From 830df33e14d8c2b2b97355247ab04d12f9afc65b Mon Sep 17 00:00:00 2001 From: Rudro-25 Date: Mon, 7 Oct 2024 11:23:36 +0600 Subject: [PATCH 1/3] Add reconfigure tls for zookeeper Signed-off-by: Rudro-25 --- apis/kubedb/constants.go | 27 ++++ apis/kubedb/v1alpha2/openapi_generated.go | 28 ++++- apis/kubedb/v1alpha2/zookeeper_helpers.go | 52 ++++++++ apis/kubedb/v1alpha2/zookeeper_types.go | 32 +++++ apis/kubedb/v1alpha2/zz_generated.deepcopy.go | 10 ++ apis/ops/v1alpha1/openapi_generated.go | 19 +++ apis/ops/v1alpha1/zookeeper_ops_types.go | 10 +- apis/ops/v1alpha1/zookeeper_ops_types_enum.go | 17 +++ apis/ops/v1alpha1/zz_generated.deepcopy.go | 13 ++ crds/kubedb.com_zookeepers.yaml | 116 ++++++++++++++++++ crds/ops.kubedb.com_zookeeperopsrequests.yaml | 113 +++++++++++++++++ 11 files changed, 432 insertions(+), 5 deletions(-) diff --git a/apis/kubedb/constants.go b/apis/kubedb/constants.go index 19bfafa52f..901170f5f4 100644 --- a/apis/kubedb/constants.go +++ b/apis/kubedb/constants.go @@ -621,6 +621,9 @@ const ( KubeDBZooKeeperRoleName = "kubedb:zookeeper-version-reader" KubeDBZooKeeperRoleBindingName = "kubedb:zookeeper-version-reader" ZooKeeperClientPortName = "client" + ZooKeeperNodeRolesCombined = "controller,broker" + ZooKeeperNodeRolesBrokers = "broker" + ZooKeeperNodeRolesController = "controller" ZooKeeperClientPort = 2181 ZooKeeperQuorumPortName = "quorum" ZooKeeperQuorumPort = 2888 @@ -629,22 +632,46 @@ const ( ZooKeeperMetricsPortName = "metrics" ZooKeeperMetricsPort = 7000 ZooKeeperAdminServerPortName = "admin-server" + ZooKeeperSecureClientPortName = "secure-client" ZooKeeperAdminServerPort = 8080 + ZooKeeperSecureClientPort = 2182 ZooKeeperNode = "/kubedb_health_checker_node" ZooKeeperData = "kubedb_health_checker_data" ZooKeeperConfigVolumeName = "zookeeper-config" ZooKeeperConfigVolumePath = "/conf" + ZooKeeperVolumeTempConfig = "temp-config" + ZooKeeperVolumeCustomConfig = "custom-config" ZooKeeperDataVolumeName = "data" ZooKeeperDataVolumePath = "/data" ZooKeeperScriptVolumeName = "script-vol" ZooKeeperScriptVolumePath = "/scripts" ZooKeeperContainerName = "zookeeper" + ZooKeeperUserAdmin = "admin" ZooKeeperInitContainerName = "zookeeper" + "-init" ZooKeeperConfigFileName = "zoo.cfg" ZooKeeperLog4jPropertiesFileName = "log4j.properties" ZooKeeperLog4jQuietPropertiesFileName = "log4j-quiet.properties" + ZooKeeperCertDir = "/var/private/ssl" + ZooKeeperKeyStoreDir = "/var/private/ssl/server.keystore.jks" + ZooKeeperTrustStoreDir = "/var/private/ssl/server.truststore.jks" + + ZooKeeperKeystoreKey = "keystore.jks" + ZooKeeperTruststoreKey = "truststore.jks" + ZooKeeperServerKeystoreKey = "server.keystore.jks" + ZooKeeperServerTruststoreKey = "server.truststore.jks" + ZooKeeperKeyPassword = "ssl.key.password" + ZooKeeperKeystorePasswordKey = "ssl.quorum.keyStore.password" + ZooKeeperTruststorePasswordKey = "ssl.quorum.trustStore.password" + ZooKeeperKeystoreLocationKey = "ssl.quorum.keyStore.location" + ZooKeeperTruststoreLocationKey = "ssl.quorum.trustStore.location" + + ZooKeeperSSLPropertiesFileName = "ssl.properties" + ZooKeeperBrokerCustomConfigFileName = "broker.properties" + ZooKeeperControllerCustomConfigFileName = "controller.properties" + ZooKeeperClientAuthConfigFileName = "clientauth.properties" + EnvZooKeeperDomain = "DOMAIN" EnvZooKeeperQuorumPort = "QUORUM_PORT" EnvZooKeeperLeaderPort = "LEADER_PORT" diff --git a/apis/kubedb/v1alpha2/openapi_generated.go b/apis/kubedb/v1alpha2/openapi_generated.go index 2428653d5a..9ba79120cd 100644 --- a/apis/kubedb/v1alpha2/openapi_generated.go +++ b/apis/kubedb/v1alpha2/openapi_generated.go @@ -35180,12 +35180,26 @@ func schema_apimachinery_apis_kubedb_v1alpha2_ZooKeeperSpec(ref common.Reference Format: "int32", }, }, + "clientSecurePort": { + SchemaProps: spec.SchemaProps{ + Default: 0, + Type: []string{"integer"}, + Format: "int32", + }, + }, "storage": { SchemaProps: spec.SchemaProps{ Description: "Storage to specify how storage shall be used.", Ref: ref("k8s.io/api/core/v1.PersistentVolumeClaimSpec"), }, }, + "enableSSL": { + SchemaProps: spec.SchemaProps{ + Description: "To enable ssl for http layer", + Type: []string{"boolean"}, + Format: "", + }, + }, "disableAuth": { SchemaProps: spec.SchemaProps{ Description: "If disable Auth true then don't create any auth secret", @@ -35205,6 +35219,18 @@ func schema_apimachinery_apis_kubedb_v1alpha2_ZooKeeperSpec(ref common.Reference Ref: ref("k8s.io/api/core/v1.LocalObjectReference"), }, }, + "keystoreCredSecret": { + SchemaProps: spec.SchemaProps{ + Description: "Keystore encryption secret", + Ref: ref("kubedb.dev/apimachinery/apis/kubedb/v1alpha2.SecretReference"), + }, + }, + "tls": { + SchemaProps: spec.SchemaProps{ + Description: "TLS contains tls configurations", + Ref: ref("kmodules.xyz/client-go/api/v1.TLSConfig"), + }, + }, "podTemplate": { SchemaProps: spec.SchemaProps{ Description: "PodTemplate is an optional configuration for pods used to expose database", @@ -35258,7 +35284,7 @@ func schema_apimachinery_apis_kubedb_v1alpha2_ZooKeeperSpec(ref common.Reference }, }, Dependencies: []string{ - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "kmodules.xyz/client-go/api/v1.HealthCheckSpec", "kmodules.xyz/monitoring-agent-api/api/v1.AgentSpec", "kmodules.xyz/offshoot-api/api/v2.PodTemplateSpec", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.NamedServiceTemplateSpec", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.SecretReference"}, + "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/api/core/v1.PersistentVolumeClaimSpec", "kmodules.xyz/client-go/api/v1.HealthCheckSpec", "kmodules.xyz/client-go/api/v1.TLSConfig", "kmodules.xyz/monitoring-agent-api/api/v1.AgentSpec", "kmodules.xyz/offshoot-api/api/v2.PodTemplateSpec", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.NamedServiceTemplateSpec", "kubedb.dev/apimachinery/apis/kubedb/v1alpha2.SecretReference"}, } } diff --git a/apis/kubedb/v1alpha2/zookeeper_helpers.go b/apis/kubedb/v1alpha2/zookeeper_helpers.go index 9edb2999e7..5bd4730eff 100644 --- a/apis/kubedb/v1alpha2/zookeeper_helpers.go +++ b/apis/kubedb/v1alpha2/zookeeper_helpers.go @@ -19,6 +19,7 @@ package v1alpha2 import ( "context" "fmt" + "strings" "kubedb.dev/apimachinery/apis" catalog "kubedb.dev/apimachinery/apis/catalog/v1alpha1" @@ -32,6 +33,7 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" "k8s.io/klog/v2" + kmapi "kmodules.xyz/client-go/api/v1" "kmodules.xyz/client-go/apiextensions" coreutil "kmodules.xyz/client-go/core/v1" meta_util "kmodules.xyz/client-go/meta" @@ -145,6 +147,21 @@ func (z *ZooKeeper) GetAuthSecretName() string { return meta_util.NameWithSuffix(z.OffshootName(), "auth") } +func (z *ZooKeeper) GetKeystoreSecretName() string { + if z.Spec.KeystoreCredSecret != nil && z.Spec.KeystoreCredSecret.Name != "" { + return z.Spec.KeystoreCredSecret.Name + } + return meta_util.NameWithSuffix(z.OffshootName(), "keystore-cred") +} + +func (k *ZooKeeper) DefaultUserCredSecretName(username string) string { + return meta_util.NameWithSuffix(k.Name, strings.ReplaceAll(fmt.Sprintf("%s-cred", username), "_", "-")) +} + +func (z *ZooKeeper) DefaultKeystoreCredSecretName() string { + return meta_util.NameWithSuffix(z.Name, strings.ReplaceAll("keystore-cred", "_", "-")) +} + func (z *ZooKeeper) GetPersistentSecrets() []string { if z == nil { return nil @@ -204,6 +221,10 @@ func (z *ZooKeeper) SetDefaults() { apis.SetDefaultResourceLimits(&initContainer.Resources, kubedb.DefaultInitContainerResource) } + if z.Spec.EnableSSL { + z.SetTLSDefaults() + } + z.SetHealthCheckerDefaults() if z.Spec.Monitor != nil { if z.Spec.Monitor.Prometheus == nil { @@ -216,6 +237,14 @@ func (z *ZooKeeper) SetDefaults() { } } +func (z *ZooKeeper) SetTLSDefaults() { + if z.Spec.TLS == nil || z.Spec.TLS.IssuerRef == nil { + return + } + z.Spec.TLS.Certificates = kmapi.SetMissingSecretNameForCertificate(z.Spec.TLS.Certificates, string(ZooKeeperServerCert), z.CertificateName(ZooKeeperServerCert)) + z.Spec.TLS.Certificates = kmapi.SetMissingSecretNameForCertificate(z.Spec.TLS.Certificates, string(ZooKeeperClientCert), z.CertificateName(ZooKeeperClientCert)) +} + func (z *ZooKeeper) setDefaultContainerSecurityContext(zkVersion *catalog.ZooKeeperVersion, podTemplate *ofst.PodTemplateSpec) { if podTemplate == nil { return @@ -347,3 +376,26 @@ func (z *ZooKeeper) ReplicasAreReady(lister pslister.PetSetLister) (bool, string expectedItems := 1 return checkReplicasOfPetSet(lister.PetSets(z.Namespace), labels.SelectorFromSet(z.OffshootLabels()), expectedItems) } + +// CertificateName returns the default certificate name and/or certificate secret name for a certificate alias +func (z *ZooKeeper) CertificateName(alias ZooKeeperCertificateAlias) string { + return meta_util.NameWithSuffix(z.Name, fmt.Sprintf("%s-cert", string(alias))) +} + +// GetCertSecretName returns the secret name for a certificate alias if any, +// otherwise returns default certificate secret name for the given alias. +func (z *ZooKeeper) GetCertSecretName(alias ZooKeeperCertificateAlias) string { + if z.Spec.TLS != nil { + name, ok := kmapi.GetCertificateSecretName(z.Spec.TLS.Certificates, string(alias)) + if ok { + return name + } + } + return z.CertificateName(alias) +} + +// CertSecretVolumeName returns the CertSecretVolumeName +// Values will be like: client-certs, server-certs etc. +func (k *ZooKeeper) CertSecretVolumeName(alias ZooKeeperCertificateAlias) string { + return string(alias) + "-certs" +} diff --git a/apis/kubedb/v1alpha2/zookeeper_types.go b/apis/kubedb/v1alpha2/zookeeper_types.go index 2e09dd2411..661a5feea7 100644 --- a/apis/kubedb/v1alpha2/zookeeper_types.go +++ b/apis/kubedb/v1alpha2/zookeeper_types.go @@ -65,9 +65,16 @@ type ZooKeeperSpec struct { // +kubebuilder:default=8080 AdminServerPort int32 `json:"adminServerPort"` + // +optional + // +kubebuilder:default=2182 + ClientSecurePort int32 `json:"clientSecurePort"` + // Storage to specify how storage shall be used. Storage *core.PersistentVolumeClaimSpec `json:"storage,omitempty"` + // To enable ssl for http layer + EnableSSL bool `json:"enableSSL,omitempty"` + // If disable Auth true then don't create any auth secret // +optional DisableAuth bool `json:"disableAuth,omitempty"` @@ -81,6 +88,14 @@ type ZooKeeperSpec struct { // +optional ConfigSecret *core.LocalObjectReference `json:"configSecret,omitempty"` + // Keystore encryption secret + // +optional + KeystoreCredSecret *SecretReference `json:"keystoreCredSecret,omitempty"` + + // TLS contains tls configurations + // +optional + TLS *kmapi.TLSConfig `json:"tls,omitempty"` + // PodTemplate is an optional configuration for pods used to expose database // +optional PodTemplate ofst.PodTemplateSpec `json:"podTemplate,omitempty"` @@ -121,6 +136,14 @@ type ZooKeeperStatus struct { Conditions []kmapi.Condition `json:"conditions,omitempty"` } +// +kubebuilder:validation:Enum=server;client +type ZooKeeperCertificateAlias string + +const ( + ZooKeeperServerCert ZooKeeperCertificateAlias = "server" + ZooKeeperClientCert ZooKeeperCertificateAlias = "client" +) + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object type ZooKeeperList struct { @@ -128,3 +151,12 @@ type ZooKeeperList struct { metav1.ListMeta `json:"metadata,omitempty"` Items []ZooKeeper `json:"items"` } + +// +kubebuilder:validation:Enum=controller;broker;combined +type ZooKeeperNodeRoleType string + +const ( + ZooKeeperNodeRoleController ZooKeeperNodeRoleType = "controller" + ZooKeeperNodeRoleBroker ZooKeeperNodeRoleType = "broker" + ZooKeeperNodeRoleCombined ZooKeeperNodeRoleType = "combined" +) diff --git a/apis/kubedb/v1alpha2/zz_generated.deepcopy.go b/apis/kubedb/v1alpha2/zz_generated.deepcopy.go index 7e98f2fd00..d45c76b78d 100644 --- a/apis/kubedb/v1alpha2/zz_generated.deepcopy.go +++ b/apis/kubedb/v1alpha2/zz_generated.deepcopy.go @@ -5817,6 +5817,16 @@ func (in *ZooKeeperSpec) DeepCopyInto(out *ZooKeeperSpec) { *out = new(corev1.LocalObjectReference) **out = **in } + if in.KeystoreCredSecret != nil { + in, out := &in.KeystoreCredSecret, &out.KeystoreCredSecret + *out = new(SecretReference) + **out = **in + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(apiv1.TLSConfig) + (*in).DeepCopyInto(*out) + } in.PodTemplate.DeepCopyInto(&out.PodTemplate) if in.ServiceTemplates != nil { in, out := &in.ServiceTemplates, &out.ServiceTemplates diff --git a/apis/ops/v1alpha1/openapi_generated.go b/apis/ops/v1alpha1/openapi_generated.go index 144f536563..9cfc155aaa 100644 --- a/apis/ops/v1alpha1/openapi_generated.go +++ b/apis/ops/v1alpha1/openapi_generated.go @@ -33549,9 +33549,15 @@ func schema_apimachinery_apis_ops_v1alpha1_ZooKeeperHorizontalScalingSpec(ref co Description: "ZooKeeperHorizontalScalingSpec contains the horizontal scaling information of a ZooKeeper cluster", Type: []string{"object"}, Properties: map[string]spec.Schema{ +<<<<<<< HEAD "replicas": { SchemaProps: spec.SchemaProps{ Description: "Number of replicas", +======= + "node": { + SchemaProps: spec.SchemaProps{ + Description: "Number of node", +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) Type: []string{"integer"}, Format: "int32", }, @@ -33709,6 +33715,15 @@ func schema_apimachinery_apis_ops_v1alpha1_ZooKeeperOpsRequestSpec(ref common.Re Ref: ref("kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperCustomConfigurationSpec"), }, }, +<<<<<<< HEAD +======= + "tls": { + SchemaProps: spec.SchemaProps{ + Description: "Specifies information necessary for configuring TLS", + Ref: ref("kubedb.dev/apimachinery/apis/ops/v1alpha1.TLSSpec"), + }, + }, +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) "restart": { SchemaProps: spec.SchemaProps{ Description: "Specifies information necessary for restarting database", @@ -33733,7 +33748,11 @@ func schema_apimachinery_apis_ops_v1alpha1_ZooKeeperOpsRequestSpec(ref common.Re }, }, Dependencies: []string{ +<<<<<<< HEAD "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Duration", "kubedb.dev/apimachinery/apis/ops/v1alpha1.RestartSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperCustomConfigurationSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperHorizontalScalingSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperUpdateVersionSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperVerticalScalingSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperVolumeExpansionSpec"}, +======= + "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Duration", "kubedb.dev/apimachinery/apis/ops/v1alpha1.RestartSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.TLSSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperCustomConfigurationSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperHorizontalScalingSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperUpdateVersionSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperVerticalScalingSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperVolumeExpansionSpec"}, +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) } } diff --git a/apis/ops/v1alpha1/zookeeper_ops_types.go b/apis/ops/v1alpha1/zookeeper_ops_types.go index 06c3c8ee02..43ea27107c 100644 --- a/apis/ops/v1alpha1/zookeeper_ops_types.go +++ b/apis/ops/v1alpha1/zookeeper_ops_types.go @@ -49,8 +49,8 @@ type ZooKeeperOpsRequest struct { Status OpsRequestStatus `json:"status,omitempty"` } -// +kubebuilder:validation:Enum=UpdateVersion;HorizontalScaling;VerticalScaling;VolumeExpansion;Restart;Reconfigure -// ENUM(UpdateVersion, HorizontalScaling, VerticalScaling, VolumeExpansion, Restart, Reconfigure) +// +kubebuilder:validation:Enum=UpdateVersion;HorizontalScaling;VerticalScaling;VolumeExpansion;Restart;Reconfigure;ReconfigureTLS +// ENUM(UpdateVersion, HorizontalScaling, VerticalScaling, VolumeExpansion, Restart, Reconfigure, ReconfigureTLS) type ZooKeeperOpsRequestType string // ZooKeeperOpsRequestSpec is the spec for ZooKeeperOpsRequest @@ -69,6 +69,8 @@ type ZooKeeperOpsRequestSpec struct { VolumeExpansion *ZooKeeperVolumeExpansionSpec `json:"volumeExpansion,omitempty"` // Specifies information necessary for custom configuration of zookeeper Configuration *ZooKeeperCustomConfigurationSpec `json:"configuration,omitempty"` + // Specifies information necessary for configuring TLS + TLS *TLSSpec `json:"tls,omitempty"` // Specifies information necessary for restarting database Restart *RestartSpec `json:"restart,omitempty"` // Timeout for each step of the ops request in second. If a step doesn't finish within the specified timeout, the ops request will result in failure. @@ -90,8 +92,8 @@ type ZooKeeperReplicaReadinessCriteria struct{} // ZooKeeperHorizontalScalingSpec contains the horizontal scaling information of a ZooKeeper cluster type ZooKeeperHorizontalScalingSpec struct { - // Number of replicas - Replicas *int32 `json:"replicas,omitempty"` + // Number of node + Node *int32 `json:"node,omitempty"` } // ZooKeeperVerticalScalingSpec contains the vertical scaling information of a ZooKeeper cluster diff --git a/apis/ops/v1alpha1/zookeeper_ops_types_enum.go b/apis/ops/v1alpha1/zookeeper_ops_types_enum.go index 52a742705c..c301ba4d80 100644 --- a/apis/ops/v1alpha1/zookeeper_ops_types_enum.go +++ b/apis/ops/v1alpha1/zookeeper_ops_types_enum.go @@ -24,6 +24,11 @@ const ( ZooKeeperOpsRequestTypeRestart ZooKeeperOpsRequestType = "Restart" // ZooKeeperOpsRequestTypeReconfigure is a ZooKeeperOpsRequestType of type Reconfigure. ZooKeeperOpsRequestTypeReconfigure ZooKeeperOpsRequestType = "Reconfigure" +<<<<<<< HEAD +======= + // ZooKeeperOpsRequestTypeReconfigureTLS is a ZooKeeperOpsRequestType of type ReconfigureTLS. + ZooKeeperOpsRequestTypeReconfigureTLS ZooKeeperOpsRequestType = "ReconfigureTLS" +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) ) var ErrInvalidZooKeeperOpsRequestType = fmt.Errorf("not a valid ZooKeeperOpsRequestType, try [%s]", strings.Join(_ZooKeeperOpsRequestTypeNames, ", ")) @@ -35,6 +40,10 @@ var _ZooKeeperOpsRequestTypeNames = []string{ string(ZooKeeperOpsRequestTypeVolumeExpansion), string(ZooKeeperOpsRequestTypeRestart), string(ZooKeeperOpsRequestTypeReconfigure), +<<<<<<< HEAD +======= + string(ZooKeeperOpsRequestTypeReconfigureTLS), +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) } // ZooKeeperOpsRequestTypeNames returns a list of possible string values of ZooKeeperOpsRequestType. @@ -53,6 +62,10 @@ func ZooKeeperOpsRequestTypeValues() []ZooKeeperOpsRequestType { ZooKeeperOpsRequestTypeVolumeExpansion, ZooKeeperOpsRequestTypeRestart, ZooKeeperOpsRequestTypeReconfigure, +<<<<<<< HEAD +======= + ZooKeeperOpsRequestTypeReconfigureTLS, +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) } } @@ -75,6 +88,10 @@ var _ZooKeeperOpsRequestTypeValue = map[string]ZooKeeperOpsRequestType{ "VolumeExpansion": ZooKeeperOpsRequestTypeVolumeExpansion, "Restart": ZooKeeperOpsRequestTypeRestart, "Reconfigure": ZooKeeperOpsRequestTypeReconfigure, +<<<<<<< HEAD +======= + "ReconfigureTLS": ZooKeeperOpsRequestTypeReconfigureTLS, +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) } // ParseZooKeeperOpsRequestType attempts to convert a string to a ZooKeeperOpsRequestType. diff --git a/apis/ops/v1alpha1/zz_generated.deepcopy.go b/apis/ops/v1alpha1/zz_generated.deepcopy.go index d6a5fa76b4..dd16b6edbe 100644 --- a/apis/ops/v1alpha1/zz_generated.deepcopy.go +++ b/apis/ops/v1alpha1/zz_generated.deepcopy.go @@ -5912,8 +5912,13 @@ func (in *ZooKeeperCustomConfigurationSpec) DeepCopy() *ZooKeeperCustomConfigura // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ZooKeeperHorizontalScalingSpec) DeepCopyInto(out *ZooKeeperHorizontalScalingSpec) { *out = *in +<<<<<<< HEAD if in.Replicas != nil { in, out := &in.Replicas, &out.Replicas +======= + if in.Node != nil { + in, out := &in.Node, &out.Node +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) *out = new(int32) **out = **in } @@ -6020,6 +6025,14 @@ func (in *ZooKeeperOpsRequestSpec) DeepCopyInto(out *ZooKeeperOpsRequestSpec) { *out = new(ZooKeeperCustomConfigurationSpec) (*in).DeepCopyInto(*out) } +<<<<<<< HEAD +======= + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(TLSSpec) + (*in).DeepCopyInto(*out) + } +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) if in.Restart != nil { in, out := &in.Restart, &out.Restart *out = new(RestartSpec) diff --git a/crds/kubedb.com_zookeepers.yaml b/crds/kubedb.com_zookeepers.yaml index b8de8e77f8..d21fa2d7d5 100644 --- a/crds/kubedb.com_zookeepers.yaml +++ b/crds/kubedb.com_zookeepers.yaml @@ -59,6 +59,10 @@ spec: type: string type: object x-kubernetes-map-type: atomic + clientSecurePort: + default: 2182 + format: int32 + type: integer configSecret: properties: name: @@ -75,6 +79,8 @@ spec: type: string disableAuth: type: boolean + enableSSL: + type: boolean halted: type: boolean healthChecker: @@ -98,6 +104,15 @@ spec: format: int32 type: integer type: object + keystoreCredSecret: + properties: + externallyManaged: + type: boolean + name: + default: "" + type: string + type: object + x-kubernetes-map-type: atomic monitor: properties: agent: @@ -3525,6 +3540,107 @@ spec: volumeName: type: string type: object + tls: + properties: + certificates: + items: + properties: + alias: + type: string + dnsNames: + items: + type: string + type: array + duration: + type: string + emailAddresses: + items: + type: string + type: array + ipAddresses: + items: + type: string + type: array + issuerRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + privateKey: + properties: + encoding: + enum: + - PKCS1 + - PKCS8 + type: string + type: object + renewBefore: + type: string + secretName: + type: string + subject: + properties: + countries: + items: + type: string + type: array + localities: + items: + type: string + type: array + organizationalUnits: + items: + type: string + type: array + organizations: + items: + type: string + type: array + postalCodes: + items: + type: string + type: array + provinces: + items: + type: string + type: array + serialNumber: + type: string + streetAddresses: + items: + type: string + type: array + type: object + uris: + items: + type: string + type: array + required: + - alias + type: object + type: array + issuerRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + type: object version: type: string required: diff --git a/crds/ops.kubedb.com_zookeeperopsrequests.yaml b/crds/ops.kubedb.com_zookeeperopsrequests.yaml index c433492c02..ba92fe6cba 100644 --- a/crds/ops.kubedb.com_zookeeperopsrequests.yaml +++ b/crds/ops.kubedb.com_zookeeperopsrequests.yaml @@ -73,7 +73,11 @@ spec: x-kubernetes-map-type: atomic horizontalScaling: properties: +<<<<<<< HEAD replicas: +======= + node: +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) format: int32 type: integer type: object @@ -81,6 +85,111 @@ spec: type: object timeout: type: string + tls: + properties: + certificates: + items: + properties: + alias: + type: string + dnsNames: + items: + type: string + type: array + duration: + type: string + emailAddresses: + items: + type: string + type: array + ipAddresses: + items: + type: string + type: array + issuerRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + privateKey: + properties: + encoding: + enum: + - PKCS1 + - PKCS8 + type: string + type: object + renewBefore: + type: string + secretName: + type: string + subject: + properties: + countries: + items: + type: string + type: array + localities: + items: + type: string + type: array + organizationalUnits: + items: + type: string + type: array + organizations: + items: + type: string + type: array + postalCodes: + items: + type: string + type: array + provinces: + items: + type: string + type: array + serialNumber: + type: string + streetAddresses: + items: + type: string + type: array + type: object + uris: + items: + type: string + type: array + required: + - alias + type: object + type: array + issuerRef: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + remove: + type: boolean + rotateCertificates: + type: boolean + type: object type: enum: - UpdateVersion @@ -89,6 +198,10 @@ spec: - VolumeExpansion - Restart - Reconfigure +<<<<<<< HEAD +======= + - ReconfigureTLS +>>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) type: string updateVersion: properties: From 0e6c5853f5e45a26a0f77386fd5f6f961e508c25 Mon Sep 17 00:00:00 2001 From: Rudro-25 Date: Mon, 7 Oct 2024 12:25:38 +0600 Subject: [PATCH 2/3] Update api Signed-off-by: Rudro-25 --- apis/ops/v1alpha1/openapi_generated.go | 13 ------------- apis/ops/v1alpha1/zookeeper_ops_types.go | 4 ++-- apis/ops/v1alpha1/zookeeper_ops_types_enum.go | 12 ------------ apis/ops/v1alpha1/zz_generated.deepcopy.go | 8 -------- crds/ops.kubedb.com_zookeeperopsrequests.yaml | 7 ------- 5 files changed, 2 insertions(+), 42 deletions(-) diff --git a/apis/ops/v1alpha1/openapi_generated.go b/apis/ops/v1alpha1/openapi_generated.go index 9cfc155aaa..9ca9ededd7 100644 --- a/apis/ops/v1alpha1/openapi_generated.go +++ b/apis/ops/v1alpha1/openapi_generated.go @@ -33549,15 +33549,9 @@ func schema_apimachinery_apis_ops_v1alpha1_ZooKeeperHorizontalScalingSpec(ref co Description: "ZooKeeperHorizontalScalingSpec contains the horizontal scaling information of a ZooKeeper cluster", Type: []string{"object"}, Properties: map[string]spec.Schema{ -<<<<<<< HEAD "replicas": { SchemaProps: spec.SchemaProps{ Description: "Number of replicas", -======= - "node": { - SchemaProps: spec.SchemaProps{ - Description: "Number of node", ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) Type: []string{"integer"}, Format: "int32", }, @@ -33715,15 +33709,12 @@ func schema_apimachinery_apis_ops_v1alpha1_ZooKeeperOpsRequestSpec(ref common.Re Ref: ref("kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperCustomConfigurationSpec"), }, }, -<<<<<<< HEAD -======= "tls": { SchemaProps: spec.SchemaProps{ Description: "Specifies information necessary for configuring TLS", Ref: ref("kubedb.dev/apimachinery/apis/ops/v1alpha1.TLSSpec"), }, }, ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) "restart": { SchemaProps: spec.SchemaProps{ Description: "Specifies information necessary for restarting database", @@ -33748,11 +33739,7 @@ func schema_apimachinery_apis_ops_v1alpha1_ZooKeeperOpsRequestSpec(ref common.Re }, }, Dependencies: []string{ -<<<<<<< HEAD - "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Duration", "kubedb.dev/apimachinery/apis/ops/v1alpha1.RestartSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperCustomConfigurationSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperHorizontalScalingSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperUpdateVersionSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperVerticalScalingSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperVolumeExpansionSpec"}, -======= "k8s.io/api/core/v1.LocalObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.Duration", "kubedb.dev/apimachinery/apis/ops/v1alpha1.RestartSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.TLSSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperCustomConfigurationSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperHorizontalScalingSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperUpdateVersionSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperVerticalScalingSpec", "kubedb.dev/apimachinery/apis/ops/v1alpha1.ZooKeeperVolumeExpansionSpec"}, ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) } } diff --git a/apis/ops/v1alpha1/zookeeper_ops_types.go b/apis/ops/v1alpha1/zookeeper_ops_types.go index 43ea27107c..9c3f9fcb1d 100644 --- a/apis/ops/v1alpha1/zookeeper_ops_types.go +++ b/apis/ops/v1alpha1/zookeeper_ops_types.go @@ -92,8 +92,8 @@ type ZooKeeperReplicaReadinessCriteria struct{} // ZooKeeperHorizontalScalingSpec contains the horizontal scaling information of a ZooKeeper cluster type ZooKeeperHorizontalScalingSpec struct { - // Number of node - Node *int32 `json:"node,omitempty"` + // Number of replicas + Replicas *int32 `json:"replicas,omitempty"` } // ZooKeeperVerticalScalingSpec contains the vertical scaling information of a ZooKeeper cluster diff --git a/apis/ops/v1alpha1/zookeeper_ops_types_enum.go b/apis/ops/v1alpha1/zookeeper_ops_types_enum.go index c301ba4d80..06d42b7c13 100644 --- a/apis/ops/v1alpha1/zookeeper_ops_types_enum.go +++ b/apis/ops/v1alpha1/zookeeper_ops_types_enum.go @@ -24,11 +24,8 @@ const ( ZooKeeperOpsRequestTypeRestart ZooKeeperOpsRequestType = "Restart" // ZooKeeperOpsRequestTypeReconfigure is a ZooKeeperOpsRequestType of type Reconfigure. ZooKeeperOpsRequestTypeReconfigure ZooKeeperOpsRequestType = "Reconfigure" -<<<<<<< HEAD -======= // ZooKeeperOpsRequestTypeReconfigureTLS is a ZooKeeperOpsRequestType of type ReconfigureTLS. ZooKeeperOpsRequestTypeReconfigureTLS ZooKeeperOpsRequestType = "ReconfigureTLS" ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) ) var ErrInvalidZooKeeperOpsRequestType = fmt.Errorf("not a valid ZooKeeperOpsRequestType, try [%s]", strings.Join(_ZooKeeperOpsRequestTypeNames, ", ")) @@ -40,10 +37,7 @@ var _ZooKeeperOpsRequestTypeNames = []string{ string(ZooKeeperOpsRequestTypeVolumeExpansion), string(ZooKeeperOpsRequestTypeRestart), string(ZooKeeperOpsRequestTypeReconfigure), -<<<<<<< HEAD -======= string(ZooKeeperOpsRequestTypeReconfigureTLS), ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) } // ZooKeeperOpsRequestTypeNames returns a list of possible string values of ZooKeeperOpsRequestType. @@ -62,10 +56,7 @@ func ZooKeeperOpsRequestTypeValues() []ZooKeeperOpsRequestType { ZooKeeperOpsRequestTypeVolumeExpansion, ZooKeeperOpsRequestTypeRestart, ZooKeeperOpsRequestTypeReconfigure, -<<<<<<< HEAD -======= ZooKeeperOpsRequestTypeReconfigureTLS, ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) } } @@ -88,10 +79,7 @@ var _ZooKeeperOpsRequestTypeValue = map[string]ZooKeeperOpsRequestType{ "VolumeExpansion": ZooKeeperOpsRequestTypeVolumeExpansion, "Restart": ZooKeeperOpsRequestTypeRestart, "Reconfigure": ZooKeeperOpsRequestTypeReconfigure, -<<<<<<< HEAD -======= "ReconfigureTLS": ZooKeeperOpsRequestTypeReconfigureTLS, ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) } // ParseZooKeeperOpsRequestType attempts to convert a string to a ZooKeeperOpsRequestType. diff --git a/apis/ops/v1alpha1/zz_generated.deepcopy.go b/apis/ops/v1alpha1/zz_generated.deepcopy.go index dd16b6edbe..5dda4fc0c8 100644 --- a/apis/ops/v1alpha1/zz_generated.deepcopy.go +++ b/apis/ops/v1alpha1/zz_generated.deepcopy.go @@ -5912,13 +5912,8 @@ func (in *ZooKeeperCustomConfigurationSpec) DeepCopy() *ZooKeeperCustomConfigura // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ZooKeeperHorizontalScalingSpec) DeepCopyInto(out *ZooKeeperHorizontalScalingSpec) { *out = *in -<<<<<<< HEAD if in.Replicas != nil { in, out := &in.Replicas, &out.Replicas -======= - if in.Node != nil { - in, out := &in.Node, &out.Node ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) *out = new(int32) **out = **in } @@ -6025,14 +6020,11 @@ func (in *ZooKeeperOpsRequestSpec) DeepCopyInto(out *ZooKeeperOpsRequestSpec) { *out = new(ZooKeeperCustomConfigurationSpec) (*in).DeepCopyInto(*out) } -<<<<<<< HEAD -======= if in.TLS != nil { in, out := &in.TLS, &out.TLS *out = new(TLSSpec) (*in).DeepCopyInto(*out) } ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) if in.Restart != nil { in, out := &in.Restart, &out.Restart *out = new(RestartSpec) diff --git a/crds/ops.kubedb.com_zookeeperopsrequests.yaml b/crds/ops.kubedb.com_zookeeperopsrequests.yaml index ba92fe6cba..fe5be7026d 100644 --- a/crds/ops.kubedb.com_zookeeperopsrequests.yaml +++ b/crds/ops.kubedb.com_zookeeperopsrequests.yaml @@ -73,11 +73,7 @@ spec: x-kubernetes-map-type: atomic horizontalScaling: properties: -<<<<<<< HEAD replicas: -======= - node: ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) format: int32 type: integer type: object @@ -198,10 +194,7 @@ spec: - VolumeExpansion - Restart - Reconfigure -<<<<<<< HEAD -======= - ReconfigureTLS ->>>>>>> 2cfa91945 (Add reconfigure tls for zookeeper) type: string updateVersion: properties: From 29e1a38c10ebb52429f22bf847bd479ed66db0c3 Mon Sep 17 00:00:00 2001 From: Rudro-25 Date: Mon, 21 Oct 2024 18:17:15 +0600 Subject: [PATCH 3/3] review resolved Signed-off-by: Rudro-25 --- apis/kubedb/constants.go | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/apis/kubedb/constants.go b/apis/kubedb/constants.go index 901170f5f4..f8600b5f9b 100644 --- a/apis/kubedb/constants.go +++ b/apis/kubedb/constants.go @@ -621,9 +621,6 @@ const ( KubeDBZooKeeperRoleName = "kubedb:zookeeper-version-reader" KubeDBZooKeeperRoleBindingName = "kubedb:zookeeper-version-reader" ZooKeeperClientPortName = "client" - ZooKeeperNodeRolesCombined = "controller,broker" - ZooKeeperNodeRolesBrokers = "broker" - ZooKeeperNodeRolesController = "controller" ZooKeeperClientPort = 2181 ZooKeeperQuorumPortName = "quorum" ZooKeeperQuorumPort = 2888 @@ -640,7 +637,6 @@ const ( ZooKeeperConfigVolumeName = "zookeeper-config" ZooKeeperConfigVolumePath = "/conf" ZooKeeperVolumeTempConfig = "temp-config" - ZooKeeperVolumeCustomConfig = "custom-config" ZooKeeperDataVolumeName = "data" ZooKeeperDataVolumePath = "/data" ZooKeeperScriptVolumeName = "script-vol" @@ -667,10 +663,7 @@ const ( ZooKeeperKeystoreLocationKey = "ssl.quorum.keyStore.location" ZooKeeperTruststoreLocationKey = "ssl.quorum.trustStore.location" - ZooKeeperSSLPropertiesFileName = "ssl.properties" - ZooKeeperBrokerCustomConfigFileName = "broker.properties" - ZooKeeperControllerCustomConfigFileName = "controller.properties" - ZooKeeperClientAuthConfigFileName = "clientauth.properties" + ZooKeeperSSLPropertiesFileName = "ssl.properties" EnvZooKeeperDomain = "DOMAIN" EnvZooKeeperQuorumPort = "QUORUM_PORT"