Merge pull request #7 from georgekuruvillak/refactor_changes

Vendoring changes and changes pertaining to the etcd statefulset endpoint in probes.

.ci/build

@@ -13,7 +13,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-set -ex
+set -e
 
 # For the build step concourse will set the following environment variables:
 # SOURCE_PATH - path to component repository root directory.

Makefile

@@ -15,7 +15,7 @@
 # Image URL to use all building/pushing image targets
 VERSION             := $(shell cat VERSION)
 REGISTRY            := eu.gcr.io/gardener-project/gardener
-IMAGE_REPOSITORY    := $(REGISTRY)/druid
+IMAGE_REPOSITORY    := $(REGISTRY)/etcd-druid
 IMAGE_TAG           := $(VERSION)
 BUILD_DIR           := build
 BIN_DIR             := bin
@@ -84,7 +84,7 @@ docker-push:
 # download controller-gen if necessary
 controller-gen:
 ifeq (, $(shell which controller-gen))
-	go get sigs.k8s.io/controller-tools/cmd/[email protected].0-beta.2
+	go get sigs.k8s.io/controller-tools/cmd/[email protected].4
 CONTROLLER_GEN=$(shell go env GOPATH)/bin/controller-gen
 else
 CONTROLLER_GEN=$(shell which controller-gen)

api/v1alpha1/etcd_types.go

@@ -47,14 +47,14 @@ type StorageProvider string
 
 // StoreSpec defines parameters related to ObjectStore persisting backups
 type StoreSpec struct {
-	// +required
-	Container string `json:"container"`
 	// +optional
-	Prefix *string `json:"prefix,omitempty"`
-	// +required
-	Provider StorageProvider `json:"provider"`
+	Container string `json:"container,omitempty"`
 	// +required
-	SecretRef corev1.SecretReference `json:"secretRef"`
+	Prefix *string `json:"prefix"`
+	// +optional
+	Provider StorageProvider `json:"provider,omitempty"`
+	// +optional
+	SecretRef corev1.SecretReference `json:"secretRef,omitempty"`
 }
 
 // TLSConfig hold the TLS configuration details.
@@ -63,6 +63,8 @@ type TLSConfig struct {
 	ServerTLSSecretRef corev1.SecretReference `json:"serverTLSSecretRef"`
 	// +required
 	ClientTLSSecretRef corev1.SecretReference `json:"clientTLSSecretRef"`
+	// +required
+	TLSCASecretRef corev1.SecretReference `json:"tlsCASecretRef"`
 }
 
 // BackupSpec defines parametes associated with the full and delta snapshots of etcd
@@ -72,9 +74,9 @@ type BackupSpec struct {
 	Port *int `json:"port,omitempty"`
 	// +optional
 	TLS *TLSConfig `json:"tls,omitempty"`
-	// Version defines the etcd-backup-restore container image version
+	// Image defines the etcd container image and tag
 	// +required
-	Version string `json:"version"`
+	Image string `json:"image"`
 	// Store defines the specification of object store provider for storing backups.
 	// +optional
 	Store *StoreSpec `json:"store,omitempty"`
@@ -111,9 +113,9 @@ type EtcdConfig struct {
 	ServerPort *int `json:"serverPort,omitempty"`
 	// +optional
 	ClientPort *int `json:"clientPort,omitempty"`
-	// Version defines the etcd container image version
+	// Image defines the etcd container image and tag
 	// +required
-	Version string `json:"version"`
+	Image string `json:"image"`
 	// +optional
 	AuthSecretRef *corev1.SecretReference `json:"authSecretRef,omitempty"`
 	// Metrics defines the level of detail for exported metrics of etcd, specify 'extensive' to include histogram metrics.
@@ -129,6 +131,10 @@ type EtcdConfig struct {
 
 // EtcdSpec defines the desired state of Etcd
 type EtcdSpec struct {
+	// selector is a label query over pods that should match the replica count.
+	// It must match the pod template's labels.
+	// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
+	Selector *metav1.LabelSelector `json:"selector"`
 	// +optional
 	Labels map[string]string `json:"labels,omitempty"`
 	// +optional
@@ -146,6 +152,9 @@ type EtcdSpec struct {
 	// StorageCapacity defines the size of persistent volume.
 	// +optional
 	StorageCapacity *resource.Quantity `json:"storageCapacity,omitempty"`
+	// VolumeClaimTemplate defines the volume claim template to be created
+	// +required
+	VolumeClaimTemplate *string `json:"volumeClaimTemplate,omitempty"`
 }
 
 // CrossVersionObjectReference contains enough information to let you identify the referred resource.
@@ -278,13 +287,13 @@ type EtcdStatus struct {
 	//LastOperation   LastOperation               `json:"lastOperation,omitempty"`
 }
 
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
 // +kubebuilder:object:root=true
 // +kubebuilder:subresource:status
 // +kubebuilder:subresource:scale:specpath=.spec.replicas,statuspath=.status.replicas,selectorpath=.status.labelSelector
 
-// +genclient
-// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
-
 // Etcd is the Schema for the etcds API
 type Etcd struct {
 	metav1.TypeMeta   `json:",inline"`
@@ -294,6 +303,9 @@ type Etcd struct {
 	Status EtcdStatus `json:"status,omitempty"`
 }
 
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
 // +kubebuilder:object:root=true
 
 // EtcdList contains a list of Etcd

api/v1alpha1/etcd_types_test.go

@@ -20,9 +20,15 @@ import (
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 
-	"golang.org/x/net/context"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
+
+	"context"
+	"time"
+
+	"k8s.io/apimachinery/pkg/api/resource"
+
+	corev1 "k8s.io/api/core/v1"
 )
 
 // These tests are written in BDD-style using Ginkgo framework. Refer to
@@ -54,11 +60,7 @@ var _ = Describe("Etcd", func() {
 				Name:      "foo",
 				Namespace: "default",
 			}
-			created = &Etcd{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      "foo",
-					Namespace: "default",
-				}}
+			created = getEtcd("foo", "default")
 
 			By("creating an API obj")
 			Expect(k8sClient.Create(context.TODO(), created)).To(Succeed())
@@ -75,3 +77,116 @@ var _ = Describe("Etcd", func() {
 	})
 
 })
+
+func getEtcd(name, namespace string) *Etcd {
+	clientPort := 2379
+	serverPort := 2380
+	port := 8080
+	garbageCollectionPeriod := metav1.Duration{
+		Duration: 43200 * time.Second,
+	}
+	deltaSnapshotPeriod := metav1.Duration{
+		Duration: 300 * time.Second,
+	}
+	snapshotSchedule := "0 */24 * * *"
+	defragSchedule := "0 */24 * * *"
+	storageCapacity := resource.MustParse("80Gi")
+	deltaSnapShotMemLimit := resource.MustParse("100Mi")
+	quota := resource.MustParse("8Gi")
+	storageClass := "gardener.cloud-fast"
+	prefix := "etcd-test"
+	garbageCollectionPolicy := GarbageCollectionPolicy(GarbageCollectionPolicyExponential)
+
+	tlsConfig := &TLSConfig{
+		ClientTLSSecretRef: corev1.SecretReference{
+			Name: "etcd-client-tls",
+		},
+		ServerTLSSecretRef: corev1.SecretReference{
+			Name: "etcd-server-tls",
+		},
+		TLSCASecretRef: corev1.SecretReference{
+			Name: "ca-etcd",
+		},
+	}
+
+	instance := &Etcd{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      name,
+			Namespace: namespace,
+		},
+		Spec: EtcdSpec{
+			Annotations: map[string]string{
+				"app":  "etcd-statefulset",
+				"role": "test",
+			},
+			Labels: map[string]string{
+				"app":  "etcd-statefulset",
+				"role": "test",
+				"name": name,
+			},
+			Selector: &metav1.LabelSelector{
+				MatchLabels: map[string]string{
+					"app":  "etcd-statefulset",
+					"name": name,
+				},
+			},
+			Replicas:        1,
+			StorageClass:    &storageClass,
+			StorageCapacity: &storageCapacity,
+
+			Backup: BackupSpec{
+				Image:                    "eu.gcr.io/gardener-project/gardener/etcdbrctl:0.8.0-dev",
+				Port:                     &port,
+				FullSnapshotSchedule:     &snapshotSchedule,
+				GarbageCollectionPolicy:  &garbageCollectionPolicy,
+				GarbageCollectionPeriod:  &garbageCollectionPeriod,
+				DeltaSnapshotPeriod:      &deltaSnapshotPeriod,
+				DeltaSnapshotMemoryLimit: &deltaSnapShotMemLimit,
+
+				Resources: &corev1.ResourceRequirements{
+					Limits: corev1.ResourceList{
+						"cpu":    parseQuantity("500m"),
+						"memory": parseQuantity("2Gi"),
+					},
+					Requests: corev1.ResourceList{
+						"cpu":    parseQuantity("23m"),
+						"memory": parseQuantity("128Mi"),
+					},
+				},
+				Store: &StoreSpec{
+					SecretRef: corev1.SecretReference{
+						Name: "etcd-backup",
+					},
+					Container: "shoot--dev--i308301-1--b3caa",
+					Provider:  StorageProvider("aws"),
+					Prefix:    &prefix,
+				},
+			},
+			Etcd: EtcdConfig{
+				Quota:                   &quota,
+				Metrics:                 Basic,
+				Image:                   "quay.io/coreos/etcd:v3.3.13",
+				DefragmentationSchedule: &defragSchedule,
+				Resources: &corev1.ResourceRequirements{
+					Limits: corev1.ResourceList{
+						"cpu":    parseQuantity("2500m"),
+						"memory": parseQuantity("4Gi"),
+					},
+					Requests: corev1.ResourceList{
+						"cpu":    parseQuantity("500m"),
+						"memory": parseQuantity("1000Mi"),
+					},
+				},
+				ClientPort: &clientPort,
+				ServerPort: &serverPort,
+				TLS:        tlsConfig,
+			},
+		},
+	}
+	return instance
+}
+
+func parseQuantity(q string) resource.Quantity {
+	val, _ := resource.ParseQuantity(q)
+	return val
+}

charts/etcd/templates/configmap-etcd-bootstrap.yaml

@@ -122,10 +122,10 @@ data:
 {{- if .Values.etcd.enableTLS }}
     client-transport-security:
       # Path to the client server TLS cert file.
-      cert-file: /var/etcd/ssl/tls/tls.crt
+      cert-file: /var/etcd/ssl/server/tls.crt
 
       # Path to the client server TLS key file.
-      key-file: /var/etcd/ssl/tls/tls.key
+      key-file: /var/etcd/ssl/server/tls.key
 
       # Enable client cert authentication.
       client-cert-auth: true