diff --git a/go.mod b/go.mod index b568fa11..6bd31ca4 100644 --- a/go.mod +++ b/go.mod @@ -33,7 +33,7 @@ require ( k8s.io/klog/v2 v2.130.1 kmodules.xyz/client-go v0.30.13 kmodules.xyz/custom-resources v0.30.0 - kubedb.dev/apimachinery v0.47.1-0.20240924090635-38154e492f4e + kubedb.dev/apimachinery v0.47.1-0.20240924051141-f0421dd9f647 sigs.k8s.io/controller-runtime v0.18.4 xorm.io/xorm v1.3.6 ) diff --git a/go.sum b/go.sum index 2ac67b1a..5985a844 100644 --- a/go.sum +++ b/go.sum @@ -802,8 +802,8 @@ kmodules.xyz/monitoring-agent-api v0.29.0 h1:gpFl6OZrlMLb/ySMHdREI9EwGtnJ91oZBn9 kmodules.xyz/monitoring-agent-api v0.29.0/go.mod h1:iNbvaMTgVFOI5q2LJtGK91j4Dmjv4ZRiRdasGmWLKQI= kmodules.xyz/offshoot-api v0.30.0 h1:dq9F93pu4Q8rL9oTcCk+vGGy8vpS7RNt0GSwx7Bvhec= kmodules.xyz/offshoot-api v0.30.0/go.mod h1:o9VoA3ImZMDBp3lpLb8+kc2d/KBxioRwCpaKDfLIyDw= -kubedb.dev/apimachinery v0.47.1-0.20240924090635-38154e492f4e h1:Js68QYtwGJh06liBeFfSWfLRqdqeFEBzzBgcNve1HUM= -kubedb.dev/apimachinery v0.47.1-0.20240924090635-38154e492f4e/go.mod h1:iD6XKg9Blvfd9iYEO0N9GKiSz6r+yzEPZnfkYdESNG4= +kubedb.dev/apimachinery v0.47.1-0.20240924051141-f0421dd9f647 h1:yRqO/MkRwf4FxE/LktLz6fgkHn58FSxiNrR4NAMDxdQ= +kubedb.dev/apimachinery v0.47.1-0.20240924051141-f0421dd9f647/go.mod h1:iD6XKg9Blvfd9iYEO0N9GKiSz6r+yzEPZnfkYdESNG4= kubeops.dev/petset v0.0.5-0.20240603165102-e2d9decb8abe h1:uWyps3VIDFwGuL0yQa0eMGaLg4ofVwpy59U14Trxnz8= kubeops.dev/petset v0.0.5-0.20240603165102-e2d9decb8abe/go.mod h1:A15vh0r979NsvL65DTIZKWsa/NoX9VapHBAEw1ZsdYI= lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/constants.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/constants.go index dd788075..ed4c7cc0 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/constants.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/constants.go @@ -576,10 +576,6 @@ const ( PgBouncerConfigMountPath = "/etc/config" PgBouncerSecretMountPath = "/var/run/pgbouncer/secret" PgBouncerServingCertMountPath = "/var/run/pgbouncer/tls/serving" - PgBouncerConfigSectionDatabases = "databases" - PgBouncerConfigSectionPeers = "peers" - PgBouncerConfigSectionPgbouncer = "pgbouncer" - PgBouncerConfigSectionUsers = "users" // =========================== Pgpool Constants ============================ EnvPostgresUsername = "POSTGRES_USERNAME" diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/openapi_generated.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/openapi_generated.go index a46c0907..56cf63f7 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/openapi_generated.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/openapi_generated.go @@ -29056,7 +29056,7 @@ func schema_apimachinery_apis_kubedb_v1_PgBouncerSpec(ref common.ReferenceCallba }, }, }, - Required: []string{"version", "database"}, + Required: []string{"version"}, }, }, Dependencies: []string{ diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_helpers.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_helpers.go index 63512dfb..b64f8d08 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_helpers.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_helpers.go @@ -17,9 +17,7 @@ limitations under the License. package v1 import ( - "context" "fmt" - "strconv" "kubedb.dev/apimachinery/apis" catalog "kubedb.dev/apimachinery/apis/catalog/v1alpha1" @@ -31,7 +29,6 @@ import ( core "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/types" kmapi "kmodules.xyz/client-go/api/v1" "kmodules.xyz/client-go/apiextensions" core_util "kmodules.xyz/client-go/core/v1" @@ -130,19 +127,8 @@ func (p PgBouncer) GetBackendSecretName() string { return meta_util.NameWithSuffix(p.OffshootName(), "backend") } -func (p PgBouncer) IsPgBouncerFinalConfigSecretExist() bool { - secret, err := p.GetPgBouncerFinalConfigSecret() - return (secret != nil && err == nil) -} - -func (p PgBouncer) GetPgBouncerFinalConfigSecret() (*core.Secret, error) { - var secret core.Secret - err := DefaultClient.Get(context.TODO(), types.NamespacedName{Name: p.PgBouncerFinalConfigSecretName(), Namespace: p.GetNamespace()}, &secret) - return &secret, err -} - -func (p PgBouncer) PgBouncerFinalConfigSecretName() string { - return meta_util.NameWithSuffix(p.ServiceName(), "final-config") +func (p PgBouncer) ConfigSecretName() string { + return meta_util.NameWithSuffix(p.ServiceName(), "config") } type pgbouncerApp struct { @@ -214,6 +200,8 @@ func (p *PgBouncer) SetDefaults(pgBouncerVersion *catalog.PgBouncerVersion, uses p.Spec.DeletionPolicy = DeletionPolicyDelete } + p.setConnectionPoolConfigDefaults() + if p.Spec.TLS != nil { if p.Spec.SSLMode == "" { p.Spec.SSLMode = PgBouncerSSLModeVerifyFull @@ -285,7 +273,7 @@ func (p *PgBouncer) GetPersistentSecrets() []string { var secrets []string secrets = append(secrets, p.GetAuthSecretName()) secrets = append(secrets, p.GetBackendSecretName()) - secrets = append(secrets, p.PgBouncerFinalConfigSecretName()) + secrets = append(secrets, p.ConfigSecretName()) return secrets } @@ -320,6 +308,48 @@ func (p *PgBouncer) SetHealthCheckerDefaults() { } } +func (p *PgBouncer) setConnectionPoolConfigDefaults() { + if p.Spec.ConnectionPool == nil { + p.Spec.ConnectionPool = &ConnectionPoolConfig{} + } + if p.Spec.ConnectionPool.Port == nil { + p.Spec.ConnectionPool.Port = pointer.Int32P(5432) + } + if p.Spec.ConnectionPool.PoolMode == "" { + p.Spec.ConnectionPool.PoolMode = kubedb.PgBouncerDefaultPoolMode + } + if p.Spec.ConnectionPool.MaxClientConnections == nil { + p.Spec.ConnectionPool.MaxClientConnections = pointer.Int64P(100) + } + if p.Spec.ConnectionPool.DefaultPoolSize == nil { + p.Spec.ConnectionPool.DefaultPoolSize = pointer.Int64P(20) + } + if p.Spec.ConnectionPool.MinPoolSize == nil { + p.Spec.ConnectionPool.MinPoolSize = pointer.Int64P(0) + } + if p.Spec.ConnectionPool.ReservePoolSize == nil { + p.Spec.ConnectionPool.ReservePoolSize = pointer.Int64P(0) + } + if p.Spec.ConnectionPool.ReservePoolTimeoutSeconds == nil { + p.Spec.ConnectionPool.ReservePoolTimeoutSeconds = pointer.Int64P(5) + } + if p.Spec.ConnectionPool.MaxDBConnections == nil { + p.Spec.ConnectionPool.MaxDBConnections = pointer.Int64P(0) + } + if p.Spec.ConnectionPool.MaxUserConnections == nil { + p.Spec.ConnectionPool.MaxUserConnections = pointer.Int64P(0) + } + if p.Spec.ConnectionPool.StatsPeriodSeconds == nil { + p.Spec.ConnectionPool.StatsPeriodSeconds = pointer.Int64P(60) + } + if p.Spec.ConnectionPool.AuthType == "" { + p.Spec.ConnectionPool.AuthType = PgBouncerClientAuthModeMD5 + } + if p.Spec.ConnectionPool.IgnoreStartupParameters == "" { + p.Spec.ConnectionPool.IgnoreStartupParameters = kubedb.PgBouncerDefaultIgnoreStartupParameters + } +} + func (p *PgBouncer) SetSecurityContext(pgBouncerVersion *catalog.PgBouncerVersion) { container := core_util.GetContainerByName(p.Spec.PodTemplate.Spec.Containers, kubedb.PgBouncerContainerName) if container == nil { @@ -375,32 +405,3 @@ func (p *PgBouncer) SetSecurityContext(pgBouncerVersion *catalog.PgBouncerVersio core_util.UpsertContainer(p.Spec.PodTemplate.Spec.Containers, *container) } } - -func PgBouncerConfigSections() *[]string { - sections := []string{ - kubedb.PgBouncerConfigSectionDatabases, kubedb.PgBouncerConfigSectionPeers, - kubedb.PgBouncerConfigSectionPgbouncer, kubedb.PgBouncerConfigSectionUsers, - } - return §ions -} - -func PgBouncerDefaultConfig() string { - defaultConfig := "[pgbouncer]\n" + - "\n" + - "listen_port = " + strconv.Itoa(kubedb.PgBouncerDatabasePort) + "\n" + - "pool_mode = " + kubedb.PgBouncerDefaultPoolMode + "\n" + - "max_client_conn = 100\n" + - "default_pool_size = 20\n" + - "min_pool_size = 1\n" + - "reserve_pool_size = 1\n" + - "reserve_pool_timeout = 5\n" + - "max_db_connections = 1\n" + - "max_user_connections = 2\n" + - "stats_period = 60\n" + - "auth_type = " + string(PgBouncerClientAuthModeMD5) + "\n" + - "ignore_startup_parameters = " + "extra_float_digits, " + kubedb.PgBouncerDefaultIgnoreStartupParameters + "\n" + - "logfile = /tmp/pgbouncer.log\n" + - "pidfile = /tmp/pgbouncer.pid\n" + - "listen_addr = *" - return defaultConfig -} diff --git a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_types.go b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_types.go index 60d29ed8..30dbe2bf 100644 --- a/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_types.go +++ b/vendor/kubedb.dev/apimachinery/apis/kubedb/v1/pgbouncer_types.go @@ -73,7 +73,7 @@ type PgBouncerSpec struct { PodTemplate ofstv2.PodTemplateSpec `json:"podTemplate,omitempty"` // Database to proxy by connection pooling. - Database Database `json:"database"` + Database Database `json:"database,omitempty"` // ConnectionPoolConfig defines Connection pool configuration. // +optional @@ -136,42 +136,54 @@ type Database struct { type ConnectionPoolConfig struct { // Port is the port number on which PgBouncer listens to clients. Default: 5432. + // +kubebuilder:default=5432 // +optional Port *int32 `json:"port,omitempty"` // PoolMode is the pooling mechanism type. Default: session. + // +kubebuilder:default="session" // +optional PoolMode string `json:"poolMode,omitempty"` // MaxClientConnections is the maximum number of allowed client connections. Default: 100. + // +kubebuilder:default=100 // +optional MaxClientConnections *int64 `json:"maxClientConnections,omitempty"` // DefaultPoolSize specifies how many server connections to allow per user/database pair. Default: 20. + // +kubebuilder:default=20 // +optional DefaultPoolSize *int64 `json:"defaultPoolSize,omitempty"` // MinPoolSize is used to add more server connections to pool if below this number. Default: 0 (disabled). + // +kubebuilder:default=0 // +optional MinPoolSize *int64 `json:"minPoolSize,omitempty"` // ReservePoolSize specifies how many additional connections to allow to a pool. 0 disables. Default: 0 (disabled). + // +kubebuilder:default=0 // +optional ReservePoolSize *int64 `json:"reservePoolSize,omitempty"` // ReservePoolTimeoutSeconds is the number of seconds in which if a client has not been serviced, // pgbouncer enables use of additional connections from reserve pool. 0 disables. Default: 5.0. + // +kubebuilder:default=5 // +optional ReservePoolTimeoutSeconds *int64 `json:"reservePoolTimeoutSeconds,omitempty"` // MaxDBConnections is the maximum number of connections allowed per-database. Default: 0 (unlimited). + // +kubebuilder:default=0 // +optional MaxDBConnections *int64 `json:"maxDBConnections,omitempty"` // MaxUserConnections is the maximum number of users allowed per-database. Default: 0 (unlimited). + // +kubebuilder:default=0 // +optional MaxUserConnections *int64 `json:"maxUserConnections,omitempty"` // StatsPeriodSeconds sets how often the averages shown in various SHOW commands are updated // and how often aggregated statistics are written to the log. Default: 60 + // +kubebuilder:default=60 // +optional StatsPeriodSeconds *int64 `json:"statsPeriodSeconds,omitempty"` // AuthType specifies how to authenticate users. Default: md5 (md5+plain text). + // +kubebuilder:default=md5 // +optional AuthType PgBouncerClientAuthMode `json:"authType,omitempty"` // IgnoreStartupParameters specifies comma-separated startup parameters that // pgbouncer knows are handled by admin and it can ignore them. Default: empty + // +kubebuilder:default="empty" // +optional IgnoreStartupParameters string `json:"ignoreStartupParameters,omitempty"` // AdminUsers specifies an array of users who can act as PgBouncer administrators. diff --git a/vendor/kubedb.dev/apimachinery/crds/kubedb.com_pgbouncers.yaml b/vendor/kubedb.dev/apimachinery/crds/kubedb.com_pgbouncers.yaml index a88d7fac..4d74cf13 100644 --- a/vendor/kubedb.dev/apimachinery/crds/kubedb.com_pgbouncers.yaml +++ b/vendor/kubedb.dev/apimachinery/crds/kubedb.com_pgbouncers.yaml @@ -72,40 +72,52 @@ spec: connectionPool: properties: authType: + default: md5 enum: - md5 - scram-sha-256 - cert type: string defaultPoolSize: + default: 20 format: int64 type: integer ignoreStartupParameters: + default: empty type: string maxClientConnections: + default: 100 format: int64 type: integer maxDBConnections: + default: 0 format: int64 type: integer maxUserConnections: + default: 0 format: int64 type: integer minPoolSize: + default: 0 format: int64 type: integer poolMode: + default: session type: string port: + default: 5432 format: int32 type: integer reservePoolSize: + default: 0 format: int64 type: integer reservePoolTimeoutSeconds: + default: 5 format: int64 type: integer statsPeriodSeconds: + default: 60 format: int64 type: integer type: object @@ -3614,7 +3626,6 @@ spec: version: type: string required: - - database - version type: object status: diff --git a/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_pgbounceropsrequests.yaml b/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_pgbounceropsrequests.yaml index bca99d06..ff8aff8c 100644 --- a/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_pgbounceropsrequests.yaml +++ b/vendor/kubedb.dev/apimachinery/crds/ops.kubedb.com_pgbounceropsrequests.yaml @@ -49,25 +49,6 @@ spec: - Always type: string configuration: - properties: - pgbouncer: - properties: - applyConfig: - additionalProperties: - type: string - type: object - configSecret: - properties: - name: - default: "" - type: string - type: object - x-kubernetes-map-type: atomic - removeCustomConfig: - type: boolean - type: object - required: - - pgbouncer type: object horizontalScaling: properties: @@ -196,7 +177,6 @@ spec: - HorizontalScaling - VerticalScaling - UpdateVersion - - Reconfigure type: string updateVersion: properties: diff --git a/vendor/modules.txt b/vendor/modules.txt index fd66e758..696242a9 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1561,7 +1561,7 @@ kmodules.xyz/offshoot-api/api/v1 kmodules.xyz/offshoot-api/api/v1/conversion kmodules.xyz/offshoot-api/api/v2 kmodules.xyz/offshoot-api/util -# kubedb.dev/apimachinery v0.47.1-0.20240924090635-38154e492f4e +# kubedb.dev/apimachinery v0.47.1-0.20240924051141-f0421dd9f647 ## explicit; go 1.22.1 kubedb.dev/apimachinery/apis kubedb.dev/apimachinery/apis/catalog diff --git a/zookeeper/kubedb_client_builder.go b/zookeeper/kubedb_client_builder.go index 1b529aae..a42e7a1f 100644 --- a/zookeeper/kubedb_client_builder.go +++ b/zookeeper/kubedb_client_builder.go @@ -18,9 +18,16 @@ package zookeeper import ( "context" + "errors" "fmt" + "log" "time" + core "k8s.io/api/core/v1" + kerr "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" + "k8s.io/klog/v2" + "github.com/Shopify/zk" "kubedb.dev/apimachinery/apis/kubedb" dbapi "kubedb.dev/apimachinery/apis/kubedb/v1alpha2" @@ -33,10 +40,13 @@ const ( ) type KubeDBClientBuilder struct { - kc client.Client - db *dbapi.ZooKeeper - podName string - url string + kc client.Client + db *dbapi.ZooKeeper + ctx context.Context + podName string + url string + enableHTTPClient bool + disableAMQPClient bool } func NewKubeDBClientBuilder(kc client.Client, db *dbapi.ZooKeeper) *KubeDBClientBuilder { @@ -46,6 +56,14 @@ func NewKubeDBClientBuilder(kc client.Client, db *dbapi.ZooKeeper) *KubeDBClient } } +// NewKubeDBClientBuilderForHTTP returns a KubeDB client builder only for http client +func NewKubeDBClientBuilderForHTTP(kc client.Client, db *dbapi.ZooKeeper) *KubeDBClientBuilder { + return NewKubeDBClientBuilder(kc, db). + WithContext(context.TODO()). + WithAMQPClientDisabled(). + WithHTTPClientEnabled() +} + func (o *KubeDBClientBuilder) WithPod(podName string) *KubeDBClientBuilder { o.podName = podName return o @@ -56,7 +74,22 @@ func (o *KubeDBClientBuilder) WithURL(url string) *KubeDBClientBuilder { return o } -func (o *KubeDBClientBuilder) GetZooKeeperClient(ctx context.Context) (*Client, error) { +func (o *KubeDBClientBuilder) WithContext(ctx context.Context) *KubeDBClientBuilder { + o.ctx = ctx + return o +} + +func (o *KubeDBClientBuilder) WithHTTPClientEnabled() *KubeDBClientBuilder { + o.enableHTTPClient = true + return o +} + +func (o *KubeDBClientBuilder) WithAMQPClientDisabled() *KubeDBClientBuilder { + o.disableAMQPClient = true + return o +} + +func (o *KubeDBClientBuilder) GetZooKeeperClient() (*Client, error) { var err error if o.podName != "" { o.url = o.getPodURL() @@ -73,6 +106,41 @@ func (o *KubeDBClientBuilder) GetZooKeeperClient(ctx context.Context) (*Client, break } } + + if !o.db.Spec.DisableAuth { + if o.db.Spec.AuthSecret == nil { + klog.Info("Auth-secret not set") + return nil, errors.New("auth-secret is not set") + } + + authSecret := core.Secret{} + err := o.kc.Get(o.ctx, types.NamespacedName{ + Namespace: o.db.Namespace, + Name: o.db.Spec.AuthSecret.Name, + }, &authSecret) + if err != nil { + if kerr.IsNotFound(err) { + klog.Error(err, "Auth-secret not found") + return nil, errors.New("auth-secret is not found") + } + klog.Error(err, "Failed to get auth-secret") + return nil, err + } + + //clientConfig.Net.SASL.Enable = true + username := string(authSecret.Data[core.BasicAuthUsernameKey]) + password := string(authSecret.Data[core.BasicAuthPasswordKey]) + + // Correct the format for the username:password string + authString := fmt.Sprintf("%s:%s", username, password) + + // Add authentication using the properly formatted authString + err = zkConn.AddAuth("digest", []byte(authString)) + if err != nil { + log.Fatalf("Failed to add authentication: %v", err) + } + } + return &Client{ zkConn, }, nil