mirror of
https://github.com/arangodb/kube-arangodb.git
synced 2024-12-14 11:57:37 +00:00
[Feature] [Scheduler] Extract Integration (#1723)
This commit is contained in:
parent
0d6108158f
commit
c5ffe866a0
29 changed files with 2417 additions and 1993 deletions
|
@ -3045,7 +3045,7 @@ Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.
|
||||||
|
|
||||||
### .spec.gateway.dynamic
|
### .spec.gateway.dynamic
|
||||||
|
|
||||||
Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L38)</sup>
|
Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L36)</sup>
|
||||||
|
|
||||||
Dynamic setting enables/disables support dynamic configuration of the gateway in the cluster.
|
Dynamic setting enables/disables support dynamic configuration of the gateway in the cluster.
|
||||||
When enabled, gateway config will be reloaded by ConfigMap live updates.
|
When enabled, gateway config will be reloaded by ConfigMap live updates.
|
||||||
|
@ -3056,7 +3056,7 @@ Default Value: `false`
|
||||||
|
|
||||||
### .spec.gateway.enabled
|
### .spec.gateway.enabled
|
||||||
|
|
||||||
Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L33)</sup>
|
Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L31)</sup>
|
||||||
|
|
||||||
Enabled setting enables/disables support for gateway in the cluster.
|
Enabled setting enables/disables support for gateway in the cluster.
|
||||||
When enabled, the cluster will contain a number of `gateway` servers.
|
When enabled, the cluster will contain a number of `gateway` servers.
|
||||||
|
@ -3067,217 +3067,13 @@ Default Value: `false`
|
||||||
|
|
||||||
### .spec.gateway.image
|
### .spec.gateway.image
|
||||||
|
|
||||||
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L42)</sup>
|
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec_gateway.go#L40)</sup>
|
||||||
|
|
||||||
Image is the image to use for the gateway.
|
Image is the image to use for the gateway.
|
||||||
By default, the image is determined by the operator.
|
By default, the image is determined by the operator.
|
||||||
|
|
||||||
***
|
***
|
||||||
|
|
||||||
### .spec.gateway.sidecar.args
|
|
||||||
|
|
||||||
Type: `array` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L54)</sup>
|
|
||||||
|
|
||||||
Arguments to the entrypoint.
|
|
||||||
The container image's CMD is used if this is not provided.
|
|
||||||
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
|
|
||||||
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
|
|
||||||
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
|
|
||||||
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
|
|
||||||
of whether the variable exists or not. Cannot be updated.
|
|
||||||
|
|
||||||
Links:
|
|
||||||
* [Kubernetes Docs](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell)
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.command
|
|
||||||
|
|
||||||
Type: `array` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L44)</sup>
|
|
||||||
|
|
||||||
Entrypoint array. Not executed within a shell.
|
|
||||||
The container image's ENTRYPOINT is used if this is not provided.
|
|
||||||
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
|
|
||||||
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
|
|
||||||
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
|
|
||||||
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
|
|
||||||
of whether the variable exists or not. Cannot be updated.
|
|
||||||
|
|
||||||
Links:
|
|
||||||
* [Kubernetes Docs](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell)
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.controllerListenPort
|
|
||||||
|
|
||||||
Type: `integer` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/integration/integration.go#L36)</sup>
|
|
||||||
|
|
||||||
ControllerListenPort defines on which port the sidecar container will be listening for controller requests
|
|
||||||
|
|
||||||
Default Value: `9202`
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.env
|
|
||||||
|
|
||||||
Type: `core.EnvVar` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/environments.go#L36)</sup>
|
|
||||||
|
|
||||||
Env keeps the information about environment variables provided to the container
|
|
||||||
|
|
||||||
Links:
|
|
||||||
* [Kubernetes Docs](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#envvar-v1-core)
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.envFrom
|
|
||||||
|
|
||||||
Type: `core.EnvFromSource` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/environments.go#L41)</sup>
|
|
||||||
|
|
||||||
EnvFrom keeps the information about environment variable sources provided to the container
|
|
||||||
|
|
||||||
Links:
|
|
||||||
* [Kubernetes Docs](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#envfromsource-v1-core)
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.image
|
|
||||||
|
|
||||||
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/image.go#L35)</sup>
|
|
||||||
|
|
||||||
Image define image details
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.imagePullPolicy
|
|
||||||
|
|
||||||
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/image.go#L39)</sup>
|
|
||||||
|
|
||||||
ImagePullPolicy define Image pull policy
|
|
||||||
|
|
||||||
Default Value: `IfNotPresent`
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.lifecycle
|
|
||||||
|
|
||||||
Type: `core.Lifecycle` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/lifecycle.go#L35)</sup>
|
|
||||||
|
|
||||||
Lifecycle keeps actions that the management system should take in response to container lifecycle events.
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.listenPort
|
|
||||||
|
|
||||||
Type: `integer` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/integration/integration.go#L32)</sup>
|
|
||||||
|
|
||||||
ListenPort defines on which port the sidecar container will be listening for connections
|
|
||||||
|
|
||||||
Default Value: `9201`
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.livenessProbe
|
|
||||||
|
|
||||||
Type: `core.Probe` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L37)</sup>
|
|
||||||
|
|
||||||
LivenessProbe keeps configuration of periodic probe of container liveness.
|
|
||||||
Container will be restarted if the probe fails.
|
|
||||||
|
|
||||||
Links:
|
|
||||||
* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes)
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.method
|
|
||||||
|
|
||||||
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/policy/merge.go#L32)</sup>
|
|
||||||
|
|
||||||
Method defines the merge method
|
|
||||||
|
|
||||||
Possible Values:
|
|
||||||
* `"override"` (default) - Overrides values during configuration merge
|
|
||||||
* `"append"` - Appends, if possible, values during configuration merge
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.ports
|
|
||||||
|
|
||||||
Type: `[]core.ContainerPort` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/networking.go#L39)</sup>
|
|
||||||
|
|
||||||
Ports contains list of ports to expose from the container. Not specifying a port here
|
|
||||||
DOES NOT prevent that port from being exposed. Any port which is
|
|
||||||
listening on the default "0.0.0.0" address inside a container will be
|
|
||||||
accessible from the network.
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.readinessProbe
|
|
||||||
|
|
||||||
Type: `core.Probe` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L42)</sup>
|
|
||||||
|
|
||||||
ReadinessProbe keeps configuration of periodic probe of container service readiness.
|
|
||||||
Container will be removed from service endpoints if the probe fails.
|
|
||||||
|
|
||||||
Links:
|
|
||||||
* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes)
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.resources
|
|
||||||
|
|
||||||
Type: `core.ResourceRequirements` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/resources.go#L37)</sup>
|
|
||||||
|
|
||||||
Resources holds resource requests & limits for container
|
|
||||||
|
|
||||||
Links:
|
|
||||||
* [Documentation of core.ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core)
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.securityContext
|
|
||||||
|
|
||||||
Type: `core.SecurityContext` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/security.go#L35)</sup>
|
|
||||||
|
|
||||||
SecurityContext holds container-level security attributes and common container settings.
|
|
||||||
|
|
||||||
Links:
|
|
||||||
* [Kubernetes docs](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.startupProbe
|
|
||||||
|
|
||||||
Type: `core.Probe` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L50)</sup>
|
|
||||||
|
|
||||||
StartupProbe indicates that the Pod has successfully initialized.
|
|
||||||
If specified, no other probes are executed until this completes successfully.
|
|
||||||
If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
|
|
||||||
This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
|
|
||||||
when it might take a long time to load data or warm a cache, than during steady-state operation.
|
|
||||||
|
|
||||||
Links:
|
|
||||||
* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes)
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.volumeMounts
|
|
||||||
|
|
||||||
Type: `[]core.VolumeMount` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/volume_mounts.go#L35)</sup>
|
|
||||||
|
|
||||||
VolumeMounts keeps list of pod volumes to mount into the container's filesystem.
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateway.sidecar.workingDir
|
|
||||||
|
|
||||||
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L59)</sup>
|
|
||||||
|
|
||||||
Container's working directory.
|
|
||||||
If not specified, the container runtime's default will be used, which
|
|
||||||
might be configured in the container image.
|
|
||||||
|
|
||||||
***
|
|
||||||
|
|
||||||
### .spec.gateways.affinity
|
### .spec.gateways.affinity
|
||||||
|
|
||||||
Type: `core.PodAffinity` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/server_group_spec.go#L156)</sup>
|
Type: `core.PodAffinity` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/server_group_spec.go#L156)</sup>
|
||||||
|
@ -4478,6 +4274,210 @@ ImagePullSecrets specifies the list of image pull secrets for the docker image t
|
||||||
|
|
||||||
***
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.args
|
||||||
|
|
||||||
|
Type: `array` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L54)</sup>
|
||||||
|
|
||||||
|
Arguments to the entrypoint.
|
||||||
|
The container image's CMD is used if this is not provided.
|
||||||
|
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
|
||||||
|
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
|
||||||
|
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
|
||||||
|
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
|
||||||
|
of whether the variable exists or not. Cannot be updated.
|
||||||
|
|
||||||
|
Links:
|
||||||
|
* [Kubernetes Docs](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell)
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.command
|
||||||
|
|
||||||
|
Type: `array` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L44)</sup>
|
||||||
|
|
||||||
|
Entrypoint array. Not executed within a shell.
|
||||||
|
The container image's ENTRYPOINT is used if this is not provided.
|
||||||
|
Variable references $(VAR_NAME) are expanded using the container's environment. If a variable
|
||||||
|
cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced
|
||||||
|
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will
|
||||||
|
produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless
|
||||||
|
of whether the variable exists or not. Cannot be updated.
|
||||||
|
|
||||||
|
Links:
|
||||||
|
* [Kubernetes Docs](https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell)
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.controllerListenPort
|
||||||
|
|
||||||
|
Type: `integer` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/integration/integration.go#L36)</sup>
|
||||||
|
|
||||||
|
ControllerListenPort defines on which port the sidecar container will be listening for controller requests
|
||||||
|
|
||||||
|
Default Value: `9202`
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.env
|
||||||
|
|
||||||
|
Type: `core.EnvVar` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/environments.go#L36)</sup>
|
||||||
|
|
||||||
|
Env keeps the information about environment variables provided to the container
|
||||||
|
|
||||||
|
Links:
|
||||||
|
* [Kubernetes Docs](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#envvar-v1-core)
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.envFrom
|
||||||
|
|
||||||
|
Type: `core.EnvFromSource` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/environments.go#L41)</sup>
|
||||||
|
|
||||||
|
EnvFrom keeps the information about environment variable sources provided to the container
|
||||||
|
|
||||||
|
Links:
|
||||||
|
* [Kubernetes Docs](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#envfromsource-v1-core)
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.image
|
||||||
|
|
||||||
|
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/image.go#L35)</sup>
|
||||||
|
|
||||||
|
Image define image details
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.imagePullPolicy
|
||||||
|
|
||||||
|
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/image.go#L39)</sup>
|
||||||
|
|
||||||
|
ImagePullPolicy define Image pull policy
|
||||||
|
|
||||||
|
Default Value: `IfNotPresent`
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.lifecycle
|
||||||
|
|
||||||
|
Type: `core.Lifecycle` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/lifecycle.go#L35)</sup>
|
||||||
|
|
||||||
|
Lifecycle keeps actions that the management system should take in response to container lifecycle events.
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.listenPort
|
||||||
|
|
||||||
|
Type: `integer` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/integration/integration.go#L32)</sup>
|
||||||
|
|
||||||
|
ListenPort defines on which port the sidecar container will be listening for connections
|
||||||
|
|
||||||
|
Default Value: `9201`
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.livenessProbe
|
||||||
|
|
||||||
|
Type: `core.Probe` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L37)</sup>
|
||||||
|
|
||||||
|
LivenessProbe keeps configuration of periodic probe of container liveness.
|
||||||
|
Container will be restarted if the probe fails.
|
||||||
|
|
||||||
|
Links:
|
||||||
|
* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes)
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.method
|
||||||
|
|
||||||
|
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/policy/merge.go#L32)</sup>
|
||||||
|
|
||||||
|
Method defines the merge method
|
||||||
|
|
||||||
|
Possible Values:
|
||||||
|
* `"override"` (default) - Overrides values during configuration merge
|
||||||
|
* `"append"` - Appends, if possible, values during configuration merge
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.ports
|
||||||
|
|
||||||
|
Type: `[]core.ContainerPort` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/networking.go#L39)</sup>
|
||||||
|
|
||||||
|
Ports contains list of ports to expose from the container. Not specifying a port here
|
||||||
|
DOES NOT prevent that port from being exposed. Any port which is
|
||||||
|
listening on the default "0.0.0.0" address inside a container will be
|
||||||
|
accessible from the network.
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.readinessProbe
|
||||||
|
|
||||||
|
Type: `core.Probe` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L42)</sup>
|
||||||
|
|
||||||
|
ReadinessProbe keeps configuration of periodic probe of container service readiness.
|
||||||
|
Container will be removed from service endpoints if the probe fails.
|
||||||
|
|
||||||
|
Links:
|
||||||
|
* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes)
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.resources
|
||||||
|
|
||||||
|
Type: `core.ResourceRequirements` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/resources.go#L37)</sup>
|
||||||
|
|
||||||
|
Resources holds resource requests & limits for container
|
||||||
|
|
||||||
|
Links:
|
||||||
|
* [Documentation of core.ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#resourcerequirements-v1-core)
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.securityContext
|
||||||
|
|
||||||
|
Type: `core.SecurityContext` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/security.go#L35)</sup>
|
||||||
|
|
||||||
|
SecurityContext holds container-level security attributes and common container settings.
|
||||||
|
|
||||||
|
Links:
|
||||||
|
* [Kubernetes docs](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/)
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.startupProbe
|
||||||
|
|
||||||
|
Type: `core.Probe` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/probes.go#L50)</sup>
|
||||||
|
|
||||||
|
StartupProbe indicates that the Pod has successfully initialized.
|
||||||
|
If specified, no other probes are executed until this completes successfully.
|
||||||
|
If this probe fails, the Pod will be restarted, just as if the livenessProbe failed.
|
||||||
|
This can be used to provide different probe parameters at the beginning of a Pod's lifecycle,
|
||||||
|
when it might take a long time to load data or warm a cache, than during steady-state operation.
|
||||||
|
|
||||||
|
Links:
|
||||||
|
* [Kubernetes docs](https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes)
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.volumeMounts
|
||||||
|
|
||||||
|
Type: `[]core.VolumeMount` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/volume_mounts.go#L35)</sup>
|
||||||
|
|
||||||
|
VolumeMounts keeps list of pod volumes to mount into the container's filesystem.
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
|
### .spec.integration.sidecar.workingDir
|
||||||
|
|
||||||
|
Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/scheduler/v1beta1/container/resources/core.go#L59)</sup>
|
||||||
|
|
||||||
|
Container's working directory.
|
||||||
|
If not specified, the container runtime's default will be used, which
|
||||||
|
might be configured in the container image.
|
||||||
|
|
||||||
|
***
|
||||||
|
|
||||||
### .spec.labels
|
### .spec.labels
|
||||||
|
|
||||||
Type: `object` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec.go#L127)</sup>
|
Type: `object` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/deployment/v1/deployment_spec.go#L127)</sup>
|
||||||
|
|
|
@ -18,65 +18,65 @@ Available Commands:
|
||||||
help Help about any command
|
help Help about any command
|
||||||
|
|
||||||
Flags:
|
Flags:
|
||||||
--health.address string Address to expose health service (default "0.0.0.0:9091")
|
--health.address string Address to expose health service (Env: HEALTH_ADDRESS) (default "0.0.0.0:9091")
|
||||||
--health.auth.token string Token for health service (when auth service is token)
|
--health.auth.token string Token for health service (when auth service is token) (Env: HEALTH_AUTH_TOKEN)
|
||||||
--health.auth.type string Auth type for health service (default "None")
|
--health.auth.type string Auth type for health service (Env: HEALTH_AUTH_TYPE) (default "None")
|
||||||
--health.shutdown.enabled Determines if shutdown service should be enabled and exposed (default true)
|
--health.shutdown.enabled Determines if shutdown service should be enabled and exposed (Env: HEALTH_SHUTDOWN_ENABLED) (default true)
|
||||||
--health.tls.keyfile string Path to the keyfile
|
--health.tls.keyfile string Path to the keyfile (Env: HEALTH_TLS_KEYFILE)
|
||||||
-h, --help help for arangodb_operator_integration
|
-h, --help help for arangodb_operator_integration
|
||||||
--integration.authentication.v1 Enable AuthenticationV1 Integration Service
|
--integration.authentication.v1 Enable AuthenticationV1 Integration Service (Env: INTEGRATION_AUTHENTICATION_V1)
|
||||||
--integration.authentication.v1.enabled Defines if Authentication is enabled (default true)
|
--integration.authentication.v1.enabled Defines if Authentication is enabled (Env: INTEGRATION_AUTHENTICATION_V1_ENABLED) (default true)
|
||||||
--integration.authentication.v1.external Defones if External access to service authentication.v1 is enabled
|
--integration.authentication.v1.external Defones if External access to service authentication.v1 is enabled (Env: INTEGRATION_AUTHENTICATION_V1_EXTERNAL)
|
||||||
--integration.authentication.v1.internal Defones if Internal access to service authentication.v1 is enabled (default true)
|
--integration.authentication.v1.internal Defones if Internal access to service authentication.v1 is enabled (Env: INTEGRATION_AUTHENTICATION_V1_INTERNAL) (default true)
|
||||||
--integration.authentication.v1.path string Path to the JWT Folder
|
--integration.authentication.v1.path string Path to the JWT Folder (Env: INTEGRATION_AUTHENTICATION_V1_PATH)
|
||||||
--integration.authentication.v1.token.allowed strings Allowed users for the Token
|
--integration.authentication.v1.token.allowed strings Allowed users for the Token (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_ALLOWED)
|
||||||
--integration.authentication.v1.token.max-size uint16 Max Token max size in bytes (default 64)
|
--integration.authentication.v1.token.max-size uint16 Max Token max size in bytes (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_MAX_SIZE) (default 64)
|
||||||
--integration.authentication.v1.token.ttl.default duration Default Token TTL (default 1h0m0s)
|
--integration.authentication.v1.token.ttl.default duration Default Token TTL (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_TTL_DEFAULT) (default 1h0m0s)
|
||||||
--integration.authentication.v1.token.ttl.max duration Max Token TTL (default 1h0m0s)
|
--integration.authentication.v1.token.ttl.max duration Max Token TTL (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_TTL_MAX) (default 1h0m0s)
|
||||||
--integration.authentication.v1.token.ttl.min duration Min Token TTL (default 1m0s)
|
--integration.authentication.v1.token.ttl.min duration Min Token TTL (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_TTL_MIN) (default 1m0s)
|
||||||
--integration.authentication.v1.token.user string Default user of the Token (default "root")
|
--integration.authentication.v1.token.user string Default user of the Token (Env: INTEGRATION_AUTHENTICATION_V1_TOKEN_USER) (default "root")
|
||||||
--integration.authentication.v1.ttl duration TTL of the JWT cache (default 15s)
|
--integration.authentication.v1.ttl duration TTL of the JWT cache (Env: INTEGRATION_AUTHENTICATION_V1_TTL) (default 15s)
|
||||||
--integration.authorization.v0 Enable AuthorizationV0 Integration Service
|
--integration.authorization.v0 Enable AuthorizationV0 Integration Service (Env: INTEGRATION_AUTHORIZATION_V0)
|
||||||
--integration.authorization.v0.external Defones if External access to service authorization.v0 is enabled
|
--integration.authorization.v0.external Defones if External access to service authorization.v0 is enabled (Env: INTEGRATION_AUTHORIZATION_V0_EXTERNAL)
|
||||||
--integration.authorization.v0.internal Defones if Internal access to service authorization.v0 is enabled (default true)
|
--integration.authorization.v0.internal Defones if Internal access to service authorization.v0 is enabled (Env: INTEGRATION_AUTHORIZATION_V0_INTERNAL) (default true)
|
||||||
--integration.config.v1 Enable ConfigV1 Integration Service
|
--integration.config.v1 Enable ConfigV1 Integration Service (Env: INTEGRATION_CONFIG_V1)
|
||||||
--integration.config.v1.external Defones if External access to service config.v1 is enabled
|
--integration.config.v1.external Defones if External access to service config.v1 is enabled (Env: INTEGRATION_CONFIG_V1_EXTERNAL)
|
||||||
--integration.config.v1.internal Defones if Internal access to service config.v1 is enabled (default true)
|
--integration.config.v1.internal Defones if Internal access to service config.v1 is enabled (Env: INTEGRATION_CONFIG_V1_INTERNAL) (default true)
|
||||||
--integration.config.v1.module strings Module in the reference <name>=<abs path>
|
--integration.config.v1.module strings Module in the reference <name>=<abs path> (Env: INTEGRATION_CONFIG_V1_MODULE)
|
||||||
--integration.envoy.auth.v3 Enable EnvoyAuthV3 Integration Service
|
--integration.envoy.auth.v3 Enable EnvoyAuthV3 Integration Service (Env: INTEGRATION_ENVOY_AUTH_V3)
|
||||||
--integration.envoy.auth.v3.external Defones if External access to service envoy.auth.v3 is enabled
|
--integration.envoy.auth.v3.external Defones if External access to service envoy.auth.v3 is enabled (Env: INTEGRATION_ENVOY_AUTH_V3_EXTERNAL)
|
||||||
--integration.envoy.auth.v3.internal Defones if Internal access to service envoy.auth.v3 is enabled (default true)
|
--integration.envoy.auth.v3.internal Defones if Internal access to service envoy.auth.v3 is enabled (Env: INTEGRATION_ENVOY_AUTH_V3_INTERNAL) (default true)
|
||||||
--integration.scheduler.v1 SchedulerV1 Integration
|
--integration.scheduler.v1 SchedulerV1 Integration (Env: INTEGRATION_SCHEDULER_V1)
|
||||||
--integration.scheduler.v1.external Defones if External access to service scheduler.v1 is enabled
|
--integration.scheduler.v1.external Defones if External access to service scheduler.v1 is enabled (Env: INTEGRATION_SCHEDULER_V1_EXTERNAL)
|
||||||
--integration.scheduler.v1.internal Defones if Internal access to service scheduler.v1 is enabled (default true)
|
--integration.scheduler.v1.internal Defones if Internal access to service scheduler.v1 is enabled (Env: INTEGRATION_SCHEDULER_V1_INTERNAL) (default true)
|
||||||
--integration.scheduler.v1.namespace string Kubernetes Namespace (default "default")
|
--integration.scheduler.v1.namespace string Kubernetes Namespace (Env: INTEGRATION_SCHEDULER_V1_NAMESPACE) (default "default")
|
||||||
--integration.scheduler.v1.verify-access Verify the CRD Access (default true)
|
--integration.scheduler.v1.verify-access Verify the CRD Access (Env: INTEGRATION_SCHEDULER_V1_VERIFY_ACCESS) (default true)
|
||||||
--integration.shutdown.v1 ShutdownV1 Handler
|
--integration.shutdown.v1 ShutdownV1 Handler (Env: INTEGRATION_SHUTDOWN_V1)
|
||||||
--integration.shutdown.v1.external Defones if External access to service shutdown.v1 is enabled
|
--integration.shutdown.v1.external Defones if External access to service shutdown.v1 is enabled (Env: INTEGRATION_SHUTDOWN_V1_EXTERNAL)
|
||||||
--integration.shutdown.v1.internal Defones if Internal access to service shutdown.v1 is enabled (default true)
|
--integration.shutdown.v1.internal Defones if Internal access to service shutdown.v1 is enabled (Env: INTEGRATION_SHUTDOWN_V1_INTERNAL) (default true)
|
||||||
--integration.storage.v1 StorageBucket Integration
|
--integration.storage.v1 StorageBucket Integration (Env: INTEGRATION_STORAGE_V1)
|
||||||
--integration.storage.v1.external Defones if External access to service storage.v1 is enabled
|
--integration.storage.v1.external Defones if External access to service storage.v1 is enabled (Env: INTEGRATION_STORAGE_V1_EXTERNAL)
|
||||||
--integration.storage.v1.internal Defones if Internal access to service storage.v1 is enabled (default true)
|
--integration.storage.v1.internal Defones if Internal access to service storage.v1 is enabled (Env: INTEGRATION_STORAGE_V1_INTERNAL) (default true)
|
||||||
--integration.storage.v1.s3.access-key string Path to file containing S3 AccessKey
|
--integration.storage.v1.s3.access-key string Path to file containing S3 AccessKey (Env: INTEGRATION_STORAGE_V1_S3_ACCESS_KEY)
|
||||||
--integration.storage.v1.s3.allow-insecure If set to true, the Endpoint certificates won't be checked
|
--integration.storage.v1.s3.allow-insecure If set to true, the Endpoint certificates won't be checked (Env: INTEGRATION_STORAGE_V1_S3_ALLOW_INSECURE)
|
||||||
--integration.storage.v1.s3.bucket string Bucket name
|
--integration.storage.v1.s3.bucket string Bucket name (Env: INTEGRATION_STORAGE_V1_S3_BUCKET)
|
||||||
--integration.storage.v1.s3.ca-crt string Path to file containing CA certificate to validate endpoint connection
|
--integration.storage.v1.s3.ca-crt string Path to file containing CA certificate to validate endpoint connection (Env: INTEGRATION_STORAGE_V1_S3_CA_CRT)
|
||||||
--integration.storage.v1.s3.ca-key string Path to file containing keyfile to validate endpoint connection
|
--integration.storage.v1.s3.ca-key string Path to file containing keyfile to validate endpoint connection (Env: INTEGRATION_STORAGE_V1_S3_CA_KEY)
|
||||||
--integration.storage.v1.s3.disable-ssl If set to true, the SSL won't be used when connecting to Endpoint
|
--integration.storage.v1.s3.disable-ssl If set to true, the SSL won't be used when connecting to Endpoint (Env: INTEGRATION_STORAGE_V1_S3_DISABLE_SSL)
|
||||||
--integration.storage.v1.s3.endpoint string Endpoint of S3 API implementation
|
--integration.storage.v1.s3.endpoint string Endpoint of S3 API implementation (Env: INTEGRATION_STORAGE_V1_S3_ENDPOINT)
|
||||||
--integration.storage.v1.s3.region string Region
|
--integration.storage.v1.s3.region string Region (Env: INTEGRATION_STORAGE_V1_S3_REGION)
|
||||||
--integration.storage.v1.s3.secret-key string Path to file containing S3 SecretKey
|
--integration.storage.v1.s3.secret-key string Path to file containing S3 SecretKey (Env: INTEGRATION_STORAGE_V1_S3_SECRET_KEY)
|
||||||
--integration.storage.v1.type string Type of the Storage Integration (default "s3")
|
--integration.storage.v1.type string Type of the Storage Integration (Env: INTEGRATION_STORAGE_V1_TYPE) (default "s3")
|
||||||
--services.address string Address to expose internal services (default "127.0.0.1:9092")
|
--services.address string Address to expose internal services (Env: SERVICES_ADDRESS) (default "127.0.0.1:9092")
|
||||||
--services.auth.token string Token for internal service (when auth service is token)
|
--services.auth.token string Token for internal service (when auth service is token) (Env: SERVICES_AUTH_TOKEN)
|
||||||
--services.auth.type string Auth type for internal service (default "None")
|
--services.auth.type string Auth type for internal service (Env: SERVICES_AUTH_TYPE) (default "None")
|
||||||
--services.enabled Defines if internal access is enabled (default true)
|
--services.enabled Defines if internal access is enabled (Env: SERVICES_ENABLED) (default true)
|
||||||
--services.external.address string Address to expose external services (default "0.0.0.0:9093")
|
--services.external.address string Address to expose external services (Env: SERVICES_EXTERNAL_ADDRESS) (default "0.0.0.0:9093")
|
||||||
--services.external.auth.token string Token for external service (when auth service is token)
|
--services.external.auth.token string Token for external service (when auth service is token) (Env: SERVICES_EXTERNAL_AUTH_TOKEN)
|
||||||
--services.external.auth.type string Auth type for external service (default "None")
|
--services.external.auth.type string Auth type for external service (Env: SERVICES_EXTERNAL_AUTH_TYPE) (default "None")
|
||||||
--services.external.enabled Defines if external access is enabled
|
--services.external.enabled Defines if external access is enabled (Env: SERVICES_EXTERNAL_ENABLED)
|
||||||
--services.external.tls.keyfile string Path to the keyfile
|
--services.external.tls.keyfile string Path to the keyfile (Env: SERVICES_EXTERNAL_TLS_KEYFILE)
|
||||||
--services.tls.keyfile string Path to the keyfile
|
--services.tls.keyfile string Path to the keyfile (Env: SERVICES_TLS_KEYFILE)
|
||||||
|
|
||||||
Use "arangodb_operator_integration [command] --help" for more information about a command.
|
Use "arangodb_operator_integration [command] --help" for more information about a command.
|
||||||
```
|
```
|
||||||
|
|
|
@ -262,6 +262,9 @@ type DeploymentSpec struct {
|
||||||
|
|
||||||
// Gateway defined main Gateway configuration.
|
// Gateway defined main Gateway configuration.
|
||||||
Gateway *DeploymentSpecGateway `json:"gateway,omitempty"`
|
Gateway *DeploymentSpecGateway `json:"gateway,omitempty"`
|
||||||
|
|
||||||
|
// Integration defined main Integration configuration.
|
||||||
|
Integration *DeploymentSpecIntegration `json:"integration,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetAllowMemberRecreation returns member recreation policy based on group and settings
|
// GetAllowMemberRecreation returns member recreation policy based on group and settings
|
||||||
|
@ -582,7 +585,10 @@ func (s *DeploymentSpec) Validate() error {
|
||||||
return errors.WithStack(errors.Wrap(err, "spec.architecture"))
|
return errors.WithStack(errors.Wrap(err, "spec.architecture"))
|
||||||
}
|
}
|
||||||
if err := s.Gateway.Validate(); err != nil {
|
if err := s.Gateway.Validate(); err != nil {
|
||||||
return errors.WithStack(errors.Wrap(err, "spec.architecture"))
|
return errors.WithStack(errors.Wrap(err, "spec.gateway"))
|
||||||
|
}
|
||||||
|
if err := s.Integration.Validate(); err != nil {
|
||||||
|
return errors.WithStack(errors.Wrap(err, "spec.integration"))
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,8 +21,6 @@
|
||||||
package v1
|
package v1
|
||||||
|
|
||||||
import (
|
import (
|
||||||
schedulerIntegrationApi "github.com/arangodb/kube-arangodb/pkg/apis/scheduler/v1beta1/integration"
|
|
||||||
shared "github.com/arangodb/kube-arangodb/pkg/apis/shared"
|
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util"
|
"github.com/arangodb/kube-arangodb/pkg/util"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -40,9 +38,6 @@ type DeploymentSpecGateway struct {
|
||||||
// Image is the image to use for the gateway.
|
// Image is the image to use for the gateway.
|
||||||
// By default, the image is determined by the operator.
|
// By default, the image is determined by the operator.
|
||||||
Image *string `json:"image"`
|
Image *string `json:"image"`
|
||||||
|
|
||||||
// Sidecar define the integration sidecar spec
|
|
||||||
Sidecar *schedulerIntegrationApi.Sidecar `json:"sidecar,omitempty"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// IsEnabled returns whether the gateway is enabled.
|
// IsEnabled returns whether the gateway is enabled.
|
||||||
|
@ -63,22 +58,9 @@ func (d *DeploymentSpecGateway) IsDynamic() bool {
|
||||||
return *d.Dynamic
|
return *d.Dynamic
|
||||||
}
|
}
|
||||||
|
|
||||||
func (d *DeploymentSpecGateway) GetSidecar() *schedulerIntegrationApi.Sidecar {
|
|
||||||
if d == nil || d.Sidecar == nil {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
return d.Sidecar
|
|
||||||
}
|
|
||||||
|
|
||||||
// Validate the given spec
|
// Validate the given spec
|
||||||
func (d *DeploymentSpecGateway) Validate() error {
|
func (d *DeploymentSpecGateway) Validate() error {
|
||||||
if d == nil {
|
return nil
|
||||||
d = &DeploymentSpecGateway{}
|
|
||||||
}
|
|
||||||
|
|
||||||
return shared.WithErrors(
|
|
||||||
shared.PrefixResourceErrors("integrationSidecar", d.GetSidecar().Validate()),
|
|
||||||
)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetImage returns the image to use for the gateway.
|
// GetImage returns the image to use for the gateway.
|
||||||
|
|
49
pkg/apis/deployment/v1/deployment_spec_integration.go
Normal file
49
pkg/apis/deployment/v1/deployment_spec_integration.go
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
//
|
||||||
|
// DISCLAIMER
|
||||||
|
//
|
||||||
|
// Copyright 2024 ArangoDB GmbH, Cologne, Germany
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
//
|
||||||
|
// Copyright holder is ArangoDB GmbH, Cologne, Germany
|
||||||
|
//
|
||||||
|
|
||||||
|
package v1
|
||||||
|
|
||||||
|
import (
|
||||||
|
schedulerIntegrationApi "github.com/arangodb/kube-arangodb/pkg/apis/scheduler/v1beta1/integration"
|
||||||
|
shared "github.com/arangodb/kube-arangodb/pkg/apis/shared"
|
||||||
|
)
|
||||||
|
|
||||||
|
type DeploymentSpecIntegration struct {
|
||||||
|
// Sidecar define the integration sidecar spec
|
||||||
|
Sidecar *schedulerIntegrationApi.Sidecar `json:"sidecar,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func (d *DeploymentSpecIntegration) GetSidecar() *schedulerIntegrationApi.Sidecar {
|
||||||
|
if d == nil || d.Sidecar == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
return d.Sidecar
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate the given spec
|
||||||
|
func (d *DeploymentSpecIntegration) Validate() error {
|
||||||
|
if d == nil {
|
||||||
|
d = &DeploymentSpecIntegration{}
|
||||||
|
}
|
||||||
|
|
||||||
|
return shared.WithErrors(
|
||||||
|
shared.PrefixResourceErrors("sidecar", d.GetSidecar().Validate()),
|
||||||
|
)
|
||||||
|
}
|
31
pkg/apis/deployment/v1/zz_generated.deepcopy.go
generated
31
pkg/apis/deployment/v1/zz_generated.deepcopy.go
generated
|
@ -1159,6 +1159,11 @@ func (in *DeploymentSpec) DeepCopyInto(out *DeploymentSpec) {
|
||||||
*out = new(DeploymentSpecGateway)
|
*out = new(DeploymentSpecGateway)
|
||||||
(*in).DeepCopyInto(*out)
|
(*in).DeepCopyInto(*out)
|
||||||
}
|
}
|
||||||
|
if in.Integration != nil {
|
||||||
|
in, out := &in.Integration, &out.Integration
|
||||||
|
*out = new(DeploymentSpecIntegration)
|
||||||
|
(*in).DeepCopyInto(*out)
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1190,11 +1195,6 @@ func (in *DeploymentSpecGateway) DeepCopyInto(out *DeploymentSpecGateway) {
|
||||||
*out = new(string)
|
*out = new(string)
|
||||||
**out = **in
|
**out = **in
|
||||||
}
|
}
|
||||||
if in.Sidecar != nil {
|
|
||||||
in, out := &in.Sidecar, &out.Sidecar
|
|
||||||
*out = new(integration.Sidecar)
|
|
||||||
(*in).DeepCopyInto(*out)
|
|
||||||
}
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1208,6 +1208,27 @@ func (in *DeploymentSpecGateway) DeepCopy() *DeploymentSpecGateway {
|
||||||
return out
|
return out
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *DeploymentSpecIntegration) DeepCopyInto(out *DeploymentSpecIntegration) {
|
||||||
|
*out = *in
|
||||||
|
if in.Sidecar != nil {
|
||||||
|
in, out := &in.Sidecar, &out.Sidecar
|
||||||
|
*out = new(integration.Sidecar)
|
||||||
|
(*in).DeepCopyInto(*out)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpecIntegration.
|
||||||
|
func (in *DeploymentSpecIntegration) DeepCopy() *DeploymentSpecIntegration {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(DeploymentSpecIntegration)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
|
func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
|
||||||
*out = *in
|
*out = *in
|
||||||
|
|
|
@ -262,6 +262,9 @@ type DeploymentSpec struct {
|
||||||
|
|
||||||
// Gateway defined main Gateway configuration.
|
// Gateway defined main Gateway configuration.
|
||||||
Gateway *DeploymentSpecGateway `json:"gateway,omitempty"`
|
Gateway *DeploymentSpecGateway `json:"gateway,omitempty"`
|
||||||
|
|
||||||
|
// Integration defined main Integration configuration.
|
||||||
|
Integration *DeploymentSpecIntegration `json:"integration,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetAllowMemberRecreation returns member recreation policy based on group and settings
|
// GetAllowMemberRecreation returns member recreation policy based on group and settings
|
||||||
|
@ -582,7 +585,10 @@ func (s *DeploymentSpec) Validate() error {
|
||||||
return errors.WithStack(errors.Wrap(err, "spec.architecture"))
|
return errors.WithStack(errors.Wrap(err, "spec.architecture"))
|
||||||
}
|
}
|
||||||
if err := s.Gateway.Validate(); err != nil {
|
if err := s.Gateway.Validate(); err != nil {
|
||||||
return errors.WithStack(errors.Wrap(err, "spec.architecture"))
|
return errors.WithStack(errors.Wrap(err, "spec.gateway"))
|
||||||
|
}
|
||||||
|
if err := s.Integration.Validate(); err != nil {
|
||||||
|
return errors.WithStack(errors.Wrap(err, "spec.integration"))
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,8 +21,6 @@
|
||||||
package v2alpha1
|
package v2alpha1
|
||||||
|
|
||||||
import (
|
import (
|
||||||
schedulerIntegrationApi "github.com/arangodb/kube-arangodb/pkg/apis/scheduler/v1beta1/integration"
|
|
||||||
shared "github.com/arangodb/kube-arangodb/pkg/apis/shared"
|
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util"
|
"github.com/arangodb/kube-arangodb/pkg/util"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -40,9 +38,6 @@ type DeploymentSpecGateway struct {
|
||||||
// Image is the image to use for the gateway.
|
// Image is the image to use for the gateway.
|
||||||
// By default, the image is determined by the operator.
|
// By default, the image is determined by the operator.
|
||||||
Image *string `json:"image"`
|
Image *string `json:"image"`
|
||||||
|
|
||||||
// Sidecar define the integration sidecar spec
|
|
||||||
Sidecar *schedulerIntegrationApi.Sidecar `json:"sidecar,omitempty"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// IsEnabled returns whether the gateway is enabled.
|
// IsEnabled returns whether the gateway is enabled.
|
||||||
|
@ -63,22 +58,9 @@ func (d *DeploymentSpecGateway) IsDynamic() bool {
|
||||||
return *d.Dynamic
|
return *d.Dynamic
|
||||||
}
|
}
|
||||||
|
|
||||||
func (d *DeploymentSpecGateway) GetSidecar() *schedulerIntegrationApi.Sidecar {
|
|
||||||
if d == nil || d.Sidecar == nil {
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
return d.Sidecar
|
|
||||||
}
|
|
||||||
|
|
||||||
// Validate the given spec
|
// Validate the given spec
|
||||||
func (d *DeploymentSpecGateway) Validate() error {
|
func (d *DeploymentSpecGateway) Validate() error {
|
||||||
if d == nil {
|
return nil
|
||||||
d = &DeploymentSpecGateway{}
|
|
||||||
}
|
|
||||||
|
|
||||||
return shared.WithErrors(
|
|
||||||
shared.PrefixResourceErrors("integrationSidecar", d.GetSidecar().Validate()),
|
|
||||||
)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetImage returns the image to use for the gateway.
|
// GetImage returns the image to use for the gateway.
|
||||||
|
|
49
pkg/apis/deployment/v2alpha1/deployment_spec_integration.go
Normal file
49
pkg/apis/deployment/v2alpha1/deployment_spec_integration.go
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
//
|
||||||
|
// DISCLAIMER
|
||||||
|
//
|
||||||
|
// Copyright 2024 ArangoDB GmbH, Cologne, Germany
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
//
|
||||||
|
// Copyright holder is ArangoDB GmbH, Cologne, Germany
|
||||||
|
//
|
||||||
|
|
||||||
|
package v2alpha1
|
||||||
|
|
||||||
|
import (
|
||||||
|
schedulerIntegrationApi "github.com/arangodb/kube-arangodb/pkg/apis/scheduler/v1beta1/integration"
|
||||||
|
shared "github.com/arangodb/kube-arangodb/pkg/apis/shared"
|
||||||
|
)
|
||||||
|
|
||||||
|
type DeploymentSpecIntegration struct {
|
||||||
|
// Sidecar define the integration sidecar spec
|
||||||
|
Sidecar *schedulerIntegrationApi.Sidecar `json:"sidecar,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func (d *DeploymentSpecIntegration) GetSidecar() *schedulerIntegrationApi.Sidecar {
|
||||||
|
if d == nil || d.Sidecar == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
return d.Sidecar
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate the given spec
|
||||||
|
func (d *DeploymentSpecIntegration) Validate() error {
|
||||||
|
if d == nil {
|
||||||
|
d = &DeploymentSpecIntegration{}
|
||||||
|
}
|
||||||
|
|
||||||
|
return shared.WithErrors(
|
||||||
|
shared.PrefixResourceErrors("sidecar", d.GetSidecar().Validate()),
|
||||||
|
)
|
||||||
|
}
|
|
@ -1159,6 +1159,11 @@ func (in *DeploymentSpec) DeepCopyInto(out *DeploymentSpec) {
|
||||||
*out = new(DeploymentSpecGateway)
|
*out = new(DeploymentSpecGateway)
|
||||||
(*in).DeepCopyInto(*out)
|
(*in).DeepCopyInto(*out)
|
||||||
}
|
}
|
||||||
|
if in.Integration != nil {
|
||||||
|
in, out := &in.Integration, &out.Integration
|
||||||
|
*out = new(DeploymentSpecIntegration)
|
||||||
|
(*in).DeepCopyInto(*out)
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1190,11 +1195,6 @@ func (in *DeploymentSpecGateway) DeepCopyInto(out *DeploymentSpecGateway) {
|
||||||
*out = new(string)
|
*out = new(string)
|
||||||
**out = **in
|
**out = **in
|
||||||
}
|
}
|
||||||
if in.Sidecar != nil {
|
|
||||||
in, out := &in.Sidecar, &out.Sidecar
|
|
||||||
*out = new(integration.Sidecar)
|
|
||||||
(*in).DeepCopyInto(*out)
|
|
||||||
}
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1208,6 +1208,27 @@ func (in *DeploymentSpecGateway) DeepCopy() *DeploymentSpecGateway {
|
||||||
return out
|
return out
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
|
func (in *DeploymentSpecIntegration) DeepCopyInto(out *DeploymentSpecIntegration) {
|
||||||
|
*out = *in
|
||||||
|
if in.Sidecar != nil {
|
||||||
|
in, out := &in.Sidecar, &out.Sidecar
|
||||||
|
*out = new(integration.Sidecar)
|
||||||
|
(*in).DeepCopyInto(*out)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentSpecIntegration.
|
||||||
|
func (in *DeploymentSpecIntegration) DeepCopy() *DeploymentSpecIntegration {
|
||||||
|
if in == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
out := new(DeploymentSpecIntegration)
|
||||||
|
in.DeepCopyInto(out)
|
||||||
|
return out
|
||||||
|
}
|
||||||
|
|
||||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||||
func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
|
func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
|
||||||
*out = *in
|
*out = *in
|
||||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -135,7 +135,7 @@ func (r *Resources) renderGatewayConfig(cachedStatus inspectorInterface.Inspecto
|
||||||
|
|
||||||
cfg.IntegrationSidecar = &gateway.ConfigDestinationTarget{
|
cfg.IntegrationSidecar = &gateway.ConfigDestinationTarget{
|
||||||
Host: "127.0.0.1",
|
Host: "127.0.0.1",
|
||||||
Port: int32(r.context.GetSpec().Gateway.GetSidecar().GetListenPort()),
|
Port: int32(r.context.GetSpec().Integration.GetSidecar().GetListenPort()),
|
||||||
}
|
}
|
||||||
|
|
||||||
cfg.DefaultDestination = gateway.ConfigDestination{
|
cfg.DefaultDestination = gateway.ConfigDestination{
|
||||||
|
|
|
@ -238,7 +238,13 @@ func (m *MemberGatewayPod) Labels() map[string]string {
|
||||||
func (m *MemberGatewayPod) Profiles() (schedulerApi.ProfileTemplates, error) {
|
func (m *MemberGatewayPod) Profiles() (schedulerApi.ProfileTemplates, error) {
|
||||||
integration, err := sidecar.NewIntegration(&schedulerContainerResourcesApi.Image{
|
integration, err := sidecar.NewIntegration(&schedulerContainerResourcesApi.Image{
|
||||||
Image: util.NewType(m.resources.context.GetOperatorImage()),
|
Image: util.NewType(m.resources.context.GetOperatorImage()),
|
||||||
}, m.spec.Gateway.GetSidecar(), []string{shared.ServerContainerName},
|
}, m.spec.Integration.GetSidecar())
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
integrations, err := sidecar.NewIntegrationEnablement(
|
||||||
sidecar.IntegrationEnvoyV3{
|
sidecar.IntegrationEnvoyV3{
|
||||||
Spec: m.spec,
|
Spec: m.spec,
|
||||||
}, sidecar.IntegrationAuthenticationV1{
|
}, sidecar.IntegrationAuthenticationV1{
|
||||||
|
@ -250,5 +256,7 @@ func (m *MemberGatewayPod) Profiles() (schedulerApi.ProfileTemplates, error) {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
return []*schedulerApi.ProfileTemplate{integration}, nil
|
shutdownAnnotation := sidecar.NewShutdownAnnotations([]string{shared.ServerContainerName})
|
||||||
|
|
||||||
|
return []*schedulerApi.ProfileTemplate{integration, integrations, shutdownAnnotation}, nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -27,6 +27,7 @@ import (
|
||||||
|
|
||||||
pbImplAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1"
|
pbImplAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1"
|
||||||
pbAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1/definition"
|
pbAuthenticationV1 "github.com/arangodb/kube-arangodb/integrations/authentication/v1/definition"
|
||||||
|
"github.com/arangodb/kube-arangodb/pkg/util/errors"
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util/svc"
|
"github.com/arangodb/kube-arangodb/pkg/util/svc"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -40,20 +41,18 @@ type authenticationV1 struct {
|
||||||
config pbImplAuthenticationV1.Configuration
|
config pbImplAuthenticationV1.Configuration
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *authenticationV1) Register(cmd *cobra.Command, arg ArgGen) error {
|
func (a *authenticationV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error {
|
||||||
f := cmd.Flags()
|
return errors.Errors(
|
||||||
|
fs.StringVar(&a.config.Path, "path", "", "Path to the JWT Folder"),
|
||||||
f.StringVar(&a.config.Path, arg("path"), "", "Path to the JWT Folder")
|
fs.BoolVar(&a.config.Enabled, "enabled", true, "Defines if Authentication is enabled"),
|
||||||
f.BoolVar(&a.config.Enabled, arg("enabled"), true, "Defines if Authentication is enabled")
|
fs.DurationVar(&a.config.TTL, "ttl", pbImplAuthenticationV1.DefaultTTL, "TTL of the JWT cache"),
|
||||||
f.DurationVar(&a.config.TTL, arg("ttl"), pbImplAuthenticationV1.DefaultTTL, "TTL of the JWT cache")
|
fs.StringVar(&a.config.Create.DefaultUser, "token.user", pbImplAuthenticationV1.DefaultUser, "Default user of the Token"),
|
||||||
f.StringVar(&a.config.Create.DefaultUser, arg("token.user"), pbImplAuthenticationV1.DefaultUser, "Default user of the Token")
|
fs.DurationVar(&a.config.Create.DefaultTTL, "token.ttl.default", pbImplAuthenticationV1.DefaultTokenDefaultTTL, "Default Token TTL"),
|
||||||
f.DurationVar(&a.config.Create.DefaultTTL, arg("token.ttl.default"), pbImplAuthenticationV1.DefaultTokenDefaultTTL, "Default Token TTL")
|
fs.DurationVar(&a.config.Create.MinTTL, "token.ttl.min", pbImplAuthenticationV1.DefaultTokenMinTTL, "Min Token TTL"),
|
||||||
f.DurationVar(&a.config.Create.MinTTL, arg("token.ttl.min"), pbImplAuthenticationV1.DefaultTokenMinTTL, "Min Token TTL")
|
fs.DurationVar(&a.config.Create.MaxTTL, "token.ttl.max", pbImplAuthenticationV1.DefaultTokenMaxTTL, "Max Token TTL"),
|
||||||
f.DurationVar(&a.config.Create.MaxTTL, arg("token.ttl.max"), pbImplAuthenticationV1.DefaultTokenMaxTTL, "Max Token TTL")
|
fs.Uint16Var(&a.config.Create.MaxSize, "token.max-size", pbImplAuthenticationV1.DefaultMaxTokenSize, "Max Token max size in bytes"),
|
||||||
f.Uint16Var(&a.config.Create.MaxSize, arg("token.max-size"), pbImplAuthenticationV1.DefaultMaxTokenSize, "Max Token max size in bytes")
|
fs.StringSliceVar(&a.config.Create.AllowedUsers, "token.allowed", []string{}, "Allowed users for the Token"),
|
||||||
f.StringSliceVar(&a.config.Create.AllowedUsers, arg("token.allowed"), []string{}, "Allowed users for the Token")
|
)
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *authenticationV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) {
|
func (a *authenticationV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) {
|
||||||
|
|
|
@ -47,7 +47,7 @@ func (a authorizationV0) Description() string {
|
||||||
return "Enable AuthorizationV0 Integration Service"
|
return "Enable AuthorizationV0 Integration Service"
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a authorizationV0) Register(cmd *cobra.Command, arg ArgGen) error {
|
func (a authorizationV0) Register(cmd *cobra.Command, fs FlagEnvHandler) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -41,12 +41,10 @@ type configV1 struct {
|
||||||
modules []string
|
modules []string
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *configV1) Register(cmd *cobra.Command, arg ArgGen) error {
|
func (a *configV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error {
|
||||||
f := cmd.Flags()
|
return errors.Errors(
|
||||||
|
fs.StringSliceVar(&a.modules, "module", nil, "Module in the reference <name>=<abs path>"),
|
||||||
f.StringSliceVar(&a.modules, arg("module"), nil, "Module in the reference <name>=<abs path>")
|
)
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *configV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) {
|
func (a *configV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) {
|
||||||
|
|
|
@ -48,7 +48,7 @@ func (a *envoyAuthV3) Description() string {
|
||||||
return "Enable EnvoyAuthV3 Integration Service"
|
return "Enable EnvoyAuthV3 Integration Service"
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *envoyAuthV3) Register(cmd *cobra.Command, arg ArgGen) error {
|
func (a *envoyAuthV3) Register(cmd *cobra.Command, fs FlagEnvHandler) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
243
pkg/integrations/flags.go
Normal file
243
pkg/integrations/flags.go
Normal file
|
@ -0,0 +1,243 @@
|
||||||
|
//
|
||||||
|
// DISCLAIMER
|
||||||
|
//
|
||||||
|
// Copyright 2024 ArangoDB GmbH, Cologne, Germany
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
//
|
||||||
|
// Copyright holder is ArangoDB GmbH, Cologne, Germany
|
||||||
|
//
|
||||||
|
|
||||||
|
package integrations
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
"reflect"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
flag "github.com/spf13/pflag"
|
||||||
|
|
||||||
|
"github.com/arangodb/kube-arangodb/pkg/util"
|
||||||
|
"github.com/arangodb/kube-arangodb/pkg/util/errors"
|
||||||
|
)
|
||||||
|
|
||||||
|
func NewFlagEnvHandler(fs *flag.FlagSet) FlagEnvHandler {
|
||||||
|
return flagEnvHandler{
|
||||||
|
fs: fs,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
type FlagEnvHandler interface {
|
||||||
|
WithPrefix(prefix string) FlagEnvHandler
|
||||||
|
|
||||||
|
StringVar(p *string, name string, value string, usage string) error
|
||||||
|
String(name string, value string, usage string) error
|
||||||
|
|
||||||
|
StringSliceVar(p *[]string, name string, value []string, usage string) error
|
||||||
|
StringSlice(name string, value []string, usage string) error
|
||||||
|
|
||||||
|
BoolVar(p *bool, name string, value bool, usage string) error
|
||||||
|
Bool(name string, value bool, usage string) error
|
||||||
|
|
||||||
|
Uint16Var(p *uint16, name string, value uint16, usage string) error
|
||||||
|
Uint16(name string, value uint16, usage string) error
|
||||||
|
|
||||||
|
DurationVar(p *time.Duration, name string, value time.Duration, usage string) error
|
||||||
|
Duration(name string, value time.Duration, usage string) error
|
||||||
|
}
|
||||||
|
|
||||||
|
type flagEnvHandler struct {
|
||||||
|
prefix string
|
||||||
|
fs *flag.FlagSet
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) StringVar(p *string, name string, value string, usage string) error {
|
||||||
|
v, err := parseEnvToString(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.StringVar(p, f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) String(name string, value string, usage string) error {
|
||||||
|
v, err := parseEnvToString(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.String(f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) StringSliceVar(p *[]string, name string, value []string, usage string) error {
|
||||||
|
v, err := parseEnvToStringArray(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.StringSliceVar(p, f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) StringSlice(name string, value []string, usage string) error {
|
||||||
|
v, err := parseEnvToStringArray(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.StringSlice(f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) BoolVar(p *bool, name string, value bool, usage string) error {
|
||||||
|
v, err := parseEnvToBool(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.BoolVar(p, f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) Bool(name string, value bool, usage string) error {
|
||||||
|
v, err := parseEnvToBool(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.Bool(f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) DurationVar(p *time.Duration, name string, value time.Duration, usage string) error {
|
||||||
|
v, err := parseEnvToDuration(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.DurationVar(p, f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) Duration(name string, value time.Duration, usage string) error {
|
||||||
|
v, err := parseEnvToDuration(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.Duration(f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) Uint16Var(p *uint16, name string, value uint16, usage string) error {
|
||||||
|
v, err := parseEnvToUint16(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.Uint16Var(p, f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) Uint16(name string, value uint16, usage string) error {
|
||||||
|
v, err := parseEnvToUint16(f.getEnv(name), value)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
f.fs.Uint16(f.name(name), v, f.varDesc(name, usage))
|
||||||
|
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) varDesc(name string, dest string) string {
|
||||||
|
return fmt.Sprintf("%s (Env: %s)", dest, f.getEnv(name))
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) getEnv(n string) string {
|
||||||
|
z := f.name(n)
|
||||||
|
|
||||||
|
z = strings.ReplaceAll(z, ".", "_")
|
||||||
|
z = strings.ReplaceAll(z, "-", "_")
|
||||||
|
|
||||||
|
return strings.ToUpper(z)
|
||||||
|
}
|
||||||
|
func (f flagEnvHandler) name(n string) string {
|
||||||
|
if f.prefix == "" {
|
||||||
|
return n
|
||||||
|
}
|
||||||
|
if n == "" {
|
||||||
|
return f.prefix
|
||||||
|
}
|
||||||
|
return fmt.Sprintf("%s.%s", f.prefix, n)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f flagEnvHandler) WithPrefix(prefix string) FlagEnvHandler {
|
||||||
|
return flagEnvHandler{
|
||||||
|
prefix: f.name(prefix),
|
||||||
|
fs: f.fs,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func parseEnvToDuration(env string, def time.Duration) (time.Duration, error) {
|
||||||
|
return parseEnvToType(env, def, time.ParseDuration)
|
||||||
|
}
|
||||||
|
|
||||||
|
func parseEnvToUint16(env string, def uint16) (uint16, error) {
|
||||||
|
return parseEnvToType(env, def, func(in string) (uint16, error) {
|
||||||
|
v, err := strconv.ParseUint(in, 10, 16)
|
||||||
|
return uint16(v), err
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func parseEnvToBool(env string, def bool) (bool, error) {
|
||||||
|
return parseEnvToType(env, def, strconv.ParseBool)
|
||||||
|
}
|
||||||
|
|
||||||
|
func parseEnvToStringArray(env string, def []string) ([]string, error) {
|
||||||
|
return parseEnvToType(env, def, func(in string) ([]string, error) {
|
||||||
|
return strings.Split(in, ","), nil
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func parseEnvToString(env string, def string) (string, error) {
|
||||||
|
return parseEnvToType(env, def, func(in string) (string, error) {
|
||||||
|
return in, nil
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func parseEnvToType[T any](env string, def T, parser func(in string) (T, error)) (T, error) {
|
||||||
|
if v, ok := os.LookupEnv(env); ok {
|
||||||
|
if q, err := parser(v); err != nil {
|
||||||
|
return util.Default[T](), errors.Wrapf(err, "Unable to parse env `%s` as %s", env, reflect.TypeOf(def).String())
|
||||||
|
} else {
|
||||||
|
return q, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return def, nil
|
||||||
|
}
|
|
@ -30,13 +30,11 @@ import (
|
||||||
|
|
||||||
type Factory func() Integration
|
type Factory func() Integration
|
||||||
|
|
||||||
type ArgGen func(name string) string
|
|
||||||
|
|
||||||
type Integration interface {
|
type Integration interface {
|
||||||
Name() string
|
Name() string
|
||||||
Description() string
|
Description() string
|
||||||
|
|
||||||
Register(cmd *cobra.Command, arg ArgGen) error
|
Register(cmd *cobra.Command, fs FlagEnvHandler) error
|
||||||
|
|
||||||
Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error)
|
Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error)
|
||||||
}
|
}
|
||||||
|
|
|
@ -125,37 +125,44 @@ func (c *configuration) Register(cmd *cobra.Command) error {
|
||||||
|
|
||||||
cmd.RunE = c.run
|
cmd.RunE = c.run
|
||||||
|
|
||||||
f := cmd.Flags()
|
f := NewFlagEnvHandler(cmd.Flags())
|
||||||
|
|
||||||
f.StringVar(&c.health.address, "health.address", "0.0.0.0:9091", "Address to expose health service")
|
if err := errors.Errors(
|
||||||
f.BoolVar(&c.health.shutdownEnabled, "health.shutdown.enabled", true, "Determines if shutdown service should be enabled and exposed")
|
f.StringVar(&c.health.address, "health.address", "0.0.0.0:9091", "Address to expose health service"),
|
||||||
f.StringVar(&c.health.auth.t, "health.auth.type", "None", "Auth type for health service")
|
f.BoolVar(&c.health.shutdownEnabled, "health.shutdown.enabled", true, "Determines if shutdown service should be enabled and exposed"),
|
||||||
f.StringVar(&c.health.auth.token, "health.auth.token", "", "Token for health service (when auth service is token)")
|
f.StringVar(&c.health.auth.t, "health.auth.type", "None", "Auth type for health service"),
|
||||||
f.StringVar(&c.health.tls.keyfile, "health.tls.keyfile", "", "Path to the keyfile")
|
f.StringVar(&c.health.auth.token, "health.auth.token", "", "Token for health service (when auth service is token)"),
|
||||||
|
f.StringVar(&c.health.tls.keyfile, "health.tls.keyfile", "", "Path to the keyfile"),
|
||||||
|
|
||||||
f.BoolVar(&c.services.internal.enabled, "services.enabled", true, "Defines if internal access is enabled")
|
f.BoolVar(&c.services.internal.enabled, "services.enabled", true, "Defines if internal access is enabled"),
|
||||||
f.StringVar(&c.services.internal.address, "services.address", "127.0.0.1:9092", "Address to expose internal services")
|
f.StringVar(&c.services.internal.address, "services.address", "127.0.0.1:9092", "Address to expose internal services"),
|
||||||
f.StringVar(&c.services.internal.auth.t, "services.auth.type", "None", "Auth type for internal service")
|
f.StringVar(&c.services.internal.auth.t, "services.auth.type", "None", "Auth type for internal service"),
|
||||||
f.StringVar(&c.services.internal.auth.token, "services.auth.token", "", "Token for internal service (when auth service is token)")
|
f.StringVar(&c.services.internal.auth.token, "services.auth.token", "", "Token for internal service (when auth service is token)"),
|
||||||
f.StringVar(&c.services.internal.tls.keyfile, "services.tls.keyfile", "", "Path to the keyfile")
|
f.StringVar(&c.services.internal.tls.keyfile, "services.tls.keyfile", "", "Path to the keyfile"),
|
||||||
|
|
||||||
f.BoolVar(&c.services.external.enabled, "services.external.enabled", false, "Defines if external access is enabled")
|
|
||||||
f.StringVar(&c.services.external.address, "services.external.address", "0.0.0.0:9093", "Address to expose external services")
|
|
||||||
f.StringVar(&c.services.external.auth.t, "services.external.auth.type", "None", "Auth type for external service")
|
|
||||||
f.StringVar(&c.services.external.auth.token, "services.external.auth.token", "", "Token for external service (when auth service is token)")
|
|
||||||
f.StringVar(&c.services.external.tls.keyfile, "services.external.tls.keyfile", "", "Path to the keyfile")
|
|
||||||
|
|
||||||
|
f.BoolVar(&c.services.external.enabled, "services.external.enabled", false, "Defines if external access is enabled"),
|
||||||
|
f.StringVar(&c.services.external.address, "services.external.address", "0.0.0.0:9093", "Address to expose external services"),
|
||||||
|
f.StringVar(&c.services.external.auth.t, "services.external.auth.type", "None", "Auth type for external service"),
|
||||||
|
f.StringVar(&c.services.external.auth.token, "services.external.auth.token", "", "Token for external service (when auth service is token)"),
|
||||||
|
f.StringVar(&c.services.external.tls.keyfile, "services.external.tls.keyfile", "", "Path to the keyfile"),
|
||||||
|
); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
for _, service := range c.registered {
|
for _, service := range c.registered {
|
||||||
prefix := fmt.Sprintf("integration.%s", service.Name())
|
prefix := fmt.Sprintf("integration.%s", service.Name())
|
||||||
|
|
||||||
f.Bool(prefix, false, service.Description())
|
fs := f.WithPrefix(prefix)
|
||||||
internal, external := GetIntegrationEnablement(service)
|
internal, external := GetIntegrationEnablement(service)
|
||||||
f.Bool(fmt.Sprintf("%s.internal", prefix), internal, fmt.Sprintf("Defones if Internal access to service %s is enabled", service.Name()))
|
|
||||||
f.Bool(fmt.Sprintf("%s.external", prefix), external, fmt.Sprintf("Defones if External access to service %s is enabled", service.Name()))
|
|
||||||
|
|
||||||
if err := service.Register(cmd, func(name string) string {
|
if err := errors.Errors(
|
||||||
return fmt.Sprintf("%s.%s", prefix, name)
|
fs.Bool("", false, service.Description()),
|
||||||
}); err != nil {
|
fs.Bool("internal", internal, fmt.Sprintf("Defones if Internal access to service %s is enabled", service.Name())),
|
||||||
|
fs.Bool("external", external, fmt.Sprintf("Defones if External access to service %s is enabled", service.Name())),
|
||||||
|
); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := service.Register(cmd, fs); err != nil {
|
||||||
return errors.Wrapf(err, "Unable to register service %s", service.Name())
|
return errors.Wrapf(err, "Unable to register service %s", service.Name())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -50,13 +50,11 @@ func (b *schedulerV1) Description() string {
|
||||||
return "SchedulerV1 Integration"
|
return "SchedulerV1 Integration"
|
||||||
}
|
}
|
||||||
|
|
||||||
func (b *schedulerV1) Register(cmd *cobra.Command, arg ArgGen) error {
|
func (b *schedulerV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error {
|
||||||
f := cmd.Flags()
|
return errors.Errors(
|
||||||
|
fs.StringVar(&b.Configuration.Namespace, "namespace", constants.NamespaceWithDefault("default"), "Kubernetes Namespace"),
|
||||||
f.StringVar(&b.Configuration.Namespace, arg("namespace"), constants.NamespaceWithDefault("default"), "Kubernetes Namespace")
|
fs.BoolVar(&b.Configuration.VerifyAccess, "verify-access", true, "Verify the CRD Access"),
|
||||||
f.BoolVar(&b.Configuration.VerifyAccess, arg("verify-access"), true, "Verify the CRD Access")
|
)
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (b *schedulerV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) {
|
func (b *schedulerV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) {
|
||||||
|
|
|
@ -52,7 +52,7 @@ func (s *shutdownV1) Description() string {
|
||||||
return "ShutdownV1 Handler"
|
return "ShutdownV1 Handler"
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *shutdownV1) Register(cmd *cobra.Command, arg ArgGen) error {
|
func (s *shutdownV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -24,8 +24,9 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
core "k8s.io/api/core/v1"
|
||||||
|
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util"
|
"github.com/arangodb/kube-arangodb/pkg/util"
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util/k8sutil"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type Core struct {
|
type Core struct {
|
||||||
|
@ -49,14 +50,22 @@ func (c *Core) GetExternal() bool {
|
||||||
return *c.External
|
return *c.External
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *Core) Args(int Integration) k8sutil.OptionPairs {
|
func (c *Core) Envs(int Integration, envs ...core.EnvVar) []core.EnvVar {
|
||||||
var options k8sutil.OptionPairs
|
|
||||||
cmd := strings.Join(util.FormatList(int.Name(), func(a string) string {
|
cmd := strings.Join(util.FormatList(int.Name(), func(a string) string {
|
||||||
return strings.ToLower(a)
|
return strings.ToUpper(a)
|
||||||
}), ".")
|
}), "_")
|
||||||
|
var r = []core.EnvVar{
|
||||||
|
{
|
||||||
|
Name: fmt.Sprintf("INTEGRATION_%s_INTERNAL", cmd),
|
||||||
|
Value: util.BoolSwitch(c.GetInternal(), "true", "false"),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: fmt.Sprintf("INTEGRATION_%s_EXTERNAL", cmd),
|
||||||
|
Value: util.BoolSwitch(c.GetExternal(), "true", "false"),
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
options.Add(fmt.Sprintf("--integration.%s.internal", cmd), c.GetInternal())
|
r = append(r, envs...)
|
||||||
options.Add(fmt.Sprintf("--integration.%s.external", cmd), c.GetExternal())
|
|
||||||
|
|
||||||
return options
|
return r
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,11 +26,9 @@ import (
|
||||||
api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1"
|
api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1"
|
||||||
shared "github.com/arangodb/kube-arangodb/pkg/apis/shared"
|
shared "github.com/arangodb/kube-arangodb/pkg/apis/shared"
|
||||||
"github.com/arangodb/kube-arangodb/pkg/deployment/pod"
|
"github.com/arangodb/kube-arangodb/pkg/deployment/pod"
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util/k8sutil"
|
"github.com/arangodb/kube-arangodb/pkg/util"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ IntegrationVolumes = IntegrationAuthenticationV1{}
|
|
||||||
|
|
||||||
type IntegrationAuthenticationV1 struct {
|
type IntegrationAuthenticationV1 struct {
|
||||||
Core *Core
|
Core *Core
|
||||||
|
|
||||||
|
@ -46,16 +44,27 @@ func (i IntegrationAuthenticationV1) Validate() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (i IntegrationAuthenticationV1) Args() (k8sutil.OptionPairs, error) {
|
func (i IntegrationAuthenticationV1) Envs() ([]core.EnvVar, error) {
|
||||||
options := k8sutil.CreateOptionPairs()
|
var envs = []core.EnvVar{
|
||||||
|
{
|
||||||
|
Name: "INTEGRATION_AUTHENTICATION_V1",
|
||||||
|
Value: "true",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: "INTEGRATION_AUTHENTICATION_V1_ENABLED",
|
||||||
|
Value: util.BoolSwitch(i.Spec.IsAuthenticated(), "true", "false"),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: "INTEGRATION_AUTHENTICATION_V1_PATH",
|
||||||
|
Value: shared.ClusterJWTSecretVolumeMountDir,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
options.Add("--integration.authentication.v1", true)
|
return i.Core.Envs(i, envs...), nil
|
||||||
options.Add("--integration.authentication.v1.enabled", i.Spec.IsAuthenticated())
|
}
|
||||||
options.Add("--integration.authentication.v1.path", shared.ClusterJWTSecretVolumeMountDir)
|
|
||||||
|
|
||||||
options.Merge(i.Core.Args(i))
|
func (i IntegrationAuthenticationV1) GlobalEnvs() ([]core.EnvVar, error) {
|
||||||
|
return nil, nil
|
||||||
return options, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (i IntegrationAuthenticationV1) Volumes() ([]core.Volume, []core.VolumeMount, error) {
|
func (i IntegrationAuthenticationV1) Volumes() ([]core.Volume, []core.VolumeMount, error) {
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
package sidecar
|
package sidecar
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util/k8sutil"
|
core "k8s.io/api/core/v1"
|
||||||
)
|
)
|
||||||
|
|
||||||
type IntegrationAuthorizationV0 struct {
|
type IntegrationAuthorizationV0 struct {
|
||||||
|
@ -36,12 +36,21 @@ func (i IntegrationAuthorizationV0) Validate() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (i IntegrationAuthorizationV0) Args() (k8sutil.OptionPairs, error) {
|
func (i IntegrationAuthorizationV0) Envs() ([]core.EnvVar, error) {
|
||||||
options := k8sutil.CreateOptionPairs()
|
var envs = []core.EnvVar{
|
||||||
|
{
|
||||||
|
Name: "INTEGRATION_AUTHENTICATION_V0",
|
||||||
|
Value: "true",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
options.Add("--integration.authorization.v0", true)
|
return i.Core.Envs(i, envs...), nil
|
||||||
|
}
|
||||||
options.Merge(i.Core.Args(i))
|
|
||||||
|
func (i IntegrationAuthorizationV0) GlobalEnvs() ([]core.EnvVar, error) {
|
||||||
return options, nil
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (i IntegrationAuthorizationV0) Volumes() ([]core.Volume, []core.VolumeMount, error) {
|
||||||
|
return nil, nil, nil
|
||||||
}
|
}
|
|
@ -21,8 +21,9 @@
|
||||||
package sidecar
|
package sidecar
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
core "k8s.io/api/core/v1"
|
||||||
|
|
||||||
api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1"
|
api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1"
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util/k8sutil"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
type IntegrationEnvoyV3 struct {
|
type IntegrationEnvoyV3 struct {
|
||||||
|
@ -38,12 +39,21 @@ func (i IntegrationEnvoyV3) Validate() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (i IntegrationEnvoyV3) Args() (k8sutil.OptionPairs, error) {
|
func (i IntegrationEnvoyV3) Envs() ([]core.EnvVar, error) {
|
||||||
options := k8sutil.CreateOptionPairs()
|
var envs = []core.EnvVar{
|
||||||
|
{
|
||||||
|
Name: "INTEGRATION_ENVOY_AUTH_V3",
|
||||||
|
Value: "true",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
options.Add("--integration.envoy.auth.v3", true)
|
return i.Core.Envs(i, envs...), nil
|
||||||
|
}
|
||||||
options.Merge(i.Core.Args(i))
|
|
||||||
|
func (i IntegrationEnvoyV3) GlobalEnvs() ([]core.EnvVar, error) {
|
||||||
return options, nil
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (i IntegrationEnvoyV3) Volumes() ([]core.Volume, []core.VolumeMount, error) {
|
||||||
|
return nil, nil, nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,47 +29,93 @@ const (
|
||||||
ListenPortHealthName = "health"
|
ListenPortHealthName = "health"
|
||||||
)
|
)
|
||||||
|
|
||||||
func WithIntegrationEnvs(in Integration) ([]core.EnvVar, error) {
|
|
||||||
if v, ok := in.(IntegrationEnvs); ok {
|
|
||||||
return v.Envs()
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
type IntegrationEnvs interface {
|
|
||||||
Integration
|
|
||||||
Envs() ([]core.EnvVar, error)
|
|
||||||
}
|
|
||||||
|
|
||||||
func WithIntegrationVolumes(in Integration) ([]core.Volume, []core.VolumeMount, error) {
|
|
||||||
if v, ok := in.(IntegrationVolumes); ok {
|
|
||||||
return v.Volumes()
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil, nil, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
type IntegrationVolumes interface {
|
|
||||||
Integration
|
|
||||||
Volumes() ([]core.Volume, []core.VolumeMount, error)
|
|
||||||
}
|
|
||||||
|
|
||||||
type Integration interface {
|
type Integration interface {
|
||||||
Name() []string
|
Name() []string
|
||||||
Args() (k8sutil.OptionPairs, error)
|
Envs() ([]core.EnvVar, error)
|
||||||
|
GlobalEnvs() ([]core.EnvVar, error)
|
||||||
|
Volumes() ([]core.Volume, []core.VolumeMount, error)
|
||||||
Validate() error
|
Validate() error
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *schedulerIntegrationApi.Sidecar, coreContainers []string, integrations ...Integration) (*schedulerApi.ProfileTemplate, error) {
|
func NewShutdownAnnotations(coreContainers []string) *schedulerApi.ProfileTemplate {
|
||||||
|
pt := schedulerApi.ProfileTemplate{
|
||||||
|
Pod: &schedulerPodApi.Pod{
|
||||||
|
Metadata: &schedulerPodResourcesApi.Metadata{
|
||||||
|
Annotations: map[string]string{},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, container := range coreContainers {
|
||||||
|
pt.Pod.Metadata.Annotations[fmt.Sprintf("%s/%s", constants.AnnotationShutdownCoreContainer, container)] = constants.AnnotationShutdownCoreContainerModeWait
|
||||||
|
}
|
||||||
|
|
||||||
|
return &pt
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewIntegrationEnablement(integrations ...Integration) (*schedulerApi.ProfileTemplate, error) {
|
||||||
|
var envs, gEnvs []core.EnvVar
|
||||||
|
var volumes []core.Volume
|
||||||
|
var volumeMounts []core.VolumeMount
|
||||||
|
|
||||||
for _, integration := range integrations {
|
for _, integration := range integrations {
|
||||||
if err := integration.Validate(); err != nil {
|
|
||||||
name := strings.Join(integration.Name(), "/")
|
name := strings.Join(integration.Name(), "/")
|
||||||
|
|
||||||
|
if err := integration.Validate(); err != nil {
|
||||||
return nil, errors.Wrapf(err, "Failure in %s", name)
|
return nil, errors.Wrapf(err, "Failure in %s", name)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if lvolumes, lvolumeMounts, err := integration.Volumes(); err != nil {
|
||||||
|
return nil, errors.Wrapf(err, "Failure in volumes %s", name)
|
||||||
|
} else if len(lvolumes) > 0 || len(lvolumeMounts) > 0 {
|
||||||
|
volumes = append(volumes, lvolumes...)
|
||||||
|
volumeMounts = append(volumeMounts, lvolumeMounts...)
|
||||||
|
}
|
||||||
|
|
||||||
|
if lenvs, err := integration.Envs(); err != nil {
|
||||||
|
return nil, errors.Wrapf(err, "Failure in envs %s", name)
|
||||||
|
} else if len(lenvs) > 0 {
|
||||||
|
envs = append(envs, lenvs...)
|
||||||
|
}
|
||||||
|
|
||||||
|
if lgenvs, err := integration.GlobalEnvs(); err != nil {
|
||||||
|
return nil, errors.Wrapf(err, "Failure in global envs %s", name)
|
||||||
|
} else if len(lgenvs) > 0 {
|
||||||
|
gEnvs = append(gEnvs, lgenvs...)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if len(envs) == 0 && len(gEnvs) == 0 {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return &schedulerApi.ProfileTemplate{
|
||||||
|
Pod: &schedulerPodApi.Pod{
|
||||||
|
Volumes: &schedulerPodResourcesApi.Volumes{
|
||||||
|
Volumes: volumes,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Container: &schedulerApi.ProfileContainerTemplate{
|
||||||
|
Containers: map[string]schedulerContainerApi.Container{
|
||||||
|
ContainerName: {
|
||||||
|
Environments: &schedulerContainerResourcesApi.Environments{
|
||||||
|
Env: envs,
|
||||||
|
},
|
||||||
|
VolumeMounts: &schedulerContainerResourcesApi.VolumeMounts{
|
||||||
|
VolumeMounts: volumeMounts,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
All: &schedulerContainerApi.Generic{
|
||||||
|
Environments: &schedulerContainerResourcesApi.Environments{
|
||||||
|
Env: gEnvs,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *schedulerIntegrationApi.Sidecar) (*schedulerApi.ProfileTemplate, error) {
|
||||||
// Arguments
|
// Arguments
|
||||||
|
|
||||||
exePath := k8sutil.BinaryPath()
|
exePath := k8sutil.BinaryPath()
|
||||||
|
@ -83,10 +129,6 @@ func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *sc
|
||||||
options.Addf("--services.address", "127.0.0.1:%d", integration.GetListenPort())
|
options.Addf("--services.address", "127.0.0.1:%d", integration.GetListenPort())
|
||||||
options.Addf("--health.address", "0.0.0.0:%d", integration.GetControllerListenPort())
|
options.Addf("--health.address", "0.0.0.0:%d", integration.GetControllerListenPort())
|
||||||
|
|
||||||
// Volumes
|
|
||||||
var volumes []core.Volume
|
|
||||||
var volumeMounts []core.VolumeMount
|
|
||||||
|
|
||||||
// Envs
|
// Envs
|
||||||
|
|
||||||
var envs = []core.EnvVar{
|
var envs = []core.EnvVar{
|
||||||
|
@ -100,40 +142,6 @@ func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *sc
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, i := range integrations {
|
|
||||||
name := strings.Join(i.Name(), "/")
|
|
||||||
|
|
||||||
if err := i.Validate(); err != nil {
|
|
||||||
return nil, errors.Wrapf(err, "Failure in %s", name)
|
|
||||||
}
|
|
||||||
|
|
||||||
if args, err := i.Args(); err != nil {
|
|
||||||
return nil, errors.Wrapf(err, "Failure in arguments %s", name)
|
|
||||||
} else if len(args) > 0 {
|
|
||||||
options.Merge(args)
|
|
||||||
}
|
|
||||||
|
|
||||||
if lvolumes, lvolumeMounts, err := WithIntegrationVolumes(i); err != nil {
|
|
||||||
return nil, errors.Wrapf(err, "Failure in volumes %s", name)
|
|
||||||
} else if len(lvolumes) > 0 || len(lvolumeMounts) > 0 {
|
|
||||||
volumes = append(volumes, lvolumes...)
|
|
||||||
volumeMounts = append(volumeMounts, lvolumeMounts...)
|
|
||||||
}
|
|
||||||
|
|
||||||
if lenvs, err := WithIntegrationEnvs(i); err != nil {
|
|
||||||
return nil, errors.Wrapf(err, "Failure in envs %s", name)
|
|
||||||
} else if len(lenvs) > 0 {
|
|
||||||
envs = append(envs, lenvs...)
|
|
||||||
}
|
|
||||||
|
|
||||||
envs = append(envs, core.EnvVar{
|
|
||||||
Name: fmt.Sprintf("INTEGRATION_SERVICE_%s", strings.Join(util.FormatList(i.Name(), func(a string) string {
|
|
||||||
return strings.ToUpper(a)
|
|
||||||
}), "_")),
|
|
||||||
Value: fmt.Sprintf("127.0.0.1:%d", integration.GetListenPort()),
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
c := schedulerContainerApi.Container{
|
c := schedulerContainerApi.Container{
|
||||||
Core: &schedulerContainerResourcesApi.Core{
|
Core: &schedulerContainerResourcesApi.Core{
|
||||||
Command: append([]string{exePath, "integration"}, options.Sort().AsArgs()...),
|
Command: append([]string{exePath, "integration"}, options.Sort().AsArgs()...),
|
||||||
|
@ -175,14 +183,15 @@ func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *sc
|
||||||
FailureThreshold: 2, // Need 2 failed probes to consider a failed state
|
FailureThreshold: 2, // Need 2 failed probes to consider a failed state
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
||||||
VolumeMounts: &schedulerContainerResourcesApi.VolumeMounts{
|
|
||||||
VolumeMounts: volumeMounts,
|
|
||||||
},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pt := schedulerApi.ProfileTemplate{
|
pt := schedulerApi.ProfileTemplate{
|
||||||
Container: &schedulerApi.ProfileContainerTemplate{
|
Container: &schedulerApi.ProfileContainerTemplate{
|
||||||
|
All: &schedulerContainerApi.Generic{
|
||||||
|
Environments: &schedulerContainerResourcesApi.Environments{
|
||||||
|
Env: envs,
|
||||||
|
},
|
||||||
|
},
|
||||||
Containers: map[string]schedulerContainerApi.Container{
|
Containers: map[string]schedulerContainerApi.Container{
|
||||||
ContainerName: util.TypeOrDefault(k8sutil.CreateDefaultContainerTemplate(image).With(&c).With(integration.GetContainer())),
|
ContainerName: util.TypeOrDefault(k8sutil.CreateDefaultContainerTemplate(image).With(&c).With(integration.GetContainer())),
|
||||||
},
|
},
|
||||||
|
@ -191,24 +200,15 @@ func NewIntegration(image *schedulerContainerResourcesApi.Image, integration *sc
|
||||||
Metadata: &schedulerPodResourcesApi.Metadata{
|
Metadata: &schedulerPodResourcesApi.Metadata{
|
||||||
Annotations: map[string]string{},
|
Annotations: map[string]string{},
|
||||||
},
|
},
|
||||||
Volumes: &schedulerPodResourcesApi.Volumes{
|
|
||||||
Volumes: volumes,
|
|
||||||
},
|
},
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, container := range coreContainers {
|
|
||||||
pt.Pod.Metadata.Annotations[fmt.Sprintf("%s/%s", constants.AnnotationShutdownCoreContainer, container)] = constants.AnnotationShutdownCoreContainerModeWait
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pt.Pod.Metadata.Annotations[fmt.Sprintf("%s/%s", constants.AnnotationShutdownContainer, ContainerName)] = ListenPortHealthName
|
pt.Pod.Metadata.Annotations[fmt.Sprintf("%s/%s", constants.AnnotationShutdownContainer, ContainerName)] = ListenPortHealthName
|
||||||
pt.Pod.Metadata.Annotations[constants.AnnotationShutdownManagedContainer] = "true"
|
pt.Pod.Metadata.Annotations[constants.AnnotationShutdownManagedContainer] = "true"
|
||||||
|
|
||||||
pt.Container.Containers.ExtendContainers(&schedulerContainerApi.Container{
|
pt.Container.All.Environments = &schedulerContainerResourcesApi.Environments{
|
||||||
Environments: &schedulerContainerResourcesApi.Environments{
|
|
||||||
Env: envs,
|
Env: envs,
|
||||||
},
|
}
|
||||||
}, coreContainers...)
|
|
||||||
|
|
||||||
return &pt, nil
|
return &pt, nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
package sidecar
|
package sidecar
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util/k8sutil"
|
core "k8s.io/api/core/v1"
|
||||||
)
|
)
|
||||||
|
|
||||||
type IntegrationShutdownV1 struct {
|
type IntegrationShutdownV1 struct {
|
||||||
|
@ -36,12 +36,21 @@ func (i IntegrationShutdownV1) Validate() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (i IntegrationShutdownV1) Args() (k8sutil.OptionPairs, error) {
|
func (i IntegrationShutdownV1) Envs() ([]core.EnvVar, error) {
|
||||||
options := k8sutil.CreateOptionPairs()
|
var envs = []core.EnvVar{
|
||||||
|
{
|
||||||
|
Name: "INTEGRATION_SHUTDOWN_V1",
|
||||||
|
Value: "true",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
options.Add("--integration.shutdown.v1", true)
|
return i.Core.Envs(i, envs...), nil
|
||||||
|
}
|
||||||
options.Merge(i.Core.Args(i))
|
|
||||||
|
func (i IntegrationShutdownV1) GlobalEnvs() ([]core.EnvVar, error) {
|
||||||
return options, nil
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (i IntegrationShutdownV1) Volumes() ([]core.Volume, []core.VolumeMount, error) {
|
||||||
|
return nil, nil, nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,6 +26,7 @@ import (
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
|
|
||||||
"github.com/arangodb/kube-arangodb/pkg/ml/storage"
|
"github.com/arangodb/kube-arangodb/pkg/ml/storage"
|
||||||
|
"github.com/arangodb/kube-arangodb/pkg/util/errors"
|
||||||
"github.com/arangodb/kube-arangodb/pkg/util/svc"
|
"github.com/arangodb/kube-arangodb/pkg/util/svc"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -47,21 +48,19 @@ func (b *storageV1) Description() string {
|
||||||
return "StorageBucket Integration"
|
return "StorageBucket Integration"
|
||||||
}
|
}
|
||||||
|
|
||||||
func (b *storageV1) Register(cmd *cobra.Command, arg ArgGen) error {
|
func (b *storageV1) Register(cmd *cobra.Command, fs FlagEnvHandler) error {
|
||||||
f := cmd.Flags()
|
return errors.Errors(
|
||||||
|
fs.StringVar((*string)(&b.Configuration.Type), "type", string(storage.S3), "Type of the Storage Integration"),
|
||||||
f.StringVar((*string)(&b.Configuration.Type), arg("type"), string(storage.S3), "Type of the Storage Integration")
|
fs.StringVar(&b.Configuration.S3.Endpoint, "s3.endpoint", "", "Endpoint of S3 API implementation"),
|
||||||
f.StringVar(&b.Configuration.S3.Endpoint, arg("s3.endpoint"), "", "Endpoint of S3 API implementation")
|
fs.StringVar(&b.Configuration.S3.CACrtFile, "s3.ca-crt", "", "Path to file containing CA certificate to validate endpoint connection"),
|
||||||
f.StringVar(&b.Configuration.S3.CACrtFile, arg("s3.ca-crt"), "", "Path to file containing CA certificate to validate endpoint connection")
|
fs.StringVar(&b.Configuration.S3.CAKeyFile, "s3.ca-key", "", "Path to file containing keyfile to validate endpoint connection"),
|
||||||
f.StringVar(&b.Configuration.S3.CAKeyFile, arg("s3.ca-key"), "", "Path to file containing keyfile to validate endpoint connection")
|
fs.BoolVar(&b.Configuration.S3.AllowInsecure, "s3.allow-insecure", false, "If set to true, the Endpoint certificates won't be checked"),
|
||||||
f.BoolVar(&b.Configuration.S3.AllowInsecure, arg("s3.allow-insecure"), false, "If set to true, the Endpoint certificates won't be checked")
|
fs.BoolVar(&b.Configuration.S3.DisableSSL, "s3.disable-ssl", false, "If set to true, the SSL won't be used when connecting to Endpoint"),
|
||||||
f.BoolVar(&b.Configuration.S3.DisableSSL, arg("s3.disable-ssl"), false, "If set to true, the SSL won't be used when connecting to Endpoint")
|
fs.StringVar(&b.Configuration.S3.Region, "s3.region", "", "Region"),
|
||||||
f.StringVar(&b.Configuration.S3.Region, arg("s3.region"), "", "Region")
|
fs.StringVar(&b.Configuration.S3.BucketName, "s3.bucket", "", "Bucket name"),
|
||||||
f.StringVar(&b.Configuration.S3.BucketName, arg("s3.bucket"), "", "Bucket name")
|
fs.StringVar(&b.Configuration.S3.AccessKeyFile, "s3.access-key", "", "Path to file containing S3 AccessKey"),
|
||||||
f.StringVar(&b.Configuration.S3.AccessKeyFile, arg("s3.access-key"), "", "Path to file containing S3 AccessKey")
|
fs.StringVar(&b.Configuration.S3.SecretKeyFile, "s3.secret-key", "", "Path to file containing S3 SecretKey"),
|
||||||
f.StringVar(&b.Configuration.S3.SecretKeyFile, arg("s3.secret-key"), "", "Path to file containing S3 SecretKey")
|
)
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (b *storageV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) {
|
func (b *storageV1) Handler(ctx context.Context, cmd *cobra.Command) (svc.Handler, error) {
|
||||||
|
|
Loading…
Reference in a new issue