2e08b6c Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Tue, 23 Jul 2024 14:41:45 +0200 Subject: [PATCH 03/26] Return helm-charts --- .gitmodules | 2 +- helm-charts | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) create mode 160000 helm-charts diff --git a/.gitmodules b/.gitmodules index 11eb3cb..0163692 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,4 +1,4 @@ [submodule "helm-charts"] path = helm-charts - url = https://github.com/memgraph/helm-charts.git + url = https://github.com/memgraph/helm-charts.git branch = main diff --git a/helm-charts b/helm-charts new file mode 160000 index 0000000..3fecad8 --- /dev/null +++ b/helm-charts @@ -0,0 +1 @@ +Subproject commit 3fecad84b3c3fecd9c2ef19b942f4fc4065ce6f6 From 0db627b0e6457fceea81f3b2a529fccbb2752cf5 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Tue, 23 Jul 2024 14:43:00 +0200 Subject: [PATCH 04/26] Return license --- LICENSE | 201 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 201 insertions(+) create mode 100644 LICENSE diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. From bb640dbf7d2055811cbd224b67e73c4a58465ffe Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Tue, 23 Jul 2024 14:56:14 +0200 Subject: [PATCH 05/26] readme modification --- README.md | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/README.md b/README.md index 91e5a33..9f258ea 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,34 @@ +# Memgraph Kubernetes Operator + +## Introduction + +Memgraph Kubernetes Operator is WIP. You can currently install the operator and manage the deployment of Memgraph's High Availability cluster +through it. + +## Table of Contents + +- [Prerequisites](#prerequisites) +- [Documentation](#documentation) +- [License](#license) + +## Prerequisites + +We use Go version 1.22.5 (not needed at the moment). Check out here how to [install Go](https://go.dev/doc/install). +The current Helm version used is v3.14.4. + +## Documentation + +Check our [Documentation](/docs) to start using our Kubernetes operator. + +1. [Install the Memgraph Kubernetes Operator](docs/installation.md) + +## License + +Please check the [LICENSE](LICENSE) file + + +# new stuff from go + # kubernetes-operator // TODO(user): Add simple overview of use/purpose From d812ea2eb847bc082073eef66c58b8455028ef2f Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Tue, 23 Jul 2024 14:57:30 +0200 Subject: [PATCH 06/26] Return docs --- docs/installation.md | 68 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 docs/installation.md diff --git a/docs/installation.md b/docs/installation.md new file mode 100644 index 0000000..bec8eac --- /dev/null +++ b/docs/installation.md @@ -0,0 +1,68 @@ +# Install Memgraph Kubernetes Operator + +All described installation options will run the Operator inside the cluster. + + +Make sure to clone this repository with its submodule (helm-charts). + +```bash +git clone --recurse-submodules git@github.com:memgraph/kubernetes-operator.git +``` + +## Install K8 resources + +```bash +kubectl apply -k config/default +``` + +This command will use operator's image from Memgraph's DockerHub and create all necessary Kubernetes resources for running an operator. + +## Verify installation + +Installation using any of options described above will cause creating Kubernetes ServiceAccount, RoleBinding, Role, Deployment and Pods all in newly created all in newly created all in newly created +namespace `memgraph-operator-system`. You can check your resources with: + +```bash +kubectl get serviceaccounts -n memgraph-operator-system +kubectl get clusterrolebindings -n memgraph-operator-system +kubectl get clusterroles -n memgraph-operator-system +kubectl get deployments -n memgraph-operator-system +kubectl get pods -n memgraph-operator-system +``` + +CustomResourceDefinition `memgraphhas.memgraph.com`, whose job is to monitor CustomResource `MemgraphHA`, will also get created and you can verify +this with: + +```bash +kubectl get crds -A +``` + +## Start Memgraph High Availability Cluster + +We already provide sample cluster in `config/samples/memgraph_v1_ha.yaml`. You only need to set your license information by setting +environment variables `MEMGRAPH_ORGANIZATION_NAME` and `MEMGRAPH_ENTERPRISE_LICENSE` in your local environment with: + +```bash +export MEMGRAPH_ORGANIZATION_NAME="" +export MEMGRAPH_ENTERPRISE_LICENSE="" +``` + +Start Memgraph HA cluster with `envsubst < config/samples/memgraph_v1_ha.yaml | kubectl apply -f -`. (The `envsubst command` is a part of the `gettext` package.) +Instead of using `envsubst` command, you can directly set environment variables in `config/samples/memgraph_v1_ha.yaml`. + + +After ~40s, you should be able to see instances in the output of `kubectl get pods -A`: + + +You can now find URL of any coordinator instances by running e.g `minikube service list` and connect to see the state of the cluster by running +`show instances;`: +![image](https://github.com/memgraph/kubernetes-operator/assets/53269502/c68d52e2-19f7-4e45-8ff0-fc2ee662c64b) + + +## Clear resources + +```bash +kubectl delete -f config/samples/memgraph_v1_ha.yaml +kubectl delete pvc --all # Or leave them if you want to use persistent storage +kubectl delete -k config/default +``` From 73a7ba855ed390ec596d8ec6d7e8cbc13b9b87bf Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Tue, 23 Jul 2024 15:26:39 +0200 Subject: [PATCH 07/26] Go API --- PROJECT | 10 +++ api/v1/groupversion_info.go | 36 ++++++++ api/v1/memgraphha_types.go | 64 +++++++++++++ cmd/main.go | 11 +++ config/crd/kustomization.yaml | 23 +++++ config/crd/kustomizeconfig.yaml | 19 ++++ config/default/kustomization.yaml | 2 +- config/rbac/memgraphha_editor_role.yaml | 31 +++++++ config/rbac/memgraphha_viewer_role.yaml | 27 ++++++ config/samples/kustomization.yaml | 4 + config/samples/memgraph_v1_memgraphha.yaml | 12 +++ internal/controller/memgraphha_controller.go | 62 +++++++++++++ .../controller/memgraphha_controller_test.go | 84 +++++++++++++++++ internal/controller/suite_test.go | 90 +++++++++++++++++++ 14 files changed, 474 insertions(+), 1 deletion(-) create mode 100644 api/v1/groupversion_info.go create mode 100644 api/v1/memgraphha_types.go create mode 100644 config/crd/kustomization.yaml create mode 100644 config/crd/kustomizeconfig.yaml create mode 100644 config/rbac/memgraphha_editor_role.yaml create mode 100644 config/rbac/memgraphha_viewer_role.yaml create mode 100644 config/samples/kustomization.yaml create mode 100644 config/samples/memgraph_v1_memgraphha.yaml create mode 100644 internal/controller/memgraphha_controller.go create mode 100644 internal/controller/memgraphha_controller_test.go create mode 100644 internal/controller/suite_test.go diff --git a/PROJECT b/PROJECT index ad5b30a..be3ed36 100644 --- a/PROJECT +++ b/PROJECT @@ -10,4 +10,14 @@ plugins: scorecard.sdk.operatorframework.io/v2: {} projectName: kubernetes-operator repo: github.com/memgraph/kubernetes-operator +resources: +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: com + group: memgraph + kind: MemgraphHA + path: github.com/memgraph/kubernetes-operator/api/v1 + version: v1 version: "3" diff --git a/api/v1/groupversion_info.go b/api/v1/groupversion_info.go new file mode 100644 index 0000000..34e9233 --- /dev/null +++ b/api/v1/groupversion_info.go @@ -0,0 +1,36 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package v1 contains API Schema definitions for the memgraph v1 API group +// +kubebuilder:object:generate=true +// +groupName=memgraph.com +package v1 + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +var ( + // GroupVersion is group version used to register these objects + GroupVersion = schema.GroupVersion{Group: "memgraph.com", Version: "v1"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} + + // AddToScheme adds the types in this group-version to the given scheme. + AddToScheme = SchemeBuilder.AddToScheme +) diff --git a/api/v1/memgraphha_types.go b/api/v1/memgraphha_types.go new file mode 100644 index 0000000..fb37d30 --- /dev/null +++ b/api/v1/memgraphha_types.go @@ -0,0 +1,64 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// MemgraphHASpec defines the desired state of MemgraphHA +type MemgraphHASpec struct { + // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + // Important: Run "make" to regenerate code after modifying this file + + // Foo is an example field of MemgraphHA. Edit memgraphha_types.go to remove/update + Foo string `json:"foo,omitempty"` +} + +// MemgraphHAStatus defines the observed state of MemgraphHA +type MemgraphHAStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status + +// MemgraphHA is the Schema for the memgraphhas API +type MemgraphHA struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec MemgraphHASpec `json:"spec,omitempty"` + Status MemgraphHAStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// MemgraphHAList contains a list of MemgraphHA +type MemgraphHAList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []MemgraphHA `json:"items"` +} + +func init() { + SchemeBuilder.Register(&MemgraphHA{}, &MemgraphHAList{}) +} diff --git a/cmd/main.go b/cmd/main.go index f844039..ec3ee19 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -33,6 +33,9 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log/zap" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" "sigs.k8s.io/controller-runtime/pkg/webhook" + + memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" + "github.com/memgraph/kubernetes-operator/internal/controller" //+kubebuilder:scaffold:imports ) @@ -44,6 +47,7 @@ var ( func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) + utilruntime.Must(memgraphv1.AddToScheme(scheme)) //+kubebuilder:scaffold:scheme } @@ -118,6 +122,13 @@ func main() { os.Exit(1) } + if err = (&controller.MemgraphHAReconciler{ + Client: mgr.GetClient(), + Scheme: mgr.GetScheme(), + }).SetupWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "MemgraphHA") + os.Exit(1) + } //+kubebuilder:scaffold:builder if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil { diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml new file mode 100644 index 0000000..f059d30 --- /dev/null +++ b/config/crd/kustomization.yaml @@ -0,0 +1,23 @@ +# This kustomization.yaml is not intended to be run by itself, +# since it depends on service name and namespace that are out of this kustomize package. +# It should be run by config/default +resources: +- bases/memgraph.com_memgraphhas.yaml +#+kubebuilder:scaffold:crdkustomizeresource + +patches: +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. +# patches here are for enabling the conversion webhook for each CRD +#- path: patches/webhook_in_memgraphhas.yaml +#+kubebuilder:scaffold:crdkustomizewebhookpatch + +# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. +# patches here are for enabling the CA injection for each CRD +#- path: patches/cainjection_in_memgraphhas.yaml +#+kubebuilder:scaffold:crdkustomizecainjectionpatch + +# [WEBHOOK] To enable webhook, uncomment the following section +# the following config is for teaching kustomize how to do kustomization for CRDs. + +#configurations: +#- kustomizeconfig.yaml diff --git a/config/crd/kustomizeconfig.yaml b/config/crd/kustomizeconfig.yaml new file mode 100644 index 0000000..ec5c150 --- /dev/null +++ b/config/crd/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This file is for teaching kustomize how to substitute name and namespace reference in CRD +nameReference: +- kind: Service + version: v1 + fieldSpecs: + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/name + +namespace: +- kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/namespace + create: false + +varReference: +- path: metadata/annotations diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index aad6b2d..eb00d57 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -15,7 +15,7 @@ namePrefix: kubernetes-operator- # someName: someValue resources: -#- ../crd +- ../crd - ../rbac - ../manager # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in diff --git a/config/rbac/memgraphha_editor_role.yaml b/config/rbac/memgraphha_editor_role.yaml new file mode 100644 index 0000000..e54bf20 --- /dev/null +++ b/config/rbac/memgraphha_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit memgraphhas. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: memgraphha-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: memgraphha-editor-role +rules: +- apiGroups: + - memgraph.com + resources: + - memgraphhas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memgraph.com + resources: + - memgraphhas/status + verbs: + - get diff --git a/config/rbac/memgraphha_viewer_role.yaml b/config/rbac/memgraphha_viewer_role.yaml new file mode 100644 index 0000000..769adfd --- /dev/null +++ b/config/rbac/memgraphha_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view memgraphhas. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: memgraphha-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: kubernetes-operator + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + name: memgraphha-viewer-role +rules: +- apiGroups: + - memgraph.com + resources: + - memgraphhas + verbs: + - get + - list + - watch +- apiGroups: + - memgraph.com + resources: + - memgraphhas/status + verbs: + - get diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml new file mode 100644 index 0000000..9361e5a --- /dev/null +++ b/config/samples/kustomization.yaml @@ -0,0 +1,4 @@ +## Append samples of your project ## +resources: +- memgraph_v1_memgraphha.yaml +#+kubebuilder:scaffold:manifestskustomizesamples diff --git a/config/samples/memgraph_v1_memgraphha.yaml b/config/samples/memgraph_v1_memgraphha.yaml new file mode 100644 index 0000000..91c9c96 --- /dev/null +++ b/config/samples/memgraph_v1_memgraphha.yaml @@ -0,0 +1,12 @@ +apiVersion: memgraph.com/v1 +kind: MemgraphHA +metadata: + labels: + app.kubernetes.io/name: memgraphha + app.kubernetes.io/instance: memgraphha-sample + app.kubernetes.io/part-of: kubernetes-operator + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: kubernetes-operator + name: memgraphha-sample +spec: + # TODO(user): Add fields here diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go new file mode 100644 index 0000000..8915145 --- /dev/null +++ b/internal/controller/memgraphha_controller.go @@ -0,0 +1,62 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "context" + + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/log" + + memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" +) + +// MemgraphHAReconciler reconciles a MemgraphHA object +type MemgraphHAReconciler struct { + client.Client + Scheme *runtime.Scheme +} + +//+kubebuilder:rbac:groups=memgraph.com,resources=memgraphhas,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=memgraph.com,resources=memgraphhas/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=memgraph.com,resources=memgraphhas/finalizers,verbs=update + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the MemgraphHA object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.16.3/pkg/reconcile +func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = log.FromContext(ctx) + + // TODO(user): your logic here + + return ctrl.Result{}, nil +} + +// SetupWithManager sets up the controller with the Manager. +func (r *MemgraphHAReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&memgraphv1.MemgraphHA{}). + Complete(r) +} diff --git a/internal/controller/memgraphha_controller_test.go b/internal/controller/memgraphha_controller_test.go new file mode 100644 index 0000000..9b10129 --- /dev/null +++ b/internal/controller/memgraphha_controller_test.go @@ -0,0 +1,84 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "context" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" +) + +var _ = Describe("MemgraphHA Controller", func() { + Context("When reconciling a resource", func() { + const resourceName = "test-resource" + + ctx := context.Background() + + typeNamespacedName := types.NamespacedName{ + Name: resourceName, + Namespace: "default", // TODO(user):Modify as needed + } + memgraphha := &memgraphv1.MemgraphHA{} + + BeforeEach(func() { + By("creating the custom resource for the Kind MemgraphHA") + err := k8sClient.Get(ctx, typeNamespacedName, memgraphha) + if err != nil && errors.IsNotFound(err) { + resource := &memgraphv1.MemgraphHA{ + ObjectMeta: metav1.ObjectMeta{ + Name: resourceName, + Namespace: "default", + }, + // TODO(user): Specify other spec details if needed. + } + Expect(k8sClient.Create(ctx, resource)).To(Succeed()) + } + }) + + AfterEach(func() { + // TODO(user): Cleanup logic after each test, like removing the resource instance. + resource := &memgraphv1.MemgraphHA{} + err := k8sClient.Get(ctx, typeNamespacedName, resource) + Expect(err).NotTo(HaveOccurred()) + + By("Cleanup the specific resource instance MemgraphHA") + Expect(k8sClient.Delete(ctx, resource)).To(Succeed()) + }) + It("should successfully reconcile the resource", func() { + By("Reconciling the created resource") + controllerReconciler := &MemgraphHAReconciler{ + Client: k8sClient, + Scheme: k8sClient.Scheme(), + } + + _, err := controllerReconciler.Reconcile(ctx, reconcile.Request{ + NamespacedName: typeNamespacedName, + }) + Expect(err).NotTo(HaveOccurred()) + // TODO(user): Add more specific assertions depending on your controller's reconciliation logic. + // Example: If you expect a certain status condition after reconciliation, verify it here. + }) + }) +}) diff --git a/internal/controller/suite_test.go b/internal/controller/suite_test.go new file mode 100644 index 0000000..a2d6b7a --- /dev/null +++ b/internal/controller/suite_test.go @@ -0,0 +1,90 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "fmt" + "path/filepath" + "runtime" + "testing" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + "k8s.io/client-go/kubernetes/scheme" + "k8s.io/client-go/rest" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/envtest" + logf "sigs.k8s.io/controller-runtime/pkg/log" + "sigs.k8s.io/controller-runtime/pkg/log/zap" + + memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" + //+kubebuilder:scaffold:imports +) + +// These tests use Ginkgo (BDD-style Go testing framework). Refer to +// http://onsi.github.io/ginkgo/ to learn more about Ginkgo. + +var cfg *rest.Config +var k8sClient client.Client +var testEnv *envtest.Environment + +func TestControllers(t *testing.T) { + RegisterFailHandler(Fail) + + RunSpecs(t, "Controller Suite") +} + +var _ = BeforeSuite(func() { + logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) + + By("bootstrapping test environment") + testEnv = &envtest.Environment{ + CRDDirectoryPaths: []string{filepath.Join("..", "..", "config", "crd", "bases")}, + ErrorIfCRDPathMissing: true, + + // The BinaryAssetsDirectory is only required if you want to run the tests directly + // without call the makefile target test. If not informed it will look for the + // default path defined in controller-runtime which is /usr/local/kubebuilder/. + // Note that you must have the required binaries setup under the bin directory to perform + // the tests directly. When we run make test it will be setup and used automatically. + BinaryAssetsDirectory: filepath.Join("..", "..", "bin", "k8s", + fmt.Sprintf("1.28.3-%s-%s", runtime.GOOS, runtime.GOARCH)), + } + + var err error + // cfg is defined in this file globally. + cfg, err = testEnv.Start() + Expect(err).NotTo(HaveOccurred()) + Expect(cfg).NotTo(BeNil()) + + err = memgraphv1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + + //+kubebuilder:scaffold:scheme + + k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) + Expect(err).NotTo(HaveOccurred()) + Expect(k8sClient).NotTo(BeNil()) + +}) + +var _ = AfterSuite(func() { + By("tearing down the test environment") + err := testEnv.Stop() + Expect(err).NotTo(HaveOccurred()) +}) From 3f681f10e761e9f39f20f0e2f062e0bf4f9128ad Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Wed, 24 Jul 2024 13:00:49 +0200 Subject: [PATCH 08/26] Generated spec for Memgraph HA --- Makefile | 2 +- api/v1/memgraphha_types.go | 66 +++- api/v1/zz_generated.deepcopy.go | 290 ++++++++++++++++++ .../crd/bases/memgraph.com_memgraphhas.yaml | 226 ++++++++++++++ config/rbac/role.yaml | 37 ++- config/samples/kustomization.yaml | 4 +- config/samples/memgraph_v1_ha.yaml | 116 +++++++ config/samples/memgraph_v1_memgraphha.yaml | 12 - go.mod | 89 +++--- go.sum | 233 ++++++-------- 10 files changed, 858 insertions(+), 217 deletions(-) create mode 100644 api/v1/zz_generated.deepcopy.go create mode 100644 config/crd/bases/memgraph.com_memgraphhas.yaml create mode 100644 config/samples/memgraph_v1_ha.yaml delete mode 100644 config/samples/memgraph_v1_memgraphha.yaml diff --git a/Makefile b/Makefile index 6bf2889..b304cb5 100644 --- a/Makefile +++ b/Makefile @@ -212,7 +212,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest ## Tool Versions KUSTOMIZE_VERSION ?= v5.2.1 -CONTROLLER_TOOLS_VERSION ?= v0.13.0 +CONTROLLER_TOOLS_VERSION ?= v0.15.0 .PHONY: kustomize kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. If wrong version is installed, it will be removed before downloading. diff --git a/api/v1/memgraphha_types.go b/api/v1/memgraphha_types.go index fb37d30..f3a116f 100644 --- a/api/v1/memgraphha_types.go +++ b/api/v1/memgraphha_types.go @@ -25,11 +25,69 @@ import ( // MemgraphHASpec defines the desired state of MemgraphHA type MemgraphHASpec struct { - // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - // Important: Run "make" to regenerate code after modifying this file + Coordinators []Coordinator `json:"coordinators"` + Data []DataItem `json:"data"` + Memgraph MemgraphConfig `json:"memgraph"` +} + +type Coordinator struct { + ID string `json:"id"` + BoltPort int `json:"boltPort"` + ManagementPort int `json:"managementPort"` + CoordinatorPort int `json:"coordinatorPort"` + Args []string `json:"args"` +} + +type DataItem struct { + ID string `json:"id"` + BoltPort int `json:"boltPort"` + ManagementPort int `json:"managementPort"` + ReplicationPort int `json:"replicationPort"` + Args []string `json:"args"` +} + +type MemgraphConfig struct { + Data MemgraphDataConfig `json:"data"` + Coordinators MemgraphCoordinatorsConfig `json:"coordinators"` + Env map[string]string `json:"env"` + Image ImageConfig `json:"image"` + Probes MemgraphProbesConfig `json:"probes"` +} + +type MemgraphDataConfig struct { + VolumeClaim VolumeClaimConfig `json:"volumeClaim"` +} + +type MemgraphCoordinatorsConfig struct { + VolumeClaim VolumeClaimConfig `json:"volumeClaim"` +} + +type VolumeClaimConfig struct { + StoragePVCClassName string `json:"storagePVCClassName"` + StoragePVC bool `json:"storagePVC"` + StoragePVCSize string `json:"storagePVCSize"` + LogPVCClassName string `json:"logPVCClassName"` + LogPVC bool `json:"logPVC"` + LogPVCSize string `json:"logPVCSize"` +} + +type ImageConfig struct { + PullPolicy string `json:"pullPolicy"` + Repository string `json:"repository"` + Tag string `json:"tag"` +} + +type MemgraphProbesConfig struct { + Liveness ProbeConfig `json:"liveness"` + Readiness ProbeConfig `json:"readiness"` + Startup ProbeConfig `json:"startup"` +} - // Foo is an example field of MemgraphHA. Edit memgraphha_types.go to remove/update - Foo string `json:"foo,omitempty"` +// ProbeConfig configures individual probes +type ProbeConfig struct { + InitialDelaySeconds int `json:"initialDelaySeconds"` + PeriodSeconds int `json:"periodSeconds"` + FailureThreshold int `json:"failureThreshold,omitempty"` } // MemgraphHAStatus defines the observed state of MemgraphHA diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go new file mode 100644 index 0000000..fb1d31a --- /dev/null +++ b/api/v1/zz_generated.deepcopy.go @@ -0,0 +1,290 @@ +//go:build !ignore_autogenerated + +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by controller-gen. DO NOT EDIT. + +package v1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Coordinator) DeepCopyInto(out *Coordinator) { + *out = *in + if in.Args != nil { + in, out := &in.Args, &out.Args + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Coordinator. +func (in *Coordinator) DeepCopy() *Coordinator { + if in == nil { + return nil + } + out := new(Coordinator) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DataItem) DeepCopyInto(out *DataItem) { + *out = *in + if in.Args != nil { + in, out := &in.Args, &out.Args + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DataItem. +func (in *DataItem) DeepCopy() *DataItem { + if in == nil { + return nil + } + out := new(DataItem) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ImageConfig) DeepCopyInto(out *ImageConfig) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageConfig. +func (in *ImageConfig) DeepCopy() *ImageConfig { + if in == nil { + return nil + } + out := new(ImageConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemgraphConfig) DeepCopyInto(out *MemgraphConfig) { + *out = *in + out.Data = in.Data + out.Coordinators = in.Coordinators + if in.Env != nil { + in, out := &in.Env, &out.Env + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + out.Image = in.Image + out.Probes = in.Probes +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemgraphConfig. +func (in *MemgraphConfig) DeepCopy() *MemgraphConfig { + if in == nil { + return nil + } + out := new(MemgraphConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemgraphCoordinatorsConfig) DeepCopyInto(out *MemgraphCoordinatorsConfig) { + *out = *in + out.VolumeClaim = in.VolumeClaim +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemgraphCoordinatorsConfig. +func (in *MemgraphCoordinatorsConfig) DeepCopy() *MemgraphCoordinatorsConfig { + if in == nil { + return nil + } + out := new(MemgraphCoordinatorsConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemgraphDataConfig) DeepCopyInto(out *MemgraphDataConfig) { + *out = *in + out.VolumeClaim = in.VolumeClaim +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemgraphDataConfig. +func (in *MemgraphDataConfig) DeepCopy() *MemgraphDataConfig { + if in == nil { + return nil + } + out := new(MemgraphDataConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemgraphHA) DeepCopyInto(out *MemgraphHA) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemgraphHA. +func (in *MemgraphHA) DeepCopy() *MemgraphHA { + if in == nil { + return nil + } + out := new(MemgraphHA) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MemgraphHA) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemgraphHAList) DeepCopyInto(out *MemgraphHAList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]MemgraphHA, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemgraphHAList. +func (in *MemgraphHAList) DeepCopy() *MemgraphHAList { + if in == nil { + return nil + } + out := new(MemgraphHAList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *MemgraphHAList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemgraphHASpec) DeepCopyInto(out *MemgraphHASpec) { + *out = *in + if in.Coordinators != nil { + in, out := &in.Coordinators, &out.Coordinators + *out = make([]Coordinator, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Data != nil { + in, out := &in.Data, &out.Data + *out = make([]DataItem, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.Memgraph.DeepCopyInto(&out.Memgraph) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemgraphHASpec. +func (in *MemgraphHASpec) DeepCopy() *MemgraphHASpec { + if in == nil { + return nil + } + out := new(MemgraphHASpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemgraphHAStatus) DeepCopyInto(out *MemgraphHAStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemgraphHAStatus. +func (in *MemgraphHAStatus) DeepCopy() *MemgraphHAStatus { + if in == nil { + return nil + } + out := new(MemgraphHAStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MemgraphProbesConfig) DeepCopyInto(out *MemgraphProbesConfig) { + *out = *in + out.Liveness = in.Liveness + out.Readiness = in.Readiness + out.Startup = in.Startup +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemgraphProbesConfig. +func (in *MemgraphProbesConfig) DeepCopy() *MemgraphProbesConfig { + if in == nil { + return nil + } + out := new(MemgraphProbesConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ProbeConfig) DeepCopyInto(out *ProbeConfig) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProbeConfig. +func (in *ProbeConfig) DeepCopy() *ProbeConfig { + if in == nil { + return nil + } + out := new(ProbeConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VolumeClaimConfig) DeepCopyInto(out *VolumeClaimConfig) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumeClaimConfig. +func (in *VolumeClaimConfig) DeepCopy() *VolumeClaimConfig { + if in == nil { + return nil + } + out := new(VolumeClaimConfig) + in.DeepCopyInto(out) + return out +} diff --git a/config/crd/bases/memgraph.com_memgraphhas.yaml b/config/crd/bases/memgraph.com_memgraphhas.yaml new file mode 100644 index 0000000..63114e8 --- /dev/null +++ b/config/crd/bases/memgraph.com_memgraphhas.yaml @@ -0,0 +1,226 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + name: memgraphhas.memgraph.com +spec: + group: memgraph.com + names: + kind: MemgraphHA + listKind: MemgraphHAList + plural: memgraphhas + singular: memgraphha + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: MemgraphHA is the Schema for the memgraphhas API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: MemgraphHASpec defines the desired state of MemgraphHA + properties: + coordinators: + items: + properties: + args: + items: + type: string + type: array + boltPort: + type: integer + coordinatorPort: + type: integer + id: + type: string + managementPort: + type: integer + required: + - args + - boltPort + - coordinatorPort + - id + - managementPort + type: object + type: array + data: + items: + properties: + args: + items: + type: string + type: array + boltPort: + type: integer + id: + type: string + managementPort: + type: integer + replicationPort: + type: integer + required: + - args + - boltPort + - id + - managementPort + - replicationPort + type: object + type: array + memgraph: + properties: + coordinators: + properties: + volumeClaim: + properties: + logPVC: + type: boolean + logPVCClassName: + type: string + logPVCSize: + type: string + storagePVC: + type: boolean + storagePVCClassName: + type: string + storagePVCSize: + type: string + required: + - logPVC + - logPVCClassName + - logPVCSize + - storagePVC + - storagePVCClassName + - storagePVCSize + type: object + required: + - volumeClaim + type: object + data: + properties: + volumeClaim: + properties: + logPVC: + type: boolean + logPVCClassName: + type: string + logPVCSize: + type: string + storagePVC: + type: boolean + storagePVCClassName: + type: string + storagePVCSize: + type: string + required: + - logPVC + - logPVCClassName + - logPVCSize + - storagePVC + - storagePVCClassName + - storagePVCSize + type: object + required: + - volumeClaim + type: object + env: + additionalProperties: + type: string + type: object + image: + properties: + pullPolicy: + type: string + repository: + type: string + tag: + type: string + required: + - pullPolicy + - repository + - tag + type: object + probes: + properties: + liveness: + description: ProbeConfig configures individual probes + properties: + failureThreshold: + type: integer + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + required: + - initialDelaySeconds + - periodSeconds + type: object + readiness: + description: ProbeConfig configures individual probes + properties: + failureThreshold: + type: integer + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + required: + - initialDelaySeconds + - periodSeconds + type: object + startup: + description: ProbeConfig configures individual probes + properties: + failureThreshold: + type: integer + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + required: + - initialDelaySeconds + - periodSeconds + type: object + required: + - liveness + - readiness + - startup + type: object + required: + - coordinators + - data + - env + - image + - probes + type: object + required: + - coordinators + - data + - memgraph + type: object + status: + description: MemgraphHAStatus defines the observed state of MemgraphHA + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 01a58c5..372d6f8 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -1,15 +1,32 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: manager-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize name: manager-role rules: -- apiGroups: [""] - resources: ["pods"] - verbs: ["get", "list", "watch"] +- apiGroups: + - memgraph.com + resources: + - memgraphhas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - memgraph.com + resources: + - memgraphhas/finalizers + verbs: + - update +- apiGroups: + - memgraph.com + resources: + - memgraphhas/status + verbs: + - get + - patch + - update diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index 9361e5a..e0823f5 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -1,4 +1,2 @@ -## Append samples of your project ## resources: -- memgraph_v1_memgraphha.yaml -#+kubebuilder:scaffold:manifestskustomizesamples +- memgraph_v1_ha.yaml diff --git a/config/samples/memgraph_v1_ha.yaml b/config/samples/memgraph_v1_ha.yaml new file mode 100644 index 0000000..18b2a69 --- /dev/null +++ b/config/samples/memgraph_v1_ha.yaml @@ -0,0 +1,116 @@ +apiVersion: memgraph.com/v1 +kind: MemgraphHA +metadata: + name: memgraphha-sample +spec: + coordinators: + - id: "1" + boltPort: 7687 + managementPort: 10000 + coordinatorPort: 12000 + args: + - --experimental-enabled=high-availability + - --coordinator-id=1 + - --coordinator-port=12000 + - --management-port=10000 + - --bolt-port=7687 + - --also-log-to-stderr + - --log-level=TRACE + - --coordinator-hostname=memgraph-coordinator-1.default.svc.cluster.local + - --log-file=/var/log/memgraph/memgraph.log + - --nuraft-log-file=/var/log/memgraph/memgraph.log + + - id: "2" + boltPort: 7687 + managementPort: 10000 + coordinatorPort: 12000 + args: + - --experimental-enabled=high-availability + - --coordinator-id=2 + - --coordinator-port=12000 + + - --management-port=10000 + - --bolt-port=7687 + - --also-log-to-stderr + - --log-level=TRACE + - --coordinator-hostname=memgraph-coordinator-2.default.svc.cluster.local + - --log-file=/var/log/memgraph/memgraph.log + - --nuraft-log-file=/var/log/memgraph/memgraph.log + + - id: "3" + boltPort: 7687 + managementPort: 10000 + coordinatorPort: 12000 + args: + - --experimental-enabled=high-availability + - --coordinator-id=3 + - --coordinator-port=12000 + - --management-port=10000 + - --bolt-port=7687 + - --also-log-to-stderr + - --log-level=TRACE + - --coordinator-hostname=memgraph-coordinator-3.default.svc.cluster.local + - --log-file=/var/log/memgraph/memgraph.log + - --nuraft-log-file=/var/log/memgraph/memgraph.log + + + data: + - id: "0" + boltPort: 7687 + managementPort: 10000 + replicationPort: 20000 + args: + - --experimental-enabled=high-availability + - --management-port=10000 + - --bolt-port=7687 + - --also-log-to-stderr + - --log-level=TRACE + - --log-file=/var/log/memgraph/memgraph.log + + - id: "1" + boltPort: 7687 + managementPort: 10000 + replicationPort: 20000 + args: + - --experimental-enabled=high-availability + - --management-port=10000 + - --bolt-port=7687 + - --also-log-to-stderr + - --log-level=TRACE + - --log-file=/var/log/memgraph/memgraph.log + + memgraph: + data: + volumeClaim: + logPVCClassName: "" + logPVC: true + logPVCSize: 256Mi + storagePVCClassName: "" + storagePVC: true + storagePVCSize: 1Gi + coordinators: + volumeClaim: + logPVCClassName: "" + logPVC: true + logPVCSize: 256Mi + storagePVCClassName: "" + storagePVC: true + storagePVCSize: 1Gi + + env: + MEMGRAPH_ENTERPRISE_LICENSE: "${MEMGRAPH_ENTERPRISE_LICENSE}" + MEMGRAPH_ORGANIZATION_NAME: "${MEMGRAPH_ORGANIZATION_NAME}" + image: + pullPolicy: IfNotPresent + repository: memgraph/memgraph + tag: 2.18.0 + probes: + liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + readiness: + initialDelaySeconds: 5 + periodSeconds: 5 + startup: + failureThreshold: 30 + periodSeconds: 10 diff --git a/config/samples/memgraph_v1_memgraphha.yaml b/config/samples/memgraph_v1_memgraphha.yaml deleted file mode 100644 index 91c9c96..0000000 --- a/config/samples/memgraph_v1_memgraphha.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: memgraph.com/v1 -kind: MemgraphHA -metadata: - labels: - app.kubernetes.io/name: memgraphha - app.kubernetes.io/instance: memgraphha-sample - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/created-by: kubernetes-operator - name: memgraphha-sample -spec: - # TODO(user): Add fields here diff --git a/go.mod b/go.mod index c0b92a8..f5d528e 100644 --- a/go.mod +++ b/go.mod @@ -1,73 +1,72 @@ module github.com/memgraph/kubernetes-operator -go 1.20 +go 1.22.0 + +toolchain go1.22.5 require ( - github.com/onsi/ginkgo/v2 v2.11.0 - github.com/onsi/gomega v1.27.10 - k8s.io/apimachinery v0.28.3 - k8s.io/client-go v0.28.3 - sigs.k8s.io/controller-runtime v0.16.3 + github.com/onsi/ginkgo/v2 v2.19.0 + github.com/onsi/gomega v1.33.1 + k8s.io/apimachinery v0.30.3 + k8s.io/client-go v0.30.3 + sigs.k8s.io/controller-runtime v0.18.4 ) require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/go-logr/logr v1.2.4 // indirect - github.com/go-logr/zapr v1.2.4 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect - github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect + github.com/emicklei/go-restful/v3 v3.12.1 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/go-logr/zapr v1.3.0 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.0 // indirect + github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect - github.com/google/go-cmp v0.5.9 // indirect + github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect - github.com/google/uuid v1.3.0 // indirect - github.com/imdario/mergo v0.3.6 // indirect + github.com/google/pprof v0.0.0-20240722153945-304e4f0156b8 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/imdario/mergo v0.3.16 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_golang v1.16.0 // indirect - github.com/prometheus/client_model v0.4.0 // indirect - github.com/prometheus/common v0.44.0 // indirect - github.com/prometheus/procfs v0.10.1 // indirect + github.com/prometheus/client_golang v1.19.1 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.55.0 // indirect + github.com/prometheus/procfs v0.15.1 // indirect github.com/spf13/pflag v1.0.5 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.25.0 // indirect - golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect - golang.org/x/net v0.17.0 // indirect - golang.org/x/oauth2 v0.8.0 // indirect - golang.org/x/sys v0.13.0 // indirect - golang.org/x/term v0.13.0 // indirect - golang.org/x/text v0.13.0 // indirect - golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.9.3 // indirect + go.uber.org/zap v1.27.0 // indirect + golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect + golang.org/x/net v0.27.0 // indirect + golang.org/x/oauth2 v0.21.0 // indirect + golang.org/x/sys v0.22.0 // indirect + golang.org/x/term v0.22.0 // indirect + golang.org/x/text v0.16.0 // indirect + golang.org/x/time v0.5.0 // indirect + golang.org/x/tools v0.23.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.30.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.28.3 // indirect - k8s.io/apiextensions-apiserver v0.28.3 // indirect - k8s.io/component-base v0.28.3 // indirect - k8s.io/klog/v2 v2.100.1 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect - k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect + k8s.io/api v0.30.3 // indirect + k8s.io/apiextensions-apiserver v0.30.3 // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20240709000822-3c01b740850f // indirect + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index 8e8882f..244baea 100644 --- a/go.sum +++ b/go.sum @@ -1,78 +1,62 @@ -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= -github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/emicklei/go-restful/v3 v3.12.1 h1:PJMDIM/ak7btuL8Ex0iYET9hxM3CI2sjZtzpL63nKAU= +github.com/emicklei/go-restful/v3 v3.12.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= +github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28= -github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/google/pprof v0.0.0-20240722153945-304e4f0156b8 h1:ssNFCCVmib/GQSzx3uCWyfMgOamLGWuGqlMS77Y1m3Y= +github.com/google/pprof v0.0.0-20240722153945-304e4f0156b8/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= +github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -80,116 +64,84 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU= -github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= -github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= -github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= +github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= +github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= -github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= -github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= -github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= -github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= +github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= +github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -go.uber.org/zap v1.25.0 h1:4Hvk6GtkucQ790dqmj7l1eEnRdKm3k3ZUrUMS2d5+5c= -go.uber.org/zap v1.25.0/go.mod h1:JIAUzQIH94IC4fOJQm7gMmBJP5k7wQfdcnYdPoEXJYk= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA= -golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys= +golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= +golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= +golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM= -golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= +golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg= +golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= @@ -197,30 +149,27 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM= -k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc= -k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08= -k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc= -k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A= -k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8= -k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4= -k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo= -k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= -k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= -sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= +k8s.io/api v0.30.3 h1:ImHwK9DCsPA9uoU3rVh4QHAHHK5dTSv1nxJUapx8hoQ= +k8s.io/api v0.30.3/go.mod h1:GPc8jlzoe5JG3pb0KJCSLX5oAFIW3/qNJITlDj8BH04= +k8s.io/apiextensions-apiserver v0.30.3 h1:oChu5li2vsZHx2IvnGP3ah8Nj3KyqG3kRSaKmijhB9U= +k8s.io/apiextensions-apiserver v0.30.3/go.mod h1:uhXxYDkMAvl6CJw4lrDN4CPbONkF3+XL9cacCT44kV4= +k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc= +k8s.io/apimachinery v0.30.3/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/client-go v0.30.3 h1:bHrJu3xQZNXIi8/MoxYtZBBWQQXwy16zqJwloXXfD3k= +k8s.io/client-go v0.30.3/go.mod h1:8d4pf8vYu665/kUbsxWAQ/JDBNWqfFeZnvFiVdmx89U= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240709000822-3c01b740850f h1:2sXuKesAYbRHxL3aE2PN6zX/gcJr22cjrsej+W784Tc= +k8s.io/kube-openapi v0.0.0-20240709000822-3c01b740850f/go.mod h1:UxDHUPsUwTOOxSU+oXURfFBcAS6JwiRXTYqYwfuGowc= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.18.4 h1:87+guW1zhvuPLh1PHybKdYFLU0YJp4FhJRmiHvm5BZw= +sigs.k8s.io/controller-runtime v0.18.4/go.mod h1:TVoGrfdpbA9VRFaRnKgk9P5/atA0pMwq+f+msb9M8Sg= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= From f23703038432c5a3a0f205961d83711d3e605e6b Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Fri, 26 Jul 2024 11:59:31 +0200 Subject: [PATCH 09/26] Basic version of the controller --- .gitignore | 2 ++ Dockerfile | 2 +- Makefile | 6 ++--- config/manager/kustomization.yaml | 6 +++++ config/manager/manager.yaml | 27 -------------------- internal/controller/memgraphha_controller.go | 24 ++++++++++------- 6 files changed, 27 insertions(+), 40 deletions(-) diff --git a/.gitignore b/.gitignore index 62fd3e3..6a96658 100644 --- a/.gitignore +++ b/.gitignore @@ -12,3 +12,5 @@ bin *.swp *.swo *~ + +./manager diff --git a/Dockerfile b/Dockerfile index b078298..a48973e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.20 AS builder +FROM golang:1.22 AS builder ARG TARGETOS ARG TARGETARCH diff --git a/Makefile b/Makefile index b304cb5..3244f81 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ # To re-generate a bundle for another specific version without changing the standard setup, you can: # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2) # - use environment variables to overwrite this value (e.g export VERSION=0.0.2) -VERSION ?= 0.0.1 +VERSION ?= 0.0.4 # CHANNELS define the bundle channels used in the bundle. # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable") @@ -29,7 +29,7 @@ BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) # # For example, running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both # com/kubernetes-operator-bundle:$VERSION and com/kubernetes-operator-catalog:$VERSION. -IMAGE_TAG_BASE ?= com/kubernetes-operator +IMAGE_TAG_BASE ?= memgraph/kubernetes-operator # BUNDLE_IMG defines the image:tag used for the bundle. # You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=/:) @@ -51,7 +51,7 @@ endif OPERATOR_SDK_VERSION ?= v1.35.0 # Image URL to use all building/pushing image targets -IMG ?= controller:latest +IMG ?= $(IMAGE_TAG_BASE):$(VERSION) # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.28.3 diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index ac75006..26247ab 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,3 +1,9 @@ resources: - manager.yaml - namespace.yaml +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +images: +- name: controller + newName: memgraph/kubernetes-operator + newTag: 0.0.4 diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index fa3b39c..ff8492b 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -23,35 +23,8 @@ spec: labels: control-plane: controller-manager spec: - # TODO(user): Uncomment the following code to configure the nodeAffinity expression - # according to the platforms which are supported by your solution. - # It is considered best practice to support multiple architectures. You can - # build your manager image using the makefile target docker-buildx. - # affinity: - # nodeAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # nodeSelectorTerms: - # - matchExpressions: - # - key: kubernetes.io/arch - # operator: In - # values: - # - amd64 - # - arm64 - # - ppc64le - # - s390x - # - key: kubernetes.io/os - # operator: In - # values: - # - linux securityContext: runAsNonRoot: true - # TODO(user): For common cases that do not require escalating privileges - # it is recommended to ensure that all your Pods/Containers are restrictive. - # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted - # Please uncomment the following code if your project does NOT have to work on old Kubernetes - # versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ). - # seccompProfile: - # type: RuntimeDefault containers: - command: - /manager diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 8915145..69c45e8 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -19,6 +19,7 @@ package controller import ( "context" + "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" @@ -37,20 +38,25 @@ type MemgraphHAReconciler struct { //+kubebuilder:rbac:groups=memgraph.com,resources=memgraphhas/status,verbs=get;update;patch //+kubebuilder:rbac:groups=memgraph.com,resources=memgraphhas/finalizers,verbs=update -// Reconcile is part of the main kubernetes reconciliation loop which aims to -// move the current state of the cluster closer to the desired state. -// TODO(user): Modify the Reconcile function to compare the state specified by -// the MemgraphHA object against the actual cluster state, and then -// perform operations to make the cluster state reflect the state specified by -// the user. -// // For more details, check Reconcile and its Result here: // - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.16.3/pkg/reconcile func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { - _ = log.FromContext(ctx) + logger := log.FromContext(ctx) - // TODO(user): your logic here + memgraphha := &memgraphv1.MemgraphHA{} + err := r.Get(ctx, req.NamespacedName, memgraphha) + if err != nil { + // Handle specifically not found error + if errors.IsNotFound(err) { + logger.Info("MemgraphHA resource not found. Ignoring since object must be deleted.") + return ctrl.Result{}, nil + } + logger.Error(err, "Failed to get MemgraphHA") + // Requeue + return ctrl.Result{}, err + } + // The resource doesn't need to be reconciled anymore return ctrl.Result{}, nil } From 711d5a985bef30a4e87fab92c844e83d9cf828e2 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Wed, 7 Aug 2024 12:53:13 +0200 Subject: [PATCH 10/26] Add statefulset for coordinators --- api/v1/groupversion_info.go | 5 +- api/v1/memgraphha_types.go | 10 + api/v1/zz_generated.deepcopy.go | 9 + internal/controller/memgraphha_controller.go | 230 +++++++++++++++++++ 4 files changed, 253 insertions(+), 1 deletion(-) diff --git a/api/v1/groupversion_info.go b/api/v1/groupversion_info.go index 34e9233..7ac142d 100644 --- a/api/v1/groupversion_info.go +++ b/api/v1/groupversion_info.go @@ -31,6 +31,9 @@ var ( // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} - // AddToScheme adds the types in this group-version to the given scheme. + /* AddToScheme adds the types in this group-version to the given scheme. + Scheme is an abstraction used in the API Machinery to create a mapping between Go + structures and Group-Version-Kinds. + */ AddToScheme = SchemeBuilder.AddToScheme ) diff --git a/api/v1/memgraphha_types.go b/api/v1/memgraphha_types.go index f3a116f..07b276d 100644 --- a/api/v1/memgraphha_types.go +++ b/api/v1/memgraphha_types.go @@ -14,6 +14,11 @@ See the License for the specific language governing permissions and limitations under the License. */ +/* +In some way this file simulates types.go from k8s.io/api/apps/v1 to define new resources +we are using. +*/ + package v1 import ( @@ -100,6 +105,11 @@ type MemgraphHAStatus struct { //+kubebuilder:subresource:status // MemgraphHA is the Schema for the memgraphhas API +/* +Every Kind needs to have two structures: metav1.TypeMeta and metav1.ObjectMeta. +TypeMeta structure contains information about the GVK of the Kind. +ObjectMeta contains metadata for the Kind. +*/ type MemgraphHA struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index fb1d31a..969b71f 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -16,6 +16,15 @@ See the License for the specific language governing permissions and limitations under the License. */ + +/* +This file is generated by the deepcopy-gen generator. It contains the generated definition +of the DeepCopyObject method for each type defined in the package. This method is necessary +for the structures to implement the runtime.Object interface, which is defined in the API +Machinery Library and the API Machinery expects that all Kind structures will implement +this runtime.Object interface. +*/ + // Code generated by controller-gen. DO NOT EDIT. package v1 diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 69c45e8..6cfba72 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -16,15 +16,50 @@ limitations under the License. package controller +/* +apimachinery package contains code to help developers serialize data in various formats +between Go structures and objects written in the JSON(or YAML or Protobuf) +The library is generic in the sense that it doesn't include any Kubernetes API resource +definitions. +*/ + +/* +API library is a collection of Go structures that are needed to work in Go with the resources +defined by the Kubernetes API. k8s.io/api is the prefix. +*/ + +/* +Kubernetes API +apis/memgraph/v1/... +`kubectl get pods --namespace project1 --watch -o json` +`kubectl proxy` +`HOST=http://127.0.0.1:8001` +e.g create a pod: +curl $HOST/api/v1/namespaces/project1/pods -H "Content-Type: application/yaml" --data-binary @pod.yaml +curl -X GET $HOST/api/v1/namespaces/project1/pods/nginx +*/ + +/* +The ResourceList type will have to be used to define the limits and requests of resources. +*/ + import ( "context" + "fmt" + + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/types" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/log" + // this corresponds to cachev1alpha1 from Memcached example memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" ) @@ -56,10 +91,205 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) return ctrl.Result{}, err } + logger.Info("MemgrahHA namespace", memgraphha.Namespace) + + coord1StatefulSet := &appsv1.StatefulSet{} + err = r.Get(ctx, types.NamespacedName{Name: "memgraph-coordinator-1", Namespace: memgraphha.Namespace}, coord1StatefulSet) + if err != nil { + if errors.IsNotFound(err) { + coordId := int32(1) + coord := r.createStatefulSetForCoord(memgraphha, coordId) + logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) + err := r.Create(ctx, coord) + if err != nil { + logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) + return ctrl.Result{}, err + } + // Coordinator is created, requeue and continue reconciliation loop + return ctrl.Result{Requeue: true}, nil + + } else { + logger.Error(err, "Failed to fetch StatefulSet for coordinator1") + return ctrl.Result{}, err + } + } + // The resource doesn't need to be reconciled anymore return ctrl.Result{}, nil } +func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1.MemgraphHA, coordId int32) *appsv1.StatefulSet { + labels := createCoordLabels(coordId) + coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + replicas := int32(1) + containerName := "memgraph-coordinator" + image := "memgraph/memgraph:2.18.1" + boltPort := 7687 + coordPort := 12000 + mgmtPort := 10000 + args := []string{ + fmt.Sprintf("--coordinator-id=%d", coordId), + fmt.Sprintf("--coordinator-port=%d", coordPort), + fmt.Sprintf("--management-port=%d", mgmtPort), + fmt.Sprintf("--bolt-port=%d", boltPort), + fmt.Sprintf("--coordinator-hostname=memgraph-coordinator-%d.default.svc.cluster.local", coordId), + "--experimental-enabled=high-availability", + "--also-log-to-stderr", + "--log-level=TRACE", + "--log-file=/var/log/memgraph/memgraph.log", + "--nuraft-log-file=/var/log/memgraph/memgraph.log", + } + license := " add" + organization := "testing-k8" + volumeLibName := fmt.Sprintf("memgraph-coordinator-%d-lib-storage", coordId) + volumeLibSize := "1Gi" + volumeLogName := fmt.Sprintf("memgraph-coordinator-%d-log-storage", coordId) + volumeLogSize := "256Mi" + initContainerName := "init" + initContainerCommand := []string{ + "/bin/sh", + "-c", + } + initContainerArgs := []string{"chown -R memgraph:memgraph /var/log; chown -R memgraph:memgraph /var/lib"} + initContainerPrivileged := true + initContainerReadOnlyRootFilesystem := false + initContainerRunAsNonRoot := false + initContainerRunAsUser := int64(0) + + // TODO: + /* + add serviceName + env + volumeMounts + initContainers + volumeClaimTemplates + */ + + coord := &appsv1.StatefulSet{ + ObjectMeta: metav1.ObjectMeta{ + Name: coordName, + Namespace: memgraphha.Namespace, + }, + Spec: appsv1.StatefulSetSpec{ + Replicas: &replicas, + Selector: &metav1.LabelSelector{ + MatchLabels: labels, + }, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: labels, + }, + Spec: corev1.PodSpec{ + InitContainers: []corev1.Container{ + { + Name: initContainerName, + Image: image, + VolumeMounts: []corev1.VolumeMount{ + { + Name: volumeLibName, + MountPath: "/var/lib/memgraph", + }, + { + Name: volumeLogName, + MountPath: "/var/log/memgraph", + }, + }, + Command: initContainerCommand, + Args: initContainerArgs, + SecurityContext: &corev1.SecurityContext{ + Privileged: &initContainerPrivileged, + ReadOnlyRootFilesystem: &initContainerReadOnlyRootFilesystem, + RunAsNonRoot: &initContainerRunAsNonRoot, + RunAsUser: &initContainerRunAsUser, + Capabilities: &corev1.Capabilities{ + Drop: []corev1.Capability{"all"}, + Add: []corev1.Capability{"CHOWN"}, + }, + }, + }, + }, + + Containers: []corev1.Container{{ + Name: containerName, + Image: image, + ImagePullPolicy: corev1.PullIfNotPresent, + Ports: []corev1.ContainerPort{ + { + ContainerPort: int32(boltPort), + Name: "boltPort", + }, + { + ContainerPort: int32(mgmtPort), + Name: "managementPort", + }, + { + ContainerPort: int32(coordPort), + Name: "coordinatorPort", + }, + }, + Args: args, + Env: []corev1.EnvVar{ + { + Name: "MEMGRAPH_ENTERPRISE_LICENSE", + Value: license, + }, + { + Name: "MEMGRAPH_ORGANIZATION_NAME", + Value: organization, + }, + }, + VolumeMounts: []corev1.VolumeMount{ + { + Name: volumeLibName, + MountPath: "/var/lib/memgraph", + }, + { + Name: volumeLogName, + MountPath: "/var/log/memgraph", + }, + }, + }}, + }, + }, + VolumeClaimTemplates: []corev1.PersistentVolumeClaim{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: volumeLibName, + }, + Spec: corev1.PersistentVolumeClaimSpec{ + AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, + Resources: corev1.VolumeResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceEphemeralStorage: resource.MustParse(volumeLibSize), + }, + }, + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: volumeLogName, + }, + Spec: corev1.PersistentVolumeClaimSpec{ + AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, + Resources: corev1.VolumeResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceEphemeralStorage: resource.MustParse(volumeLogSize), + }, + }, + }, + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, coord, r.Scheme) + return coord +} + +func createCoordLabels(coordId int32) map[string]string { + return map[string]string{"app": fmt.Sprintf("memgraph-coordinator-%d", coordId)} +} + // SetupWithManager sets up the controller with the Manager. func (r *MemgraphHAReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). From f95a284f4518c6bb4f8f35dba5c60987bee03a3d Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Wed, 7 Aug 2024 14:06:08 +0200 Subject: [PATCH 11/26] Add reconciliation of data instances --- internal/controller/memgraphha_controller.go | 294 +++++++++++++++++-- 1 file changed, 266 insertions(+), 28 deletions(-) diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 6cfba72..935bfc3 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -50,6 +50,7 @@ import ( appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" + "github.com/go-logr/logr" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -93,34 +94,270 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) logger.Info("MemgrahHA namespace", memgraphha.Namespace) - coord1StatefulSet := &appsv1.StatefulSet{} - err = r.Get(ctx, types.NamespacedName{Name: "memgraph-coordinator-1", Namespace: memgraphha.Namespace}, coord1StatefulSet) - if err != nil { - if errors.IsNotFound(err) { - coordId := int32(1) - coord := r.createStatefulSetForCoord(memgraphha, coordId) - logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) - err := r.Create(ctx, coord) - if err != nil { - logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) - return ctrl.Result{}, err - } - // Coordinator is created, requeue and continue reconciliation loop - return ctrl.Result{Requeue: true}, nil + // TODO: andi unroll loop - } else { - logger.Error(err, "Failed to fetch StatefulSet for coordinator1") - return ctrl.Result{}, err - } + coordsStatus, coordsErr := r.reconcileCoordinators(ctx, memgraphha, &logger) + if coordsErr != nil { + logger.Info("Error returned from reconciling coordinators. Returning empty Result with error.") + return ctrl.Result{}, coordsErr + } + + if coordsStatus == true { + logger.Info("One of coordinators has been created. Returning Result with the request for requeing with error=nil.") + return ctrl.Result{Requeue: true}, nil + } + + logger.Info("Reconciliation of coordinators finished without actions needed.") + + // TODO: (andi) unroll loop + + dataInstancesStatus, dataInstancesErr := r.reconcileDataInstances(ctx, memgraphha, &logger) + if dataInstancesErr != nil { + logger.Info("Error returned from reconciling data instances. Returning empty Result with error.") + return ctrl.Result{}, dataInstancesErr + } + + if dataInstancesStatus == true { + logger.Info("One of data instances has been created. Returning Result with the request for requeing with error=nil.") + return ctrl.Result{Requeue: true}, nil } // The resource doesn't need to be reconciled anymore return ctrl.Result{}, nil } -func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1.MemgraphHA, coordId int32) *appsv1.StatefulSet { - labels := createCoordLabels(coordId) +func (r *MemgraphHAReconciler) reconcileDataInstances(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger) (bool, error) { + logger.Info("Started reconciling data instances") + status := false + + for dataInstanceId := 0; dataInstanceId <= 1; dataInstanceId++ { + dataInstanceStatefulSet := &appsv1.StatefulSet{} + name := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + logger.Info("Started reconciling", name) + err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, dataInstanceStatefulSet) + if err != nil { + if errors.IsNotFound(err) { + dataInstance := r.createStatefulSetForDataInstance(memgraphha, dataInstanceId) + logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) + err := r.Create(ctx, dataInstance) + if err != nil { + logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) + return false, err + } + status = true + logger.Info("StatefulSet for", name, "is created. Setting status flag to true and continuing to reconcile other data instances. Caller should requeue.") + } else { + logger.Error(err, "Failed to fetch StatefulSet for", name, "Reconciliation loop is terminated.") + return false, err + } + } else { + logger.Info("StatefulSet for", name, "already exists. Keeping status flag as it was and continuing to reconcile other data instances.") + + } + } + + return status, nil +} + +func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *appsv1.StatefulSet { + dataInstanceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + labels := createDataInstanceLabels(dataInstanceName) + replicas := int32(1) + containerName := "memgraph-data" + image := "memgraph/memgraph:2.18.1" + boltPort := 7687 + replicationPort := 12000 + mgmtPort := 10000 + args := []string{ + fmt.Sprintf("--management-port=%d", mgmtPort), + fmt.Sprintf("--bolt-port=%d", boltPort), + "--experimental-enabled=high-availability", + "--also-log-to-stderr", + "--log-level=TRACE", + "--log-file=/var/log/memgraph/memgraph.log", + } + license := " add" + organization := "testing-k8" + volumeLibName := fmt.Sprintf("%s-lib-storage", dataInstanceName) + volumeLibSize := "1Gi" + volumeLogName := fmt.Sprintf("%s-log-storage", dataInstanceName) + volumeLogSize := "256Mi" + initContainerName := "init" + initContainerCommand := []string{ + "/bin/sh", + "-c", + } + initContainerArgs := []string{"chown -R memgraph:memgraph /var/log; chown -R memgraph:memgraph /var/lib"} + initContainerPrivileged := true + initContainerReadOnlyRootFilesystem := false + initContainerRunAsNonRoot := false + initContainerRunAsUser := int64(0) + + // TODO: + /* + add serviceName + env + */ + + data := &appsv1.StatefulSet{ + ObjectMeta: metav1.ObjectMeta{ + Name: dataInstanceName, + Namespace: memgraphha.Namespace, + }, + Spec: appsv1.StatefulSetSpec{ + Replicas: &replicas, + Selector: &metav1.LabelSelector{ + MatchLabels: labels, + }, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: labels, + }, + Spec: corev1.PodSpec{ + InitContainers: []corev1.Container{ + { + Name: initContainerName, + Image: image, + VolumeMounts: []corev1.VolumeMount{ + { + Name: volumeLibName, + MountPath: "/var/lib/memgraph", + }, + { + Name: volumeLogName, + MountPath: "/var/log/memgraph", + }, + }, + Command: initContainerCommand, + Args: initContainerArgs, + SecurityContext: &corev1.SecurityContext{ + Privileged: &initContainerPrivileged, + ReadOnlyRootFilesystem: &initContainerReadOnlyRootFilesystem, + RunAsNonRoot: &initContainerRunAsNonRoot, + RunAsUser: &initContainerRunAsUser, + Capabilities: &corev1.Capabilities{ + Drop: []corev1.Capability{"all"}, + Add: []corev1.Capability{"CHOWN"}, + }, + }, + }, + }, + + Containers: []corev1.Container{{ + Name: containerName, + Image: image, + ImagePullPolicy: corev1.PullIfNotPresent, + Ports: []corev1.ContainerPort{ + { + ContainerPort: int32(boltPort), + Name: "boltPort", + }, + { + ContainerPort: int32(mgmtPort), + Name: "managementPort", + }, + { + ContainerPort: int32(replicationPort), + Name: "replicationPort", + }, + }, + Args: args, + Env: []corev1.EnvVar{ + { + Name: "MEMGRAPH_ENTERPRISE_LICENSE", + Value: license, + }, + { + Name: "MEMGRAPH_ORGANIZATION_NAME", + Value: organization, + }, + }, + VolumeMounts: []corev1.VolumeMount{ + { + Name: volumeLibName, + MountPath: "/var/lib/memgraph", + }, + { + Name: volumeLogName, + MountPath: "/var/log/memgraph", + }, + }, + }}, + }, + }, + VolumeClaimTemplates: []corev1.PersistentVolumeClaim{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: volumeLibName, + }, + Spec: corev1.PersistentVolumeClaimSpec{ + AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, + Resources: corev1.VolumeResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceEphemeralStorage: resource.MustParse(volumeLibSize), + }, + }, + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: volumeLogName, + }, + Spec: corev1.PersistentVolumeClaimSpec{ + AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, + Resources: corev1.VolumeResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceEphemeralStorage: resource.MustParse(volumeLogSize), + }, + }, + }, + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, data, r.Scheme) + return data +} + +/* +Returns bool, error tuple. If error exists, the caller should return with error and status will always be set to false. +If there is no error, we must look at bool status which when true will say that some coordinator was created (or all of them) and we need to requeue +or we need to go to the next step of reconciliation. +*/ +func (r *MemgraphHAReconciler) reconcileCoordinators(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger) (bool, error) { + logger.Info("Started reconciling coordinators") + status := false + for coordId := 1; coordId <= 3; coordId++ { + coordStatefulSet := &appsv1.StatefulSet{} + name := fmt.Sprintf("memgraph-coordinator-%d", coordId) + logger.Info("Started reconciling", name) + err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, coordStatefulSet) + if err != nil { + if errors.IsNotFound(err) { + coord := r.createStatefulSetForCoord(memgraphha, coordId) + logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) + err := r.Create(ctx, coord) + if err != nil { + logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) + return false, err + } + status = true + logger.Info("StatefulSet for", name, "is created. Setting status flag to true and continuing to reconcile other coordinators. Caller should requeue.") + } else { + logger.Error(err, "Failed to fetch StatefulSet for", name, "Reconciliation loop is terminated.") + return false, err + } + } else { + logger.Info("StatefulSet for", name, "already exists. Keeping status flag as it was and continuing to reconcile other coordinators.") + } + } + return status, nil +} + +func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1.MemgraphHA, coordId int) *appsv1.StatefulSet { coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + labels := createCoordLabels(coordName) replicas := int32(1) containerName := "memgraph-coordinator" image := "memgraph/memgraph:2.18.1" @@ -132,7 +369,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. fmt.Sprintf("--coordinator-port=%d", coordPort), fmt.Sprintf("--management-port=%d", mgmtPort), fmt.Sprintf("--bolt-port=%d", boltPort), - fmt.Sprintf("--coordinator-hostname=memgraph-coordinator-%d.default.svc.cluster.local", coordId), + fmt.Sprintf("--coordinator-hostname=%s.default.svc.cluster.local", coordName), "--experimental-enabled=high-availability", "--also-log-to-stderr", "--log-level=TRACE", @@ -141,9 +378,9 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. } license := " add" organization := "testing-k8" - volumeLibName := fmt.Sprintf("memgraph-coordinator-%d-lib-storage", coordId) + volumeLibName := fmt.Sprintf("%s-lib-storage", coordName) volumeLibSize := "1Gi" - volumeLogName := fmt.Sprintf("memgraph-coordinator-%d-log-storage", coordId) + volumeLogName := fmt.Sprintf("%s-log-storage", coordName) volumeLogSize := "256Mi" initContainerName := "init" initContainerCommand := []string{ @@ -160,9 +397,6 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. /* add serviceName env - volumeMounts - initContainers - volumeClaimTemplates */ coord := &appsv1.StatefulSet{ @@ -286,8 +520,12 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. return coord } -func createCoordLabels(coordId int32) map[string]string { - return map[string]string{"app": fmt.Sprintf("memgraph-coordinator-%d", coordId)} +func createCoordLabels(coordName string) map[string]string { + return map[string]string{"app": coordName} +} + +func createDataInstanceLabels(dataInstanceName string) map[string]string { + return map[string]string{"app": dataInstanceName} } // SetupWithManager sets up the controller with the Manager. From 50dd4e78ea43fe50c379f418faf6cb072e7e1818 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Wed, 7 Aug 2024 14:48:51 +0200 Subject: [PATCH 12/26] Add reconciliation of coordinator services --- internal/controller/memgraphha_controller.go | 300 ++++++++++++++----- 1 file changed, 227 insertions(+), 73 deletions(-) diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 935bfc3..46e8fa6 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -56,6 +56,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/intstr" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/log" @@ -94,69 +95,93 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) logger.Info("MemgrahHA namespace", memgraphha.Namespace) - // TODO: andi unroll loop + for coordId := 1; coordId <= 3; coordId++ { + // ClusterIP + coordClusterIPStatus, coordClusterIPErr := r.reconcileCoordClusterIPService(ctx, memgraphha, &logger, coordId) + if coordClusterIPErr != nil { + logger.Info("Error returned when reconciling ClusterIP with id", coordId, "Returning empty Result with error.") + return ctrl.Result{}, coordClusterIPErr + } - coordsStatus, coordsErr := r.reconcileCoordinators(ctx, memgraphha, &logger) - if coordsErr != nil { - logger.Info("Error returned from reconciling coordinators. Returning empty Result with error.") - return ctrl.Result{}, coordsErr - } + if coordClusterIPStatus == true { + logger.Info("ClusterIP with id", coordId, "has been created. Returning Result with the request for requeing with error set to nil.") + return ctrl.Result{Requeue: true}, nil + } + + // NodePort + coordNodePortStatus, coordNodePortErr := r.reconcileCoordNodePortService(ctx, memgraphha, &logger, coordId) + if coordNodePortErr != nil { + logger.Info("Error returned when reconciling NodePort with id", coordId, "Returning empty Result with error.") + return ctrl.Result{}, coordNodePortErr + } + + if coordNodePortStatus == true { + logger.Info("NodePort with id", coordId, "has been created. Returning Result with the request for requeing with error set to nil.") + return ctrl.Result{Requeue: true}, nil + } + + // Coordinator + coordStatus, coordErr := r.reconcileCoordinator(ctx, memgraphha, &logger, coordId) + if coordErr != nil { + logger.Info("Error returned when reconciling coordinator", coordId, "Returning empty Result with error.") + return ctrl.Result{}, coordErr + } - if coordsStatus == true { - logger.Info("One of coordinators has been created. Returning Result with the request for requeing with error=nil.") - return ctrl.Result{Requeue: true}, nil + if coordStatus == true { + logger.Info("Coordinator", coordId, "has been created. Returning Result with the request for requeing with error set to nil.") + return ctrl.Result{Requeue: true}, nil + } } logger.Info("Reconciliation of coordinators finished without actions needed.") - // TODO: (andi) unroll loop + for dataInstanceId := 0; dataInstanceId <= 1; dataInstanceId++ { - dataInstancesStatus, dataInstancesErr := r.reconcileDataInstances(ctx, memgraphha, &logger) - if dataInstancesErr != nil { - logger.Info("Error returned from reconciling data instances. Returning empty Result with error.") - return ctrl.Result{}, dataInstancesErr - } + // Data instance + dataInstancesStatus, dataInstancesErr := r.reconcileDataInstance(ctx, memgraphha, &logger, dataInstanceId) + if dataInstancesErr != nil { + logger.Info("Error returned when reconciling data instance", dataInstanceId, "Returning empty Result with error.") + return ctrl.Result{}, dataInstancesErr + } - if dataInstancesStatus == true { - logger.Info("One of data instances has been created. Returning Result with the request for requeing with error=nil.") - return ctrl.Result{Requeue: true}, nil + if dataInstancesStatus == true { + logger.Info("Data instance", dataInstanceId, "has been created. Returning Result with the request for requeing with error=nil.") + return ctrl.Result{Requeue: true}, nil + } } + logger.Info("Reconciliation of data instances finished without actions needed.") + // The resource doesn't need to be reconciled anymore return ctrl.Result{}, nil } -func (r *MemgraphHAReconciler) reconcileDataInstances(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger) (bool, error) { - logger.Info("Started reconciling data instances") - status := false +func (r *MemgraphHAReconciler) reconcileDataInstance(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { + name := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + logger.Info("Started reconciling", name) + dataInstanceStatefulSet := &appsv1.StatefulSet{} + err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, dataInstanceStatefulSet) - for dataInstanceId := 0; dataInstanceId <= 1; dataInstanceId++ { - dataInstanceStatefulSet := &appsv1.StatefulSet{} - name := fmt.Sprintf("memgraph-data-%d", dataInstanceId) - logger.Info("Started reconciling", name) - err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, dataInstanceStatefulSet) - if err != nil { - if errors.IsNotFound(err) { - dataInstance := r.createStatefulSetForDataInstance(memgraphha, dataInstanceId) - logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) - err := r.Create(ctx, dataInstance) - if err != nil { - logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) - return false, err - } - status = true - logger.Info("StatefulSet for", name, "is created. Setting status flag to true and continuing to reconcile other data instances. Caller should requeue.") - } else { - logger.Error(err, "Failed to fetch StatefulSet for", name, "Reconciliation loop is terminated.") - return false, err - } - } else { - logger.Info("StatefulSet for", name, "already exists. Keeping status flag as it was and continuing to reconcile other data instances.") + if err == nil { + logger.Info("StatefulSet", name, "already exists.") + return false, nil + } + if errors.IsNotFound(err) { + dataInstance := r.createStatefulSetForDataInstance(memgraphha, dataInstanceId) + logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) + err := r.Create(ctx, dataInstance) + if err != nil { + logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) + return true, err } + logger.Info("StatefulSet", name, "is created.") + return true, nil } - return status, nil + logger.Error(err, "Failed to fetch StatefulSet", name) + return true, err + } func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *appsv1.StatefulSet { @@ -320,43 +345,171 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg return data } +func (r *MemgraphHAReconciler) reconcileCoordNodePortService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { + serviceName := fmt.Sprintf("memgraph-coordinator-%d-external", coordId) + logger.Info("Started reconciling NodePort service", serviceName) + + coordNodePortService := &corev1.Service{} + err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, coordNodePortService) + + if err == nil { + logger.Info("NodePort", serviceName, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + nodePort := r.createNodePort(memgraphha, coordId) + logger.Info("Creating a new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) + err := r.Create(ctx, nodePort) + if err != nil { + logger.Error(err, "Failed to create new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) + return true, err + } + logger.Info("NodePort", serviceName, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch NodePort", serviceName) + return true, err + +} + +func (r *MemgraphHAReconciler) createNodePort(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { + serviceName := fmt.Sprintf("memgraph-coordinator-%d-external", coordId) + coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + // TODO: (andi) Extract somehow configuration and move into separate files. + boltPort := 7687 + + coordNodePort := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: serviceName, + Namespace: memgraphha.Namespace, + }, + Spec: corev1.ServiceSpec{ + Type: corev1.ServiceTypeNodePort, + Selector: createCoordLabels(coordName), + Ports: []corev1.ServicePort{ + { + Name: "bolt", + Protocol: corev1.ProtocolTCP, + Port: int32(boltPort), + TargetPort: intstr.FromInt(boltPort), + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, coordNodePort, r.Scheme) + return coordNodePort +} + +func (r *MemgraphHAReconciler) reconcileCoordClusterIPService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { + serviceName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + logger.Info("Started reconciling ClusterIP service", serviceName) + + coordClusterIPService := &corev1.Service{} + err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, coordClusterIPService) + + if err == nil { + logger.Info("ClusterIP", serviceName, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + clusterIP := r.createCoordClusterIP(memgraphha, coordId) + logger.Info("Creating a new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) + err := r.Create(ctx, clusterIP) + if err != nil { + logger.Error(err, "Failed to create new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) + return true, err + } + logger.Info("ClusterIP", serviceName, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch ClusterIP", serviceName) + return true, err + +} + +func (r *MemgraphHAReconciler) createCoordClusterIP(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { + serviceName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + coordName := serviceName + // TODO: (andi) Extract somehow configuration and move into separate files. + boltPort := 7687 + coordinatorPort := 12000 + mgmtPort := 10000 + + coordClusterIP := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: serviceName, + Namespace: memgraphha.Namespace, + }, + Spec: corev1.ServiceSpec{ + Type: corev1.ServiceTypeClusterIP, + Selector: createCoordLabels(coordName), + Ports: []corev1.ServicePort{ + { + Name: "bolt", + Protocol: corev1.ProtocolTCP, + Port: int32(boltPort), + TargetPort: intstr.FromInt(boltPort), + }, + { + Name: "coordinator", + Protocol: corev1.ProtocolTCP, + Port: int32(coordinatorPort), + TargetPort: intstr.FromInt(coordinatorPort), + }, + { + Name: "management", + Protocol: corev1.ProtocolTCP, + Port: int32(mgmtPort), + TargetPort: intstr.FromInt(mgmtPort), + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, coordClusterIP, r.Scheme) + return coordClusterIP +} + /* -Returns bool, error tuple. If error exists, the caller should return with error and status will always be set to false. -If there is no error, we must look at bool status which when true will say that some coordinator was created (or all of them) and we need to requeue -or we need to go to the next step of reconciliation. +Returns bool, error tuple. If error exists, the caller should return with error and status will always be set to true. +If there is no error, we must look at bool status which when true will say that the coordinator was createdand we need to requeue +or that nothing was done and we can continue with the next step of reconciliation. */ -func (r *MemgraphHAReconciler) reconcileCoordinators(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger) (bool, error) { - logger.Info("Started reconciling coordinators") - status := false - for coordId := 1; coordId <= 3; coordId++ { - coordStatefulSet := &appsv1.StatefulSet{} - name := fmt.Sprintf("memgraph-coordinator-%d", coordId) - logger.Info("Started reconciling", name) - err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, coordStatefulSet) +func (r *MemgraphHAReconciler) reconcileCoordinator(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { + name := fmt.Sprintf("memgraph-coordinator-%d", coordId) + logger.Info("Started reconciling", name) + coordStatefulSet := &appsv1.StatefulSet{} + err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, coordStatefulSet) + + if err == nil { + logger.Info("StatefulSet", name, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + coord := r.createStatefulSetForCoord(memgraphha, coordId) + logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) + err := r.Create(ctx, coord) if err != nil { - if errors.IsNotFound(err) { - coord := r.createStatefulSetForCoord(memgraphha, coordId) - logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) - err := r.Create(ctx, coord) - if err != nil { - logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) - return false, err - } - status = true - logger.Info("StatefulSet for", name, "is created. Setting status flag to true and continuing to reconcile other coordinators. Caller should requeue.") - } else { - logger.Error(err, "Failed to fetch StatefulSet for", name, "Reconciliation loop is terminated.") - return false, err - } - } else { - logger.Info("StatefulSet for", name, "already exists. Keeping status flag as it was and continuing to reconcile other coordinators.") + logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) + return true, err } + logger.Info("StatefulSet", name, "is created.") + return true, nil } - return status, nil + + logger.Error(err, "Failed to fetch StatefulSet", name) + return true, err } func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1.MemgraphHA, coordId int) *appsv1.StatefulSet { coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + serviceName := coordName labels := createCoordLabels(coordName) replicas := int32(1) containerName := "memgraph-coordinator" @@ -405,7 +558,8 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. Namespace: memgraphha.Namespace, }, Spec: appsv1.StatefulSetSpec{ - Replicas: &replicas, + ServiceName: serviceName, + Replicas: &replicas, Selector: &metav1.LabelSelector{ MatchLabels: labels, }, From 2fd407259aa4e1cf4e8981cd2200e95c369e4147 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Wed, 7 Aug 2024 15:19:31 +0200 Subject: [PATCH 13/26] Add reconciliation of data instances services --- internal/controller/memgraphha_controller.go | 157 ++++++++++++++++++- 1 file changed, 155 insertions(+), 2 deletions(-) diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 46e8fa6..2eecaa2 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -136,6 +136,29 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) logger.Info("Reconciliation of coordinators finished without actions needed.") for dataInstanceId := 0; dataInstanceId <= 1; dataInstanceId++ { + // ClusterIP + dataInstanceClusterIPStatus, dataInstanceClusterIPErr := r.reconcileDataInstanceClusterIPService(ctx, memgraphha, &logger, dataInstanceId) + if dataInstanceClusterIPErr != nil { + logger.Info("Error returned when reconciling ClusterIP with id", dataInstanceId, "Returning empty Result with error.") + return ctrl.Result{}, dataInstanceClusterIPErr + } + + if dataInstanceClusterIPStatus == true { + logger.Info("ClusterIP with id", dataInstanceId, "has been created. Returning Result with the request for requeing with error set to nil.") + return ctrl.Result{Requeue: true}, nil + } + + // NodePort + dataInstanceNodePortStatus, dataInstanceNodePortErr := r.reconcileDataInstanceNodePortService(ctx, memgraphha, &logger, dataInstanceId) + if dataInstanceNodePortErr != nil { + logger.Info("Error returned when reconciling NodePort with id", dataInstanceId, "Returning empty Result with error.") + return ctrl.Result{}, dataInstanceNodePortErr + } + + if dataInstanceNodePortStatus == true { + logger.Info("NodePort with id", dataInstanceId, "has been created. Returning Result with the request for requeing with error set to nil.") + return ctrl.Result{Requeue: true}, nil + } // Data instance dataInstancesStatus, dataInstancesErr := r.reconcileDataInstance(ctx, memgraphha, &logger, dataInstanceId) @@ -156,6 +179,136 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) return ctrl.Result{}, nil } +func (r *MemgraphHAReconciler) reconcileDataInstanceNodePortService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { + serviceName := fmt.Sprintf("memgraph-data-%d-external", dataInstanceId) + logger.Info("Started reconciling NodePort service", serviceName) + + dataInstanceNodePortService := &corev1.Service{} + err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, dataInstanceNodePortService) + + if err == nil { + logger.Info("NodePort", serviceName, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + nodePort := r.createDataInstanceNodePort(memgraphha, dataInstanceId) + logger.Info("Creating a new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) + err := r.Create(ctx, nodePort) + if err != nil { + logger.Error(err, "Failed to create new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) + return true, err + } + logger.Info("NodePort", serviceName, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch NodePort", serviceName) + return true, err + +} + +func (r *MemgraphHAReconciler) createDataInstanceNodePort(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *corev1.Service { + serviceName := fmt.Sprintf("memgraph-data-%d-external", dataInstanceId) + dataInstanceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + // TODO: (andi) Extract somehow configuration and move into separate files. + boltPort := 7687 + + dataInstanceNodePort := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: serviceName, + Namespace: memgraphha.Namespace, + }, + Spec: corev1.ServiceSpec{ + Type: corev1.ServiceTypeNodePort, + Selector: createDataInstanceLabels(dataInstanceName), + Ports: []corev1.ServicePort{ + { + Name: "bolt", + Protocol: corev1.ProtocolTCP, + Port: int32(boltPort), + TargetPort: intstr.FromInt(boltPort), + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, dataInstanceNodePort, r.Scheme) + return dataInstanceNodePort +} + +func (r *MemgraphHAReconciler) reconcileDataInstanceClusterIPService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { + serviceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + logger.Info("Started reconciling ClusterIP service", serviceName) + + dataInstanceClusterIPService := &corev1.Service{} + err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, dataInstanceClusterIPService) + + if err == nil { + logger.Info("ClusterIP", serviceName, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + clusterIP := r.createDataInstanceClusterIP(memgraphha, dataInstanceId) + logger.Info("Creating a new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) + err := r.Create(ctx, clusterIP) + if err != nil { + logger.Error(err, "Failed to create new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) + return true, err + } + logger.Info("ClusterIP", serviceName, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch ClusterIP", serviceName) + return true, err + +} + +func (r *MemgraphHAReconciler) createDataInstanceClusterIP(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *corev1.Service { + serviceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + dataInstanceName := serviceName + // TODO: (andi) Extract somehow configuration and move into separate files. + boltPort := 7687 + replicationPort := 20000 + mgmtPort := 10000 + + dataInstanceClusterIP := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: serviceName, + Namespace: memgraphha.Namespace, + }, + Spec: corev1.ServiceSpec{ + Type: corev1.ServiceTypeClusterIP, + Selector: createDataInstanceLabels(dataInstanceName), + Ports: []corev1.ServicePort{ + { + Name: "bolt", + Protocol: corev1.ProtocolTCP, + Port: int32(boltPort), + TargetPort: intstr.FromInt(boltPort), + }, + { + Name: "replication", + Protocol: corev1.ProtocolTCP, + Port: int32(replicationPort), + TargetPort: intstr.FromInt(replicationPort), + }, + { + Name: "management", + Protocol: corev1.ProtocolTCP, + Port: int32(mgmtPort), + TargetPort: intstr.FromInt(mgmtPort), + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, dataInstanceClusterIP, r.Scheme) + return dataInstanceClusterIP +} + func (r *MemgraphHAReconciler) reconcileDataInstance(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { name := fmt.Sprintf("memgraph-data-%d", dataInstanceId) logger.Info("Started reconciling", name) @@ -358,7 +511,7 @@ func (r *MemgraphHAReconciler) reconcileCoordNodePortService(ctx context.Context } if errors.IsNotFound(err) { - nodePort := r.createNodePort(memgraphha, coordId) + nodePort := r.createCoordNodePort(memgraphha, coordId) logger.Info("Creating a new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) err := r.Create(ctx, nodePort) if err != nil { @@ -374,7 +527,7 @@ func (r *MemgraphHAReconciler) reconcileCoordNodePortService(ctx context.Context } -func (r *MemgraphHAReconciler) createNodePort(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { +func (r *MemgraphHAReconciler) createCoordNodePort(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { serviceName := fmt.Sprintf("memgraph-coordinator-%d-external", coordId) coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) // TODO: (andi) Extract somehow configuration and move into separate files. From 54bedd88b3ab93b5e735f3a9a37de8148872d6d8 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Wed, 7 Aug 2024 15:34:00 +0200 Subject: [PATCH 14/26] Split services and stateful sets into separate files --- internal/controller/memgraphha_controller.go | 674 ------------------ internal/controller/memgraphha_coord.go | 230 ++++++ .../controller/memgraphha_coord_services.go | 162 +++++ .../controller/memgraphha_data_instance.go | 222 ++++++ .../controller/memgraphha_data_services.go | 161 +++++ internal/controller/memgraphha_reconciler.go | 28 + 6 files changed, 803 insertions(+), 674 deletions(-) create mode 100644 internal/controller/memgraphha_coord.go create mode 100644 internal/controller/memgraphha_coord_services.go create mode 100644 internal/controller/memgraphha_data_instance.go create mode 100644 internal/controller/memgraphha_data_services.go create mode 100644 internal/controller/memgraphha_reconciler.go diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 2eecaa2..3c6d87d 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -45,32 +45,14 @@ The ResourceList type will have to be used to define the limits and requests of import ( "context" - "fmt" - appsv1 "k8s.io/api/apps/v1" - corev1 "k8s.io/api/core/v1" - - "github.com/go-logr/logr" "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/api/resource" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/util/intstr" ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/log" - // this corresponds to cachev1alpha1 from Memcached example memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" ) -// MemgraphHAReconciler reconciles a MemgraphHA object -type MemgraphHAReconciler struct { - client.Client - Scheme *runtime.Scheme -} - //+kubebuilder:rbac:groups=memgraph.com,resources=memgraphhas,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:groups=memgraph.com,resources=memgraphhas/status,verbs=get;update;patch //+kubebuilder:rbac:groups=memgraph.com,resources=memgraphhas/finalizers,verbs=update @@ -179,662 +161,6 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) return ctrl.Result{}, nil } -func (r *MemgraphHAReconciler) reconcileDataInstanceNodePortService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { - serviceName := fmt.Sprintf("memgraph-data-%d-external", dataInstanceId) - logger.Info("Started reconciling NodePort service", serviceName) - - dataInstanceNodePortService := &corev1.Service{} - err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, dataInstanceNodePortService) - - if err == nil { - logger.Info("NodePort", serviceName, "already exists.") - return false, nil - } - - if errors.IsNotFound(err) { - nodePort := r.createDataInstanceNodePort(memgraphha, dataInstanceId) - logger.Info("Creating a new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) - err := r.Create(ctx, nodePort) - if err != nil { - logger.Error(err, "Failed to create new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) - return true, err - } - logger.Info("NodePort", serviceName, "is created.") - return true, nil - } - - logger.Error(err, "Failed to fetch NodePort", serviceName) - return true, err - -} - -func (r *MemgraphHAReconciler) createDataInstanceNodePort(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *corev1.Service { - serviceName := fmt.Sprintf("memgraph-data-%d-external", dataInstanceId) - dataInstanceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) - // TODO: (andi) Extract somehow configuration and move into separate files. - boltPort := 7687 - - dataInstanceNodePort := &corev1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Name: serviceName, - Namespace: memgraphha.Namespace, - }, - Spec: corev1.ServiceSpec{ - Type: corev1.ServiceTypeNodePort, - Selector: createDataInstanceLabels(dataInstanceName), - Ports: []corev1.ServicePort{ - { - Name: "bolt", - Protocol: corev1.ProtocolTCP, - Port: int32(boltPort), - TargetPort: intstr.FromInt(boltPort), - }, - }, - }, - } - - ctrl.SetControllerReference(memgraphha, dataInstanceNodePort, r.Scheme) - return dataInstanceNodePort -} - -func (r *MemgraphHAReconciler) reconcileDataInstanceClusterIPService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { - serviceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) - logger.Info("Started reconciling ClusterIP service", serviceName) - - dataInstanceClusterIPService := &corev1.Service{} - err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, dataInstanceClusterIPService) - - if err == nil { - logger.Info("ClusterIP", serviceName, "already exists.") - return false, nil - } - - if errors.IsNotFound(err) { - clusterIP := r.createDataInstanceClusterIP(memgraphha, dataInstanceId) - logger.Info("Creating a new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) - err := r.Create(ctx, clusterIP) - if err != nil { - logger.Error(err, "Failed to create new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) - return true, err - } - logger.Info("ClusterIP", serviceName, "is created.") - return true, nil - } - - logger.Error(err, "Failed to fetch ClusterIP", serviceName) - return true, err - -} - -func (r *MemgraphHAReconciler) createDataInstanceClusterIP(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *corev1.Service { - serviceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) - dataInstanceName := serviceName - // TODO: (andi) Extract somehow configuration and move into separate files. - boltPort := 7687 - replicationPort := 20000 - mgmtPort := 10000 - - dataInstanceClusterIP := &corev1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Name: serviceName, - Namespace: memgraphha.Namespace, - }, - Spec: corev1.ServiceSpec{ - Type: corev1.ServiceTypeClusterIP, - Selector: createDataInstanceLabels(dataInstanceName), - Ports: []corev1.ServicePort{ - { - Name: "bolt", - Protocol: corev1.ProtocolTCP, - Port: int32(boltPort), - TargetPort: intstr.FromInt(boltPort), - }, - { - Name: "replication", - Protocol: corev1.ProtocolTCP, - Port: int32(replicationPort), - TargetPort: intstr.FromInt(replicationPort), - }, - { - Name: "management", - Protocol: corev1.ProtocolTCP, - Port: int32(mgmtPort), - TargetPort: intstr.FromInt(mgmtPort), - }, - }, - }, - } - - ctrl.SetControllerReference(memgraphha, dataInstanceClusterIP, r.Scheme) - return dataInstanceClusterIP -} - -func (r *MemgraphHAReconciler) reconcileDataInstance(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { - name := fmt.Sprintf("memgraph-data-%d", dataInstanceId) - logger.Info("Started reconciling", name) - dataInstanceStatefulSet := &appsv1.StatefulSet{} - err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, dataInstanceStatefulSet) - - if err == nil { - logger.Info("StatefulSet", name, "already exists.") - return false, nil - } - - if errors.IsNotFound(err) { - dataInstance := r.createStatefulSetForDataInstance(memgraphha, dataInstanceId) - logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) - err := r.Create(ctx, dataInstance) - if err != nil { - logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) - return true, err - } - logger.Info("StatefulSet", name, "is created.") - return true, nil - } - - logger.Error(err, "Failed to fetch StatefulSet", name) - return true, err - -} - -func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *appsv1.StatefulSet { - dataInstanceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) - labels := createDataInstanceLabels(dataInstanceName) - replicas := int32(1) - containerName := "memgraph-data" - image := "memgraph/memgraph:2.18.1" - boltPort := 7687 - replicationPort := 12000 - mgmtPort := 10000 - args := []string{ - fmt.Sprintf("--management-port=%d", mgmtPort), - fmt.Sprintf("--bolt-port=%d", boltPort), - "--experimental-enabled=high-availability", - "--also-log-to-stderr", - "--log-level=TRACE", - "--log-file=/var/log/memgraph/memgraph.log", - } - license := " add" - organization := "testing-k8" - volumeLibName := fmt.Sprintf("%s-lib-storage", dataInstanceName) - volumeLibSize := "1Gi" - volumeLogName := fmt.Sprintf("%s-log-storage", dataInstanceName) - volumeLogSize := "256Mi" - initContainerName := "init" - initContainerCommand := []string{ - "/bin/sh", - "-c", - } - initContainerArgs := []string{"chown -R memgraph:memgraph /var/log; chown -R memgraph:memgraph /var/lib"} - initContainerPrivileged := true - initContainerReadOnlyRootFilesystem := false - initContainerRunAsNonRoot := false - initContainerRunAsUser := int64(0) - - // TODO: - /* - add serviceName - env - */ - - data := &appsv1.StatefulSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: dataInstanceName, - Namespace: memgraphha.Namespace, - }, - Spec: appsv1.StatefulSetSpec{ - Replicas: &replicas, - Selector: &metav1.LabelSelector{ - MatchLabels: labels, - }, - Template: corev1.PodTemplateSpec{ - ObjectMeta: metav1.ObjectMeta{ - Labels: labels, - }, - Spec: corev1.PodSpec{ - InitContainers: []corev1.Container{ - { - Name: initContainerName, - Image: image, - VolumeMounts: []corev1.VolumeMount{ - { - Name: volumeLibName, - MountPath: "/var/lib/memgraph", - }, - { - Name: volumeLogName, - MountPath: "/var/log/memgraph", - }, - }, - Command: initContainerCommand, - Args: initContainerArgs, - SecurityContext: &corev1.SecurityContext{ - Privileged: &initContainerPrivileged, - ReadOnlyRootFilesystem: &initContainerReadOnlyRootFilesystem, - RunAsNonRoot: &initContainerRunAsNonRoot, - RunAsUser: &initContainerRunAsUser, - Capabilities: &corev1.Capabilities{ - Drop: []corev1.Capability{"all"}, - Add: []corev1.Capability{"CHOWN"}, - }, - }, - }, - }, - - Containers: []corev1.Container{{ - Name: containerName, - Image: image, - ImagePullPolicy: corev1.PullIfNotPresent, - Ports: []corev1.ContainerPort{ - { - ContainerPort: int32(boltPort), - Name: "boltPort", - }, - { - ContainerPort: int32(mgmtPort), - Name: "managementPort", - }, - { - ContainerPort: int32(replicationPort), - Name: "replicationPort", - }, - }, - Args: args, - Env: []corev1.EnvVar{ - { - Name: "MEMGRAPH_ENTERPRISE_LICENSE", - Value: license, - }, - { - Name: "MEMGRAPH_ORGANIZATION_NAME", - Value: organization, - }, - }, - VolumeMounts: []corev1.VolumeMount{ - { - Name: volumeLibName, - MountPath: "/var/lib/memgraph", - }, - { - Name: volumeLogName, - MountPath: "/var/log/memgraph", - }, - }, - }}, - }, - }, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{ - { - ObjectMeta: metav1.ObjectMeta{ - Name: volumeLibName, - }, - Spec: corev1.PersistentVolumeClaimSpec{ - AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, - Resources: corev1.VolumeResourceRequirements{ - Requests: corev1.ResourceList{ - corev1.ResourceEphemeralStorage: resource.MustParse(volumeLibSize), - }, - }, - }, - }, - { - ObjectMeta: metav1.ObjectMeta{ - Name: volumeLogName, - }, - Spec: corev1.PersistentVolumeClaimSpec{ - AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, - Resources: corev1.VolumeResourceRequirements{ - Requests: corev1.ResourceList{ - corev1.ResourceEphemeralStorage: resource.MustParse(volumeLogSize), - }, - }, - }, - }, - }, - }, - } - - ctrl.SetControllerReference(memgraphha, data, r.Scheme) - return data -} - -func (r *MemgraphHAReconciler) reconcileCoordNodePortService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { - serviceName := fmt.Sprintf("memgraph-coordinator-%d-external", coordId) - logger.Info("Started reconciling NodePort service", serviceName) - - coordNodePortService := &corev1.Service{} - err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, coordNodePortService) - - if err == nil { - logger.Info("NodePort", serviceName, "already exists.") - return false, nil - } - - if errors.IsNotFound(err) { - nodePort := r.createCoordNodePort(memgraphha, coordId) - logger.Info("Creating a new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) - err := r.Create(ctx, nodePort) - if err != nil { - logger.Error(err, "Failed to create new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) - return true, err - } - logger.Info("NodePort", serviceName, "is created.") - return true, nil - } - - logger.Error(err, "Failed to fetch NodePort", serviceName) - return true, err - -} - -func (r *MemgraphHAReconciler) createCoordNodePort(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { - serviceName := fmt.Sprintf("memgraph-coordinator-%d-external", coordId) - coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) - // TODO: (andi) Extract somehow configuration and move into separate files. - boltPort := 7687 - - coordNodePort := &corev1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Name: serviceName, - Namespace: memgraphha.Namespace, - }, - Spec: corev1.ServiceSpec{ - Type: corev1.ServiceTypeNodePort, - Selector: createCoordLabels(coordName), - Ports: []corev1.ServicePort{ - { - Name: "bolt", - Protocol: corev1.ProtocolTCP, - Port: int32(boltPort), - TargetPort: intstr.FromInt(boltPort), - }, - }, - }, - } - - ctrl.SetControllerReference(memgraphha, coordNodePort, r.Scheme) - return coordNodePort -} - -func (r *MemgraphHAReconciler) reconcileCoordClusterIPService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { - serviceName := fmt.Sprintf("memgraph-coordinator-%d", coordId) - logger.Info("Started reconciling ClusterIP service", serviceName) - - coordClusterIPService := &corev1.Service{} - err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, coordClusterIPService) - - if err == nil { - logger.Info("ClusterIP", serviceName, "already exists.") - return false, nil - } - - if errors.IsNotFound(err) { - clusterIP := r.createCoordClusterIP(memgraphha, coordId) - logger.Info("Creating a new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) - err := r.Create(ctx, clusterIP) - if err != nil { - logger.Error(err, "Failed to create new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) - return true, err - } - logger.Info("ClusterIP", serviceName, "is created.") - return true, nil - } - - logger.Error(err, "Failed to fetch ClusterIP", serviceName) - return true, err - -} - -func (r *MemgraphHAReconciler) createCoordClusterIP(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { - serviceName := fmt.Sprintf("memgraph-coordinator-%d", coordId) - coordName := serviceName - // TODO: (andi) Extract somehow configuration and move into separate files. - boltPort := 7687 - coordinatorPort := 12000 - mgmtPort := 10000 - - coordClusterIP := &corev1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Name: serviceName, - Namespace: memgraphha.Namespace, - }, - Spec: corev1.ServiceSpec{ - Type: corev1.ServiceTypeClusterIP, - Selector: createCoordLabels(coordName), - Ports: []corev1.ServicePort{ - { - Name: "bolt", - Protocol: corev1.ProtocolTCP, - Port: int32(boltPort), - TargetPort: intstr.FromInt(boltPort), - }, - { - Name: "coordinator", - Protocol: corev1.ProtocolTCP, - Port: int32(coordinatorPort), - TargetPort: intstr.FromInt(coordinatorPort), - }, - { - Name: "management", - Protocol: corev1.ProtocolTCP, - Port: int32(mgmtPort), - TargetPort: intstr.FromInt(mgmtPort), - }, - }, - }, - } - - ctrl.SetControllerReference(memgraphha, coordClusterIP, r.Scheme) - return coordClusterIP -} - -/* -Returns bool, error tuple. If error exists, the caller should return with error and status will always be set to true. -If there is no error, we must look at bool status which when true will say that the coordinator was createdand we need to requeue -or that nothing was done and we can continue with the next step of reconciliation. -*/ -func (r *MemgraphHAReconciler) reconcileCoordinator(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { - name := fmt.Sprintf("memgraph-coordinator-%d", coordId) - logger.Info("Started reconciling", name) - coordStatefulSet := &appsv1.StatefulSet{} - err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, coordStatefulSet) - - if err == nil { - logger.Info("StatefulSet", name, "already exists.") - return false, nil - } - - if errors.IsNotFound(err) { - coord := r.createStatefulSetForCoord(memgraphha, coordId) - logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) - err := r.Create(ctx, coord) - if err != nil { - logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) - return true, err - } - logger.Info("StatefulSet", name, "is created.") - return true, nil - } - - logger.Error(err, "Failed to fetch StatefulSet", name) - return true, err -} - -func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1.MemgraphHA, coordId int) *appsv1.StatefulSet { - coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) - serviceName := coordName - labels := createCoordLabels(coordName) - replicas := int32(1) - containerName := "memgraph-coordinator" - image := "memgraph/memgraph:2.18.1" - boltPort := 7687 - coordPort := 12000 - mgmtPort := 10000 - args := []string{ - fmt.Sprintf("--coordinator-id=%d", coordId), - fmt.Sprintf("--coordinator-port=%d", coordPort), - fmt.Sprintf("--management-port=%d", mgmtPort), - fmt.Sprintf("--bolt-port=%d", boltPort), - fmt.Sprintf("--coordinator-hostname=%s.default.svc.cluster.local", coordName), - "--experimental-enabled=high-availability", - "--also-log-to-stderr", - "--log-level=TRACE", - "--log-file=/var/log/memgraph/memgraph.log", - "--nuraft-log-file=/var/log/memgraph/memgraph.log", - } - license := " add" - organization := "testing-k8" - volumeLibName := fmt.Sprintf("%s-lib-storage", coordName) - volumeLibSize := "1Gi" - volumeLogName := fmt.Sprintf("%s-log-storage", coordName) - volumeLogSize := "256Mi" - initContainerName := "init" - initContainerCommand := []string{ - "/bin/sh", - "-c", - } - initContainerArgs := []string{"chown -R memgraph:memgraph /var/log; chown -R memgraph:memgraph /var/lib"} - initContainerPrivileged := true - initContainerReadOnlyRootFilesystem := false - initContainerRunAsNonRoot := false - initContainerRunAsUser := int64(0) - - // TODO: - /* - add serviceName - env - */ - - coord := &appsv1.StatefulSet{ - ObjectMeta: metav1.ObjectMeta{ - Name: coordName, - Namespace: memgraphha.Namespace, - }, - Spec: appsv1.StatefulSetSpec{ - ServiceName: serviceName, - Replicas: &replicas, - Selector: &metav1.LabelSelector{ - MatchLabels: labels, - }, - Template: corev1.PodTemplateSpec{ - ObjectMeta: metav1.ObjectMeta{ - Labels: labels, - }, - Spec: corev1.PodSpec{ - InitContainers: []corev1.Container{ - { - Name: initContainerName, - Image: image, - VolumeMounts: []corev1.VolumeMount{ - { - Name: volumeLibName, - MountPath: "/var/lib/memgraph", - }, - { - Name: volumeLogName, - MountPath: "/var/log/memgraph", - }, - }, - Command: initContainerCommand, - Args: initContainerArgs, - SecurityContext: &corev1.SecurityContext{ - Privileged: &initContainerPrivileged, - ReadOnlyRootFilesystem: &initContainerReadOnlyRootFilesystem, - RunAsNonRoot: &initContainerRunAsNonRoot, - RunAsUser: &initContainerRunAsUser, - Capabilities: &corev1.Capabilities{ - Drop: []corev1.Capability{"all"}, - Add: []corev1.Capability{"CHOWN"}, - }, - }, - }, - }, - - Containers: []corev1.Container{{ - Name: containerName, - Image: image, - ImagePullPolicy: corev1.PullIfNotPresent, - Ports: []corev1.ContainerPort{ - { - ContainerPort: int32(boltPort), - Name: "boltPort", - }, - { - ContainerPort: int32(mgmtPort), - Name: "managementPort", - }, - { - ContainerPort: int32(coordPort), - Name: "coordinatorPort", - }, - }, - Args: args, - Env: []corev1.EnvVar{ - { - Name: "MEMGRAPH_ENTERPRISE_LICENSE", - Value: license, - }, - { - Name: "MEMGRAPH_ORGANIZATION_NAME", - Value: organization, - }, - }, - VolumeMounts: []corev1.VolumeMount{ - { - Name: volumeLibName, - MountPath: "/var/lib/memgraph", - }, - { - Name: volumeLogName, - MountPath: "/var/log/memgraph", - }, - }, - }}, - }, - }, - VolumeClaimTemplates: []corev1.PersistentVolumeClaim{ - { - ObjectMeta: metav1.ObjectMeta{ - Name: volumeLibName, - }, - Spec: corev1.PersistentVolumeClaimSpec{ - AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, - Resources: corev1.VolumeResourceRequirements{ - Requests: corev1.ResourceList{ - corev1.ResourceEphemeralStorage: resource.MustParse(volumeLibSize), - }, - }, - }, - }, - { - ObjectMeta: metav1.ObjectMeta{ - Name: volumeLogName, - }, - Spec: corev1.PersistentVolumeClaimSpec{ - AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, - Resources: corev1.VolumeResourceRequirements{ - Requests: corev1.ResourceList{ - corev1.ResourceEphemeralStorage: resource.MustParse(volumeLogSize), - }, - }, - }, - }, - }, - }, - } - - ctrl.SetControllerReference(memgraphha, coord, r.Scheme) - return coord -} - -func createCoordLabels(coordName string) map[string]string { - return map[string]string{"app": coordName} -} - -func createDataInstanceLabels(dataInstanceName string) map[string]string { - return map[string]string{"app": dataInstanceName} -} - // SetupWithManager sets up the controller with the Manager. func (r *MemgraphHAReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). diff --git a/internal/controller/memgraphha_coord.go b/internal/controller/memgraphha_coord.go new file mode 100644 index 0000000..aa2a97a --- /dev/null +++ b/internal/controller/memgraphha_coord.go @@ -0,0 +1,230 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "context" + "fmt" + + "github.com/go-logr/logr" + memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + ctrl "sigs.k8s.io/controller-runtime" +) + +/* +Returns bool, error tuple. If error exists, the caller should return with error and status will always be set to true. +If there is no error, we must look at bool status which when true will say that the coordinator was createdand we need to requeue +or that nothing was done and we can continue with the next step of reconciliation. +*/ +func (r *MemgraphHAReconciler) reconcileCoordinator(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { + name := fmt.Sprintf("memgraph-coordinator-%d", coordId) + logger.Info("Started reconciling", name) + coordStatefulSet := &appsv1.StatefulSet{} + err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, coordStatefulSet) + + if err == nil { + logger.Info("StatefulSet", name, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + coord := r.createStatefulSetForCoord(memgraphha, coordId) + logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) + err := r.Create(ctx, coord) + if err != nil { + logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) + return true, err + } + logger.Info("StatefulSet", name, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch StatefulSet", name) + return true, err +} + +func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1.MemgraphHA, coordId int) *appsv1.StatefulSet { + coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + serviceName := coordName + labels := createCoordLabels(coordName) + replicas := int32(1) + containerName := "memgraph-coordinator" + image := "memgraph/memgraph:2.18.1" + boltPort := 7687 + coordPort := 12000 + mgmtPort := 10000 + args := []string{ + fmt.Sprintf("--coordinator-id=%d", coordId), + fmt.Sprintf("--coordinator-port=%d", coordPort), + fmt.Sprintf("--management-port=%d", mgmtPort), + fmt.Sprintf("--bolt-port=%d", boltPort), + fmt.Sprintf("--coordinator-hostname=%s.default.svc.cluster.local", coordName), + "--experimental-enabled=high-availability", + "--also-log-to-stderr", + "--log-level=TRACE", + "--log-file=/var/log/memgraph/memgraph.log", + "--nuraft-log-file=/var/log/memgraph/memgraph.log", + } + license := " add" + organization := "testing-k8" + volumeLibName := fmt.Sprintf("%s-lib-storage", coordName) + volumeLibSize := "1Gi" + volumeLogName := fmt.Sprintf("%s-log-storage", coordName) + volumeLogSize := "256Mi" + initContainerName := "init" + initContainerCommand := []string{ + "/bin/sh", + "-c", + } + initContainerArgs := []string{"chown -R memgraph:memgraph /var/log; chown -R memgraph:memgraph /var/lib"} + initContainerPrivileged := true + initContainerReadOnlyRootFilesystem := false + initContainerRunAsNonRoot := false + initContainerRunAsUser := int64(0) + + // TODO (andi): How to handle license and organization name? + coord := &appsv1.StatefulSet{ + ObjectMeta: metav1.ObjectMeta{ + Name: coordName, + Namespace: memgraphha.Namespace, + }, + Spec: appsv1.StatefulSetSpec{ + ServiceName: serviceName, + Replicas: &replicas, + Selector: &metav1.LabelSelector{ + MatchLabels: labels, + }, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: labels, + }, + Spec: corev1.PodSpec{ + InitContainers: []corev1.Container{ + { + Name: initContainerName, + Image: image, + VolumeMounts: []corev1.VolumeMount{ + { + Name: volumeLibName, + MountPath: "/var/lib/memgraph", + }, + { + Name: volumeLogName, + MountPath: "/var/log/memgraph", + }, + }, + Command: initContainerCommand, + Args: initContainerArgs, + SecurityContext: &corev1.SecurityContext{ + Privileged: &initContainerPrivileged, + ReadOnlyRootFilesystem: &initContainerReadOnlyRootFilesystem, + RunAsNonRoot: &initContainerRunAsNonRoot, + RunAsUser: &initContainerRunAsUser, + Capabilities: &corev1.Capabilities{ + Drop: []corev1.Capability{"all"}, + Add: []corev1.Capability{"CHOWN"}, + }, + }, + }, + }, + + Containers: []corev1.Container{{ + Name: containerName, + Image: image, + ImagePullPolicy: corev1.PullIfNotPresent, + Ports: []corev1.ContainerPort{ + { + ContainerPort: int32(boltPort), + Name: "boltPort", + }, + { + ContainerPort: int32(mgmtPort), + Name: "managementPort", + }, + { + ContainerPort: int32(coordPort), + Name: "coordinatorPort", + }, + }, + Args: args, + Env: []corev1.EnvVar{ + { + Name: "MEMGRAPH_ENTERPRISE_LICENSE", + Value: license, + }, + { + Name: "MEMGRAPH_ORGANIZATION_NAME", + Value: organization, + }, + }, + VolumeMounts: []corev1.VolumeMount{ + { + Name: volumeLibName, + MountPath: "/var/lib/memgraph", + }, + { + Name: volumeLogName, + MountPath: "/var/log/memgraph", + }, + }, + }}, + }, + }, + VolumeClaimTemplates: []corev1.PersistentVolumeClaim{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: volumeLibName, + }, + Spec: corev1.PersistentVolumeClaimSpec{ + AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, + Resources: corev1.VolumeResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceEphemeralStorage: resource.MustParse(volumeLibSize), + }, + }, + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: volumeLogName, + }, + Spec: corev1.PersistentVolumeClaimSpec{ + AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, + Resources: corev1.VolumeResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceEphemeralStorage: resource.MustParse(volumeLogSize), + }, + }, + }, + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, coord, r.Scheme) + return coord +} + +func createCoordLabels(coordName string) map[string]string { + return map[string]string{"app": coordName} +} diff --git a/internal/controller/memgraphha_coord_services.go b/internal/controller/memgraphha_coord_services.go new file mode 100644 index 0000000..9296996 --- /dev/null +++ b/internal/controller/memgraphha_coord_services.go @@ -0,0 +1,162 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "context" + "fmt" + + corev1 "k8s.io/api/core/v1" + ctrl "sigs.k8s.io/controller-runtime" + + "github.com/go-logr/logr" + memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/intstr" +) + +func (r *MemgraphHAReconciler) reconcileCoordNodePortService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { + serviceName := fmt.Sprintf("memgraph-coordinator-%d-external", coordId) + logger.Info("Started reconciling NodePort service", serviceName) + + coordNodePortService := &corev1.Service{} + err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, coordNodePortService) + + if err == nil { + logger.Info("NodePort", serviceName, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + nodePort := r.createCoordNodePort(memgraphha, coordId) + logger.Info("Creating a new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) + err := r.Create(ctx, nodePort) + if err != nil { + logger.Error(err, "Failed to create new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) + return true, err + } + logger.Info("NodePort", serviceName, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch NodePort", serviceName) + return true, err + +} + +func (r *MemgraphHAReconciler) createCoordNodePort(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { + serviceName := fmt.Sprintf("memgraph-coordinator-%d-external", coordId) + coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + // TODO: (andi) Extract somehow configuration and move into separate files. + boltPort := 7687 + + coordNodePort := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: serviceName, + Namespace: memgraphha.Namespace, + }, + Spec: corev1.ServiceSpec{ + Type: corev1.ServiceTypeNodePort, + Selector: createCoordLabels(coordName), + Ports: []corev1.ServicePort{ + { + Name: "bolt", + Protocol: corev1.ProtocolTCP, + Port: int32(boltPort), + TargetPort: intstr.FromInt(boltPort), + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, coordNodePort, r.Scheme) + return coordNodePort +} + +func (r *MemgraphHAReconciler) reconcileCoordClusterIPService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { + serviceName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + logger.Info("Started reconciling ClusterIP service", serviceName) + + coordClusterIPService := &corev1.Service{} + err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, coordClusterIPService) + + if err == nil { + logger.Info("ClusterIP", serviceName, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + clusterIP := r.createCoordClusterIP(memgraphha, coordId) + logger.Info("Creating a new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) + err := r.Create(ctx, clusterIP) + if err != nil { + logger.Error(err, "Failed to create new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) + return true, err + } + logger.Info("ClusterIP", serviceName, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch ClusterIP", serviceName) + return true, err + +} + +func (r *MemgraphHAReconciler) createCoordClusterIP(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { + serviceName := fmt.Sprintf("memgraph-coordinator-%d", coordId) + coordName := serviceName + // TODO: (andi) Extract somehow configuration and move into separate files. + boltPort := 7687 + coordinatorPort := 12000 + mgmtPort := 10000 + + coordClusterIP := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: serviceName, + Namespace: memgraphha.Namespace, + }, + Spec: corev1.ServiceSpec{ + Type: corev1.ServiceTypeClusterIP, + Selector: createCoordLabels(coordName), + Ports: []corev1.ServicePort{ + { + Name: "bolt", + Protocol: corev1.ProtocolTCP, + Port: int32(boltPort), + TargetPort: intstr.FromInt(boltPort), + }, + { + Name: "coordinator", + Protocol: corev1.ProtocolTCP, + Port: int32(coordinatorPort), + TargetPort: intstr.FromInt(coordinatorPort), + }, + { + Name: "management", + Protocol: corev1.ProtocolTCP, + Port: int32(mgmtPort), + TargetPort: intstr.FromInt(mgmtPort), + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, coordClusterIP, r.Scheme) + return coordClusterIP +} diff --git a/internal/controller/memgraphha_data_instance.go b/internal/controller/memgraphha_data_instance.go new file mode 100644 index 0000000..d56333f --- /dev/null +++ b/internal/controller/memgraphha_data_instance.go @@ -0,0 +1,222 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "context" + "fmt" + + "github.com/go-logr/logr" + memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/api/resource" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + ctrl "sigs.k8s.io/controller-runtime" +) + +func (r *MemgraphHAReconciler) reconcileDataInstance(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { + name := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + logger.Info("Started reconciling", name) + dataInstanceStatefulSet := &appsv1.StatefulSet{} + err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, dataInstanceStatefulSet) + + if err == nil { + logger.Info("StatefulSet", name, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + dataInstance := r.createStatefulSetForDataInstance(memgraphha, dataInstanceId) + logger.Info("Creating a new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) + err := r.Create(ctx, dataInstance) + if err != nil { + logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) + return true, err + } + logger.Info("StatefulSet", name, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch StatefulSet", name) + return true, err + +} + +func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *appsv1.StatefulSet { + dataInstanceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + serviceName := dataInstanceName + labels := createDataInstanceLabels(dataInstanceName) + replicas := int32(1) + containerName := "memgraph-data" + image := "memgraph/memgraph:2.18.1" + boltPort := 7687 + replicationPort := 12000 + mgmtPort := 10000 + args := []string{ + fmt.Sprintf("--management-port=%d", mgmtPort), + fmt.Sprintf("--bolt-port=%d", boltPort), + "--experimental-enabled=high-availability", + "--also-log-to-stderr", + "--log-level=TRACE", + "--log-file=/var/log/memgraph/memgraph.log", + } + license := " add" + organization := "testing-k8" + volumeLibName := fmt.Sprintf("%s-lib-storage", dataInstanceName) + volumeLibSize := "1Gi" + volumeLogName := fmt.Sprintf("%s-log-storage", dataInstanceName) + volumeLogSize := "256Mi" + initContainerName := "init" + initContainerCommand := []string{ + "/bin/sh", + "-c", + } + initContainerArgs := []string{"chown -R memgraph:memgraph /var/log; chown -R memgraph:memgraph /var/lib"} + initContainerPrivileged := true + initContainerReadOnlyRootFilesystem := false + initContainerRunAsNonRoot := false + initContainerRunAsUser := int64(0) + + // TODO: (andi) How handle licensing info? + data := &appsv1.StatefulSet{ + ObjectMeta: metav1.ObjectMeta{ + Name: dataInstanceName, + Namespace: memgraphha.Namespace, + }, + Spec: appsv1.StatefulSetSpec{ + ServiceName: serviceName, + Replicas: &replicas, + Selector: &metav1.LabelSelector{ + MatchLabels: labels, + }, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: labels, + }, + Spec: corev1.PodSpec{ + InitContainers: []corev1.Container{ + { + Name: initContainerName, + Image: image, + VolumeMounts: []corev1.VolumeMount{ + { + Name: volumeLibName, + MountPath: "/var/lib/memgraph", + }, + { + Name: volumeLogName, + MountPath: "/var/log/memgraph", + }, + }, + Command: initContainerCommand, + Args: initContainerArgs, + SecurityContext: &corev1.SecurityContext{ + Privileged: &initContainerPrivileged, + ReadOnlyRootFilesystem: &initContainerReadOnlyRootFilesystem, + RunAsNonRoot: &initContainerRunAsNonRoot, + RunAsUser: &initContainerRunAsUser, + Capabilities: &corev1.Capabilities{ + Drop: []corev1.Capability{"all"}, + Add: []corev1.Capability{"CHOWN"}, + }, + }, + }, + }, + + Containers: []corev1.Container{{ + Name: containerName, + Image: image, + ImagePullPolicy: corev1.PullIfNotPresent, + Ports: []corev1.ContainerPort{ + { + ContainerPort: int32(boltPort), + Name: "boltPort", + }, + { + ContainerPort: int32(mgmtPort), + Name: "managementPort", + }, + { + ContainerPort: int32(replicationPort), + Name: "replicationPort", + }, + }, + Args: args, + Env: []corev1.EnvVar{ + { + Name: "MEMGRAPH_ENTERPRISE_LICENSE", + Value: license, + }, + { + Name: "MEMGRAPH_ORGANIZATION_NAME", + Value: organization, + }, + }, + VolumeMounts: []corev1.VolumeMount{ + { + Name: volumeLibName, + MountPath: "/var/lib/memgraph", + }, + { + Name: volumeLogName, + MountPath: "/var/log/memgraph", + }, + }, + }}, + }, + }, + VolumeClaimTemplates: []corev1.PersistentVolumeClaim{ + { + ObjectMeta: metav1.ObjectMeta{ + Name: volumeLibName, + }, + Spec: corev1.PersistentVolumeClaimSpec{ + AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, + Resources: corev1.VolumeResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceEphemeralStorage: resource.MustParse(volumeLibSize), + }, + }, + }, + }, + { + ObjectMeta: metav1.ObjectMeta{ + Name: volumeLogName, + }, + Spec: corev1.PersistentVolumeClaimSpec{ + AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, + Resources: corev1.VolumeResourceRequirements{ + Requests: corev1.ResourceList{ + corev1.ResourceEphemeralStorage: resource.MustParse(volumeLogSize), + }, + }, + }, + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, data, r.Scheme) + return data +} + +func createDataInstanceLabels(dataInstanceName string) map[string]string { + return map[string]string{"app": dataInstanceName} +} diff --git a/internal/controller/memgraphha_data_services.go b/internal/controller/memgraphha_data_services.go new file mode 100644 index 0000000..33bffd3 --- /dev/null +++ b/internal/controller/memgraphha_data_services.go @@ -0,0 +1,161 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "context" + "fmt" + + "github.com/go-logr/logr" + memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/intstr" + ctrl "sigs.k8s.io/controller-runtime" +) + +func (r *MemgraphHAReconciler) reconcileDataInstanceNodePortService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { + serviceName := fmt.Sprintf("memgraph-data-%d-external", dataInstanceId) + logger.Info("Started reconciling NodePort service", serviceName) + + dataInstanceNodePortService := &corev1.Service{} + err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, dataInstanceNodePortService) + + if err == nil { + logger.Info("NodePort", serviceName, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + nodePort := r.createDataInstanceNodePort(memgraphha, dataInstanceId) + logger.Info("Creating a new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) + err := r.Create(ctx, nodePort) + if err != nil { + logger.Error(err, "Failed to create new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) + return true, err + } + logger.Info("NodePort", serviceName, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch NodePort", serviceName) + return true, err + +} + +func (r *MemgraphHAReconciler) createDataInstanceNodePort(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *corev1.Service { + serviceName := fmt.Sprintf("memgraph-data-%d-external", dataInstanceId) + dataInstanceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + // TODO: (andi) Extract somehow configuration and move into separate files. + boltPort := 7687 + + dataInstanceNodePort := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: serviceName, + Namespace: memgraphha.Namespace, + }, + Spec: corev1.ServiceSpec{ + Type: corev1.ServiceTypeNodePort, + Selector: createDataInstanceLabels(dataInstanceName), + Ports: []corev1.ServicePort{ + { + Name: "bolt", + Protocol: corev1.ProtocolTCP, + Port: int32(boltPort), + TargetPort: intstr.FromInt(boltPort), + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, dataInstanceNodePort, r.Scheme) + return dataInstanceNodePort +} + +func (r *MemgraphHAReconciler) reconcileDataInstanceClusterIPService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { + serviceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + logger.Info("Started reconciling ClusterIP service", serviceName) + + dataInstanceClusterIPService := &corev1.Service{} + err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, dataInstanceClusterIPService) + + if err == nil { + logger.Info("ClusterIP", serviceName, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + clusterIP := r.createDataInstanceClusterIP(memgraphha, dataInstanceId) + logger.Info("Creating a new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) + err := r.Create(ctx, clusterIP) + if err != nil { + logger.Error(err, "Failed to create new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) + return true, err + } + logger.Info("ClusterIP", serviceName, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch ClusterIP", serviceName) + return true, err + +} + +func (r *MemgraphHAReconciler) createDataInstanceClusterIP(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *corev1.Service { + serviceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) + dataInstanceName := serviceName + // TODO: (andi) Extract somehow configuration and move into separate files. + boltPort := 7687 + replicationPort := 20000 + mgmtPort := 10000 + + dataInstanceClusterIP := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: serviceName, + Namespace: memgraphha.Namespace, + }, + Spec: corev1.ServiceSpec{ + Type: corev1.ServiceTypeClusterIP, + Selector: createDataInstanceLabels(dataInstanceName), + Ports: []corev1.ServicePort{ + { + Name: "bolt", + Protocol: corev1.ProtocolTCP, + Port: int32(boltPort), + TargetPort: intstr.FromInt(boltPort), + }, + { + Name: "replication", + Protocol: corev1.ProtocolTCP, + Port: int32(replicationPort), + TargetPort: intstr.FromInt(replicationPort), + }, + { + Name: "management", + Protocol: corev1.ProtocolTCP, + Port: int32(mgmtPort), + TargetPort: intstr.FromInt(mgmtPort), + }, + }, + }, + } + + ctrl.SetControllerReference(memgraphha, dataInstanceClusterIP, r.Scheme) + return dataInstanceClusterIP +} diff --git a/internal/controller/memgraphha_reconciler.go b/internal/controller/memgraphha_reconciler.go new file mode 100644 index 0000000..49c3067 --- /dev/null +++ b/internal/controller/memgraphha_reconciler.go @@ -0,0 +1,28 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +// MemgraphHAReconciler reconciles a MemgraphHA object +type MemgraphHAReconciler struct { + client.Client + Scheme *runtime.Scheme +} From bd52abb1e880fd950276830e85cdfd0d14837669 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Wed, 7 Aug 2024 15:35:09 +0200 Subject: [PATCH 15/26] Delete unused controller tests --- .../controller/memgraphha_controller_test.go | 84 ----------------- internal/controller/suite_test.go | 90 ------------------- 2 files changed, 174 deletions(-) delete mode 100644 internal/controller/memgraphha_controller_test.go delete mode 100644 internal/controller/suite_test.go diff --git a/internal/controller/memgraphha_controller_test.go b/internal/controller/memgraphha_controller_test.go deleted file mode 100644 index 9b10129..0000000 --- a/internal/controller/memgraphha_controller_test.go +++ /dev/null @@ -1,84 +0,0 @@ -/* -Copyright 2024 Memgraph Ltd. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controller - -import ( - "context" - - . "github.com/onsi/ginkgo/v2" - . "github.com/onsi/gomega" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/types" - "sigs.k8s.io/controller-runtime/pkg/reconcile" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" -) - -var _ = Describe("MemgraphHA Controller", func() { - Context("When reconciling a resource", func() { - const resourceName = "test-resource" - - ctx := context.Background() - - typeNamespacedName := types.NamespacedName{ - Name: resourceName, - Namespace: "default", // TODO(user):Modify as needed - } - memgraphha := &memgraphv1.MemgraphHA{} - - BeforeEach(func() { - By("creating the custom resource for the Kind MemgraphHA") - err := k8sClient.Get(ctx, typeNamespacedName, memgraphha) - if err != nil && errors.IsNotFound(err) { - resource := &memgraphv1.MemgraphHA{ - ObjectMeta: metav1.ObjectMeta{ - Name: resourceName, - Namespace: "default", - }, - // TODO(user): Specify other spec details if needed. - } - Expect(k8sClient.Create(ctx, resource)).To(Succeed()) - } - }) - - AfterEach(func() { - // TODO(user): Cleanup logic after each test, like removing the resource instance. - resource := &memgraphv1.MemgraphHA{} - err := k8sClient.Get(ctx, typeNamespacedName, resource) - Expect(err).NotTo(HaveOccurred()) - - By("Cleanup the specific resource instance MemgraphHA") - Expect(k8sClient.Delete(ctx, resource)).To(Succeed()) - }) - It("should successfully reconcile the resource", func() { - By("Reconciling the created resource") - controllerReconciler := &MemgraphHAReconciler{ - Client: k8sClient, - Scheme: k8sClient.Scheme(), - } - - _, err := controllerReconciler.Reconcile(ctx, reconcile.Request{ - NamespacedName: typeNamespacedName, - }) - Expect(err).NotTo(HaveOccurred()) - // TODO(user): Add more specific assertions depending on your controller's reconciliation logic. - // Example: If you expect a certain status condition after reconciliation, verify it here. - }) - }) -}) diff --git a/internal/controller/suite_test.go b/internal/controller/suite_test.go deleted file mode 100644 index a2d6b7a..0000000 --- a/internal/controller/suite_test.go +++ /dev/null @@ -1,90 +0,0 @@ -/* -Copyright 2024 Memgraph Ltd. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controller - -import ( - "fmt" - "path/filepath" - "runtime" - "testing" - - . "github.com/onsi/ginkgo/v2" - . "github.com/onsi/gomega" - - "k8s.io/client-go/kubernetes/scheme" - "k8s.io/client-go/rest" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/envtest" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/log/zap" - - memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" - //+kubebuilder:scaffold:imports -) - -// These tests use Ginkgo (BDD-style Go testing framework). Refer to -// http://onsi.github.io/ginkgo/ to learn more about Ginkgo. - -var cfg *rest.Config -var k8sClient client.Client -var testEnv *envtest.Environment - -func TestControllers(t *testing.T) { - RegisterFailHandler(Fail) - - RunSpecs(t, "Controller Suite") -} - -var _ = BeforeSuite(func() { - logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) - - By("bootstrapping test environment") - testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "config", "crd", "bases")}, - ErrorIfCRDPathMissing: true, - - // The BinaryAssetsDirectory is only required if you want to run the tests directly - // without call the makefile target test. If not informed it will look for the - // default path defined in controller-runtime which is /usr/local/kubebuilder/. - // Note that you must have the required binaries setup under the bin directory to perform - // the tests directly. When we run make test it will be setup and used automatically. - BinaryAssetsDirectory: filepath.Join("..", "..", "bin", "k8s", - fmt.Sprintf("1.28.3-%s-%s", runtime.GOOS, runtime.GOARCH)), - } - - var err error - // cfg is defined in this file globally. - cfg, err = testEnv.Start() - Expect(err).NotTo(HaveOccurred()) - Expect(cfg).NotTo(BeNil()) - - err = memgraphv1.AddToScheme(scheme.Scheme) - Expect(err).NotTo(HaveOccurred()) - - //+kubebuilder:scaffold:scheme - - k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) - Expect(err).NotTo(HaveOccurred()) - Expect(k8sClient).NotTo(BeNil()) - -}) - -var _ = AfterSuite(func() { - By("tearing down the test environment") - err := testEnv.Stop() - Expect(err).NotTo(HaveOccurred()) -}) From d999c68b84d5aa166a26f3fbb2092a9e58fcb8ca Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Wed, 7 Aug 2024 16:33:36 +0200 Subject: [PATCH 16/26] Added setup job reconciliation --- internal/controller/memgraphha_controller.go | 11 ++ internal/controller/memgraphha_coord.go | 20 +-- internal/controller/memgraphha_setup_job.go | 123 +++++++++++++++++++ 3 files changed, 144 insertions(+), 10 deletions(-) create mode 100644 internal/controller/memgraphha_setup_job.go diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 3c6d87d..8fbff3b 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -157,6 +157,17 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) logger.Info("Reconciliation of data instances finished without actions needed.") + setupJobStatus, setupJobErr := r.reconcileSetupJob(ctx, memgraphha, &logger) + if setupJobErr != nil { + logger.Info("Error returned when reconciling coordinator. Returning empty Result with error.") + return ctrl.Result{}, setupJobErr + } + + if setupJobStatus == true { + logger.Info("SetupJob has been created. Returning Result with the request for requeing with error set to nil.") + return ctrl.Result{Requeue: true}, nil + } + // The resource doesn't need to be reconciled anymore return ctrl.Result{}, nil } diff --git a/internal/controller/memgraphha_coord.go b/internal/controller/memgraphha_coord.go index aa2a97a..fa31f74 100644 --- a/internal/controller/memgraphha_coord.go +++ b/internal/controller/memgraphha_coord.go @@ -1,17 +1,17 @@ /* -Copyright 2024 Memgraph Ltd. +copyright 2024 memgraph ltd. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at +licensed under the apache license, version 2.0 (the "license"); +you may not use this file except in compliance with the license. +you may obtain a copy of the license at - http://www.apache.org/licenses/LICENSE-2.0 + http://www.apache.org/licenses/license-2.0 -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. +unless required by applicable law or agreed to in writing, software +distributed under the license is distributed on an "as is" basis, +without warranties or conditions of any kind, either express or implied. +see the license for the specific language governing permissions and +limitations under the license. */ package controller diff --git a/internal/controller/memgraphha_setup_job.go b/internal/controller/memgraphha_setup_job.go new file mode 100644 index 0000000..a8e5021 --- /dev/null +++ b/internal/controller/memgraphha_setup_job.go @@ -0,0 +1,123 @@ +/* +copyright 2024 memgraph ltd. + +licensed under the apache license, version 2.0 (the "license"); +you may not use this file except in compliance with the license. +you may obtain a copy of the license at + + http://www.apache.org/licenses/license-2.0 + +unless required by applicable law or agreed to in writing, software +distributed under the license is distributed on an "as is" basis, +without warranties or conditions of any kind, either express or implied. +see the license for the specific language governing permissions and +limitations under the license. +*/ + +package controller + +import ( + "context" + "fmt" + + "github.com/go-logr/logr" + memgraphv1 "github.com/memgraph/kubernetes-operator/api/v1" + batchv1 "k8s.io/api/batch/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + ctrl "sigs.k8s.io/controller-runtime" +) + +func (r *MemgraphHAReconciler) reconcileSetupJob(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger) (bool, error) { + name := fmt.Sprintf("memgraph-setup") + logger.Info("Started reconciling", name) + setupJob := &batchv1.Job{} + err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, setupJob) + + if err == nil { + logger.Info("SetupJob", name, "already exists.") + return false, nil + } + + if errors.IsNotFound(err) { + job := r.createSetupJob(memgraphha) + logger.Info("Creating a new SetupJob", "SetupJob.Namespace", job.Namespace, "SetupJob.Name", job.Name) + err := r.Create(ctx, job) + if err != nil { + logger.Error(err, "Failed to create new SetupJob", "SetupJob.Namespace", job.Namespace, "SetupJob.Name", job.Name) + return true, err + } + logger.Info("SetupJob", name, "is created.") + return true, nil + } + + logger.Error(err, "Failed to fetch SetupJob", name) + return true, err + +} + +func (r *MemgraphHAReconciler) createSetupJob(memgraphha *memgraphv1.MemgraphHA) *batchv1.Job { + image := "memgraph/memgraph:2.18.1" + containerName := "memgraph-setup" + runAsUser := int64(0) + backoffLimit := int32(4) + + job := &batchv1.Job{ + ObjectMeta: metav1.ObjectMeta{ + Name: containerName, + Namespace: memgraphha.Namespace, + }, + Spec: batchv1.JobSpec{ + Template: corev1.PodTemplateSpec{ + Spec: corev1.PodSpec{ + Containers: []corev1.Container{ + { + Name: containerName, + Image: image, + Command: []string{"/bin/bash", "-c"}, + Args: []string{` + echo "Installing netcat..." + apt-get update && apt-get install -y netcat-openbsd + echo "Waiting for pods to become available for Bolt connection..." + until nc -z memgraph-coordinator-1.default.svc.cluster.local 7687; do sleep 1; done + until nc -z memgraph-coordinator-2.default.svc.cluster.local 7687; do sleep 1; done + until nc -z memgraph-coordinator-3.default.svc.cluster.local 7687; do sleep 1; done + until nc -z memgraph-data-0.default.svc.cluster.local 7687; do sleep 1; done + until nc -z memgraph-data-1.default.svc.cluster.local 7687; do sleep 1; done + echo "Pods are available for Bolt connection!" + sleep 5 + echo "Running mgconsole commands..." + echo 'ADD COORDINATOR 2 WITH CONFIG {"bolt_server": "memgraph-coordinator-2.default.svc.cluster.local:7687", "management_server": "memgraph-coordinator-2.default.svc.cluster.local:10000", "coordinator_server": "memgraph-coordinator-2.default.svc.cluster.local:12000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + echo 'ADD COORDINATOR 3 WITH CONFIG {"bolt_server": "memgraph-coordinator-3.default.svc.cluster.local:7687", "management_server": "memgraph-coordinator-3.default.svc.cluster.local:10000", "coordinator_server": "memgraph-coordinator-3.default.svc.cluster.local:12000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + echo 'REGISTER INSTANCE instance_1 WITH CONFIG {"bolt_server": "memgraph-data-0.default.svc.cluster.local:7687", "management_server": "memgraph-data-0.default.svc.cluster.local:10000", "replication_server": "memgraph-data-0.default.svc.cluster.local:20000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + echo 'REGISTER INSTANCE instance_2 WITH CONFIG {"bolt_server": "memgraph-data-1.default.svc.cluster.local:7687", "management_server": "memgraph-data-1.default.svc.cluster.local:10000", "replication_server": "memgraph-data-1.default.svc.cluster.local:20000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + echo 'SET INSTANCE instance_1 TO MAIN;' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + sleep 3 + echo "SHOW INSTANCES on coord1" + echo 'SHOW INSTANCES;' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + echo "SHOW INSTANCES on coord2" + echo 'SHOW INSTANCES;' | mgconsole --host memgraph-coordinator-2.default.svc.cluster.local --port 7687 + echo "SHOW INSTANCES on coord3" + echo 'SHOW INSTANCES;' | mgconsole --host memgraph-coordinator-3.default.svc.cluster.local --port 7687 + echo "RETURN 0 on 1st data instance" + echo 'RETURN 0;' | mgconsole --host memgraph-data-0.default.svc.cluster.local --port 7687 + echo "RETURN 0 on 2nd data instance" + echo 'RETURN 0;' | mgconsole --host memgraph-data-1.default.svc.cluster.local --port 7687 + `}, + SecurityContext: &corev1.SecurityContext{ + RunAsUser: &runAsUser, + }, + }, + }, + RestartPolicy: corev1.RestartPolicyNever, + }, + }, + BackoffLimit: &backoffLimit, + }, + } + + ctrl.SetControllerReference(memgraphha, job, r.Scheme) + return job +} From f7d33eb35f8adf6169bc307cc48ef7bbeead275c Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Thu, 8 Aug 2024 12:10:01 +0200 Subject: [PATCH 17/26] Resources created, trying to manage the cluster. Issue with PVC and storage --- Makefile | 4 +- cmd/main.go | 17 --- .../crd/bases/memgraph.com_memgraphhas.yaml | 8 +- config/default/kustomization.yaml | 138 +----------------- config/default/manager_auth_proxy_patch.yaml | 39 ----- config/default/manager_config_patch.yaml | 10 -- config/manager/kustomization.yaml | 3 + config/manager/manager.yaml | 50 ++----- config/manager/namespace.yaml | 10 +- config/manifests/kustomization.yaml | 21 --- config/prometheus/kustomization.yaml | 2 - config/prometheus/monitor.yaml | 25 ---- .../rbac/auth_proxy_client_clusterrole.yaml | 16 -- config/rbac/auth_proxy_role.yaml | 24 --- config/rbac/auth_proxy_role_binding.yaml | 19 --- config/rbac/auth_proxy_service.yaml | 21 --- config/rbac/kustomization.yaml | 14 -- config/rbac/leader_election_role.yaml | 44 ------ config/rbac/leader_election_role_binding.yaml | 19 --- config/rbac/memgraphha_editor_role.yaml | 31 ---- config/rbac/memgraphha_viewer_role.yaml | 27 ---- config/rbac/role.yaml | 41 +++++- config/rbac/role_binding.yaml | 15 +- config/rbac/service_account.yaml | 11 +- config/samples/memgraph_v1_ha.yaml | 1 + internal/controller/memgraphha_controller.go | 26 ++-- internal/controller/memgraphha_coord.go | 10 +- .../controller/memgraphha_coord_services.go | 16 +- .../controller/memgraphha_data_instance.go | 10 +- .../controller/memgraphha_data_services.go | 16 +- internal/controller/memgraphha_setup_job.go | 8 +- 31 files changed, 121 insertions(+), 575 deletions(-) delete mode 100644 config/default/manager_auth_proxy_patch.yaml delete mode 100644 config/default/manager_config_patch.yaml delete mode 100644 config/prometheus/kustomization.yaml delete mode 100644 config/prometheus/monitor.yaml delete mode 100644 config/rbac/auth_proxy_client_clusterrole.yaml delete mode 100644 config/rbac/auth_proxy_role.yaml delete mode 100644 config/rbac/auth_proxy_role_binding.yaml delete mode 100644 config/rbac/auth_proxy_service.yaml delete mode 100644 config/rbac/leader_election_role.yaml delete mode 100644 config/rbac/leader_election_role_binding.yaml delete mode 100644 config/rbac/memgraphha_editor_role.yaml delete mode 100644 config/rbac/memgraphha_viewer_role.yaml diff --git a/Makefile b/Makefile index 3244f81..47ee782 100644 --- a/Makefile +++ b/Makefile @@ -96,8 +96,8 @@ help: ## Display this help. ##@ Development .PHONY: manifests -manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases +manifests: controller-gen ## Generate WebhookConfiguration and CustomResourceDefinition objects. + $(CONTROLLER_GEN) crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases .PHONY: generate generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. diff --git a/cmd/main.go b/cmd/main.go index ec3ee19..d9afff3 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -53,15 +53,11 @@ func init() { func main() { var metricsAddr string - var enableLeaderElection bool var probeAddr string var secureMetrics bool var enableHTTP2 bool flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.") flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.") - flag.BoolVar(&enableLeaderElection, "leader-elect", false, - "Enable leader election for controller manager. "+ - "Enabling this will ensure there is only one active controller manager.") flag.BoolVar(&secureMetrics, "metrics-secure", false, "If set the metrics endpoint is served securely") flag.BoolVar(&enableHTTP2, "enable-http2", false, @@ -103,19 +99,6 @@ func main() { }, WebhookServer: webhookServer, HealthProbeBindAddress: probeAddr, - LeaderElection: enableLeaderElection, - LeaderElectionID: "a5adec69.com", - // LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily - // when the Manager ends. This requires the binary to immediately end when the - // Manager is stopped, otherwise, this setting is unsafe. Setting this significantly - // speeds up voluntary leader transitions as the new leader don't have to wait - // LeaseDuration time first. - // - // In the default scaffold provided, the program ends immediately after - // the manager stops, so would be fine to enable this option. However, - // if you are doing or is intended to do any operation such as perform cleanups - // after the manager stops then its usage might be unsafe. - // LeaderElectionReleaseOnCancel: true, }) if err != nil { setupLog.Error(err, "unable to start manager") diff --git a/config/crd/bases/memgraph.com_memgraphhas.yaml b/config/crd/bases/memgraph.com_memgraphhas.yaml index 63114e8..becc8f3 100644 --- a/config/crd/bases/memgraph.com_memgraphhas.yaml +++ b/config/crd/bases/memgraph.com_memgraphhas.yaml @@ -17,7 +17,13 @@ spec: - name: v1 schema: openAPIV3Schema: - description: MemgraphHA is the Schema for the memgraphhas API + description: |- + MemgraphHA is the Schema for the memgraphhas API + + + Every Kind needs to have two structures: metav1.TypeMeta and metav1.ObjectMeta. + TypeMeta structure contains information about the GVK of the Kind. + ObjectMeta contains metadata for the Kind. properties: apiVersion: description: |- diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index eb00d57..da8437b 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,142 +1,8 @@ -# Adds namespace to all resources. -namespace: kubernetes-operator-system +namespace: memgraph-operator-system -# Value of this field is prepended to the -# names of all resources, e.g. a deployment named -# "wordpress" becomes "alices-wordpress". -# Note that it should also match with the prefix (text before '-') of the namespace -# field above. -namePrefix: kubernetes-operator- - -# Labels to add to all resources and selectors. -#labels: -#- includeSelectors: true -# pairs: -# someName: someValue +namePrefix: "" resources: - ../crd - ../rbac - ../manager -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -#- ../webhook -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. -#- ../certmanager -# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. -#- ../prometheus - -patches: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- path: manager_auth_proxy_patch.yaml - -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -#- path: manager_webhook_patch.yaml - -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. -# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. -# 'CERTMANAGER' needs to be enabled to use ca injection -#- path: webhookcainjection_patch.yaml - -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. -# Uncomment the following replacements to add the cert-manager CA injection annotations -#replacements: -# - source: # Add cert-manager annotation to ValidatingWebhookConfiguration, MutatingWebhookConfiguration and CRDs -# kind: Certificate -# group: cert-manager.io -# version: v1 -# name: serving-cert # this name should match the one in certificate.yaml -# fieldPath: .metadata.namespace # namespace of the certificate CR -# targets: -# - select: -# kind: ValidatingWebhookConfiguration -# fieldPaths: -# - .metadata.annotations.[cert-manager.io/inject-ca-from] -# options: -# delimiter: '/' -# index: 0 -# create: true -# - select: -# kind: MutatingWebhookConfiguration -# fieldPaths: -# - .metadata.annotations.[cert-manager.io/inject-ca-from] -# options: -# delimiter: '/' -# index: 0 -# create: true -# - select: -# kind: CustomResourceDefinition -# fieldPaths: -# - .metadata.annotations.[cert-manager.io/inject-ca-from] -# options: -# delimiter: '/' -# index: 0 -# create: true -# - source: -# kind: Certificate -# group: cert-manager.io -# version: v1 -# name: serving-cert # this name should match the one in certificate.yaml -# fieldPath: .metadata.name -# targets: -# - select: -# kind: ValidatingWebhookConfiguration -# fieldPaths: -# - .metadata.annotations.[cert-manager.io/inject-ca-from] -# options: -# delimiter: '/' -# index: 1 -# create: true -# - select: -# kind: MutatingWebhookConfiguration -# fieldPaths: -# - .metadata.annotations.[cert-manager.io/inject-ca-from] -# options: -# delimiter: '/' -# index: 1 -# create: true -# - select: -# kind: CustomResourceDefinition -# fieldPaths: -# - .metadata.annotations.[cert-manager.io/inject-ca-from] -# options: -# delimiter: '/' -# index: 1 -# create: true -# - source: # Add cert-manager annotation to the webhook Service -# kind: Service -# version: v1 -# name: webhook-service -# fieldPath: .metadata.name # namespace of the service -# targets: -# - select: -# kind: Certificate -# group: cert-manager.io -# version: v1 -# fieldPaths: -# - .spec.dnsNames.0 -# - .spec.dnsNames.1 -# options: -# delimiter: '.' -# index: 0 -# create: true -# - source: -# kind: Service -# version: v1 -# name: webhook-service -# fieldPath: .metadata.namespace # namespace of the service -# targets: -# - select: -# kind: Certificate -# group: cert-manager.io -# version: v1 -# fieldPaths: -# - .spec.dnsNames.0 -# - .spec.dnsNames.1 -# options: -# delimiter: '.' -# index: 1 -# create: true diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml deleted file mode 100644 index 70c3437..0000000 --- a/config/default/manager_auth_proxy_patch.yaml +++ /dev/null @@ -1,39 +0,0 @@ -# This patch inject a sidecar container which is a HTTP proxy for the -# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: kube-rbac-proxy - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=0" - ports: - - containerPort: 8443 - protocol: TCP - name: https - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - - name: manager - args: - - "--health-probe-bind-address=:8081" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" diff --git a/config/default/manager_config_patch.yaml b/config/default/manager_config_patch.yaml deleted file mode 100644 index f6f5891..0000000 --- a/config/default/manager_config_patch.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: manager diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 26247ab..17c72cf 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -7,3 +7,6 @@ images: - name: controller newName: memgraph/kubernetes-operator newTag: 0.0.4 +- name: memgraph-kubernetes-operator + newName: memgraph/kubernetes-operator + newTag: 0.0.4 diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index ff8492b..013ef64 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -1,56 +1,38 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: controller-manager - namespace: system + namespace: memgraph-operator-system + annotations: + email: engineering@memgraph.io labels: - control-plane: controller-manager - app.kubernetes.io/name: deployment - app.kubernetes.io/instance: controller-manager - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize + owner: Memgraph + name: memgraph-kubernetes-operator spec: + replicas: 1 selector: matchLabels: - control-plane: controller-manager - replicas: 1 + name: memgraph-kubernetes-operator + strategy: + rollingUpdate: + maxUnavailable: 1 + type: RollingUpdate template: metadata: - annotations: - kubectl.kubernetes.io/default-container: manager labels: - control-plane: controller-manager + name: memgraph-kubernetes-operator spec: securityContext: runAsNonRoot: true containers: - - command: - - /manager - args: - - --leader-elect - image: controller:latest + - args: + image: memgraph/kubernetes-operator:0.0.4 # TODO: (andi) Try to specify this in a single place, currently used by kustomization.yaml and Makefile name: manager securityContext: + readOnlyRootFilesystem: true allowPrivilegeEscalation: false capabilities: drop: - "ALL" - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - # TODO(user): Configure the resources accordingly based on the project requirements. - # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ resources: limits: cpu: 500m @@ -58,5 +40,5 @@ spec: requests: cpu: 10m memory: 64Mi - serviceAccountName: controller-manager + serviceAccountName: memgraph-kubernetes-operator terminationGracePeriodSeconds: 10 diff --git a/config/manager/namespace.yaml b/config/manager/namespace.yaml index 887c395..64458ee 100644 --- a/config/manager/namespace.yaml +++ b/config/manager/namespace.yaml @@ -1,12 +1,4 @@ apiVersion: v1 kind: Namespace metadata: - labels: - control-plane: controller-manager - app.kubernetes.io/name: namespace - app.kubernetes.io/instance: system - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: system + name: memgraph-operator-system diff --git a/config/manifests/kustomization.yaml b/config/manifests/kustomization.yaml index ff5d4f8..e8b968a 100644 --- a/config/manifests/kustomization.yaml +++ b/config/manifests/kustomization.yaml @@ -5,24 +5,3 @@ resources: - ../default - ../samples - ../scorecard - -# [WEBHOOK] To enable webhooks, uncomment all the sections with [WEBHOOK] prefix. -# Do NOT uncomment sections with prefix [CERTMANAGER], as OLM does not support cert-manager. -# These patches remove the unnecessary "cert" volume and its manager container volumeMount. -#patchesJson6902: -#- target: -# group: apps -# version: v1 -# kind: Deployment -# name: controller-manager -# namespace: system -# patch: |- -# # Remove the manager container's "cert" volumeMount, since OLM will create and mount a set of certs. -# # Update the indices in this path if adding or removing containers/volumeMounts in the manager's Deployment. -# - op: remove - -# path: /spec/template/spec/containers/0/volumeMounts/0 -# # Remove the "cert" volume, since OLM will create and mount a set of certs. -# # Update the indices in this path if adding or removing volumes in the manager's Deployment. -# - op: remove -# path: /spec/template/spec/volumes/0 diff --git a/config/prometheus/kustomization.yaml b/config/prometheus/kustomization.yaml deleted file mode 100644 index ed13716..0000000 --- a/config/prometheus/kustomization.yaml +++ /dev/null @@ -1,2 +0,0 @@ -resources: -- monitor.yaml diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml deleted file mode 100644 index 7d5f441..0000000 --- a/config/prometheus/monitor.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# Prometheus Monitor Service (Metrics) -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - labels: - control-plane: controller-manager - app.kubernetes.io/name: servicemonitor - app.kubernetes.io/instance: controller-manager-metrics-monitor - app.kubernetes.io/component: metrics - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: controller-manager-metrics-monitor - namespace: system -spec: - endpoints: - - path: /metrics - port: https - scheme: https - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - tlsConfig: - insecureSkipVerify: true - selector: - matchLabels: - control-plane: controller-manager diff --git a/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 6bfe0a9..0000000 --- a/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: metrics-reader - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: metrics-reader -rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get diff --git a/config/rbac/auth_proxy_role.yaml b/config/rbac/auth_proxy_role.yaml deleted file mode 100644 index 2ff84ee..0000000 --- a/config/rbac/auth_proxy_role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: proxy-role - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create diff --git a/config/rbac/auth_proxy_role_binding.yaml b/config/rbac/auth_proxy_role_binding.yaml deleted file mode 100644 index b7f3ab0..0000000 --- a/config/rbac/auth_proxy_role_binding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/instance: proxy-rolebinding - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system diff --git a/config/rbac/auth_proxy_service.yaml b/config/rbac/auth_proxy_service.yaml deleted file mode 100644 index cdd7723..0000000 --- a/config/rbac/auth_proxy_service.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - control-plane: controller-manager - app.kubernetes.io/name: service - app.kubernetes.io/instance: controller-manager-metrics-service - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: controller-manager-metrics-service - namespace: system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - selector: - control-plane: controller-manager diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 731832a..664fcac 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,18 +1,4 @@ resources: -# All RBAC will be applied under this service account in -# the deployment namespace. You may comment out this resource -# if your manager will use a service account that exists at -# runtime. Be sure to update RoleBinding and ClusterRoleBinding -# subjects if changing service account names. - service_account.yaml - role.yaml - role_binding.yaml -- leader_election_role.yaml -- leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml diff --git a/config/rbac/leader_election_role.yaml b/config/rbac/leader_election_role.yaml deleted file mode 100644 index ddf76ba..0000000 --- a/config/rbac/leader_election_role.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# permissions to do leader election. -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/name: role - app.kubernetes.io/instance: leader-election-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: leader-election-role -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml deleted file mode 100644 index 55647f2..0000000 --- a/config/rbac/leader_election_role_binding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: rolebinding - app.kubernetes.io/instance: leader-election-rolebinding - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: leader-election-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: leader-election-role -subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system diff --git a/config/rbac/memgraphha_editor_role.yaml b/config/rbac/memgraphha_editor_role.yaml deleted file mode 100644 index e54bf20..0000000 --- a/config/rbac/memgraphha_editor_role.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# permissions for end users to edit memgraphhas. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: memgraphha-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: memgraphha-editor-role -rules: -- apiGroups: - - memgraph.com - resources: - - memgraphhas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - memgraph.com - resources: - - memgraphhas/status - verbs: - - get diff --git a/config/rbac/memgraphha_viewer_role.yaml b/config/rbac/memgraphha_viewer_role.yaml deleted file mode 100644 index 769adfd..0000000 --- a/config/rbac/memgraphha_viewer_role.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# permissions for end users to view memgraphhas. -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: memgraphha-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: memgraphha-viewer-role -rules: -- apiGroups: - - memgraph.com - resources: - - memgraphhas - verbs: - - get - - list - - watch -- apiGroups: - - memgraph.com - resources: - - memgraphhas/status - verbs: - - get diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 372d6f8..e28a724 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -2,8 +2,47 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: manager-role + name: memgraph-kubernetes-operator rules: +- apiGroups: + - "" + resources: + - pods + - services + - configmaps + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - memgraph.com resources: diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml index 9eecc5e..9fded4b 100644 --- a/config/rbac/role_binding.yaml +++ b/config/rbac/role_binding.yaml @@ -1,19 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - labels: - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/instance: manager-rolebinding - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: manager-rolebinding + name: memgraph-kubernetes-operator roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: manager-role + name: memgraph-kubernetes-operator subjects: - kind: ServiceAccount - name: controller-manager - namespace: system + name: memgraph-kubernetes-operator + namespace: memgraph-operator-system diff --git a/config/rbac/service_account.yaml b/config/rbac/service_account.yaml index 06eefef..f81938c 100644 --- a/config/rbac/service_account.yaml +++ b/config/rbac/service_account.yaml @@ -1,12 +1,5 @@ apiVersion: v1 kind: ServiceAccount metadata: - labels: - app.kubernetes.io/name: serviceaccount - app.kubernetes.io/instance: controller-manager-sa - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-operator - app.kubernetes.io/part-of: kubernetes-operator - app.kubernetes.io/managed-by: kustomize - name: controller-manager - namespace: system + name: memgraph-kubernetes-operator + namespace: memgraph-operator-system diff --git a/config/samples/memgraph_v1_ha.yaml b/config/samples/memgraph_v1_ha.yaml index 18b2a69..c9b74bf 100644 --- a/config/samples/memgraph_v1_ha.yaml +++ b/config/samples/memgraph_v1_ha.yaml @@ -112,5 +112,6 @@ spec: initialDelaySeconds: 5 periodSeconds: 5 startup: + initialDelaySeconds: 5 failureThreshold: 30 periodSeconds: 10 diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 8fbff3b..5cb7faa 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -75,42 +75,42 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) return ctrl.Result{}, err } - logger.Info("MemgrahHA namespace", memgraphha.Namespace) + logger.Info("MemgrahHA", "namespace", memgraphha.Namespace) for coordId := 1; coordId <= 3; coordId++ { // ClusterIP coordClusterIPStatus, coordClusterIPErr := r.reconcileCoordClusterIPService(ctx, memgraphha, &logger, coordId) if coordClusterIPErr != nil { - logger.Info("Error returned when reconciling ClusterIP with id", coordId, "Returning empty Result with error.") + logger.Info("Error returned when reconciling ClusterIP Returning empty Result with error.", "coordId", coordId) return ctrl.Result{}, coordClusterIPErr } if coordClusterIPStatus == true { - logger.Info("ClusterIP with id", coordId, "has been created. Returning Result with the request for requeing with error set to nil.") + logger.Info("ClusterIP has been created. Returning Result with the request for requeing with error set to nil.", "coordId", coordId) return ctrl.Result{Requeue: true}, nil } // NodePort coordNodePortStatus, coordNodePortErr := r.reconcileCoordNodePortService(ctx, memgraphha, &logger, coordId) if coordNodePortErr != nil { - logger.Info("Error returned when reconciling NodePort with id", coordId, "Returning empty Result with error.") + logger.Info("Error returned when reconciling NodePort. Returning empty Result with error.", "coordId", coordId) return ctrl.Result{}, coordNodePortErr } if coordNodePortStatus == true { - logger.Info("NodePort with id", coordId, "has been created. Returning Result with the request for requeing with error set to nil.") + logger.Info("NodePort has been created. Returning Result with the request for requeing with error set to nil.", "coordId", coordId) return ctrl.Result{Requeue: true}, nil } // Coordinator coordStatus, coordErr := r.reconcileCoordinator(ctx, memgraphha, &logger, coordId) if coordErr != nil { - logger.Info("Error returned when reconciling coordinator", coordId, "Returning empty Result with error.") + logger.Info("Error returned when reconciling coordinator. Returning empty Result with error.", "coordId", coordId) return ctrl.Result{}, coordErr } if coordStatus == true { - logger.Info("Coordinator", coordId, "has been created. Returning Result with the request for requeing with error set to nil.") + logger.Info("Coordinator has been created. Returning Result with the request for requeing with error set to nil.", "coordId", coordId) return ctrl.Result{Requeue: true}, nil } } @@ -121,36 +121,36 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) // ClusterIP dataInstanceClusterIPStatus, dataInstanceClusterIPErr := r.reconcileDataInstanceClusterIPService(ctx, memgraphha, &logger, dataInstanceId) if dataInstanceClusterIPErr != nil { - logger.Info("Error returned when reconciling ClusterIP with id", dataInstanceId, "Returning empty Result with error.") + logger.Info("Error returned when reconciling ClusterIP. Returning empty Result with error.", "dataInstanceId", dataInstanceId) return ctrl.Result{}, dataInstanceClusterIPErr } if dataInstanceClusterIPStatus == true { - logger.Info("ClusterIP with id", dataInstanceId, "has been created. Returning Result with the request for requeing with error set to nil.") + logger.Info("ClusterIP has been created. Returning Result with the request for requeing with error set to nil.", "dataInstanceId", dataInstanceId) return ctrl.Result{Requeue: true}, nil } // NodePort dataInstanceNodePortStatus, dataInstanceNodePortErr := r.reconcileDataInstanceNodePortService(ctx, memgraphha, &logger, dataInstanceId) if dataInstanceNodePortErr != nil { - logger.Info("Error returned when reconciling NodePort with id", dataInstanceId, "Returning empty Result with error.") + logger.Info("Error returned when reconciling NodePort. Returning empty Result with error.", "dataInstanceId", dataInstanceId) return ctrl.Result{}, dataInstanceNodePortErr } if dataInstanceNodePortStatus == true { - logger.Info("NodePort with id", dataInstanceId, "has been created. Returning Result with the request for requeing with error set to nil.") + logger.Info("NodePort has been created. Returning Result with the request for requeing with error set to nil.", "dataInstanceId", dataInstanceId) return ctrl.Result{Requeue: true}, nil } // Data instance dataInstancesStatus, dataInstancesErr := r.reconcileDataInstance(ctx, memgraphha, &logger, dataInstanceId) if dataInstancesErr != nil { - logger.Info("Error returned when reconciling data instance", dataInstanceId, "Returning empty Result with error.") + logger.Info("Error returned when reconciling data instance. Returning empty Result with error.", "dataInstanceId", dataInstanceId) return ctrl.Result{}, dataInstancesErr } if dataInstancesStatus == true { - logger.Info("Data instance", dataInstanceId, "has been created. Returning Result with the request for requeing with error=nil.") + logger.Info("Data instance has been created. Returning Result with the request for requeing with error=nil.", "dataInstanceId", dataInstanceId) return ctrl.Result{Requeue: true}, nil } } diff --git a/internal/controller/memgraphha_coord.go b/internal/controller/memgraphha_coord.go index fa31f74..43c6864 100644 --- a/internal/controller/memgraphha_coord.go +++ b/internal/controller/memgraphha_coord.go @@ -38,12 +38,12 @@ or that nothing was done and we can continue with the next step of reconciliatio */ func (r *MemgraphHAReconciler) reconcileCoordinator(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { name := fmt.Sprintf("memgraph-coordinator-%d", coordId) - logger.Info("Started reconciling", name) + logger.Info("Started reconciling", "StatefulSet", name) coordStatefulSet := &appsv1.StatefulSet{} err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, coordStatefulSet) if err == nil { - logger.Info("StatefulSet", name, "already exists.") + logger.Info("StatefulSet already exists.", "StatefulSet", name) return false, nil } @@ -55,11 +55,11 @@ func (r *MemgraphHAReconciler) reconcileCoordinator(ctx context.Context, memgrap logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", coord.Namespace, "StatefulSet.Name", coord.Name) return true, err } - logger.Info("StatefulSet", name, "is created.") + logger.Info("StatefulSet is created.", "StatefulSet", name) return true, nil } - logger.Error(err, "Failed to fetch StatefulSet", name) + logger.Error(err, "Failed to fetch StatefulSet", "StatefulSet", name) return true, err } @@ -151,7 +151,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. Containers: []corev1.Container{{ Name: containerName, Image: image, - ImagePullPolicy: corev1.PullIfNotPresent, + ImagePullPolicy: corev1.PullAlways, Ports: []corev1.ContainerPort{ { ContainerPort: int32(boltPort), diff --git a/internal/controller/memgraphha_coord_services.go b/internal/controller/memgraphha_coord_services.go index 9296996..e7a6a86 100644 --- a/internal/controller/memgraphha_coord_services.go +++ b/internal/controller/memgraphha_coord_services.go @@ -33,13 +33,13 @@ import ( func (r *MemgraphHAReconciler) reconcileCoordNodePortService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { serviceName := fmt.Sprintf("memgraph-coordinator-%d-external", coordId) - logger.Info("Started reconciling NodePort service", serviceName) + logger.Info("Started reconciling NodePort service", "NodePort", serviceName) coordNodePortService := &corev1.Service{} err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, coordNodePortService) if err == nil { - logger.Info("NodePort", serviceName, "already exists.") + logger.Info("NodePort already exists.", "NodePort", serviceName) return false, nil } @@ -51,11 +51,11 @@ func (r *MemgraphHAReconciler) reconcileCoordNodePortService(ctx context.Context logger.Error(err, "Failed to create new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) return true, err } - logger.Info("NodePort", serviceName, "is created.") + logger.Info("NodePort is created.", "NodePort", serviceName) return true, nil } - logger.Error(err, "Failed to fetch NodePort", serviceName) + logger.Error(err, "Failed to fetch NodePort", "NodePort", serviceName) return true, err } @@ -91,13 +91,13 @@ func (r *MemgraphHAReconciler) createCoordNodePort(memgraphha *memgraphv1.Memgra func (r *MemgraphHAReconciler) reconcileCoordClusterIPService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, coordId int) (bool, error) { serviceName := fmt.Sprintf("memgraph-coordinator-%d", coordId) - logger.Info("Started reconciling ClusterIP service", serviceName) + logger.Info("Started reconciling ClusterIP service", "ClusterIP", serviceName) coordClusterIPService := &corev1.Service{} err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, coordClusterIPService) if err == nil { - logger.Info("ClusterIP", serviceName, "already exists.") + logger.Info("ClusterIP already exists.", "ClusterIP", serviceName) return false, nil } @@ -109,11 +109,11 @@ func (r *MemgraphHAReconciler) reconcileCoordClusterIPService(ctx context.Contex logger.Error(err, "Failed to create new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) return true, err } - logger.Info("ClusterIP", serviceName, "is created.") + logger.Info("ClusterIP is created.", "ClusterIP", serviceName) return true, nil } - logger.Error(err, "Failed to fetch ClusterIP", serviceName) + logger.Error(err, "Failed to fetch ClusterIP", "ClusterIP", serviceName) return true, err } diff --git a/internal/controller/memgraphha_data_instance.go b/internal/controller/memgraphha_data_instance.go index d56333f..3bc518a 100644 --- a/internal/controller/memgraphha_data_instance.go +++ b/internal/controller/memgraphha_data_instance.go @@ -33,12 +33,12 @@ import ( func (r *MemgraphHAReconciler) reconcileDataInstance(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { name := fmt.Sprintf("memgraph-data-%d", dataInstanceId) - logger.Info("Started reconciling", name) + logger.Info("Started reconciling", "StatefulSet", name) dataInstanceStatefulSet := &appsv1.StatefulSet{} err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, dataInstanceStatefulSet) if err == nil { - logger.Info("StatefulSet", name, "already exists.") + logger.Info("StatefulSet already exists.", "StatefulSet", name) return false, nil } @@ -50,11 +50,11 @@ func (r *MemgraphHAReconciler) reconcileDataInstance(ctx context.Context, memgra logger.Error(err, "Failed to create new StatefulSet", "StatefulSet.Namespace", dataInstance.Namespace, "StatefulSet.Name", dataInstance.Name) return true, err } - logger.Info("StatefulSet", name, "is created.") + logger.Info("StatefulSet is created.", "StatefulSet", name) return true, nil } - logger.Error(err, "Failed to fetch StatefulSet", name) + logger.Error(err, "Failed to fetch StatefulSet", "StatefulSet", name) return true, err } @@ -143,7 +143,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg Containers: []corev1.Container{{ Name: containerName, Image: image, - ImagePullPolicy: corev1.PullIfNotPresent, + ImagePullPolicy: corev1.PullAlways, Ports: []corev1.ContainerPort{ { ContainerPort: int32(boltPort), diff --git a/internal/controller/memgraphha_data_services.go b/internal/controller/memgraphha_data_services.go index 33bffd3..f0a94b7 100644 --- a/internal/controller/memgraphha_data_services.go +++ b/internal/controller/memgraphha_data_services.go @@ -32,13 +32,13 @@ import ( func (r *MemgraphHAReconciler) reconcileDataInstanceNodePortService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { serviceName := fmt.Sprintf("memgraph-data-%d-external", dataInstanceId) - logger.Info("Started reconciling NodePort service", serviceName) + logger.Info("Started reconciling NodePort service", "NodePort", serviceName) dataInstanceNodePortService := &corev1.Service{} err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, dataInstanceNodePortService) if err == nil { - logger.Info("NodePort", serviceName, "already exists.") + logger.Info("NodePort already exists.", "NodePort", serviceName) return false, nil } @@ -50,11 +50,11 @@ func (r *MemgraphHAReconciler) reconcileDataInstanceNodePortService(ctx context. logger.Error(err, "Failed to create new NodePort", "NodePort.Namespace", nodePort.Namespace, "NodePort.Name", nodePort.Name) return true, err } - logger.Info("NodePort", serviceName, "is created.") + logger.Info("NodePort is created.", "NodePort", serviceName) return true, nil } - logger.Error(err, "Failed to fetch NodePort", serviceName) + logger.Error(err, "Failed to fetch NodePort", "NodePort", serviceName) return true, err } @@ -90,13 +90,13 @@ func (r *MemgraphHAReconciler) createDataInstanceNodePort(memgraphha *memgraphv1 func (r *MemgraphHAReconciler) reconcileDataInstanceClusterIPService(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger, dataInstanceId int) (bool, error) { serviceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) - logger.Info("Started reconciling ClusterIP service", serviceName) + logger.Info("Started reconciling ClusterIP service", "ClusterIP", serviceName) dataInstanceClusterIPService := &corev1.Service{} err := r.Get(ctx, types.NamespacedName{Name: serviceName, Namespace: memgraphha.Namespace}, dataInstanceClusterIPService) if err == nil { - logger.Info("ClusterIP", serviceName, "already exists.") + logger.Info("ClusterIP already exists.", "ClusterIP", serviceName) return false, nil } @@ -108,11 +108,11 @@ func (r *MemgraphHAReconciler) reconcileDataInstanceClusterIPService(ctx context logger.Error(err, "Failed to create new ClusterIP", "ClusterIP.Namespace", clusterIP.Namespace, "ClusterIP.Name", clusterIP.Name) return true, err } - logger.Info("ClusterIP", serviceName, "is created.") + logger.Info("ClusterIP is created.", "ClusterIP", serviceName) return true, nil } - logger.Error(err, "Failed to fetch ClusterIP", serviceName) + logger.Error(err, "Failed to fetch ClusterIP", "ClusterIP", serviceName) return true, err } diff --git a/internal/controller/memgraphha_setup_job.go b/internal/controller/memgraphha_setup_job.go index a8e5021..3af46e0 100644 --- a/internal/controller/memgraphha_setup_job.go +++ b/internal/controller/memgraphha_setup_job.go @@ -32,12 +32,12 @@ import ( func (r *MemgraphHAReconciler) reconcileSetupJob(ctx context.Context, memgraphha *memgraphv1.MemgraphHA, logger *logr.Logger) (bool, error) { name := fmt.Sprintf("memgraph-setup") - logger.Info("Started reconciling", name) + logger.Info("Started reconciling", "Job", name) setupJob := &batchv1.Job{} err := r.Get(ctx, types.NamespacedName{Name: name, Namespace: memgraphha.Namespace}, setupJob) if err == nil { - logger.Info("SetupJob", name, "already exists.") + logger.Info("SetupJob already exists.", "Job", name) return false, nil } @@ -49,11 +49,11 @@ func (r *MemgraphHAReconciler) reconcileSetupJob(ctx context.Context, memgraphha logger.Error(err, "Failed to create new SetupJob", "SetupJob.Namespace", job.Namespace, "SetupJob.Name", job.Name) return true, err } - logger.Info("SetupJob", name, "is created.") + logger.Info("SetupJob is created.", "Job", name) return true, nil } - logger.Error(err, "Failed to fetch SetupJob", name) + logger.Error(err, "Failed to fetch SetupJob", "Job", name) return true, err } From bfcbd255f6b12bf09e4dfa520e94f0b2c927c60b Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Thu, 8 Aug 2024 12:37:44 +0200 Subject: [PATCH 18/26] Cluster can be started, license info next --- internal/controller/memgraphha_coord.go | 10 +++++----- internal/controller/memgraphha_data_instance.go | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/internal/controller/memgraphha_coord.go b/internal/controller/memgraphha_coord.go index 43c6864..76af9b3 100644 --- a/internal/controller/memgraphha_coord.go +++ b/internal/controller/memgraphha_coord.go @@ -155,15 +155,15 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. Ports: []corev1.ContainerPort{ { ContainerPort: int32(boltPort), - Name: "boltPort", + Name: "bolt", }, { ContainerPort: int32(mgmtPort), - Name: "managementPort", + Name: "management", }, { ContainerPort: int32(coordPort), - Name: "coordinatorPort", + Name: "coordinator", }, }, Args: args, @@ -199,7 +199,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, Resources: corev1.VolumeResourceRequirements{ Requests: corev1.ResourceList{ - corev1.ResourceEphemeralStorage: resource.MustParse(volumeLibSize), + corev1.ResourceStorage: resource.MustParse(volumeLibSize), }, }, }, @@ -212,7 +212,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, Resources: corev1.VolumeResourceRequirements{ Requests: corev1.ResourceList{ - corev1.ResourceEphemeralStorage: resource.MustParse(volumeLogSize), + corev1.ResourceStorage: resource.MustParse(volumeLogSize), }, }, }, diff --git a/internal/controller/memgraphha_data_instance.go b/internal/controller/memgraphha_data_instance.go index 3bc518a..577c0b5 100644 --- a/internal/controller/memgraphha_data_instance.go +++ b/internal/controller/memgraphha_data_instance.go @@ -147,15 +147,15 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg Ports: []corev1.ContainerPort{ { ContainerPort: int32(boltPort), - Name: "boltPort", + Name: "bolt", }, { ContainerPort: int32(mgmtPort), - Name: "managementPort", + Name: "management", }, { ContainerPort: int32(replicationPort), - Name: "replicationPort", + Name: "replication", }, }, Args: args, @@ -191,7 +191,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, Resources: corev1.VolumeResourceRequirements{ Requests: corev1.ResourceList{ - corev1.ResourceEphemeralStorage: resource.MustParse(volumeLibSize), + corev1.ResourceStorage: resource.MustParse(volumeLibSize), }, }, }, @@ -204,7 +204,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce}, Resources: corev1.VolumeResourceRequirements{ Requests: corev1.ResourceList{ - corev1.ResourceEphemeralStorage: resource.MustParse(volumeLogSize), + corev1.ResourceStorage: resource.MustParse(volumeLogSize), }, }, }, From d9b3f88f37e1054f723914d53b6b05d80ecd2443 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Thu, 8 Aug 2024 13:22:17 +0200 Subject: [PATCH 19/26] Load license from secrets, cluster working --- internal/controller/memgraphha_coord.go | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/internal/controller/memgraphha_coord.go b/internal/controller/memgraphha_coord.go index 76af9b3..1ebdf6b 100644 --- a/internal/controller/memgraphha_coord.go +++ b/internal/controller/memgraphha_coord.go @@ -85,8 +85,6 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. "--log-file=/var/log/memgraph/memgraph.log", "--nuraft-log-file=/var/log/memgraph/memgraph.log", } - license := " add" - organization := "testing-k8" volumeLibName := fmt.Sprintf("%s-lib-storage", coordName) volumeLibSize := "1Gi" volumeLogName := fmt.Sprintf("%s-log-storage", coordName) @@ -169,12 +167,26 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. Args: args, Env: []corev1.EnvVar{ { - Name: "MEMGRAPH_ENTERPRISE_LICENSE", - Value: license, + Name: "MEMGRAPH_ENTERPRISE_LICENSE", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: "memgraph-secrets", + }, + Key: "MEMGRAPH_ENTERPRISE_LICENSE", + }, + }, }, { - Name: "MEMGRAPH_ORGANIZATION_NAME", - Value: organization, + Name: "MEMGRAPH_ORGANIZATION_NAME", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: "memgraph-secrets", + }, + Key: "MEMGRAPH_ORGANIZATION_NAME", + }, + }, }, }, VolumeMounts: []corev1.VolumeMount{ From 8b7a998250925b27c3e526442a52471ac2f70fc5 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Thu, 8 Aug 2024 14:31:34 +0200 Subject: [PATCH 20/26] Ports deduplication, added secrets to data instances --- config/manager/manager.yaml | 2 +- docs/installation.md | 14 +++++---- internal/controller/memgraphha_constants.go | 22 ++++++++++++++ internal/controller/memgraphha_controller.go | 29 ------------------- internal/controller/memgraphha_coord.go | 10 ++----- .../controller/memgraphha_coord_services.go | 6 ---- .../controller/memgraphha_data_instance.go | 28 +++++++++++------- .../controller/memgraphha_data_services.go | 6 ---- 8 files changed, 52 insertions(+), 65 deletions(-) create mode 100644 internal/controller/memgraphha_constants.go diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 013ef64..0c8b2d1 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -25,7 +25,7 @@ spec: runAsNonRoot: true containers: - args: - image: memgraph/kubernetes-operator:0.0.4 # TODO: (andi) Try to specify this in a single place, currently used by kustomization.yaml and Makefile + image: memgraph/kubernetes-operator:0.0.4 name: manager securityContext: readOnlyRootFilesystem: true diff --git a/docs/installation.md b/docs/installation.md index bec8eac..4686c1e 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -12,7 +12,7 @@ git clone --recurse-submodules git@github.com:memgraph/kubernetes-operator.git ## Install K8 resources ```bash -kubectl apply -k config/default +make deploy ``` This command will use operator's image from Memgraph's DockerHub and create all necessary Kubernetes resources for running an operator. @@ -28,6 +28,7 @@ kubectl get clusterrolebindings -n memgraph-operator-system kubectl get clusterroles -n memgraph-operator-system kubectl get deployments -n memgraph-operator-system kubectl get pods -n memgraph-operator-system +kubectl get services -n memgraph-operator-system ``` CustomResourceDefinition `memgraphhas.memgraph.com`, whose job is to monitor CustomResource `MemgraphHA`, will also get created and you can verify @@ -39,19 +40,20 @@ kubectl get crds -A ## Start Memgraph High Availability Cluster -We already provide sample cluster in `config/samples/memgraph_v1_ha.yaml`. You only need to set your license information by setting -environment variables `MEMGRAPH_ORGANIZATION_NAME` and `MEMGRAPH_ENTERPRISE_LICENSE` in your local environment with: +We already provide sample cluster in `config/samples/memgraph_v1_ha.yaml`. You only need to set your license information by +creating a Kubernetes Secret containing licensing info. You can do this in a following way: ```bash -export MEMGRAPH_ORGANIZATION_NAME="" -export MEMGRAPH_ENTERPRISE_LICENSE="" + kubectl create secret generic memgraph-secrets \ +--from-literal=MEMGRAPH_ENTERPRISE_LICENSE="" \ +--from-literal=MEMGRAPH_ORGANIZATION_NAME="" ``` Start Memgraph HA cluster with `envsubst < config/samples/memgraph_v1_ha.yaml | kubectl apply -f -`. (The `envsubst command` is a part of the `gettext` package.) Instead of using `envsubst` command, you can directly set environment variables in `config/samples/memgraph_v1_ha.yaml`. -After ~40s, you should be able to see instances in the output of `kubectl get pods -A`: +After approx. 60s, you should be able to see instances in the output of `kubectl get pods -A`: You can now find URL of any coordinator instances by running e.g `minikube service list` and connect to see the state of the cluster by running diff --git a/internal/controller/memgraphha_constants.go b/internal/controller/memgraphha_constants.go new file mode 100644 index 0000000..41de5df --- /dev/null +++ b/internal/controller/memgraphha_constants.go @@ -0,0 +1,22 @@ +/* +Copyright 2024 Memgraph Ltd. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +var boltPort int = 7687 +var coordinatorPort int = 12000 +var mgmtPort int = 10000 +var replicationPort int = 12000 diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 5cb7faa..8b03687 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -16,33 +16,6 @@ limitations under the License. package controller -/* -apimachinery package contains code to help developers serialize data in various formats -between Go structures and objects written in the JSON(or YAML or Protobuf) -The library is generic in the sense that it doesn't include any Kubernetes API resource -definitions. -*/ - -/* -API library is a collection of Go structures that are needed to work in Go with the resources -defined by the Kubernetes API. k8s.io/api is the prefix. -*/ - -/* -Kubernetes API -apis/memgraph/v1/... -`kubectl get pods --namespace project1 --watch -o json` -`kubectl proxy` -`HOST=http://127.0.0.1:8001` -e.g create a pod: -curl $HOST/api/v1/namespaces/project1/pods -H "Content-Type: application/yaml" --data-binary @pod.yaml -curl -X GET $HOST/api/v1/namespaces/project1/pods/nginx -*/ - -/* -The ResourceList type will have to be used to define the limits and requests of resources. -*/ - import ( "context" @@ -65,13 +38,11 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) memgraphha := &memgraphv1.MemgraphHA{} err := r.Get(ctx, req.NamespacedName, memgraphha) if err != nil { - // Handle specifically not found error if errors.IsNotFound(err) { logger.Info("MemgraphHA resource not found. Ignoring since object must be deleted.") return ctrl.Result{}, nil } logger.Error(err, "Failed to get MemgraphHA") - // Requeue return ctrl.Result{}, err } diff --git a/internal/controller/memgraphha_coord.go b/internal/controller/memgraphha_coord.go index 1ebdf6b..cca259b 100644 --- a/internal/controller/memgraphha_coord.go +++ b/internal/controller/memgraphha_coord.go @@ -65,17 +65,14 @@ func (r *MemgraphHAReconciler) reconcileCoordinator(ctx context.Context, memgrap func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1.MemgraphHA, coordId int) *appsv1.StatefulSet { coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) - serviceName := coordName + serviceName := coordName // service has the same name as the coordinator labels := createCoordLabels(coordName) replicas := int32(1) containerName := "memgraph-coordinator" image := "memgraph/memgraph:2.18.1" - boltPort := 7687 - coordPort := 12000 - mgmtPort := 10000 args := []string{ fmt.Sprintf("--coordinator-id=%d", coordId), - fmt.Sprintf("--coordinator-port=%d", coordPort), + fmt.Sprintf("--coordinator-port=%d", coordinatorPort), fmt.Sprintf("--management-port=%d", mgmtPort), fmt.Sprintf("--bolt-port=%d", boltPort), fmt.Sprintf("--coordinator-hostname=%s.default.svc.cluster.local", coordName), @@ -100,7 +97,6 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. initContainerRunAsNonRoot := false initContainerRunAsUser := int64(0) - // TODO (andi): How to handle license and organization name? coord := &appsv1.StatefulSet{ ObjectMeta: metav1.ObjectMeta{ Name: coordName, @@ -160,7 +156,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. Name: "management", }, { - ContainerPort: int32(coordPort), + ContainerPort: int32(coordinatorPort), Name: "coordinator", }, }, diff --git a/internal/controller/memgraphha_coord_services.go b/internal/controller/memgraphha_coord_services.go index e7a6a86..659a43f 100644 --- a/internal/controller/memgraphha_coord_services.go +++ b/internal/controller/memgraphha_coord_services.go @@ -63,8 +63,6 @@ func (r *MemgraphHAReconciler) reconcileCoordNodePortService(ctx context.Context func (r *MemgraphHAReconciler) createCoordNodePort(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { serviceName := fmt.Sprintf("memgraph-coordinator-%d-external", coordId) coordName := fmt.Sprintf("memgraph-coordinator-%d", coordId) - // TODO: (andi) Extract somehow configuration and move into separate files. - boltPort := 7687 coordNodePort := &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ @@ -121,10 +119,6 @@ func (r *MemgraphHAReconciler) reconcileCoordClusterIPService(ctx context.Contex func (r *MemgraphHAReconciler) createCoordClusterIP(memgraphha *memgraphv1.MemgraphHA, coordId int) *corev1.Service { serviceName := fmt.Sprintf("memgraph-coordinator-%d", coordId) coordName := serviceName - // TODO: (andi) Extract somehow configuration and move into separate files. - boltPort := 7687 - coordinatorPort := 12000 - mgmtPort := 10000 coordClusterIP := &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ diff --git a/internal/controller/memgraphha_data_instance.go b/internal/controller/memgraphha_data_instance.go index 577c0b5..d2e5ed5 100644 --- a/internal/controller/memgraphha_data_instance.go +++ b/internal/controller/memgraphha_data_instance.go @@ -66,9 +66,6 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg replicas := int32(1) containerName := "memgraph-data" image := "memgraph/memgraph:2.18.1" - boltPort := 7687 - replicationPort := 12000 - mgmtPort := 10000 args := []string{ fmt.Sprintf("--management-port=%d", mgmtPort), fmt.Sprintf("--bolt-port=%d", boltPort), @@ -77,8 +74,6 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg "--log-level=TRACE", "--log-file=/var/log/memgraph/memgraph.log", } - license := " add" - organization := "testing-k8" volumeLibName := fmt.Sprintf("%s-lib-storage", dataInstanceName) volumeLibSize := "1Gi" volumeLogName := fmt.Sprintf("%s-log-storage", dataInstanceName) @@ -94,7 +89,6 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg initContainerRunAsNonRoot := false initContainerRunAsUser := int64(0) - // TODO: (andi) How handle licensing info? data := &appsv1.StatefulSet{ ObjectMeta: metav1.ObjectMeta{ Name: dataInstanceName, @@ -161,12 +155,26 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg Args: args, Env: []corev1.EnvVar{ { - Name: "MEMGRAPH_ENTERPRISE_LICENSE", - Value: license, + Name: "MEMGRAPH_ENTERPRISE_LICENSE", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: "memgraph-secrets", + }, + Key: "MEMGRAPH_ENTERPRISE_LICENSE", + }, + }, }, { - Name: "MEMGRAPH_ORGANIZATION_NAME", - Value: organization, + Name: "MEMGRAPH_ORGANIZATION_NAME", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: "memgraph-secrets", + }, + Key: "MEMGRAPH_ORGANIZATION_NAME", + }, + }, }, }, VolumeMounts: []corev1.VolumeMount{ diff --git a/internal/controller/memgraphha_data_services.go b/internal/controller/memgraphha_data_services.go index f0a94b7..253228a 100644 --- a/internal/controller/memgraphha_data_services.go +++ b/internal/controller/memgraphha_data_services.go @@ -62,8 +62,6 @@ func (r *MemgraphHAReconciler) reconcileDataInstanceNodePortService(ctx context. func (r *MemgraphHAReconciler) createDataInstanceNodePort(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *corev1.Service { serviceName := fmt.Sprintf("memgraph-data-%d-external", dataInstanceId) dataInstanceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) - // TODO: (andi) Extract somehow configuration and move into separate files. - boltPort := 7687 dataInstanceNodePort := &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ @@ -120,10 +118,6 @@ func (r *MemgraphHAReconciler) reconcileDataInstanceClusterIPService(ctx context func (r *MemgraphHAReconciler) createDataInstanceClusterIP(memgraphha *memgraphv1.MemgraphHA, dataInstanceId int) *corev1.Service { serviceName := fmt.Sprintf("memgraph-data-%d", dataInstanceId) dataInstanceName := serviceName - // TODO: (andi) Extract somehow configuration and move into separate files. - boltPort := 7687 - replicationPort := 20000 - mgmtPort := 10000 dataInstanceClusterIP := &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ From 393e3c4a8c6d3f9f59a1f2e382b03566812cfa5f Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Thu, 8 Aug 2024 15:22:48 +0200 Subject: [PATCH 21/26] Improve docs and cluster setup job --- config/samples/memgraph_v1_ha.yaml | 4 ++-- docs/installation.md | 11 +++++------ internal/controller/memgraphha_setup_job.go | 16 ++-------------- 3 files changed, 9 insertions(+), 22 deletions(-) diff --git a/config/samples/memgraph_v1_ha.yaml b/config/samples/memgraph_v1_ha.yaml index c9b74bf..4fa8c32 100644 --- a/config/samples/memgraph_v1_ha.yaml +++ b/config/samples/memgraph_v1_ha.yaml @@ -97,13 +97,13 @@ spec: storagePVC: true storagePVCSize: 1Gi - env: + env: # This can be removed I think MEMGRAPH_ENTERPRISE_LICENSE: "${MEMGRAPH_ENTERPRISE_LICENSE}" MEMGRAPH_ORGANIZATION_NAME: "${MEMGRAPH_ORGANIZATION_NAME}" image: pullPolicy: IfNotPresent repository: memgraph/memgraph - tag: 2.18.0 + tag: 2.18.1 # I think we should read this value in controller code. probes: liveness: initialDelaySeconds: 30 diff --git a/docs/installation.md b/docs/installation.md index 4686c1e..05a2164 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -49,11 +49,9 @@ creating a Kubernetes Secret containing licensing info. You can do this in a fol --from-literal=MEMGRAPH_ORGANIZATION_NAME="" ``` -Start Memgraph HA cluster with `envsubst < config/samples/memgraph_v1_ha.yaml | kubectl apply -f -`. (The `envsubst command` is a part of the `gettext` package.) -Instead of using `envsubst` command, you can directly set environment variables in `config/samples/memgraph_v1_ha.yaml`. +Start Memgraph HA cluster with `kubectl apply -f config/samples/memgraph_v1_ha.yaml`. - -After approx. 60s, you should be able to see instances in the output of `kubectl get pods -A`: +After approx. 60s, you should be able to see instances in the output of `kubectl get pods -A`. You can now find URL of any coordinator instances by running e.g `minikube service list` and connect to see the state of the cluster by running @@ -64,7 +62,8 @@ You can now find URL of any coordinator instances by running e.g `minikube servi ## Clear resources ```bash -kubectl delete -f config/samples/memgraph_v1_ha.yaml +kubectl delete -f config/samples/memgraph_v1_ha.yaml # For deleting cluster kubectl delete pvc --all # Or leave them if you want to use persistent storage -kubectl delete -k config/default +kubectl delete secret memgraph-secrets +make undeploy ``` diff --git a/internal/controller/memgraphha_setup_job.go b/internal/controller/memgraphha_setup_job.go index 3af46e0..f3c4596 100644 --- a/internal/controller/memgraphha_setup_job.go +++ b/internal/controller/memgraphha_setup_job.go @@ -86,25 +86,13 @@ func (r *MemgraphHAReconciler) createSetupJob(memgraphha *memgraphv1.MemgraphHA) until nc -z memgraph-coordinator-3.default.svc.cluster.local 7687; do sleep 1; done until nc -z memgraph-data-0.default.svc.cluster.local 7687; do sleep 1; done until nc -z memgraph-data-1.default.svc.cluster.local 7687; do sleep 1; done - echo "Pods are available for Bolt connection!" - sleep 5 - echo "Running mgconsole commands..." + echo "Pods are available for Bolt connection. Running registration queries!" echo 'ADD COORDINATOR 2 WITH CONFIG {"bolt_server": "memgraph-coordinator-2.default.svc.cluster.local:7687", "management_server": "memgraph-coordinator-2.default.svc.cluster.local:10000", "coordinator_server": "memgraph-coordinator-2.default.svc.cluster.local:12000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 echo 'ADD COORDINATOR 3 WITH CONFIG {"bolt_server": "memgraph-coordinator-3.default.svc.cluster.local:7687", "management_server": "memgraph-coordinator-3.default.svc.cluster.local:10000", "coordinator_server": "memgraph-coordinator-3.default.svc.cluster.local:12000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 echo 'REGISTER INSTANCE instance_1 WITH CONFIG {"bolt_server": "memgraph-data-0.default.svc.cluster.local:7687", "management_server": "memgraph-data-0.default.svc.cluster.local:10000", "replication_server": "memgraph-data-0.default.svc.cluster.local:20000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 echo 'REGISTER INSTANCE instance_2 WITH CONFIG {"bolt_server": "memgraph-data-1.default.svc.cluster.local:7687", "management_server": "memgraph-data-1.default.svc.cluster.local:10000", "replication_server": "memgraph-data-1.default.svc.cluster.local:20000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 echo 'SET INSTANCE instance_1 TO MAIN;' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 - sleep 3 - echo "SHOW INSTANCES on coord1" - echo 'SHOW INSTANCES;' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 - echo "SHOW INSTANCES on coord2" - echo 'SHOW INSTANCES;' | mgconsole --host memgraph-coordinator-2.default.svc.cluster.local --port 7687 - echo "SHOW INSTANCES on coord3" - echo 'SHOW INSTANCES;' | mgconsole --host memgraph-coordinator-3.default.svc.cluster.local --port 7687 - echo "RETURN 0 on 1st data instance" - echo 'RETURN 0;' | mgconsole --host memgraph-data-0.default.svc.cluster.local --port 7687 - echo "RETURN 0 on 2nd data instance" - echo 'RETURN 0;' | mgconsole --host memgraph-data-1.default.svc.cluster.local --port 7687 + echo "Registration queries done!" `}, SecurityContext: &corev1.SecurityContext{ RunAsUser: &runAsUser, From 1c96670d04f2bdb51795a2d097bc0be4cd4ddb61 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Fri, 9 Aug 2024 10:41:25 +0200 Subject: [PATCH 22/26] Abstracted image config. Improved setup logging. Don't requeue at the end --- config/samples/memgraph_v1_ha.yaml | 3 --- internal/controller/memgraphha_constants.go | 1 + internal/controller/memgraphha_controller.go | 7 ++++--- internal/controller/memgraphha_coord.go | 2 -- internal/controller/memgraphha_data_instance.go | 1 - internal/controller/memgraphha_setup_job.go | 12 ++++++++---- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/config/samples/memgraph_v1_ha.yaml b/config/samples/memgraph_v1_ha.yaml index 4fa8c32..b48bfcd 100644 --- a/config/samples/memgraph_v1_ha.yaml +++ b/config/samples/memgraph_v1_ha.yaml @@ -18,7 +18,6 @@ spec: - --log-level=TRACE - --coordinator-hostname=memgraph-coordinator-1.default.svc.cluster.local - --log-file=/var/log/memgraph/memgraph.log - - --nuraft-log-file=/var/log/memgraph/memgraph.log - id: "2" boltPort: 7687 @@ -35,7 +34,6 @@ spec: - --log-level=TRACE - --coordinator-hostname=memgraph-coordinator-2.default.svc.cluster.local - --log-file=/var/log/memgraph/memgraph.log - - --nuraft-log-file=/var/log/memgraph/memgraph.log - id: "3" boltPort: 7687 @@ -51,7 +49,6 @@ spec: - --log-level=TRACE - --coordinator-hostname=memgraph-coordinator-3.default.svc.cluster.local - --log-file=/var/log/memgraph/memgraph.log - - --nuraft-log-file=/var/log/memgraph/memgraph.log data: diff --git a/internal/controller/memgraphha_constants.go b/internal/controller/memgraphha_constants.go index 41de5df..50ff1f9 100644 --- a/internal/controller/memgraphha_constants.go +++ b/internal/controller/memgraphha_constants.go @@ -20,3 +20,4 @@ var boltPort int = 7687 var coordinatorPort int = 12000 var mgmtPort int = 10000 var replicationPort int = 12000 +var image string = "memgraph/memgraph:2.18.1" diff --git a/internal/controller/memgraphha_controller.go b/internal/controller/memgraphha_controller.go index 8b03687..041f2aa 100644 --- a/internal/controller/memgraphha_controller.go +++ b/internal/controller/memgraphha_controller.go @@ -46,7 +46,7 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) return ctrl.Result{}, err } - logger.Info("MemgrahHA", "namespace", memgraphha.Namespace) + logger.Info("Started reconciliation MemgrahHA") for coordId := 1; coordId <= 3; coordId++ { // ClusterIP @@ -134,11 +134,12 @@ func (r *MemgraphHAReconciler) Reconcile(ctx context.Context, req ctrl.Request) return ctrl.Result{}, setupJobErr } + // Since it is currently the last step, we don't need to requeue if setupJobStatus == true { - logger.Info("SetupJob has been created. Returning Result with the request for requeing with error set to nil.") - return ctrl.Result{Requeue: true}, nil + logger.Info("SetupJob has been created.") } + logger.Info("Reconciliation of MemgraphHA finished.") // The resource doesn't need to be reconciled anymore return ctrl.Result{}, nil } diff --git a/internal/controller/memgraphha_coord.go b/internal/controller/memgraphha_coord.go index cca259b..112a26c 100644 --- a/internal/controller/memgraphha_coord.go +++ b/internal/controller/memgraphha_coord.go @@ -69,7 +69,6 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. labels := createCoordLabels(coordName) replicas := int32(1) containerName := "memgraph-coordinator" - image := "memgraph/memgraph:2.18.1" args := []string{ fmt.Sprintf("--coordinator-id=%d", coordId), fmt.Sprintf("--coordinator-port=%d", coordinatorPort), @@ -80,7 +79,6 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. "--also-log-to-stderr", "--log-level=TRACE", "--log-file=/var/log/memgraph/memgraph.log", - "--nuraft-log-file=/var/log/memgraph/memgraph.log", } volumeLibName := fmt.Sprintf("%s-lib-storage", coordName) volumeLibSize := "1Gi" diff --git a/internal/controller/memgraphha_data_instance.go b/internal/controller/memgraphha_data_instance.go index d2e5ed5..62ee4d2 100644 --- a/internal/controller/memgraphha_data_instance.go +++ b/internal/controller/memgraphha_data_instance.go @@ -65,7 +65,6 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg labels := createDataInstanceLabels(dataInstanceName) replicas := int32(1) containerName := "memgraph-data" - image := "memgraph/memgraph:2.18.1" args := []string{ fmt.Sprintf("--management-port=%d", mgmtPort), fmt.Sprintf("--bolt-port=%d", boltPort), diff --git a/internal/controller/memgraphha_setup_job.go b/internal/controller/memgraphha_setup_job.go index f3c4596..6607335 100644 --- a/internal/controller/memgraphha_setup_job.go +++ b/internal/controller/memgraphha_setup_job.go @@ -59,7 +59,6 @@ func (r *MemgraphHAReconciler) reconcileSetupJob(ctx context.Context, memgraphha } func (r *MemgraphHAReconciler) createSetupJob(memgraphha *memgraphv1.MemgraphHA) *batchv1.Job { - image := "memgraph/memgraph:2.18.1" containerName := "memgraph-setup" runAsUser := int64(0) backoffLimit := int32(4) @@ -80,19 +79,24 @@ func (r *MemgraphHAReconciler) createSetupJob(memgraphha *memgraphv1.MemgraphHA) Args: []string{` echo "Installing netcat..." apt-get update && apt-get install -y netcat-openbsd - echo "Waiting for pods to become available for Bolt connection..." + echo "Waiting for pods to become available for Bolt connection. Time: $(date +'%H:%M:%S')" until nc -z memgraph-coordinator-1.default.svc.cluster.local 7687; do sleep 1; done until nc -z memgraph-coordinator-2.default.svc.cluster.local 7687; do sleep 1; done until nc -z memgraph-coordinator-3.default.svc.cluster.local 7687; do sleep 1; done until nc -z memgraph-data-0.default.svc.cluster.local 7687; do sleep 1; done until nc -z memgraph-data-1.default.svc.cluster.local 7687; do sleep 1; done - echo "Pods are available for Bolt connection. Running registration queries!" + echo "Pods are available for Bolt connection. Running registration queries! Time: $(date +'%H:%M:%S')" echo 'ADD COORDINATOR 2 WITH CONFIG {"bolt_server": "memgraph-coordinator-2.default.svc.cluster.local:7687", "management_server": "memgraph-coordinator-2.default.svc.cluster.local:10000", "coordinator_server": "memgraph-coordinator-2.default.svc.cluster.local:12000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + echo "Coordinator 2 added. Time: $(date +'%H:%M:%S')" echo 'ADD COORDINATOR 3 WITH CONFIG {"bolt_server": "memgraph-coordinator-3.default.svc.cluster.local:7687", "management_server": "memgraph-coordinator-3.default.svc.cluster.local:10000", "coordinator_server": "memgraph-coordinator-3.default.svc.cluster.local:12000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + echo "Coordinator 3 added. Time: $(date +'%H:%M:%S')" echo 'REGISTER INSTANCE instance_1 WITH CONFIG {"bolt_server": "memgraph-data-0.default.svc.cluster.local:7687", "management_server": "memgraph-data-0.default.svc.cluster.local:10000", "replication_server": "memgraph-data-0.default.svc.cluster.local:20000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + echo "Instance 1 added. Time: $(date +'%H:%M:%S')" echo 'REGISTER INSTANCE instance_2 WITH CONFIG {"bolt_server": "memgraph-data-1.default.svc.cluster.local:7687", "management_server": "memgraph-data-1.default.svc.cluster.local:10000", "replication_server": "memgraph-data-1.default.svc.cluster.local:20000"};' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 + echo "Instance 2 added. Time: $(date +'%H:%M:%S')" echo 'SET INSTANCE instance_1 TO MAIN;' | mgconsole --host memgraph-coordinator-1.default.svc.cluster.local --port 7687 - echo "Registration queries done!" + echo "Instance 1 set to main. Time: $(date +'%H:%M:%S')" + echo "Setup finished!" `}, SecurityContext: &corev1.SecurityContext{ RunAsUser: &runAsUser, From 84188dc29c993ae3adf8bfe85db694e033f13db2 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Fri, 9 Aug 2024 14:04:35 +0200 Subject: [PATCH 23/26] Fix slow startup --- internal/controller/memgraphha_constants.go | 2 +- internal/controller/memgraphha_coord.go | 2 +- internal/controller/memgraphha_data_instance.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/controller/memgraphha_constants.go b/internal/controller/memgraphha_constants.go index 50ff1f9..5c3160a 100644 --- a/internal/controller/memgraphha_constants.go +++ b/internal/controller/memgraphha_constants.go @@ -19,5 +19,5 @@ package controller var boltPort int = 7687 var coordinatorPort int = 12000 var mgmtPort int = 10000 -var replicationPort int = 12000 +var replicationPort int = 20000 var image string = "memgraph/memgraph:2.18.1" diff --git a/internal/controller/memgraphha_coord.go b/internal/controller/memgraphha_coord.go index 112a26c..cba91b8 100644 --- a/internal/controller/memgraphha_coord.go +++ b/internal/controller/memgraphha_coord.go @@ -143,7 +143,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForCoord(memgraphha *memgraphv1. Containers: []corev1.Container{{ Name: containerName, Image: image, - ImagePullPolicy: corev1.PullAlways, + ImagePullPolicy: corev1.PullAlways, // set to PullIfNotPresent when testing with local image Ports: []corev1.ContainerPort{ { ContainerPort: int32(boltPort), diff --git a/internal/controller/memgraphha_data_instance.go b/internal/controller/memgraphha_data_instance.go index 62ee4d2..fd2a5ee 100644 --- a/internal/controller/memgraphha_data_instance.go +++ b/internal/controller/memgraphha_data_instance.go @@ -136,7 +136,7 @@ func (r *MemgraphHAReconciler) createStatefulSetForDataInstance(memgraphha *memg Containers: []corev1.Container{{ Name: containerName, Image: image, - ImagePullPolicy: corev1.PullAlways, + ImagePullPolicy: corev1.PullAlways, // set to PullIfNotPresent when testing with local image Ports: []corev1.ContainerPort{ { ContainerPort: int32(boltPort), From c9481682fa6bc7f61646fed9eeec672421d02a76 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Fri, 9 Aug 2024 15:54:20 +0200 Subject: [PATCH 24/26] Add pre-commit go hooks --- .pre-commit-config.yaml | 101 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 101 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 35a3feb..3aee7f9 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -10,3 +10,104 @@ repos: - id: mixed-line-ending - id: check-merge-conflict - id: detect-private-key + +- repo: https://github.com/tekwizely/pre-commit-golang + rev: master + hooks: + # + # Go Build + # + - id: go-build-mod + - id: go-build-pkg + - id: go-build-repo-mod + - id: go-build-repo-pkg + # + # Go Mod Tidy + # + - id: go-mod-tidy + - id: go-mod-tidy-repo + # + # Go Test + # + - id: go-test-mod + - id: go-test-pkg + - id: go-test-repo-mod + - id: go-test-repo-pkg + # + # Go Vet + # + - id: go-vet + - id: go-vet-mod + - id: go-vet-pkg + - id: go-vet-repo-mod + - id: go-vet-repo-pkg + # + # Revive + # + - id: go-revive + - id: go-revive-mod + - id: go-revive-repo-mod + # + # GoSec + # + - id: go-sec-mod + - id: go-sec-pkg + - id: go-sec-repo-mod + - id: go-sec-repo-pkg + # + # StaticCheck + # + - id: go-staticcheck-mod + - id: go-staticcheck-pkg + - id: go-staticcheck-repo-mod + - id: go-staticcheck-repo-pkg + # + # StructSlop + # + - id: go-structslop-mod + - id: go-structslop-pkg + - id: go-structslop-repo-mod + - id: go-structslop-repo-pkg + # + # Formatters + # + - id: go-fmt + - id: go-fmt-repo + - id: go-fumpt # replaces go-fmt + - id: go-fumpt-repo # replaces go-fmt-repo + - id: go-imports # replaces go-fmt + - id: go-imports-repo # replaces go-fmt-repo + - id: go-returns # replaces go-imports & go-fmt + - id: go-returns-repo # replaces go-imports-repo & go-fmt-repo + # + # Style Checkers + # + - id: go-lint + - id: go-critic + # + # GolangCI-Lint + # - Fast Multi-Linter + # - Can be configured to replace MOST other hooks + # - Supports repo config file for configuration + # - https://github.com/golangci/golangci-lint + # + - id: golangci-lint + - id: golangci-lint-mod + - id: golangci-lint-pkg + - id: golangci-lint-repo-mod + - id: golangci-lint-repo-pkg + # + # Invoking Custom Go Tools + # - Configured *entirely* through the `args` attribute, ie: + # args: [ go, test, ./... ] + # - Use arg `--hook:error-on-output` to indicate that any output from the tool + # should be treated as an error. + # - Use the `name` attribute to provide better messaging when the hook runs + # - Use the `alias` attribute to be able to invoke your hook via `pre-commit run` + # + - id: my-cmd + - id: my-cmd-mod + - id: my-cmd-pkg + - id: my-cmd-repo + - id: my-cmd-repo-mod + - id: my-cmd-repo-pkg From 80a614bfc2ddc285db63abea114854e9c4d73810 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Fri, 9 Aug 2024 16:07:47 +0200 Subject: [PATCH 25/26] Add pre-commit go hooks --- .pre-commit-config.yaml | 96 +---------------------------------------- go.mod | 4 +- 2 files changed, 4 insertions(+), 96 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 3aee7f9..734c14d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 + rev: v4.6.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer @@ -12,102 +12,10 @@ repos: - id: detect-private-key - repo: https://github.com/tekwizely/pre-commit-golang - rev: master + rev: v1.0.0-rc.1 hooks: - # - # Go Build - # - - id: go-build-mod - - id: go-build-pkg - - id: go-build-repo-mod - - id: go-build-repo-pkg - # - # Go Mod Tidy - # - id: go-mod-tidy - - id: go-mod-tidy-repo - # - # Go Test - # - - id: go-test-mod - - id: go-test-pkg - - id: go-test-repo-mod - - id: go-test-repo-pkg - # - # Go Vet - # - id: go-vet - - id: go-vet-mod - - id: go-vet-pkg - - id: go-vet-repo-mod - - id: go-vet-repo-pkg - # - # Revive - # - - id: go-revive - - id: go-revive-mod - - id: go-revive-repo-mod - # - # GoSec - # - - id: go-sec-mod - - id: go-sec-pkg - - id: go-sec-repo-mod - - id: go-sec-repo-pkg - # - # StaticCheck - # - - id: go-staticcheck-mod - - id: go-staticcheck-pkg - - id: go-staticcheck-repo-mod - id: go-staticcheck-repo-pkg - # - # StructSlop - # - - id: go-structslop-mod - - id: go-structslop-pkg - - id: go-structslop-repo-mod - - id: go-structslop-repo-pkg - # - # Formatters - # - id: go-fmt - - id: go-fmt-repo - - id: go-fumpt # replaces go-fmt - - id: go-fumpt-repo # replaces go-fmt-repo - - id: go-imports # replaces go-fmt - - id: go-imports-repo # replaces go-fmt-repo - - id: go-returns # replaces go-imports & go-fmt - - id: go-returns-repo # replaces go-imports-repo & go-fmt-repo - # - # Style Checkers - # - - id: go-lint - id: go-critic - # - # GolangCI-Lint - # - Fast Multi-Linter - # - Can be configured to replace MOST other hooks - # - Supports repo config file for configuration - # - https://github.com/golangci/golangci-lint - # - - id: golangci-lint - - id: golangci-lint-mod - - id: golangci-lint-pkg - - id: golangci-lint-repo-mod - - id: golangci-lint-repo-pkg - # - # Invoking Custom Go Tools - # - Configured *entirely* through the `args` attribute, ie: - # args: [ go, test, ./... ] - # - Use arg `--hook:error-on-output` to indicate that any output from the tool - # should be treated as an error. - # - Use the `name` attribute to provide better messaging when the hook runs - # - Use the `alias` attribute to be able to invoke your hook via `pre-commit run` - # - - id: my-cmd - - id: my-cmd-mod - - id: my-cmd-pkg - - id: my-cmd-repo - - id: my-cmd-repo-mod - - id: my-cmd-repo-pkg diff --git a/go.mod b/go.mod index f5d528e..f541a53 100644 --- a/go.mod +++ b/go.mod @@ -5,8 +5,10 @@ go 1.22.0 toolchain go1.22.5 require ( + github.com/go-logr/logr v1.4.2 github.com/onsi/ginkgo/v2 v2.19.0 github.com/onsi/gomega v1.33.1 + k8s.io/api v0.30.3 k8s.io/apimachinery v0.30.3 k8s.io/client-go v0.30.3 sigs.k8s.io/controller-runtime v0.18.4 @@ -19,7 +21,6 @@ require ( github.com/emicklei/go-restful/v3 v3.12.1 // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/zapr v1.3.0 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/jsonreference v0.21.0 // indirect @@ -61,7 +62,6 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.30.3 // indirect k8s.io/apiextensions-apiserver v0.30.3 // indirect k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20240709000822-3c01b740850f // indirect From be5cb083fe9baa6ca32d747d14a9da0e899ebfd6 Mon Sep 17 00:00:00 2001 From: Andi Skrgat Date: Fri, 9 Aug 2024 16:22:18 +0200 Subject: [PATCH 26/26] Add pre-commit go hooks --- .pre-commit-config.yaml | 3 --- api/v1/zz_generated.deepcopy.go | 1 - 2 files changed, 4 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 734c14d..2ca863e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -15,7 +15,4 @@ repos: rev: v1.0.0-rc.1 hooks: - id: go-mod-tidy - - id: go-vet - - id: go-staticcheck-repo-pkg - id: go-fmt - - id: go-critic diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index 969b71f..160c81e 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -16,7 +16,6 @@ See the License for the specific language governing permissions and limitations under the License. */ - /* This file is generated by the deepcopy-gen generator. It contains the generated definition of the DeepCopyObject method for each type defined in the package. This method is necessary