OT-CONTAINER-KIT
/
mongodb-operator
mirror of https://github.com/OT-CONTAINER-KIT/mongodb-operator.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: OT-CONTAINER-KIT:v0.2.0
Branches Tags
OT-CONTAINER-KIT:main
OT-CONTAINER-KIT:dependabot/go_modules/golang.org/x/sys-0.1.0
OT-CONTAINER-KIT:dependabot/go_modules/golang.org/x/net-0.7.0
OT-CONTAINER-KIT:dependabot/go_modules/golang.org/x/crypto-0.1.0
OT-CONTAINER-KIT:dependabot/go_modules/github.com/prometheus/client_golang-1.11.1
OT-CONTAINER-KIT:dependabot/go_modules/golang.org/x/text-0.3.8
OT-CONTAINER-KIT:v0.3.0
OT-CONTAINER-KIT:v0.2.0
OT-CONTAINER-KIT:v0.1.0
...
compare: OT-CONTAINER-KIT:main
Branches Tags
OT-CONTAINER-KIT:dependabot/go_modules/golang.org/x/sys-0.1.0
OT-CONTAINER-KIT:dependabot/go_modules/golang.org/x/net-0.7.0
OT-CONTAINER-KIT:dependabot/go_modules/golang.org/x/crypto-0.1.0
OT-CONTAINER-KIT:dependabot/go_modules/github.com/prometheus/client_golang-1.11.1
OT-CONTAINER-KIT:dependabot/go_modules/golang.org/x/text-0.3.8
OT-CONTAINER-KIT:main
OT-CONTAINER-KIT:v0.3.0
OT-CONTAINER-KIT:v0.2.0
OT-CONTAINER-KIT:v0.1.0

12 Commits
v0.2.0 ... main

Author SHA1 Message Date
Shubham Gupta 48ca449ecd
go version upgrade 
1.16 > 1.20

Signed-off-by: Shubham Gupta <iamshubhamgupta2001@gmail.com>
 2023-04-27 10:36:46 +05:30
Shubham Gupta dea0c8657f
go version upgrade 
1.16 > 1.20

Signed-off-by: Shubham Gupta <iamshubhamgupta2001@gmail.com>
 2023-04-27 10:36:33 +05:30
Abhishek Dubey 3caa4f7009
Added eks cluster creation example (#64) 
Signed-off-by: iamabhishek-dubey <abhishekbhardwaj510@gmail.com>

Signed-off-by: iamabhishek-dubey <abhishekbhardwaj510@gmail.com>
 2022-12-06 19:12:21 +05:30
Abhishek Dubey 33649c13d7
[BugFix]Fixed cluster creation and validation (#62) 
Signed-off-by: iamabhishek-dubey <abhishekbhardwaj510@gmail.com>
 2022-09-03 20:21:46 +05:30
Abhishek Dubey 5ec4567865
[BugFix] Fixed standalone service creation (#61) 
Signed-off-by: iamabhishek-dubey <abhishekbhardwaj510@gmail.com>
 2022-09-03 18:08:00 +05:30
Abhishek Dubey f322b153d2
Create codeql-analysis.yml 2022-09-03 18:07:19 +05:30
Abhishek Dubey 04d229099f
Create SECURITY.md 2022-09-03 18:06:32 +05:30
Abhishek Dubey 31aec74ac5
Updated CHANGELOG and docs to v0.3.0 (#52) 
Signed-off-by: iamabhishek-dubey <abhishekbhardwaj510@gmail.com>
 2022-03-31 18:12:05 +05:30
Abhishek Dubey 9862fc2397
[Development][Add] Added support for custom config (#51) 
Signed-off-by: iamabhishek-dubey <abhishekbhardwaj510@gmail.com>
 2022-03-31 15:59:59 +05:30
Abhishek Dubey f91b47ae58
Fixed typo mistakes in docs (#49) 
Signed-off-by: iamabhishek-dubey <abhishekbhardwaj510@gmail.com>
 2022-03-01 00:39:26 +05:30
Abhishek Dubey b51a58b136
[Feature][Add] Added PodDisruptionBudget support (#48) 
* Added PodDisruptioBudget support

Signed-off-by: iamabhishek-dubey <abhishekbhardwaj510@gmail.com>
 2022-02-21 02:24:08 +05:30
Abhishek Dubey 12468c7850
Added feature for security context (#47) 
Signed-off-by: iamabhishek-dubey <abhishekbhardwaj510@gmail.com>
 2022-02-20 22:15:52 +05:30
35 changed files with 1210 additions and 2254 deletions
Show Stats Expand all files Collapse all files

2
.azure-pipelines/pipeline.yaml
View File

@ -24,4 +24,4 @@ extends:
QuayImageName: opstree/mongodb-operator
GithubImageName: ot-container-kit/mongodb-operator/mongodb-operator
BuildDocs: false
AppVersion: "0.2.0"
AppVersion: "0.3.0"

72
.github/workflows/codeql-analysis.yml vendored Normal file
View File

@ -0,0 +1,72 @@
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
name: "CodeQL"
on:
push:
branches: [ "main" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "main" ]
schedule:
- cron: '19 1 * * 4'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'go' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
steps:
- name: Checkout repository
uses: actions/checkout@v3
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
# Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
# If the Autobuild fails above, remove it and uncomment the following three lines.
# modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
# - run: |
# echo "Run, Build Application using script"
# ./location_of_script_within_repo/buildscript.sh
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2

11
CHANGELOG.md
View File

@ -1,3 +1,14 @@
### v0.3.0
##### March 31, 2022
#### :tada: Features
- Added dashboard for MongoDB and MongoDB cluster
- Added alerting documentation and feature
- Added support for securityContext
- Added PodDisruptionBudget support
- Added support for custom configuration
### v0.2.0
##### Feburary 16, 2022

2
Dockerfile
View File

@ -1,5 +1,5 @@
# Build the manager binary
FROM golang:1.17 as builder
FROM golang:1.20 as builder
WORKDIR /workspace
# Copy the Go Modules manifests

4
Makefile
View File

@ -3,7 +3,7 @@
# To re-generate a bundle for another specific version without changing the standard setup, you can:
# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
# - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
VERSION ?= v0.2.0
VERSION ?= v0.4.0
# CHANNELS define the bundle channels used in the bundle.
# Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
@ -90,7 +90,7 @@ test: manifests generate fmt vet envtest ## Run tests.
##@ Build
build: generate fmt vet ## Build manager binary.
build: fmt ## Build manager binary.
go build -o bin/manager main.go
manager:

2
README.md
View File

@ -70,7 +70,7 @@ $ helm repo add ot-helm https://ot-container-kit.github.io/helm-charts/
```shell
# Deploy the MongoDB Operator
$ helm upgrade mongodb-operator ot-helm/mongdb-operator \
$ helm upgrade mongodb-operator ot-helm/mongodb-operator \
--install --namespace ot-operators --install
...
Release "mongodb-operator" does not exist. Installing it now.

13
SECURITY.md Normal file
View File

@ -0,0 +1,13 @@
# Security Policy
## Supported Versions
| Version | Supported |
| ------- | ------------------ |
| 4.0.x | :white_check_mark: |
| 3.0.x | :white_check_mark: |
## Reporting a Vulnerability
If you find any security vulnerability inside the Project, please open a issue at https://github.com/OT-CONTAINER-KIT/mongodb-operator/issues

1
api/v1alpha1/common_types.go
View File

@ -14,6 +14,7 @@ type KubernetesConfig struct {
Affinity *corev1.Affinity `json:"mongoAffinity,omitempty"`
Tolerations *[]corev1.Toleration `json:"tolerations,omitempty"`
PriorityClassName string `json:"priorityClassName,omitempty"`
SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
}
// MongoDBSecurity is the JSON struct for MongoDB security configuration

10
api/v1alpha1/mongodb_types.go
View File

@ -22,15 +22,15 @@ import (
// MongoDBSpec defines the desired state of MongoDB
type MongoDBSpec struct {
KubernetesConfig KubernetesConfig `json:"kubernetesConfig"`
Storage *Storage `json:"storage,omitempty"`
MongoDBSecurity *MongoDBSecurity `json:"mongoDBSecurity"`
MongoDBMonitoring *MongoDBMonitoring `json:"mongoDBMonitoring,omitempty"`
KubernetesConfig KubernetesConfig `json:"kubernetesConfig"`
Storage *Storage `json:"storage,omitempty"`
MongoDBSecurity *MongoDBSecurity `json:"mongoDBSecurity"`
MongoDBMonitoring *MongoDBMonitoring `json:"mongoDBMonitoring,omitempty"`
MongoDBAdditionalConfig *string `json:"mongoDBAdditionalConfig,omitempty"`
}
// MongoDBStatus defines the observed state of MongoDB
type MongoDBStatus struct {
MongoDB MongoDBSpec `json:"mongodb,omitempty"`
}
//+kubebuilder:object:root=true

22
api/v1alpha1/mongodbcluster_types.go
View File

@ -22,17 +22,25 @@ import (
// MongoDBClusterSpec defines the desired state of MongoDBCluster
type MongoDBClusterSpec struct {
MongoDBClusterSize *int32 `json:"clusterSize"`
EnableArbiter *bool `json:"enableMongoArbiter,omitempty"`
KubernetesConfig KubernetesConfig `json:"kubernetesConfig"`
Storage *Storage `json:"storage,omitempty"`
MongoDBSecurity *MongoDBSecurity `json:"mongoDBSecurity"`
MongoDBMonitoring *MongoDBMonitoring `json:"mongoDBMonitoring,omitempty"`
MongoDBClusterSize *int32 `json:"clusterSize"`
EnableArbiter *bool `json:"enableMongoArbiter,omitempty"`
KubernetesConfig KubernetesConfig `json:"kubernetesConfig"`
Storage *Storage `json:"storage,omitempty"`
MongoDBSecurity *MongoDBSecurity `json:"mongoDBSecurity"`
MongoDBMonitoring *MongoDBMonitoring `json:"mongoDBMonitoring,omitempty"`
PodDisruptionBudget *MongoDBPodDisruptionBudget `json:"podDisruptionBudget,omitempty"`
MongoDBAdditionalConfig *string `json:"mongoDBAdditionalConfig,omitempty"`
}
// MongoDBPodDisruptionBudget defines the struct for MongoDB cluster
type MongoDBPodDisruptionBudget struct {
Enabled bool `json:"enabled,omitempty"`
MinAvailable *int32 `json:"minAvailable,omitempty"`
MaxUnavailable *int32 `json:"maxUnavailable,omitempty"`
}
// MongoDBClusterStatus defines the observed state of MongoDBCluster
type MongoDBClusterStatus struct {
MongoDBCluster MongoDBClusterSpec `json:"mongodbCluster,omitempty"`
}
//+kubebuilder:object:root=true

229
api/v1alpha1/zz_generated.deepcopy.go
View File

@ -1,7 +1,8 @@
//go:build !ignore_autogenerated
// +build !ignore_autogenerated
/*
Copyright 2021.
Copyright 2022.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -21,15 +22,94 @@ limitations under the License.
package v1alpha1
import (
"k8s.io/api/core/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ExistingPasswordSecret) DeepCopyInto(out *ExistingPasswordSecret) {
*out = *in
if in.Name != nil {
in, out := &in.Name, &out.Name
*out = new(string)
**out = **in
}
if in.Key != nil {
in, out := &in.Key, &out.Key
*out = new(string)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExistingPasswordSecret.
func (in *ExistingPasswordSecret) DeepCopy() *ExistingPasswordSecret {
if in == nil {
return nil
}
out := new(ExistingPasswordSecret)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *KubernetesConfig) DeepCopyInto(out *KubernetesConfig) {
*out = *in
if in.Resources != nil {
in, out := &in.Resources, &out.Resources
*out = new(v1.ResourceRequirements)
(*in).DeepCopyInto(*out)
}
if in.ImagePullSecret != nil {
in, out := &in.ImagePullSecret, &out.ImagePullSecret
*out = new(string)
**out = **in
}
if in.NodeSelector != nil {
in, out := &in.NodeSelector, &out.NodeSelector
*out = make(map[string]string, len(*in))
for key, val := range *in {
(*out)[key] = val
}
}
if in.Affinity != nil {
in, out := &in.Affinity, &out.Affinity
*out = new(v1.Affinity)
(*in).DeepCopyInto(*out)
}
if in.Tolerations != nil {
in, out := &in.Tolerations, &out.Tolerations
*out = new([]v1.Toleration)
if **in != nil {
in, out := *in, *out
*out = make([]v1.Toleration, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
if in.SecurityContext != nil {
in, out := &in.SecurityContext, &out.SecurityContext
*out = new(v1.PodSecurityContext)
(*in).DeepCopyInto(*out)
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesConfig.
func (in *KubernetesConfig) DeepCopy() *KubernetesConfig {
if in == nil {
return nil
}
out := new(KubernetesConfig)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *MongoDB) DeepCopyInto(out *MongoDB) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
out.Spec = in.Spec
in.Spec.DeepCopyInto(&out.Spec)
out.Status = in.Status
}
@ -56,7 +136,7 @@ func (in *MongoDBCluster) DeepCopyInto(out *MongoDBCluster) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
out.Spec = in.Spec
in.Spec.DeepCopyInto(&out.Spec)
out.Status = in.Status
}
@ -113,6 +193,42 @@ func (in *MongoDBClusterList) DeepCopyObject() runtime.Object {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *MongoDBClusterSpec) DeepCopyInto(out *MongoDBClusterSpec) {
*out = *in
if in.MongoDBClusterSize != nil {
in, out := &in.MongoDBClusterSize, &out.MongoDBClusterSize
*out = new(int32)
**out = **in
}
if in.EnableArbiter != nil {
in, out := &in.EnableArbiter, &out.EnableArbiter
*out = new(bool)
**out = **in
}
in.KubernetesConfig.DeepCopyInto(&out.KubernetesConfig)
if in.Storage != nil {
in, out := &in.Storage, &out.Storage
*out = new(Storage)
(*in).DeepCopyInto(*out)
}
if in.MongoDBSecurity != nil {
in, out := &in.MongoDBSecurity, &out.MongoDBSecurity
*out = new(MongoDBSecurity)
(*in).DeepCopyInto(*out)
}
if in.MongoDBMonitoring != nil {
in, out := &in.MongoDBMonitoring, &out.MongoDBMonitoring
*out = new(MongoDBMonitoring)
(*in).DeepCopyInto(*out)
}
if in.PodDisruptionBudget != nil {
in, out := &in.PodDisruptionBudget, &out.PodDisruptionBudget
*out = new(MongoDBPodDisruptionBudget)
(*in).DeepCopyInto(*out)
}
if in.MongoDBAdditionalConfig != nil {
in, out := &in.MongoDBAdditionalConfig, &out.MongoDBAdditionalConfig
*out = new(string)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MongoDBClusterSpec.
@ -172,9 +288,91 @@ func (in *MongoDBList) DeepCopyObject() runtime.Object {
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *MongoDBMonitoring) DeepCopyInto(out *MongoDBMonitoring) {
*out = *in
if in.Resources != nil {
in, out := &in.Resources, &out.Resources
*out = new(v1.ResourceRequirements)
(*in).DeepCopyInto(*out)
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MongoDBMonitoring.
func (in *MongoDBMonitoring) DeepCopy() *MongoDBMonitoring {
if in == nil {
return nil
}
out := new(MongoDBMonitoring)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *MongoDBPodDisruptionBudget) DeepCopyInto(out *MongoDBPodDisruptionBudget) {
*out = *in
if in.MinAvailable != nil {
in, out := &in.MinAvailable, &out.MinAvailable
*out = new(int32)
**out = **in
}
if in.MaxUnavailable != nil {
in, out := &in.MaxUnavailable, &out.MaxUnavailable
*out = new(int32)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MongoDBPodDisruptionBudget.
func (in *MongoDBPodDisruptionBudget) DeepCopy() *MongoDBPodDisruptionBudget {
if in == nil {
return nil
}
out := new(MongoDBPodDisruptionBudget)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *MongoDBSecurity) DeepCopyInto(out *MongoDBSecurity) {
*out = *in
in.SecretRef.DeepCopyInto(&out.SecretRef)
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MongoDBSecurity.
func (in *MongoDBSecurity) DeepCopy() *MongoDBSecurity {
if in == nil {
return nil
}
out := new(MongoDBSecurity)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *MongoDBSpec) DeepCopyInto(out *MongoDBSpec) {
*out = *in
in.KubernetesConfig.DeepCopyInto(&out.KubernetesConfig)
if in.Storage != nil {
in, out := &in.Storage, &out.Storage
*out = new(Storage)
(*in).DeepCopyInto(*out)
}
if in.MongoDBSecurity != nil {
in, out := &in.MongoDBSecurity, &out.MongoDBSecurity
*out = new(MongoDBSecurity)
(*in).DeepCopyInto(*out)
}
if in.MongoDBMonitoring != nil {
in, out := &in.MongoDBMonitoring, &out.MongoDBMonitoring
*out = new(MongoDBMonitoring)
(*in).DeepCopyInto(*out)
}
if in.MongoDBAdditionalConfig != nil {
in, out := &in.MongoDBAdditionalConfig, &out.MongoDBAdditionalConfig
*out = new(string)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MongoDBSpec.
@ -201,3 +399,28 @@ func (in *MongoDBStatus) DeepCopy() *MongoDBStatus {
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Storage) DeepCopyInto(out *Storage) {
*out = *in
if in.AccessModes != nil {
in, out := &in.AccessModes, &out.AccessModes
*out = make([]v1.PersistentVolumeAccessMode, len(*in))
copy(*out, *in)
}
if in.StorageClassName != nil {
in, out := &in.StorageClassName, &out.StorageClassName
*out = new(string)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Storage.
func (in *Storage) DeepCopy() *Storage {
if in == nil {
return nil
}
out := new(Storage)
in.DeepCopyInto(out)
return out
}

1257
config/crd/bases/opstreelabs.in_mongodbclusters.yaml
View File

File diff suppressed because it is too large Load Diff

1238
config/crd/bases/opstreelabs.in_mongodbs.yaml
View File

File diff suppressed because it is too large Load Diff

12
config/rbac/role.yaml
View File

@ -97,3 +97,15 @@ rules:
- get
- patch
- update
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch

8
controllers/mongodb_controller.go
View File

@ -70,6 +70,10 @@ func (r *MongoDBReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
if err != nil {
return ctrl.Result{RequeueAfter: time.Second * 10}, err
}
err = k8sgo.CreateMongoStandaloneService(instance)
if err != nil {
return ctrl.Result{RequeueAfter: time.Second * 10}, err
}
mongoDBSTS, err := k8sgo.GetStateFulSet(instance.Namespace, fmt.Sprintf("%s-%s", instance.ObjectMeta.Name, "standalone"))
if err != nil {
return ctrl.Result{RequeueAfter: time.Second * 10}, err
@ -84,10 +88,6 @@ func (r *MongoDBReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
}
}
}
err = k8sgo.CreateMongoStandaloneService(instance)
if err != nil {
return ctrl.Result{RequeueAfter: time.Second * 10}, err
}
return ctrl.Result{RequeueAfter: time.Second * 10}, nil
}

1
controllers/mongodbcluster_controller.go
View File

@ -39,6 +39,7 @@ type MongoDBClusterReconciler struct {
//+kubebuilder:rbac:groups=opstreelabs.in,resources=mongodbclusters,verbs=get;list;watch;create;update;patch;delete
//+kubebuilder:rbac:groups=opstreelabs.in,resources=mongodbclusters/status,verbs=get;update;patch
//+kubebuilder:rbac:groups=opstreelabs.in,resources=mongodbclusters/finalizers,verbs=update
//+kubebuilder:rbac:groups="policy",resources=poddisruptionbudgets,verbs=get;list;watch;create;update;patch;delete
// Reconcile is part of the main kubernetes reconciliation loop which aims to
func (r *MongoDBClusterReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {

56
docs/content/en/docs/Configuration/mongo-replicated-cluster.md
View File

@ -12,30 +12,31 @@ The `values.yaml` file for MongoDB cluster setup can be found [here](https://git
## Parameters for Helm Chart
| **Name** | **Value** | **Description** |
|-------------------------------------------|:------------------------:|-----------------------------------------------------|
| `clusterSize` | 3 | Size of the MongoDB cluster |
| `image.name` | quay.io/opstree/mongo | Name of the MongoDB image |
| `image.tag` | v5.0 | Tag for the MongoDB image |
| `image.imagePullPolicy` | IfNotPresent | Image Pull Policy of the MongoDB |
| `image.pullSecret` | "" | Image Pull Secret for private registry |
| `resources` | {} | Request and limits for MongoDB statefulset |
| `storage.enabled` | true | Storage is enabled for MongoDB or not |
| `storage.accessModes` | ["ReadWriteOnce"] | AccessMode for storage provider |
| `storage.storageSize` | 1Gi | Size of storage for MongoDB |
| `storage.storageClass` | gp2 | Name of the storageClass to create storage |
| `mongoDBMonitoring.enabled` | true | MongoDB exporter should be deployed or not |
| `mongoDBMonitoring.image.name` | bitnami/mongodb-exporter | Name of the MongoDB exporter image |
| `mongoDBMonitoring.image.tag` | 0.11.2-debian-10-r382 | Tag of the MongoDB exporter image |
| `mongoDBMonitoring.image.imagePullPolicy` | IfNotPresent | Image Pull Policy of the MongoDB exporter image |
| `serviceMonitor.enabled` | false | Servicemonitor to monitor MongoDB with Prometheus |
| `serviceMonitor.interval` | 30s | Interval at which metrics should be scraped. |
| `serviceMonitor.scrapeTimeout` | 10s | Timeout after which the scrape is ended |
| `serviceMonitor.namespace` | monitoring | Namespace in which Prometheus operator is running |
| `nodeSelector` | {} | Nodeselector for the MongoDB statefulset |
| `priorityClassName` | "" | Priority class name for the MongoDB statefulset |
| `affinity` | {} | Affinity for node and pods for MongoDB statefulset |
| `tolerations` | [] | Tolerations for MongoDB statefulset |
| **Name** | **Value** | **Description** |
|-------------------------------------------|:------------------------:|----------------------------------------------------|
| `clusterSize` | 3 | Size of the MongoDB cluster |
| `image.name` | quay.io/opstree/mongo | Name of the MongoDB image |
| `image.tag` | v5.0 | Tag for the MongoDB image |
| `image.imagePullPolicy` | IfNotPresent | Image Pull Policy of the MongoDB |
| `image.pullSecret` | "" | Image Pull Secret for private registry |
| `resources` | {} | Request and limits for MongoDB statefulset |
| `storage.enabled` | true | Storage is enabled for MongoDB or not |
| `storage.accessModes` | ["ReadWriteOnce"] | AccessMode for storage provider |
| `storage.storageSize` | 1Gi | Size of storage for MongoDB |
| `storage.storageClass` | gp2 | Name of the storageClass to create storage |
| `mongoDBMonitoring.enabled` | true | MongoDB exporter should be deployed or not |
| `mongoDBMonitoring.image.name` | bitnami/mongodb-exporter | Name of the MongoDB exporter image |
| `mongoDBMonitoring.image.tag` | 0.11.2-debian-10-r382 | Tag of the MongoDB exporter image |
| `mongoDBMonitoring.image.imagePullPolicy` | IfNotPresent | Image Pull Policy of the MongoDB exporter image |
| `serviceMonitor.enabled` | false | Servicemonitor to monitor MongoDB with Prometheus |
| `serviceMonitor.interval` | 30s | Interval at which metrics should be scraped. |
| `serviceMonitor.scrapeTimeout` | 10s | Timeout after which the scrape is ended |
| `serviceMonitor.namespace` | monitoring | Namespace in which Prometheus operator is running |
| `nodeSelector` | {} | Nodeselector for the MongoDB statefulset |
| `priorityClassName` | "" | Priority class name for the MongoDB statefulset |
| `affinity` | {} | Affinity for node and pods for MongoDB statefulset |
| `tolerations` | [] | Tolerations for MongoDB statefulset |
| `securityContext` | {} | Security Context for MongoDB pod like:- `fsGroup` |
## Parameters for CRD Object Definition
@ -113,6 +114,13 @@ These are the parameters that are currently supported by the MongoDB operator fo
effect: "NoSchedule"
```
`SecurityContext`:- A security context defines privilege and access control settings for a Pod or Container. The security settings that you specify for a Pod apply to all Containers in the Pod.
```yaml
securityContext:
fsGroup: 1001
```
### storage
`storage` is the storage specific configuration for MongoDB CRD. With this parameter we can make enable persistence inside the MongoDB statefulset. In this parameter, we will provide inputs like- accessModes, size of the storage, and storageClass.

54
docs/content/en/docs/Configuration/mongo-standalone.md
View File

@ -12,29 +12,30 @@ The `values.yaml` file for MongoDB standalone setup can be found [here](https://
## Parameters for Helm Chart
| **Name** | **Value** | **Description** |
|---------------------------------------------|:------------------------:|------------------------------------------------------|
| `image.name` | quay.io/opstree/mongo | Name of the MongoDB image |
| `image.tag` | v5.0 | Tag for the MongoDB image |
| `image.imagePullPolicy` | IfNotPresent | Image Pull Policy of the MongoDB |
| `image.pullSecret` | "" | Image Pull Secret for private registry |
| `resources` | {} | Request and limits for MongoDB statefulset |
| `storage.enabled` | true | Storage is enabled for MongoDB or not |
| `storage.accessModes` | ["ReadWriteOnce"] | AccessMode for storage provider |
| `storage.storageSize` | 1Gi | Size of storage for MongoDB |
| `storage.storageClass` | gp2 | Name of the storageClass to create storage |
| `mongoDBMonitoring.enabled` | true | MongoDB exporter should be deployed or not |
| `mongoDBMonitoring.image.name` | bitnami/mongodb-exporter | Name of the MongoDB exporter image |
| `mongoDBMonitoring.image.tag` | 0.11.2-debian-10-r382 | Tag of the MongoDB exporter image |
| `mongoDBMonitoring.image.imagePullPolicy` | IfNotPresent | Image Pull Policy of the MongoDB exporter image |
| `serviceMonitor.enabled` | false | Servicemonitor to monitor MongoDB with Prometheus |
| `serviceMonitor.interval` | 30s | Interval at which metrics should be scraped. |
| `serviceMonitor.scrapeTimeout` | 10s | Timeout after which the scrape is ended |
| `serviceMonitor.namespace` | monitoring | Namespace in which Prometheus operator is running |
| `nodeSelector` | {} | Nodeselector for the MongoDB statefulset |
| `priorityClassName` | "" | Priority class name for the MongoDB statefulset |
| `affinity` | {} | Affinity for node and pods for MongoDB statefulset |
| `tolerations` | [] | Tolerations for MongoDB statefulset |
| **Name** | **Value** | **Description** |
|--------------------------------------------|:------------------------:|------------------------------------------------------|
| `image.name` | quay.io/opstree/mongo | Name of the MongoDB image |
| `image.tag` | v5.0 | Tag for the MongoDB image |
| `image.imagePullPolicy` | IfNotPresent | Image Pull Policy of the MongoDB |
| `image.pullSecret` | "" | Image Pull Secret for private registry |
| `resources` | {} | Request and limits for MongoDB statefulset |
| `storage.enabled` | true | Storage is enabled for MongoDB or not |
| `storage.accessModes` | ["ReadWriteOnce"] | AccessMode for storage provider |
| `storage.storageSize` | 1Gi | Size of storage for MongoDB |
| `storage.storageClass` | gp2 | Name of the storageClass to create storage |
| `mongoDBMonitoring.enabled` | true | MongoDB exporter should be deployed or not |
| `mongoDBMonitoring.image.name` | bitnami/mongodb-exporter | Name of the MongoDB exporter image |
| `mongoDBMonitoring.image.tag` | 0.11.2-debian-10-r382 | Tag of the MongoDB exporter image |
| `mongoDBMonitoring.image.imagePullPolicy` | IfNotPresent | Image Pull Policy of the MongoDB exporter image |
| `serviceMonitor.enabled` | false | Servicemonitor to monitor MongoDB with Prometheus |
| `serviceMonitor.interval` | 30s | Interval at which metrics should be scraped. |
| `serviceMonitor.scrapeTimeout` | 10s | Timeout after which the scrape is ended |
| `serviceMonitor.namespace` | monitoring | Namespace in which Prometheus operator is running |
| `nodeSelector` | {} | Nodeselector for the MongoDB statefulset |
| `priorityClassName` | "" | Priority class name for the MongoDB statefulset |
| `affinity` | {} | Affinity for node and pods for MongoDB statefulset |
| `tolerations` | [] | Tolerations for MongoDB statefulset |
| `securityContext` | {} | Security Context for MongoDB pod like:- `fsGroup` |
## Parameters for CRD Object Definition
@ -103,6 +104,13 @@ These are the parameters that are currently supported by the MongoDB operator fo
effect: "NoSchedule"
```
`SecurityContext`:- A security context defines privilege and access control settings for a Pod or Container. The security settings that you specify for a Pod apply to all Containers in the Pod.
```yaml
securityContext:
fsGroup: 1001
```
### storage
`storage` is the storage specific configuration for MongoDB CRD. With this parameter we can make enable persistence inside the MongoDB statefulset. In this parameter, we will provide inputs like- accessModes, size of the storage, and storageClass.

2
docs/content/en/docs/Getting Started/installation.md
View File

@ -32,7 +32,7 @@ $ helm repo add ot-helm https://ot-container-kit.github.io/helm-charts/
```shell
# Deploy the MongoDB Operator
$ helm install mongodb-operator ot-helm/mongdb-operator \
$ helm install mongodb-operator ot-helm/mongodb-operator \
--namespace ot-operators
...
Release "mongodb-operator" does not exist. Installing it now.

20
examples/additional-config/clusterd.yaml Normal file
View File

@ -0,0 +1,20 @@
---
apiVersion: opstreelabs.in/v1alpha1
kind: MongoDBCluster
metadata:
name: mongodb
spec:
clusterSize: 3
kubernetesConfig:
image: quay.io/opstree/mongo:v5.0.6
imagePullPolicy: IfNotPresent
storage:
accessModes: ["ReadWriteOnce"]
storageSize: 1Gi
storageClass: csi-cephfs-sc
mongoDBSecurity:
mongoDBAdminUser: admin
secretRef:
name: mongodb-secret
key: password
mongoDBAdditionalConfig: mongo-additional-config # name of configmap

10
examples/additional-config/configmap.yaml Normal file
View File

@ -0,0 +1,10 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: mongo-additional-config
data:
mongo.yaml: |
net:
bindIp: 0.0.0.0
port: 27017

19
examples/additional-config/standalone.yaml Normal file
View File

@ -0,0 +1,19 @@
---
apiVersion: opstreelabs.in/v1alpha1
kind: MongoDB
metadata:
name: mongodb
spec:
kubernetesConfig:
image: quay.io/opstree/mongo:v5.0.6
imagePullPolicy: IfNotPresent
storage:
accessModes: ["ReadWriteOnce"]
storageSize: 1Gi
storageClass: gp2
mongoDBSecurity:
mongoDBAdminUser: admin
secretRef:
name: mongodb-secret
key: password
mongoDBAdditionalConfig: mongo-additional-config # name of configmap

23
examples/disruption-budget/clusterd.yaml Normal file
View File

@ -0,0 +1,23 @@
---
apiVersion: opstreelabs.in/v1alpha1
kind: MongoDBCluster
metadata:
name: mongodb
spec:
clusterSize: 3
kubernetesConfig:
image: quay.io/opstree/mongo:v5.0
imagePullPolicy: IfNotPresent
storage:
accessModes: ["ReadWriteOnce"]
storageSize: 1Gi
storageClass: gp2
mongoDBSecurity:
mongoDBAdminUser: admin
secretRef:
name: mongodb-secret
key: password
podDisruptionBudget:
enabled: true
maxUnavailable: 1
# minAvailable: 1

24
examples/eks-cluster.yaml Normal file
View File

@ -0,0 +1,24 @@
---
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: operator-testing
region: us-west-2
version: "1.22"
managedNodeGroups:
- name: ng-1
instanceType: t3a.medium
desiredCapacity: 3
volumeSize: 30
ssh:
allow: true
volumeType: gp3
kubernetesNetworkConfig:
ipFamily: IPv4
# ipFamily: IPv6
addons:
- name: vpc-cni
- name: coredns
- name: kube-proxy
iam:
withOIDC: true

21
examples/security-context/clusterd.yaml Normal file
View File

@ -0,0 +1,21 @@
---
apiVersion: opstreelabs.in/v1alpha1
kind: MongoDBCluster
metadata:
name: mongodb
spec:
clusterSize: 3
kubernetesConfig:
image: quay.io/opstree/mongo:v5.0
imagePullPolicy: IfNotPresent
securityContext:
fsGroup: 1001
storage:
accessModes: ["ReadWriteOnce"]
storageSize: 1Gi
storageClass: gp2
mongoDBSecurity:
mongoDBAdminUser: admin
secretRef:
name: mongodb-secret
key: password

20
examples/security-context/standalone.yaml Normal file
View File

@ -0,0 +1,20 @@
---
apiVersion: opstreelabs.in/v1alpha1
kind: MongoDB
metadata:
name: mongodb
spec:
kubernetesConfig:
image: quay.io/opstree/mongo:v5.0
imagePullPolicy: IfNotPresent
securityContext:
fsGroup: 1001
storage:
accessModes: ["ReadWriteOnce"]
storageSize: 1Gi
storageClass: gp2
mongoDBSecurity:
mongoDBAdminUser: admin
secretRef:
name: mongodb-secret
key: password

83
go.mod
View File

@ -1,17 +1,86 @@
module mongodb-operator
go 1.16
go 1.20
require (
github.com/banzaicloud/k8s-objectmatcher v1.7.0 // indirect
github.com/iamabhishek-dubey/k8s-objectmatcher v1.7.3 // indirect
github.com/go-logr/logr v0.4.0 // indirect
github.com/banzaicloud/k8s-objectmatcher v1.7.0
github.com/go-logr/logr v0.4.0
github.com/iamabhishek-dubey/k8s-objectmatcher v1.7.3
github.com/onsi/ginkgo v1.16.4
github.com/onsi/gomega v1.15.0
github.com/thanhpk/randstr v1.0.4 // indirect
go.mongodb.org/mongo-driver v1.8.1 // indirect
k8s.io/api v0.22.1 // indirect
github.com/thanhpk/randstr v1.0.4
go.mongodb.org/mongo-driver v1.8.1
k8s.io/api v0.22.1
k8s.io/apimachinery v0.22.1
k8s.io/client-go v0.22.1
sigs.k8s.io/controller-runtime v0.10.0
)
require (
cloud.google.com/go v0.54.0 // indirect
emperror.dev/errors v0.8.0 // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest v0.11.18 // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.13 // indirect
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
github.com/Azure/go-autorest/logger v0.2.1 // indirect
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/cespare/xxhash/v2 v2.1.1 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/evanphx/json-patch v4.11.0+incompatible // indirect
github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect
github.com/fsnotify/fsnotify v1.4.9 // indirect
github.com/go-logr/zapr v0.4.0 // indirect
github.com/go-stack/stack v1.8.0 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.2 // indirect
github.com/golang/snappy v0.0.1 // indirect
github.com/google/go-cmp v0.5.5 // indirect
github.com/google/gofuzz v1.1.0 // indirect
github.com/google/uuid v1.1.2 // indirect
github.com/googleapis/gnostic v0.5.5 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/json-iterator/go v1.1.11 // indirect
github.com/klauspost/compress v1.13.6 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.1 // indirect
github.com/nxadm/tail v1.4.8 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/prometheus/client_golang v1.11.0 // indirect
github.com/prometheus/client_model v0.2.0 // indirect
github.com/prometheus/common v0.26.0 // indirect
github.com/prometheus/procfs v0.6.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/xdg-go/pbkdf2 v1.0.0 // indirect
github.com/xdg-go/scram v1.0.2 // indirect
github.com/xdg-go/stringprep v1.0.2 // indirect
github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect
go.uber.org/atomic v1.7.0 // indirect
go.uber.org/multierr v1.6.0 // indirect
go.uber.org/zap v1.19.0 // indirect
golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 // indirect
golang.org/x/net v0.0.0-20210520170846-37e1c6afe023 // indirect
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d // indirect
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2 // indirect
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d // indirect
golang.org/x/text v0.3.6 // indirect
golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.26.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
k8s.io/apiextensions-apiserver v0.22.1 // indirect
k8s.io/component-base v0.22.1 // indirect
k8s.io/klog/v2 v2.9.0 // indirect
k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e // indirect
k8s.io/utils v0.0.0-20210802155522-efc7438f0176 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.1.2 // indirect
sigs.k8s.io/yaml v1.2.0 // indirect
)

4
go.sum
View File

@ -75,7 +75,6 @@ github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnweb
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
@ -255,8 +254,6 @@ github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0m
github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I=
github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc=
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
github.com/iamabhishek-dubey/k8s-objectmatcher v1.7.2 h1:fMyI283qyQdcN+4+xqHwBeyz0/wNf+XdNc0XHt7MFcs=
github.com/iamabhishek-dubey/k8s-objectmatcher v1.7.2/go.mod h1:l4lZ2szZ3WId7GS4W3PKiIeKpuCts5WOikQrclMxrUA=
github.com/iamabhishek-dubey/k8s-objectmatcher v1.7.3 h1:zbW1irjs6VKptsLgPnLIJqIJ2WQkqMBX3yEy564Qtw0=
github.com/iamabhishek-dubey/k8s-objectmatcher v1.7.3/go.mod h1:l4lZ2szZ3WId7GS4W3PKiIeKpuCts5WOikQrclMxrUA=
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
@ -421,6 +418,7 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
github.com/thanhpk/randstr v1.0.4 h1:IN78qu/bR+My+gHCvMEXhR/i5oriVHcTB/BJJIRTsNo=
github.com/thanhpk/randstr v1.0.4/go.mod h1:M/H2P1eNLZzlDwAzpkkkUvoyNNMbzRGhESZuEQk3r0U=
github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4=
github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=

31
k8sgo/cluster.go
View File

@ -68,6 +68,13 @@ func CreateMongoClusterSetup(cr *opstreelabsinv1alpha1.MongoDBCluster) error {
logger.Error(err, "Cannot create cluster StatefulSet for MongoDB")
return err
}
if cr.Spec.PodDisruptionBudget != nil && cr.Spec.PodDisruptionBudget.Enabled {
err = CreateOrUpdatePodDisruption(getPodDisruptionParams(cr))
if err != nil {
logger.Error(err, "Cannot create PodDisruptionBudget for MongoDB")
return err
}
}
return nil
}
@ -132,6 +139,7 @@ func getMongoDBClusterParams(cr *opstreelabsinv1alpha1.MongoDBCluster) statefulS
Affinity: cr.Spec.KubernetesConfig.Affinity,
PriorityClassName: cr.Spec.KubernetesConfig.PriorityClassName,
Tolerations: cr.Spec.KubernetesConfig.Tolerations,
SecurityContext: cr.Spec.KubernetesConfig.SecurityContext,
}
if cr.Spec.KubernetesConfig.ImagePullSecret != nil {
@ -150,6 +158,10 @@ func getMongoDBClusterParams(cr *opstreelabsinv1alpha1.MongoDBCluster) statefulS
params.ContainerParams.MonitoringImage = cr.Spec.MongoDBMonitoring.Image
params.ContainerParams.MonitoringImagePullPolicy = &cr.Spec.MongoDBMonitoring.ImagePullPolicy
}
if cr.Spec.MongoDBAdditionalConfig != nil {
params.ContainerParams.AdditonalConfig = cr.Spec.MongoDBAdditionalConfig
params.AdditionalConfig = cr.Spec.MongoDBAdditionalConfig
}
if cr.Spec.Storage != nil {
params.ContainerParams.PersistenceEnabled = &trueProperty
params.PVCParameters = pvcParameters{
@ -166,3 +178,22 @@ func getMongoDBClusterParams(cr *opstreelabsinv1alpha1.MongoDBCluster) statefulS
}
return params
}
// getPodDisruptionParams is a method to create parameters for pod disruption budget
func getPodDisruptionParams(cr *opstreelabsinv1alpha1.MongoDBCluster) PodDisruptionParameters {
appName := fmt.Sprintf("%s-%s", cr.ObjectMeta.Name, "cluster")
labels := map[string]string{
"app": appName,
"mongodb_setup": "cluster",
"role": "cluster",
}
params := PodDisruptionParameters{
PDBMeta: generateObjectMetaInformation(appName, cr.Namespace, labels, generateAnnotations()),
OwnerDef: mongoClusterAsOwner(cr),
Namespace: cr.Namespace,
Labels: labels,
MinAvailable: cr.Spec.PodDisruptionBudget.MinAvailable,
MaxUnavailable: cr.Spec.PodDisruptionBudget.MaxUnavailable,
}
return params
}

12
k8sgo/container.go
View File

@ -22,11 +22,12 @@ type containerParameters struct {
MonitoringSecret *string
MonitoringResources *corev1.ResourceRequirements
ExtraVolumeMount *corev1.VolumeMount
AdditonalConfig *string
}
// generateContainerDef is to generate container definition for MongoDB
func generateContainerDef(name string, params containerParameters) []corev1.Container {
volumeMounts := getVolumeMount(name, params.PersistenceEnabled)
volumeMounts := getVolumeMount(name, params.PersistenceEnabled, params.AdditonalConfig)
if params.ExtraVolumeMount != nil {
volumeMounts = append(volumeMounts, *params.ExtraVolumeMount)
}
@ -51,7 +52,7 @@ func generateContainerDef(name string, params containerParameters) []corev1.Cont
}
// getVolumeMount is a method to create volume mounting list
func getVolumeMount(name string, persistenceEnabled *bool) []corev1.VolumeMount {
func getVolumeMount(name string, persistenceEnabled *bool, additionalConfig *string) []corev1.VolumeMount {
var volumeMounts []corev1.VolumeMount
if persistenceEnabled != nil && *persistenceEnabled {
volumeMounts = []corev1.VolumeMount{
@ -61,6 +62,13 @@ func getVolumeMount(name string, persistenceEnabled *bool) []corev1.VolumeMount
},
}
}
if additionalConfig != nil {
volumeMounts = append(volumeMounts, corev1.VolumeMount{
Name: "external-config",
MountPath: "/etc/mongo.d/extra",
})
}
return volumeMounts
}

25
k8sgo/mongo.go
View File

@ -10,8 +10,8 @@ import (
// InitializeMongoDBCluster is a method to create a mongodb cluster
func InitializeMongoDBCluster(cr *opstreelabsinv1alpha1.MongoDBCluster) error {
logger := logGenerator(cr.ObjectMeta.Name, cr.Namespace, "MongoDB Cluster Setup")
serviceName := fmt.Sprintf("%s-%s", cr.ObjectMeta.Name, "cluster")
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name}
serviceName := fmt.Sprintf("%s-%s.%s", cr.ObjectMeta.Name, "cluster", cr.Namespace)
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name, SecretKey: *cr.Spec.MongoDBSecurity.SecretRef.Key}
password := getMongoDBPassword(passwordParams)
mongoURL := fmt.Sprintf("mongodb://%s:%s@%s:27017/", cr.Spec.MongoDBSecurity.MongoDBAdminUser, password, serviceName)
mongoParams := mongogo.MongoDBParameters{
@ -33,8 +33,8 @@ func InitializeMongoDBCluster(cr *opstreelabsinv1alpha1.MongoDBCluster) error {
// CheckMongoClusterStateInitialized is a method to check mongodb cluster state
func CheckMongoClusterStateInitialized(cr *opstreelabsinv1alpha1.MongoDBCluster) (bool, error) {
logger := logGenerator(cr.ObjectMeta.Name, cr.Namespace, "MongoDB Cluster Setup")
serviceName := fmt.Sprintf("%s-%s", cr.ObjectMeta.Name, "cluster")
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name}
serviceName := fmt.Sprintf("%s-%s.%s", cr.ObjectMeta.Name, "cluster", cr.Namespace)
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name, SecretKey: *cr.Spec.MongoDBSecurity.SecretRef.Key}
password := getMongoDBPassword(passwordParams)
mongoURL := fmt.Sprintf("mongodb://%s:%s@%s:27017/", cr.Spec.MongoDBSecurity.MongoDBAdminUser, password, serviceName)
mongoParams := mongogo.MongoDBParameters{
@ -54,10 +54,10 @@ func CheckMongoClusterStateInitialized(cr *opstreelabsinv1alpha1.MongoDBCluster)
// CreateMongoDBMonitoringUser is a method to create a monitoring user for MongoDB
func CreateMongoDBMonitoringUser(cr *opstreelabsinv1alpha1.MongoDB) error {
logger := logGenerator(cr.ObjectMeta.Name, cr.Namespace, "MongoDB Monitoring User")
serviceName := fmt.Sprintf("%s-%s", cr.ObjectMeta.Name, "standalone")
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name}
serviceName := fmt.Sprintf("%s-%s.%s", cr.ObjectMeta.Name, "standalone", cr.Namespace)
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name, SecretKey: *cr.Spec.MongoDBSecurity.SecretRef.Key}
password := getMongoDBPassword(passwordParams)
monitoringPasswordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: fmt.Sprintf("%s-%s", serviceName, "monitoring")}
monitoringPasswordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: fmt.Sprintf("%s-%s", cr.ObjectMeta.Name, "standalone-monitoring"), SecretKey: "password"}
monitoringPassword := getMongoDBPassword(monitoringPasswordParams)
mongoURL := fmt.Sprintf("mongodb://%s:%s@%s:27017/", cr.Spec.MongoDBSecurity.MongoDBAdminUser, password, serviceName)
mongoParams := mongogo.MongoDBParameters{
@ -79,10 +79,9 @@ func CreateMongoDBMonitoringUser(cr *opstreelabsinv1alpha1.MongoDB) error {
// CreateMongoDBClusterMonitoringUser is a method to create a monitoring user for MongoDB
func CreateMongoDBClusterMonitoringUser(cr *opstreelabsinv1alpha1.MongoDBCluster) error {
logger := logGenerator(cr.ObjectMeta.Name, cr.Namespace, "MongoDB Monitoring User")
serviceName := fmt.Sprintf("%s-%s", cr.ObjectMeta.Name, "cluster")
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name}
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name, SecretKey: *cr.Spec.MongoDBSecurity.SecretRef.Key}
password := getMongoDBPassword(passwordParams)
monitoringPasswordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: fmt.Sprintf("%s-%s", serviceName, "monitoring")}
monitoringPasswordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: fmt.Sprintf("%s-%s", cr.ObjectMeta.Name, "cluster-monitoring"), SecretKey: "password"}
monitoringPassword := getMongoDBPassword(monitoringPasswordParams)
mongoParams := mongogo.MongoDBParameters{
Namespace: cr.Namespace,
@ -112,7 +111,7 @@ func CreateMongoDBClusterMonitoringUser(cr *opstreelabsinv1alpha1.MongoDBCluster
// CheckMongoDBClusterMonitoringUser is a method to check if monitoring user exists in MongoDB
func CheckMongoDBClusterMonitoringUser(cr *opstreelabsinv1alpha1.MongoDBCluster) bool {
logger := logGenerator(cr.ObjectMeta.Name, cr.Namespace, "MongoDB Monitoring User")
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name}
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name, SecretKey: *cr.Spec.MongoDBSecurity.SecretRef.Key}
password := getMongoDBPassword(passwordParams)
monitoringUser := "monitoring"
mongoParams := mongogo.MongoDBParameters{
@ -142,8 +141,8 @@ func CheckMongoDBClusterMonitoringUser(cr *opstreelabsinv1alpha1.MongoDBCluster)
// CheckMonitoringUser is a method to check if monitoring user exists in MongoDB
func CheckMonitoringUser(cr *opstreelabsinv1alpha1.MongoDB) bool {
logger := logGenerator(cr.ObjectMeta.Name, cr.Namespace, "MongoDB Monitoring User")
serviceName := fmt.Sprintf("%s-%s", cr.ObjectMeta.Name, "standalone")
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name}
serviceName := fmt.Sprintf("%s-%s.%s", cr.ObjectMeta.Name, "standalone", cr.Namespace)
passwordParams := secretsParameters{Name: cr.ObjectMeta.Name, Namespace: cr.Namespace, SecretName: *cr.Spec.MongoDBSecurity.SecretRef.Name, SecretKey: *cr.Spec.MongoDBSecurity.SecretRef.Key}
password := getMongoDBPassword(passwordParams)
monitoringUser := "monitoring"
mongoURL := fmt.Sprintf("mongodb://%s:%s@%s:27017/", cr.Spec.MongoDBSecurity.MongoDBAdminUser, password, serviceName)

145
k8sgo/poddisruption.go Normal file
View File

@ -0,0 +1,145 @@
package k8sgo
import (
"context"
"github.com/banzaicloud/k8s-objectmatcher/patch"
policyv1 "k8s.io/api/policy/v1beta1"
"k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/intstr"
)
// PodDisruptionParameters is an input parameter structure for Pod disruption budget
type PodDisruptionParameters struct {
PDBMeta metav1.ObjectMeta
OwnerDef metav1.OwnerReference
Labels map[string]string
Namespace string
MinAvailable *int32
MaxUnavailable *int32
}
// CreateOrUpdatePodDisruption method will create or update MongoDB PodDisruptionBudgets
func CreateOrUpdatePodDisruption(params PodDisruptionParameters) error {
logger := logGenerator(params.PDBMeta.Name, params.Namespace, "PodDisruptionBudget")
pdbDef := generatePodDisruption(params)
storedPDB, err := getPodDisruption(params.Namespace, params.PDBMeta.Name)
if err != nil {
if err := patch.DefaultAnnotator.SetLastAppliedAnnotation(pdbDef); err != nil {
logger.Error(err, "Unable to patch MongoDB PodDisruptionBudget with comparison object")
return err
}
if errors.IsNotFound(err) {
return createPodDisruption(params.Namespace, pdbDef)
}
return err
}
return patchPodDisruption(storedPDB, pdbDef, params.Namespace)
}
// patchPodDisruption will patch MongoDB Kubernetes PodDisruptionBudgets
func patchPodDisruption(storedPdb *policyv1.PodDisruptionBudget, newPdb *policyv1.PodDisruptionBudget, namespace string) error {
logger := logGenerator(newPdb.Name, namespace, "PodDisruptionBudget")
newPdb.ResourceVersion = storedPdb.ResourceVersion
newPdb.CreationTimestamp = storedPdb.CreationTimestamp
newPdb.ManagedFields = storedPdb.ManagedFields
storedPdb.Kind = "PodDisruptionBudget"
storedPdb.APIVersion = "policy/v1"
patchResult, err := patch.DefaultPatchMaker.Calculate(storedPdb, newPdb,
patch.IgnorePDBSelector(),
patch.IgnoreStatusFields(),
)
if err != nil {
logger.Error(err, "Unable to patch MongoDB PodDisruption with comparison object")
return err
}
if !patchResult.IsEmpty() {
logger.Info("Changes in PodDisruptionBudget Detected, Updating...",
"patch", string(patchResult.Patch),
"Current", string(patchResult.Current),
"Original", string(patchResult.Original),
"Modified", string(patchResult.Modified),
)
for key, value := range storedPdb.Annotations {
if _, present := newPdb.Annotations[key]; !present {
newPdb.Annotations[key] = value
}
}
if err := patch.DefaultAnnotator.SetLastAppliedAnnotation(newPdb); err != nil {
logger.Error(err, "Unable to patch MongoDB PodDisruptionBudget with comparison object")
return err
}
return updatePodDisruption(namespace, newPdb)
}
logger.Info("PodDisruptionBudget is reconciled, nothing to change")
return nil
}
// updatePodDisruption is a method to create Pod disruption budget
func updatePodDisruption(namespace string, pdb *policyv1.PodDisruptionBudget) error {
logger := logGenerator(pdb.Name, namespace, "PodDisruptionBudget")
_, err := generateK8sClient().PolicyV1beta1().PodDisruptionBudgets(namespace).Update(context.TODO(), pdb, metav1.UpdateOptions{})
if err != nil {
logger.Error(err, "MongoDB PodDisruptionBudget update failed")
return err
}
logger.Info("MongoDB PodDisruptionBudget update was successful", "PDB.Spec", pdb.Spec)
return nil
}
// createPodDisruption is a method to create Pod disruption budget
func createPodDisruption(namespace string, pdb *policyv1.PodDisruptionBudget) error {
logger := logGenerator(pdb.Name, namespace, "PodDisruptionBudget")
_, err := generateK8sClient().PolicyV1beta1().PodDisruptionBudgets(namespace).Create(context.TODO(), pdb, metav1.CreateOptions{})
if err != nil {
logger.Error(err, "MongoDB PodDisruptionBudget creation failed")
return err
}
logger.Info("MongoDB PodDisruptionBudget creation was successful", "PDB.Spec", pdb.Spec)
return nil
}
// getPodDisruption is a method to get Pod disruption budget
func getPodDisruption(namespace, name string) (*policyv1.PodDisruptionBudget, error) {
logger := logGenerator(name, namespace, "PodDisruptionBudget")
pdbInfo, err := generateK8sClient().PolicyV1beta1().PodDisruptionBudgets(namespace).Get(context.TODO(), name, metav1.GetOptions{})
if err != nil {
logger.Info("Unable to get pod disruption budget")
return nil, err
}
logger.Info("MongoDB PodDisruptionBudget get action was successful")
return pdbInfo, err
}
// generatePodDisruption is a method to generate Pod disruption budget definiton
func generatePodDisruption(params PodDisruptionParameters) *policyv1.PodDisruptionBudget {
pdbTemplate := &policyv1.PodDisruptionBudget{
TypeMeta: generateMetaInformation("PodDisruptionBudget", "policy/v1beta1"),
ObjectMeta: params.PDBMeta,
Spec: policyv1.PodDisruptionBudgetSpec{
Selector: &metav1.LabelSelector{
MatchLabels: params.Labels,
},
MaxUnavailable: &intstr.IntOrString{
Type: intstr.Int,
IntVal: int32(*params.MaxUnavailable),
},
},
}
if params.MinAvailable != nil {
pdbTemplate.Spec.MinAvailable = &intstr.IntOrString{
Type: intstr.Int,
IntVal: int32(*params.MinAvailable),
}
}
if params.MaxUnavailable != nil {
pdbTemplate.Spec.MaxUnavailable = &intstr.IntOrString{
Type: intstr.Int,
IntVal: int32(*params.MaxUnavailable),
}
}
AddOwnerRefToObject(pdbTemplate, params.OwnerDef)
return pdbTemplate
}

3
k8sgo/secret.go
View File

@ -16,6 +16,7 @@ type secretsParameters struct {
Annotations map[string]string
SecretsMeta metav1.ObjectMeta
SecretName string
SecretKey string
}
// CreateSecret is a method to create secret
@ -52,7 +53,7 @@ func getMongoDBPassword(params secretsParameters) string {
if err != nil {
logger.Error(err, "Failed in getting existing secret for mongodb admin")
}
value := string(secretName.Data["password"])
value := string(secretName.Data[params.SecretKey])
return value
}

5
k8sgo/standalone.go
View File

@ -120,6 +120,7 @@ func getMongoDBStandaloneParams(cr *opstreelabsinv1alpha1.MongoDB) statefulSetPa
Affinity: cr.Spec.KubernetesConfig.Affinity,
PriorityClassName: cr.Spec.KubernetesConfig.PriorityClassName,
Tolerations: cr.Spec.KubernetesConfig.Tolerations,
SecurityContext: cr.Spec.KubernetesConfig.SecurityContext,
}
if cr.Spec.KubernetesConfig.ImagePullSecret != nil {
@ -137,6 +138,10 @@ func getMongoDBStandaloneParams(cr *opstreelabsinv1alpha1.MongoDB) statefulSetPa
params.ContainerParams.MonitoringImage = cr.Spec.MongoDBMonitoring.Image
params.ContainerParams.MonitoringImagePullPolicy = &cr.Spec.MongoDBMonitoring.ImagePullPolicy
}
if cr.Spec.MongoDBAdditionalConfig != nil {
params.ContainerParams.AdditonalConfig = cr.Spec.MongoDBAdditionalConfig
params.AdditionalConfig = cr.Spec.MongoDBAdditionalConfig
}
if cr.Spec.Storage != nil {
params.ContainerParams.PersistenceEnabled = &trueProperty
params.PVCParameters = pvcParameters{

23
k8sgo/statefulset.go
View File

@ -28,6 +28,8 @@ type statefulSetParameters struct {
NodeSelector map[string]string
Tolerations *[]corev1.Toleration
PriorityClassName string
AdditionalConfig *string
SecurityContext *corev1.PodSecurityContext
}
// pvcParameters is the structure for MongoDB PVC
@ -147,6 +149,7 @@ func generateStatefulSetDef(params statefulSetParameters) *appsv1.StatefulSet {
NodeSelector: params.NodeSelector,
Affinity: params.Affinity,
PriorityClassName: params.PriorityClassName,
SecurityContext: params.SecurityContext,
},
},
},
@ -158,8 +161,8 @@ func generateStatefulSetDef(params statefulSetParameters) *appsv1.StatefulSet {
if params.ContainerParams.PersistenceEnabled != nil && *params.ContainerParams.PersistenceEnabled {
statefulset.Spec.VolumeClaimTemplates = append(statefulset.Spec.VolumeClaimTemplates, generatePersistentVolumeTemplate(params.PVCParameters))
}
if params.ExtraVolumes != nil {
statefulset.Spec.Template.Spec.Volumes = *params.ExtraVolumes
if params.AdditionalConfig != nil {
statefulset.Spec.Template.Spec.Volumes = getAdditionalConfig(params)
}
if params.ImagePullSecret != nil {
statefulset.Spec.Template.Spec.ImagePullSecrets = []corev1.LocalObjectReference{{Name: *params.ImagePullSecret}}
@ -185,6 +188,22 @@ func generatePersistentVolumeTemplate(params pvcParameters) corev1.PersistentVol
}
}
// getAdditionalConfig will return the MongoDB additional configuration
func getAdditionalConfig(params statefulSetParameters) []corev1.Volume {
return []corev1.Volume{
{
Name: "external-config",
VolumeSource: corev1.VolumeSource{
ConfigMap: &corev1.ConfigMapVolumeSource{
LocalObjectReference: corev1.LocalObjectReference{
Name: *params.AdditionalConfig,
},
},
},
},
}
}
// logGenerator is a method to generate logging interfacce
func logGenerator(name, namespace, resourceType string) logr.Logger {
reqLogger := log.WithValues("Namespace", namespace, "Name", name, "Resource Type", resourceType)