add health status reporter for storageclient

Adding the status health of the storageclient to the provider cluster. Signed-off-by: Madhu Rajanna <[email protected]>
red-hat-storage · Jan 19, 2023 · 13b7404 · 13b7404
1 parent 79332a8
commit 13b7404
Show file tree

Hide file tree

Showing 26 changed files with 2,151 additions and 3 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -18,6 +18,7 @@ COPY config/ config/
 COPY csi/ csi/
 COPY pkg/ pkg/
 COPY templates/ templates/
+COPY status-report/ status-report/
 # Run tests and linting
 RUN make go-test
 
@@ -29,7 +30,6 @@ RUN make go-build
 FROM gcr.io/distroless/static:nonroot
 WORKDIR /
 COPY --from=builder /workspace/bin/manager .
+COPY --from=builder /workspace/bin/status-reporter .
 COPY --from=builder /workspace/images.yaml /etc/ocs-client-operator/images.yaml
 USER 65532:65532
-
-ENTRYPOINT ["/manager"]
diff --git a/Makefile b/Makefile
@@ -89,6 +89,7 @@ uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified
 deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
 	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
 	cd config/default && $(KUSTOMIZE) edit set image rbac-proxy=$(RBAC_PROXY_IMG)
+	sed -i 's|value: controller|value: ${IMG}|g' "config/manager/manager.yaml"
 	$(KUSTOMIZE) build config/default | kubectl apply -f -
 
 remove: ## Remove controller from the K8s cluster specified in ~/.kube/config.
@@ -106,6 +107,7 @@ bundle: manifests kustomize operator-sdk ## Generate bundle manifests and metada
 	$(OPERATOR_SDK) generate kustomize manifests -q
 	cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG)
 	cd config/default && $(KUSTOMIZE) edit set image rbac-proxy=$(RBAC_PROXY_IMG)
+	sed -i 's|value: controller|value: ${IMG}|g' "config/manager/manager.yaml"
 	cd config/manifests/bases && $(KUSTOMIZE) edit add annotation --force 'olm.skipRange':"$(SKIP_RANGE)" && \
 		$(KUSTOMIZE) edit add patch --name ocs-client-operator.v0.0.0 --kind ClusterServiceVersion\
 		--patch '[{"op": "replace", "path": "/spec/replaces", "value": "$(REPLACES)"}]'

diff --git a/bundle/manifests/ocs-client-operator.clusterserviceversion.yaml b/bundle/manifests/ocs-client-operator.clusterserviceversion.yaml
@@ -30,6 +30,17 @@ spec:
           - create
           - delete
           - update
+        - apiGroups:
+          - ""
+          resources:
+          - secrets
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - update
+          - watch
         - apiGroups:
           - ""
           resources:
@@ -75,6 +86,74 @@ spec:
           - deployments/finalizers
           verbs:
           - update
+        - apiGroups:
+          - config.openshift.io
+          resources:
+          - clusterversions
+          verbs:
+          - get
+          - list
+          - watch
+        - apiGroups:
+          - ""
+          resources:
+          - persistentvolumes
+          verbs:
+          - get
+          - list
+          - watch
+        - apiGroups:
+          - ocs.openshift.io
+          resources:
+          - storageclassclaims
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - ocs.openshift.io
+          resources:
+          - storageclassclaims/finalizers
+          verbs:
+          - update
+        - apiGroups:
+          - ocs.openshift.io
+          resources:
+          - storageclassclaims/status
+          verbs:
+          - get
+          - patch
+          - update
+        - apiGroups:
+          - ocs.openshift.io
+          resources:
+          - storageclients
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - ocs.openshift.io
+          resources:
+          - storageclients/finalizers
+          verbs:
+          - update
+        - apiGroups:
+          - ocs.openshift.io
+          resources:
+          - storageclients/status
+          verbs:
+          - get
+          - patch
+          - update
         - apiGroups:
           - rbac.authorization.k8s.io
           resources:
@@ -153,6 +232,16 @@ spec:
           - patch
           - update
           - watch
+        - apiGroups:
+          - snapshot.storage.k8s.io
+          resources:
+          - volumesnapshotclasses
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - watch
         - apiGroups:
           - storage.k8s.io
           resources:
@@ -162,6 +251,18 @@ spec:
           - delete
           - get
           - update
+        - apiGroups:
+          - storage.k8s.io
+          resources:
+          - storageclasses
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
         - apiGroups:
           - authentication.k8s.io
           resources:
@@ -222,6 +323,8 @@ spec:
                   valueFrom:
                     fieldRef:
                       fieldPath: metadata.namespace
+                - name: STATUS_REPORTER_IMAGE
+                  value: quay.io/ocs-dev/ocs-client-operator:latest
                 image: quay.io/ocs-dev/ocs-client-operator:latest
                 livenessProbe:
                   httpGet:

diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
@@ -38,6 +38,8 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: metadata.namespace
+        - name: STATUS_REPORTER_IMAGE
+          value: quay.io/ocs-dev/ocs-client-operator:latest
         securityContext:
           allowPrivilegeEscalation: false
         livenessProbe:

diff --git a/config/manifests/bases/ocs-client-operator.clusterserviceversion.yaml b/config/manifests/bases/ocs-client-operator.clusterserviceversion.yaml
@@ -8,7 +8,18 @@ metadata:
   namespace: placeholder
 spec:
   apiservicedefinitions: {}
-  customresourcedefinitions: {}
+  customresourcedefinitions:
+    owned:
+    - description: StorageClassClaim is the Schema for the storageclassclaims API
+      displayName: Storage Class Claim
+      kind: StorageClassClaim
+      name: storageclassclaims.ocs.openshift.io
+      version: v1alpha1
+    - description: StorageClient is the Schema for the storageclients API
+      displayName: Storage Client
+      kind: StorageClient
+      name: storageclients.ocs.openshift.io
+      version: v1alpha1
   description: foo
   displayName: OpenShift Data Foundation Client Operator
   icon:

diff --git a/config/rbac/status-reporter-role.yaml b/config/rbac/status-reporter-role.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: ocs-status-reporter
+rules:
+  - apiGroups:
+      - ocs.openshift.io
+    resources:
+      - storageclients
+    verbs:
+      - get
+      - list
diff --git a/config/rbac/status-reporter-rolebinding.yaml b/config/rbac/status-reporter-rolebinding.yaml
@@ -0,0 +1,11 @@
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: ocs-status-reporter
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: ocs-status-reporter
+subjects:
+  - kind: ServiceAccount
+    name: ocs-status-reporter
diff --git a/config/rbac/status-reporter-sa.yaml b/config/rbac/status-reporter-sa.yaml
@@ -0,0 +1,4 @@
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: ocs-status-reporter
diff --git a/controllers/storageclient_controller.go b/controllers/storageclient_controller.go
@@ -19,6 +19,7 @@ package controllers
 import (
 	"context"
 	"fmt"
+	"os"
 	"time"
 
 	"github.com/red-hat-storage/ocs-client-operator/api/v1alpha1"
@@ -28,6 +29,7 @@ import (
 	providerClient "github.com/red-hat-storage/ocs-operator/services/provider/client"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
+	batchv1 "k8s.io/api/batch/v1"
 	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -36,6 +38,7 @@ import (
 	"k8s.io/klog/v2"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"sigs.k8s.io/controller-runtime/pkg/handler"
 	"sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/reconcile"
@@ -173,6 +176,10 @@ func (s *StorageClientReconciler) reconcilePhases(instance *v1alpha1.StorageClie
 		return s.acknowledgeOnboarding(instance, externalClusterClient)
 	}
 
+	if res, err := s.reconcileClientStatusReporterJob(instance, externalClusterClient); err != nil {
+		return res, err
+	}
+
 	return reconcile.Result{}, nil
 }
 
@@ -461,3 +468,61 @@ func (s *StorageClientReconciler) logGrpcErrorAndReportEvent(instance *v1alpha1.
 		s.recorder.ReportIfNotPresent(instance, eventType, eventReason, msg)
 	}
 }
+
+func (s *StorageClientReconciler) reconcileClientStatusReporterJob(instance *v1alpha1.StorageClient, externalClusterClient *providerClient.OCSProviderClient) (reconcile.Result, error) {
+	// start the cronJob to ping the provider api server
+	cronJob := &batchv1.CronJob{}
+	cronJob.Name = "report-status-to-provider"
+	cronJob.Namespace = instance.Namespace
+
+	_, err := controllerutil.CreateOrUpdate(s.ctx, s.Client, cronJob, func() error {
+		if err := controllerutil.SetOwnerReference(instance, cronJob, s.Client.Scheme()); err != nil {
+			return fmt.Errorf("Failed to set owner reference: %v", err)
+		}
+		cronJob.Spec = batchv1.CronJobSpec{
+			Schedule: "* * * * *",
+			JobTemplate: batchv1.JobTemplateSpec{
+				Spec: batchv1.JobSpec{
+					Template: corev1.PodTemplateSpec{
+						Spec: corev1.PodSpec{
+							Containers: []corev1.Container{
+								{
+									Name:  "heartbeat",
+									Image: os.Getenv(utils.StatusReporterImageEnvVar),
+									Command: []string{
+										"/status-reporter",
+									},
+									Env: []corev1.EnvVar{
+										{
+											Name: utils.StorageClientNamespaceEnvVar,
+											ValueFrom: &corev1.EnvVarSource{
+												FieldRef: &corev1.ObjectFieldSelector{
+													FieldPath: "metadata.namespace",
+												},
+											},
+										},
+										{
+											Name: utils.StorageClientNameEnvVar,
+											ValueFrom: &corev1.EnvVarSource{
+												FieldRef: &corev1.ObjectFieldSelector{
+													FieldPath: "metadata.name",
+												},
+											},
+										},
+									},
+								},
+							},
+							RestartPolicy:      corev1.RestartPolicyOnFailure,
+							ServiceAccountName: "ocs-status-reporter",
+						},
+					},
+				},
+			},
+		}
+		return nil
+	})
+	if err != nil {
+		return reconcile.Result{Requeue: true}, fmt.Errorf("Failed to update cronJob: %v", err)
+	}
+	return reconcile.Result{}, nil
+}
diff --git a/go.mod b/go.mod
@@ -27,6 +27,7 @@ require (
 	k8s.io/api v0.25.2
 	k8s.io/apimachinery v0.25.2
 	k8s.io/client-go v12.0.0+incompatible
+	k8s.io/klog v1.0.0
 	k8s.io/klog/v2 v2.80.1
 	k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed
 	sigs.k8s.io/controller-runtime v0.13.0

diff --git a/go.sum b/go.sum
@@ -833,6 +833,8 @@ k8s.io/client-go v0.25.2 h1:SUPp9p5CwM0yXGQrwYurw9LWz+YtMwhWd0GqOsSiefo=
 k8s.io/client-go v0.25.2/go.mod h1:i7cNU7N+yGQmJkewcRD2+Vuj4iz7b30kI8OcL3horQ4=
 k8s.io/component-base v0.25.0 h1:haVKlLkPCFZhkcqB6WCvpVxftrg6+FK5x1ZuaIDaQ5Y=
 k8s.io/component-base v0.25.0/go.mod h1:F2Sumv9CnbBlqrpdf7rKZTmmd2meJq0HizeyY/yAFxk=
+k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
+k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
 k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
 k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4=
 k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=

diff --git a/hack/go-build.sh b/hack/go-build.sh
@@ -8,3 +8,4 @@ export GO111MODULE=${GO111MODULE:-on}
 set -x
 
 go build -a -o ${GOBIN:-bin}/manager main.go
+go build -a -o ${GOBIN:-bin}/status-reporter ./status-report/main.go
diff --git a/main.go b/main.go
@@ -99,6 +99,12 @@ func main() {
 		os.Exit(1)
 	}
 
+	err = utils.ValidateStausReporterImage()
+	if err != nil {
+		setupLog.Error(err, "unable to validate status reporter image")
+		os.Exit(1)
+	}
+
 	if err = (&controllers.StorageClientReconciler{
 		Client: mgr.GetClient(),
 		Scheme: mgr.GetScheme(),

diff --git a/pkg/utils/k8sutils.go b/pkg/utils/k8sutils.go
@@ -25,6 +25,14 @@ import (
 // which is the namespace where operator pod is deployed.
 const OperatorNamespaceEnvVar = "OPERATOR_NAMESPACE"
 
+// StorageClientNameEnvVar is the constant for env variable STORAGE_CLIENT_NAME
+const StorageClientNameEnvVar = "STORAGE_CLIENT_NAME"
+
+// StorageClientNamespaceEnvVar is the constant for env variable STORAGE_CLIENT_NAMESPACE
+const StorageClientNamespaceEnvVar = "STORAGE_CLIENT_NAMESPACE"
+
+const StatusReporterImageEnvVar = "STATUS_REPORTER_IMAGE"
+
 // GetOperatorNamespace returns the namespace where the operator is deployed.
 func GetOperatorNamespace() string {
 	return os.Getenv(OperatorNamespaceEnvVar)
@@ -38,3 +46,12 @@ func ValidateOperatorNamespace() error {
 
 	return nil
 }
+
+func ValidateStausReporterImage() error {
+	image := os.Getenv(StatusReporterImageEnvVar)
+	if image == "" {
+		return fmt.Errorf("status reporter image not found")
+	}
+
+	return nil
+}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -8,3 +8,4 @@ export GO111MODULE=${GO111MODULE:-on}
		set -x

		go build -a -o ${GOBIN:-bin}/manager main.go
		go build -a -o ${GOBIN:-bin}/status-reporter ./status-report/main.go