mirror of
https://github.com/arangodb/kube-arangodb.git
synced 2024-12-14 11:57:37 +00:00
Adam Janikowski
GitHub
parent
a13b5bbebb
commit
f9b9670f25
7 changed files with 12 additions and 68 deletions
|
|
@ -1,8 +1,6 @@
|
|||
# Change Log
|
||||
|
||||
## [master](https://github.com/arangodb/kube-arangodb/tree/master) (N/A)
|
||||
- Change NumberOfCores and MemoryOverride flags to be set to true by default
|
||||
- Enable by default and promote to Production Ready - JWT Rotation Feature, TLS Rotation Feature
|
||||
|
||||
## [1.0.7](https://github.com/arangodb/kube-arangodb/tree/1.0.7) (2020-09-09)
|
||||
- Always use JWT Authorized requests in internal communication
|
||||
|
|
|
|||
|
|
@ -77,9 +77,7 @@ Feature-wise production readiness table:
|
|||
| Operator Single Mode | 1.0.4 | Any | Community, Enterprise | Production | False | --mode.single | Only 1 instance of Operator allowed in namespace when feature is enabled |
|
||||
| TLS SNI Support | 1.0.3 | >= 3.7.0 | Enterprise | Production | True | --deployment.feature.tls-sni | N/A |
|
||||
| TLS Runtime Rotation Support | 1.0.4 | > 3.7.0 | Enterprise | Alpha | False | --deployment.feature.tls-rotation | N/A |
|
||||
| TLS Runtime Rotation Support | 1.1.0 | > 3.7.0 | Enterprise | Production | True | --deployment.feature.tls-rotation | N/A |
|
||||
| JWT Rotation Support | 1.0.4 | > 3.7.0 | Enterprise | Alpha | False | --deployment.feature.jwt-rotation | N/A |
|
||||
| JWT Rotation Support | 1.1.0 | > 3.7.0 | Enterprise | Production | True | --deployment.feature.jwt-rotation | N/A |
|
||||
| Encryption Key Rotation Support | 1.0.4 | > 3.7.0 | Enterprise | Alpha | False | --deployment.feature.encryption-rotation | N/A |
|
||||
| Operator Maintenance Management Support | 1.0.7 | >= 3.5.0 | Community, Enterprise | Alpha | False | --deployment.feature.maintenance | N/A |
|
||||
|
||||
|
|
|
|||
|
|
@ -373,7 +373,7 @@ func (s ServerGroupSpec) GetProbesSpec() ServerGroupProbesSpec {
|
|||
// GetOverrideDetectedTotalMemory returns OverrideDetectedTotalMemory with default value (false)
|
||||
func (s ServerGroupSpec) GetOverrideDetectedTotalMemory() bool {
|
||||
if s.OverrideDetectedTotalMemory == nil {
|
||||
return true
|
||||
return false
|
||||
}
|
||||
|
||||
return *s.OverrideDetectedTotalMemory
|
||||
|
|
@ -382,7 +382,7 @@ func (s ServerGroupSpec) GetOverrideDetectedTotalMemory() bool {
|
|||
// OverrideDetectedNumberOfCores returns OverrideDetectedNumberOfCores with default value (false)
|
||||
func (s ServerGroupSpec) GetOverrideDetectedNumberOfCores() bool {
|
||||
if s.OverrideDetectedNumberOfCores == nil {
|
||||
return true
|
||||
return false
|
||||
}
|
||||
|
||||
return *s.OverrideDetectedNumberOfCores
|
||||
|
|
|
|||
|
|
@ -367,7 +367,6 @@ func TestEnsurePod_ArangoDB_Core(t *testing.T) {
|
|||
LivenessProbe: createTestLivenessProbe(httpProbe, false, "", k8sutil.ArangoPort),
|
||||
ImagePullPolicy: core.PullIfNotPresent,
|
||||
SecurityContext: securityContext.NewSecurityContext(),
|
||||
Env: withDefaultEnvs(t, resourcesUnfiltered),
|
||||
},
|
||||
},
|
||||
RestartPolicy: core.RestartPolicyNever,
|
||||
|
|
@ -424,7 +423,6 @@ func TestEnsurePod_ArangoDB_Core(t *testing.T) {
|
|||
LivenessProbe: createTestLivenessProbe(httpProbe, false, "", k8sutil.ArangoPort),
|
||||
ImagePullPolicy: core.PullIfNotPresent,
|
||||
SecurityContext: securityContext.NewSecurityContext(),
|
||||
Env: withDefaultEnvs(t, resourcesUnfiltered),
|
||||
},
|
||||
},
|
||||
RestartPolicy: core.RestartPolicyNever,
|
||||
|
|
@ -482,7 +480,6 @@ func TestEnsurePod_ArangoDB_Core(t *testing.T) {
|
|||
LivenessProbe: createTestLivenessProbe(httpProbe, false, "", k8sutil.ArangoPort),
|
||||
ImagePullPolicy: core.PullIfNotPresent,
|
||||
SecurityContext: securityContext.NewSecurityContext(),
|
||||
Env: withDefaultEnvs(t, resourcesUnfiltered),
|
||||
},
|
||||
},
|
||||
RestartPolicy: core.RestartPolicyNever,
|
||||
|
|
|
|||
|
|
@ -35,63 +35,13 @@ import (
|
|||
core "k8s.io/api/core/v1"
|
||||
)
|
||||
|
||||
type envFunc func() []core.EnvVar
|
||||
|
||||
func withEnvs(t *testing.T, f ...envFunc) []core.EnvVar {
|
||||
var e []core.EnvVar
|
||||
|
||||
for _, c := range f {
|
||||
e = append(e, c()...)
|
||||
}
|
||||
|
||||
return e
|
||||
}
|
||||
|
||||
func withDefaultEnvs(t *testing.T, requirements core.ResourceRequirements, f ...envFunc) []core.EnvVar {
|
||||
var q []envFunc
|
||||
|
||||
q = append(q, resourceLimitAsEnv(t, requirements))
|
||||
|
||||
q = append(q, f...)
|
||||
|
||||
return withEnvs(t, q...)
|
||||
}
|
||||
|
||||
func resourceLimitAsEnv(t *testing.T, requirements core.ResourceRequirements) envFunc {
|
||||
return func() []core.EnvVar {
|
||||
var e []core.EnvVar
|
||||
if _, ok := requirements.Limits[core.ResourceMemory]; ok {
|
||||
e = append(e, resourceMemoryLimitAsEnv(t, requirements)()...)
|
||||
}
|
||||
if _, ok := requirements.Limits[core.ResourceCPU]; ok {
|
||||
e = append(e, resourceCPULimitAsEnv(t, requirements)()...)
|
||||
}
|
||||
return e
|
||||
}
|
||||
}
|
||||
|
||||
func resourceMemoryLimitAsEnv(t *testing.T, requirements core.ResourceRequirements) envFunc {
|
||||
func resourceLimitAsEnv(t *testing.T, requirements core.ResourceRequirements) core.EnvVar {
|
||||
value, ok := requirements.Limits[core.ResourceMemory]
|
||||
require.True(t, ok)
|
||||
return func() []core.EnvVar {
|
||||
return []core.EnvVar{{
|
||||
Name: resources.ArangoDBOverrideDetectedTotalMemoryEnv,
|
||||
Value: fmt.Sprintf("%d", value.Value()),
|
||||
},
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func resourceCPULimitAsEnv(t *testing.T, requirements core.ResourceRequirements) envFunc {
|
||||
value, ok := requirements.Limits[core.ResourceCPU]
|
||||
require.True(t, ok)
|
||||
|
||||
return func() []core.EnvVar {
|
||||
return []core.EnvVar{{
|
||||
Name: resources.ArangoDBOverrideDetectedNumberOfCoresEnv,
|
||||
Value: fmt.Sprintf("%d", value.Value()),
|
||||
},
|
||||
}
|
||||
return core.EnvVar{
|
||||
Name: resources.ArangoDBOverrideDetectedTotalMemoryEnv,
|
||||
Value: fmt.Sprintf("%d", value.Value()),
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -141,7 +91,6 @@ func TestEnsurePod_ArangoDB_Resources(t *testing.T) {
|
|||
LivenessProbe: createTestLivenessProbe(httpProbe, false, "", k8sutil.ArangoPort),
|
||||
ImagePullPolicy: core.PullIfNotPresent,
|
||||
SecurityContext: securityContext.NewSecurityContext(),
|
||||
Env: withDefaultEnvs(t, resourcesUnfiltered),
|
||||
},
|
||||
},
|
||||
RestartPolicy: core.RestartPolicyNever,
|
||||
|
|
@ -163,7 +112,7 @@ func TestEnsurePod_ArangoDB_Resources(t *testing.T) {
|
|||
TLS: noTLS,
|
||||
DBServers: api.ServerGroupSpec{
|
||||
Resources: resourcesUnfiltered,
|
||||
OverrideDetectedTotalMemory: util.NewBool(false),
|
||||
OverrideDetectedTotalMemory: util.NewBool(true),
|
||||
},
|
||||
},
|
||||
},
|
||||
|
|
@ -196,7 +145,9 @@ func TestEnsurePod_ArangoDB_Resources(t *testing.T) {
|
|||
VolumeMounts: []core.VolumeMount{
|
||||
k8sutil.ArangodVolumeMount(),
|
||||
},
|
||||
Env: withEnvs(t, resourceCPULimitAsEnv(t, resourcesUnfiltered)),
|
||||
Env: []core.EnvVar{
|
||||
resourceLimitAsEnv(t, resourcesUnfiltered),
|
||||
},
|
||||
LivenessProbe: createTestLivenessProbe(httpProbe, false, "", k8sutil.ArangoPort),
|
||||
ImagePullPolicy: core.PullIfNotPresent,
|
||||
SecurityContext: securityContext.NewSecurityContext(),
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ var jwtRotation = &feature{
|
|||
description: "JWT Token rotation in runtime",
|
||||
version: "3.7.0",
|
||||
enterpriseRequired: true,
|
||||
enabledByDefault: true,
|
||||
enabledByDefault: false,
|
||||
}
|
||||
|
||||
func JWTRotation() Feature {
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ var tlsRotation Feature = &feature{
|
|||
description: "TLS Keyfile rotation in runtime",
|
||||
version: "3.7.0",
|
||||
enterpriseRequired: true,
|
||||
enabledByDefault: true,
|
||||
enabledByDefault: false,
|
||||
}
|
||||
|
||||
func TLSRotation() Feature {
|
||||
|
|
|
|||
Loading…
Reference in a new issue