From c682726e821fc6ff13b17c88188ca160ccabf728 Mon Sep 17 00:00:00 2001 From: Stacky McStackface <95074132+stackable-bot@users.noreply.github.com> Date: Wed, 23 Oct 2024 13:08:28 +0200 Subject: [PATCH 1/2] chore: Generated commit to update templated files since the last template run up to stackabletech/operator-templating@f4c4af12a5e241ce322d634fd46c408350cbf59b (#593) Reference-to: stackabletech/operator-templating@f4c4af1 (Bump Rust toolchain to 1.81.0 and update pre-commit hooks) --- .github/workflows/build.yml | 2 +- .github/workflows/pr_pre-commit.yaml | 2 +- .pre-commit-config.yaml | 8 ++++---- Makefile | 10 ++++++---- rust-toolchain.toml | 2 +- 5 files changed, 13 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 45f49b3c..0c58d98e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ env: CARGO_TERM_COLOR: always CARGO_INCREMENTAL: '0' CARGO_PROFILE_DEV_DEBUG: '0' - RUST_TOOLCHAIN_VERSION: "1.80.1" + RUST_TOOLCHAIN_VERSION: "1.81.0" RUSTFLAGS: "-D warnings" RUSTDOCFLAGS: "-D warnings" RUST_LOG: "info" diff --git a/.github/workflows/pr_pre-commit.yaml b/.github/workflows/pr_pre-commit.yaml index 5a39364a..c9e94843 100644 --- a/.github/workflows/pr_pre-commit.yaml +++ b/.github/workflows/pr_pre-commit.yaml @@ -6,7 +6,7 @@ on: env: CARGO_TERM_COLOR: always - RUST_TOOLCHAIN_VERSION: "1.80.1" + RUST_TOOLCHAIN_VERSION: "1.81.0" HADOLINT_VERSION: "v2.12.0" PYTHON_VERSION: "3.12" diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 98280921..3c59d32e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -6,7 +6,7 @@ default_language_version: repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: 2c9f875913ee60ca25ce70243dc24d5b6415598c # 4.6.0 + rev: cef0300fd0fc4d2a87a85fa2093c6b283ea36f4b # 5.0.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer @@ -28,7 +28,7 @@ repos: - id: yamllint - repo: https://github.com/igorshubovych/markdownlint-cli - rev: f295829140d25717bc79368d3f966fc1f67a824f # 0.41.0 + rev: aa975a18c9a869648007d33864034dbc7481fe5e # 0.42.0 hooks: - id: markdownlint types: [text] @@ -44,7 +44,7 @@ repos: # If you do not, you will need to delete the cached ruff binary shown in the # error message - repo: https://github.com/astral-sh/ruff-pre-commit - rev: f1ebc5730d98440041cc43e4d69829ad598ae1e7 # 0.6.3 + rev: 8983acb92ee4b01924893632cf90af926fa608f0 # 0.7.0 hooks: # Run the linter. - id: ruff @@ -52,7 +52,7 @@ repos: - id: ruff-format - repo: https://github.com/rhysd/actionlint - rev: 62dc61a45fc95efe8c800af7a557ab0b9165d63b # 1.7.1 + rev: 4e683ab8014a63fafa117492a0c6053758e6d593 # 1.7.3 hooks: - id: actionlint diff --git a/Makefile b/Makefile index ee8e97b6..86ff6eca 100644 --- a/Makefile +++ b/Makefile @@ -48,9 +48,10 @@ docker-publish: # Uses the keyless signing flow with Github Actions as identity provider\ cosign sign -y "${DOCKER_REPO}/${ORGANIZATION}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\ # Generate the SBOM for the operator image, this leverages the already generated SBOM for the operator binary by cargo-cyclonedx\ - syft scan --output cyclonedx-json=sbom.json --select-catalogers "-cargo-auditable-binary-cataloger" --scope all-layers --source-name "${OPERATOR_NAME}" --source-version "${VERSION}" "${DOCKER_REPO}/${ORGANIZATION}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\ + syft scan --output cyclonedx-json=sbom.json --select-catalogers "-cargo-auditable-binary-cataloger" --scope all-layers --source-name "${OPERATOR_NAME}" --source-version "${VERSION}-${ARCH}" "${DOCKER_REPO}/${ORGANIZATION}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\ # Determine the PURL for the container image\ - PURL="pkg:docker/${ORGANIZATION}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE?repository_url=${DOCKER_REPO}";\ + URLENCODED_REPO_DIGEST_OF_IMAGE=$$(echo "$$REPO_DIGEST_OF_IMAGE" | sed 's/:/%3A/g');\ + PURL="pkg:oci/${OPERATOR_NAME}@$$URLENCODED_REPO_DIGEST_OF_IMAGE?arch=${ARCH}&repository_url=${DOCKER_REPO}%2F${ORGANIZATION}%2F${OPERATOR_NAME}";\ # Get metadata from the image\ IMAGE_DESCRIPTION=$$(docker inspect --format='{{.Config.Labels.description}}' "${DOCKER_REPO}/${ORGANIZATION}/${OPERATOR_NAME}:${VERSION}-${ARCH}");\ IMAGE_NAME=$$(docker inspect --format='{{.Config.Labels.name}}' "${DOCKER_REPO}/${ORGANIZATION}/${OPERATOR_NAME}:${VERSION}-${ARCH}");\ @@ -73,9 +74,10 @@ docker-publish: # Uses the keyless signing flow with Github Actions as identity provider\ cosign sign -y "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\ # Generate the SBOM for the operator image, this leverages the already generated SBOM for the operator binary by cargo-cyclonedx\ - syft scan --output cyclonedx-json=sbom.json --select-catalogers "-cargo-auditable-binary-cataloger" --scope all-layers --source-name "${OPERATOR_NAME}" --source-version "${VERSION}" "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\ + syft scan --output cyclonedx-json=sbom.json --select-catalogers "-cargo-auditable-binary-cataloger" --scope all-layers --source-name "${OPERATOR_NAME}" --source-version "${VERSION}-${ARCH}" "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE";\ # Determine the PURL for the container image\ - PURL="pkg:docker/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}@$$REPO_DIGEST_OF_IMAGE?repository_url=${OCI_REGISTRY_HOSTNAME}";\ + URLENCODED_REPO_DIGEST_OF_IMAGE=$$(echo "$$REPO_DIGEST_OF_IMAGE" | sed 's/:/%3A/g');\ + PURL="pkg:oci/${OPERATOR_NAME}@$$URLENCODED_REPO_DIGEST_OF_IMAGE?arch=${ARCH}&repository_url=${OCI_REGISTRY_HOSTNAME}%2F${OCI_REGISTRY_PROJECT_IMAGES}%2F${OPERATOR_NAME}";\ # Get metadata from the image\ IMAGE_DESCRIPTION=$$(docker inspect --format='{{.Config.Labels.description}}' "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}-${ARCH}");\ IMAGE_NAME=$$(docker inspect --format='{{.Config.Labels.name}}' "${OCI_REGISTRY_HOSTNAME}/${OCI_REGISTRY_PROJECT_IMAGES}/${OPERATOR_NAME}:${VERSION}-${ARCH}");\ diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 23142f76..d587e661 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,3 +1,3 @@ # DO NOT EDIT, this file is generated by operator-templating [toolchain] -channel = "1.80.1" +channel = "1.81.0" From 38981185e54af7da63eda9f17f25691d98fba32a Mon Sep 17 00:00:00 2001 From: Sebastian Bernauer Date: Wed, 23 Oct 2024 14:55:18 +0200 Subject: [PATCH 2/2] feat: Support non-default cluster domain (#591) * feat: Support non-default cluster domain * changelog * Update deploy/helm/hdfs-operator/values.yaml Co-authored-by: Malte Sander * cargo +nightly update --breaking -Z unstable-options * Capture in variable * Capture in variable * cargo +nightly update --breaking -Z unstable-options * bump to op-rs 0.80.0 * changelog * Update deploy/helm/hdfs-operator/values.yaml Co-authored-by: Malte Sander * Use named arguments --------- Co-authored-by: Malte Sander --- CHANGELOG.md | 6 + Cargo.lock | 214 +++++++++++------- Cargo.toml | 4 +- deploy/helm/hdfs-operator/values.yaml | 4 + rust/crd/src/lib.rs | 19 +- rust/operator-binary/src/config.rs | 27 ++- rust/operator-binary/src/container.rs | 160 ++++++++----- rust/operator-binary/src/discovery.rs | 22 +- rust/operator-binary/src/hdfs_controller.rs | 20 +- rust/operator-binary/src/main.rs | 5 +- rust/operator-binary/src/security/kerberos.rs | 26 ++- 11 files changed, 330 insertions(+), 177 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 530ac7ab..6727dfda 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file. ## [Unreleased] +### Added + +- The operator can now run on Kubernetes clusters using a non-default cluster domain. + Use the env var `KUBERNETES_CLUSTER_DOMAIN` or the operator Helm chart property `kubernetesClusterDomain` to set a non-default cluster domain ([#591]). + ### Changed - Reduce CRD size from `1.4MB` to `136KB` by accepting arbitrary YAML input instead of the underlying schema for the following fields ([#574]): @@ -11,6 +16,7 @@ All notable changes to this project will be documented in this file. - `affinity` [#574]: https://github.com/stackabletech/hdfs-operator/pull/574 +[#591]: https://github.com/stackabletech/hdfs-operator/pull/591 ## [24.7.0] - 2024-07-24 diff --git a/Cargo.lock b/Cargo.lock index e73c16f0..44c7c69d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -111,9 +111,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.89" +version = "1.0.91" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86fdf8605db99b54d3cd748a44c6d04df638eb5dafb219b135d0149bd0db01f6" +checksum = "c042108f3ed77fd83760a5fd79b53be043192bb3b9dba91d8c574c0ada7850c8" [[package]] name = "async-broadcast" @@ -146,7 +146,7 @@ checksum = "c7c24de15d275a1ecfd47a380fb4d5ec9bfe0933f309ed5e705b775596a3574d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -157,7 +157,7 @@ checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -242,9 +242,9 @@ dependencies = [ [[package]] name = "built" -version = "0.7.4" +version = "0.7.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "236e6289eda5a812bc6b53c3b024039382a2895fbbeef2d748b2931546d392c4" +checksum = "c360505aed52b7ec96a3636c3f039d99103c37d1d9b4f7a8c743d3ea9ffcd03b" dependencies = [ "chrono", "git2", @@ -264,15 +264,15 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" [[package]] name = "bytes" -version = "1.7.2" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "428d9aa8fbc0670b7b8d6030a7fadd0f86151cae55e4dbbece15f3780a3dfaf3" +checksum = "9ac0150caa2ae65ca5bd83f25c7de183dea78d4d366469f148435e2acfbad0da" [[package]] name = "cc" -version = "1.1.30" +version = "1.1.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b16803a61b81d9eabb7eae2588776c4c1e584b738ede45fdbb4c972cec1e9945" +checksum = "c2e7962b54006dcfcc61cb72735f4d89bb97061dd6a7ed882ec6b8ee53714c6f" dependencies = [ "jobserver", "libc", @@ -329,7 +329,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -444,7 +444,7 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -455,7 +455,7 @@ checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806" dependencies = [ "darling_core", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -466,7 +466,7 @@ checksum = "bc2323e10c92e1cf4d86e11538512e6dc03ceb586842970b6332af3d4046a046" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -525,6 +525,18 @@ version = "1.0.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0d6ef0072f8a535281e4876be788938b528e9a1d43900b82c2569af7da799125" +[[package]] +name = "educe" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d7bc049e1bd8cdeb31b68bbd586a9464ecf9f3944af3958a7a9d0f8b9799417" +dependencies = [ + "enum-ordinalize", + "proc-macro2", + "quote", + "syn 2.0.82", +] + [[package]] name = "either" version = "1.13.0" @@ -549,6 +561,26 @@ dependencies = [ "thiserror", ] +[[package]] +name = "enum-ordinalize" +version = "4.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fea0dcfa4e54eeb516fe454635a95753ddd39acda650ce703031c6973e315dd5" +dependencies = [ + "enum-ordinalize-derive", +] + +[[package]] +name = "enum-ordinalize-derive" +version = "4.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d28318a75d4aead5c4db25382e8ef717932d0346600cacae6357eb5941bc5ff" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.82", +] + [[package]] name = "equivalent" version = "1.0.1" @@ -673,7 +705,7 @@ checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -1121,9 +1153,9 @@ dependencies = [ [[package]] name = "kube" -version = "0.95.0" +version = "0.96.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa21063c854820a77c5d7f8deeb7ffa55246d8304e4bcd8cce2956752c6604f8" +checksum = "efffeb3df0bd4ef3e5d65044573499c0e4889b988070b08c50b25b1329289a1f" dependencies = [ "k8s-openapi", "kube-client", @@ -1134,9 +1166,9 @@ dependencies = [ [[package]] name = "kube-client" -version = "0.95.0" +version = "0.96.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31c2355f5c9d8a11900e71a6fe1e47abd5ec45bf971eb4b162ffe97b46db9bb7" +checksum = "8bf471ece8ff8d24735ce78dac4d091e9fcb8d74811aeb6b75de4d1c3f5de0f1" dependencies = [ "base64 0.22.1", "bytes", @@ -1172,9 +1204,9 @@ dependencies = [ [[package]] name = "kube-core" -version = "0.95.0" +version = "0.96.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3030bd91c9db544a50247e7d48d7db9cf633c172732dce13351854526b1e666" +checksum = "f42346d30bb34d1d7adc5c549b691bce7aa3a1e60254e68fab7e2d7b26fe3d77" dependencies = [ "chrono", "form_urlencoded", @@ -1190,29 +1222,29 @@ dependencies = [ [[package]] name = "kube-derive" -version = "0.95.0" +version = "0.96.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa98be978eddd70a773aa8e86346075365bfb7eb48783410852dbf7cb57f0c27" +checksum = "f9364e04cc5e0482136c6ee8b7fb7551812da25802249f35b3def7aaa31e82ad" dependencies = [ "darling", "proc-macro2", "quote", "serde_json", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] name = "kube-runtime" -version = "0.95.0" +version = "0.96.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5895cb8aa641ac922408f128b935652b34c2995f16ad7db0984f6caa50217914" +checksum = "d3fbf1f6ffa98e65f1d2a9a69338bb60605d46be7edf00237784b89e62c9bd44" dependencies = [ "ahash", "async-broadcast", "async-stream", "async-trait", "backoff", - "derivative", + "educe", "futures 0.3.31", "hashbrown 0.14.5", "json-patch", @@ -1237,9 +1269,9 @@ checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" [[package]] name = "libc" -version = "0.2.159" +version = "0.2.161" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5" +checksum = "8e9489c2807c139ffd9c1794f4af0ebe86a828db53ecdc7fea2111d0fed085d1" [[package]] name = "libgit2-sys" @@ -1429,7 +1461,7 @@ dependencies = [ "lazy_static", "once_cell", "opentelemetry", - "ordered-float 4.3.0", + "ordered-float 4.4.0", "percent-encoding", "rand", "thiserror", @@ -1448,9 +1480,9 @@ dependencies = [ [[package]] name = "ordered-float" -version = "4.3.0" +version = "4.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "44d501f1a72f71d3c063a6bbc8f7271fa73aa09fe5d6283b6571e2ed176a2537" +checksum = "83e7ccb95e240b7c9506a3d544f10d935e142cc90b0a1d56954fb44d89ad6b97" dependencies = [ "num-traits", ] @@ -1537,7 +1569,7 @@ dependencies = [ "pest_meta", "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -1568,7 +1600,7 @@ checksum = "a4502d8515ca9f32f1fb543d987f63d95a14934883db45bdb48060b6b69257f8" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -1615,9 +1647,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.87" +version = "1.0.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b3e4daa0dcf6feba26f985457cdf104d4b4256fc5a09547140f3631bb076b19a" +checksum = "f139b0662de085916d1fb67d2b4169d1addddda1919e696f3252b740b629986e" dependencies = [ "unicode-ident", ] @@ -1753,9 +1785,9 @@ dependencies = [ [[package]] name = "rstest" -version = "0.22.0" +version = "0.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b423f0e62bdd61734b67cd21ff50871dfaeb9cc74f869dcd6af974fbcb19936" +checksum = "0a2c585be59b6b5dd66a9d2084aa1d8bd52fbdb806eafdeffb52791147862035" dependencies = [ "futures 0.3.31", "futures-timer", @@ -1765,9 +1797,9 @@ dependencies = [ [[package]] name = "rstest_macros" -version = "0.22.0" +version = "0.23.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5e1711e7d14f74b12a58411c542185ef7fb7f2e7f8ee6e2940a883628522b42" +checksum = "825ea780781b15345a146be27eaefb05085e337e869bff01b4306a4fd4a9ad5a" dependencies = [ "cfg-if", "glob", @@ -1777,7 +1809,7 @@ dependencies = [ "regex", "relative-path", "rustc_version", - "syn 2.0.79", + "syn 2.0.82", "unicode-ident", ] @@ -1798,9 +1830,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.14" +version = "0.23.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "415d9944693cb90382053259f89fbb077ea730ad7273047ec63b19bc9b160ba8" +checksum = "5fbb44d7acc4e873d613422379f69f237a1b141928c02f6bc6ccfddddc2d7993" dependencies = [ "log", "once_cell", @@ -1906,7 +1938,7 @@ dependencies = [ "proc-macro2", "quote", "serde_derive_internals", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -1917,11 +1949,10 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "secrecy" -version = "0.8.0" +version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9bd1c54ea06cfd2f6b63219704de0b9b4f72dcc2b8fdef820be6cd799780e91e" +checksum = "e891af845473308773346dc847b2c23ee78fe442e0472ac50e22a18a93d3ae5a" dependencies = [ - "serde", "zeroize", ] @@ -1956,9 +1987,9 @@ checksum = "61697e0a1c7e512e84a621326239844a24d8207b4669b41bc18b32ea5cbf988b" [[package]] name = "serde" -version = "1.0.210" +version = "1.0.213" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" +checksum = "3ea7893ff5e2466df8d720bb615088341b295f849602c6956047f8f80f0e9bc1" dependencies = [ "serde_derive", ] @@ -1975,13 +2006,13 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.210" +version = "1.0.213" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" +checksum = "7e85ad2009c50b58e87caa8cd6dac16bdf511bbfb7af6c33df902396aa480fa5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -1992,14 +2023,14 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] name = "serde_json" -version = "1.0.128" +version = "1.0.132" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ff5456707a1de34e7e37f2a6fd3d3f808c318259cbd01ab6377795054b483d8" +checksum = "d726bfaff4b320266d395898905d0eba0345aae23b54aee3a737e260fd46db03" dependencies = [ "itoa", "memchr", @@ -2120,7 +2151,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -2181,8 +2212,8 @@ dependencies = [ [[package]] name = "stackable-operator" -version = "0.76.0" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.76.0#a7e70f174fb043a1766e0a80de95834cb4f7513d" +version = "0.80.0" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.80.0#6fbe32300b60f95e0baa2ab0ff2daf961b06531c" dependencies = [ "chrono", "clap", @@ -2192,6 +2223,7 @@ dependencies = [ "dockerfile-parser", "either", "futures 0.3.31", + "indexmap", "json-patch", "k8s-openapi", "kube", @@ -2206,6 +2238,7 @@ dependencies = [ "serde_yaml", "snafu 0.8.5", "stackable-operator-derive", + "stackable-shared", "strum", "tokio", "tracing", @@ -2218,12 +2251,24 @@ dependencies = [ [[package]] name = "stackable-operator-derive" version = "0.3.1" -source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.76.0#a7e70f174fb043a1766e0a80de95834cb4f7513d" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.80.0#6fbe32300b60f95e0baa2ab0ff2daf961b06531c" dependencies = [ "darling", "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", +] + +[[package]] +name = "stackable-shared" +version = "0.0.1" +source = "git+https://github.com/stackabletech/operator-rs.git?tag=stackable-operator-0.80.0#6fbe32300b60f95e0baa2ab0ff2daf961b06531c" +dependencies = [ + "kube", + "semver", + "serde", + "serde_yaml", + "snafu 0.8.5", ] [[package]] @@ -2251,7 +2296,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -2273,33 +2318,39 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.79" +version = "2.0.82" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89132cd0bf050864e1d38dc3bbc07a0eb8e7530af26344d3d2bbbef83499f590" +checksum = "83540f837a8afc019423a8edb95b52a8effe46957ee402287f4292fae35be021" dependencies = [ "proc-macro2", "quote", "unicode-ident", ] +[[package]] +name = "sync_wrapper" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" + [[package]] name = "thiserror" -version = "1.0.64" +version = "1.0.65" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d50af8abc119fb8bb6dbabcfa89656f46f84aa0ac7688088608076ad2b459a84" +checksum = "5d11abd9594d9b38965ef50805c5e469ca9cc6f197f883f717e0269a3057b3d5" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.64" +version = "1.0.65" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3" +checksum = "ae71770322cbd277e69d762a16c444af02aa0575ac0d174f0b9562d3b37f8602" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -2382,9 +2433,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.40.0" +version = "1.41.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2b070231665d27ad9ec9b8df639893f46727666c6767db40317fbe920a5d998" +checksum = "145f3413504347a2be84393cc8a7d2fb4d863b375909ea59f2158261aa258bbb" dependencies = [ "backtrace", "bytes", @@ -2406,7 +2457,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -2464,14 +2515,14 @@ dependencies = [ [[package]] name = "tower" -version = "0.4.13" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c" +checksum = "2873938d487c3cfb9aed7546dc9f2711d867c9f90c46b889989a2cb84eba6b4f" dependencies = [ "futures-core", "futures-util", - "pin-project", "pin-project-lite", + "sync_wrapper", "tokio", "tokio-util", "tower-layer", @@ -2481,16 +2532,15 @@ dependencies = [ [[package]] name = "tower-http" -version = "0.5.2" +version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e9cd434a998747dd2c4276bc96ee2e0c7a2eadf3cae88e52be55a05fa9053f5" +checksum = "8437150ab6bbc8c5f0f519e3d5ed4aa883a83dd4cdd3d1b21f9482936046cb97" dependencies = [ - "base64 0.21.7", + "base64 0.22.1", "bitflags 2.6.0", "bytes", "http", "http-body", - "http-body-util", "mime", "pin-project-lite", "tower-layer", @@ -2542,7 +2592,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] @@ -2757,7 +2807,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", "wasm-bindgen-shared", ] @@ -2779,7 +2829,7 @@ checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2946,7 +2996,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.79", + "syn 2.0.82", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index a2a13dbc..e670b12d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,13 +15,13 @@ built = { version = "0.7", features = ["chrono", "git2"] } clap = "4.5" futures = { version = "0.3", features = ["compat"] } indoc = "2.0" -rstest = "0.22" +rstest = "0.23" semver = "1.0" serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" serde_yaml = "0.9" snafu = "0.8" -stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.76.0" } +stackable-operator = { git = "https://github.com/stackabletech/operator-rs.git", tag = "stackable-operator-0.80.0" } product-config = { git = "https://github.com/stackabletech/product-config.git", tag = "0.7.0" } strum = { version = "0.26", features = ["derive"] } tokio = { version = "1.40", features = ["full"] } diff --git a/deploy/helm/hdfs-operator/values.yaml b/deploy/helm/hdfs-operator/values.yaml index 48e0ffd8..3849683d 100644 --- a/deploy/helm/hdfs-operator/values.yaml +++ b/deploy/helm/hdfs-operator/values.yaml @@ -47,3 +47,7 @@ nodeSelector: {} tolerations: [] affinity: {} + +# When running on a non-default Kubernetes cluster domain, the cluster domain can be configured here. +# See the https://docs.stackable.tech/home/stable/guides/kubernetes-cluster-domain guide for details. +# kubernetesClusterDomain: my-cluster.local diff --git a/rust/crd/src/lib.rs b/rust/crd/src/lib.rs index ff1b697f..74660989 100644 --- a/rust/crd/src/lib.rs +++ b/rust/crd/src/lib.rs @@ -23,8 +23,7 @@ use stackable_operator::{ }, }, config::{ - fragment, - fragment::{Fragment, ValidationError}, + fragment::{self, Fragment, ValidationError}, merge::Merge, }, k8s_openapi::{ @@ -34,12 +33,15 @@ use stackable_operator::{ kube::{runtime::reflector::ObjectRef, CustomResource, ResourceExt}, kvp::{LabelError, Labels}, product_config_utils::{Configuration, Error as ConfigError}, - product_logging, - product_logging::spec::{ContainerLogConfig, Logging}, + product_logging::{ + self, + spec::{ContainerLogConfig, Logging}, + }, role_utils::{GenericRoleConfig, Role, RoleGroup, RoleGroupRef}, schemars::{self, JsonSchema}, status::condition::{ClusterCondition, HasStatusCondition}, time::Duration, + utils::cluster_info::KubernetesClusterInfo, }; use strum::{Display, EnumIter, EnumString, IntoStaticStr}; @@ -981,12 +983,15 @@ pub struct HdfsPodRef { } impl HdfsPodRef { - pub fn fqdn(&self) -> Cow { + pub fn fqdn(&self, cluster_info: &KubernetesClusterInfo) -> Cow { self.fqdn_override.as_deref().map_or_else( || { Cow::Owned(format!( - "{}.{}.{}.svc.cluster.local", - self.pod_name, self.role_group_service_name, self.namespace + "{pod_name}.{role_group_service_name}.{namespace}.svc.{cluster_domain}", + pod_name = self.pod_name, + role_group_service_name = self.role_group_service_name, + namespace = self.namespace, + cluster_domain = cluster_info.cluster_domain, )) }, Cow::Borrowed, diff --git a/rust/operator-binary/src/config.rs b/rust/operator-binary/src/config.rs index 9c49ef27..584d7ec6 100644 --- a/rust/operator-binary/src/config.rs +++ b/rust/operator-binary/src/config.rs @@ -10,6 +10,7 @@ use stackable_hdfs_crd::constants::{ }; use stackable_hdfs_crd::storage::{DataNodeStorageConfig, DataNodeStorageConfigInnerType}; use stackable_hdfs_crd::{HdfsCluster, HdfsPodRef}; +use stackable_operator::utils::cluster_info::KubernetesClusterInfo; use std::collections::BTreeMap; #[derive(Clone)] @@ -102,6 +103,7 @@ impl HdfsSiteConfigBuilder { pub fn dfs_namenode_shared_edits_dir( &mut self, + cluster_info: &KubernetesClusterInfo, journalnode_podrefs: &[HdfsPodRef], ) -> &mut Self { self.config.insert( @@ -112,7 +114,7 @@ impl HdfsSiteConfigBuilder { .iter() .map(|jnid| format!( "{}:{}", - jnid.fqdn(), + jnid.fqdn(cluster_info), jnid.ports .get(&String::from(DFS_JOURNALNODE_RPC_ADDRESS)) .map_or(DEFAULT_JOURNAL_NODE_RPC_PORT, |p| *p) @@ -138,8 +140,13 @@ impl HdfsSiteConfigBuilder { self } - pub fn dfs_namenode_rpc_address_ha(&mut self, namenode_podrefs: &[HdfsPodRef]) -> &mut Self { + pub fn dfs_namenode_rpc_address_ha( + &mut self, + cluster_info: &KubernetesClusterInfo, + namenode_podrefs: &[HdfsPodRef], + ) -> &mut Self { self.dfs_namenode_address_ha( + cluster_info, namenode_podrefs, DFS_NAMENODE_RPC_ADDRESS, SERVICE_PORT_NAME_RPC, @@ -151,10 +158,12 @@ impl HdfsSiteConfigBuilder { pub fn dfs_namenode_http_address_ha( &mut self, hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, namenode_podrefs: &[HdfsPodRef], ) -> &mut Self { if hdfs.has_https_enabled() { self.dfs_namenode_address_ha( + cluster_info, namenode_podrefs, DFS_NAMENODE_HTTPS_ADDRESS, SERVICE_PORT_NAME_HTTPS, @@ -162,6 +171,7 @@ impl HdfsSiteConfigBuilder { ); } else { self.dfs_namenode_address_ha( + cluster_info, namenode_podrefs, DFS_NAMENODE_HTTP_ADDRESS, SERVICE_PORT_NAME_HTTP, @@ -173,6 +183,7 @@ impl HdfsSiteConfigBuilder { fn dfs_namenode_address_ha( &mut self, + cluster_info: &KubernetesClusterInfo, namenode_podrefs: &[HdfsPodRef], address: &str, port_name: &str, @@ -180,11 +191,15 @@ impl HdfsSiteConfigBuilder { ) -> &mut Self { for nn in namenode_podrefs { self.config.insert( - format!("{}.{}.{}", address, self.logical_name, nn.pod_name), format!( - "{}:{}", - nn.fqdn(), - nn.ports.get(port_name).map_or(default_port, |p| *p) + "{address}.{logical_name}.{pod_name}", + logical_name = self.logical_name, + pod_name = nn.pod_name, + ), + format!( + "{fqdn}:{port}", + fqdn = nn.fqdn(cluster_info), + port = nn.ports.get(port_name).map_or(default_port, |p| *p) ), ); } diff --git a/rust/operator-binary/src/container.rs b/rust/operator-binary/src/container.rs index c12fdae3..61519a54 100644 --- a/rust/operator-binary/src/container.rs +++ b/rust/operator-binary/src/container.rs @@ -9,26 +9,37 @@ //! - Set resources //! - Add tcp probes and container ports (to the main containers) //! -use crate::DATANODE_ROOT_DATA_DIR_PREFIX; -use crate::JVM_SECURITY_PROPERTIES_FILE; -use crate::LOG4J_PROPERTIES; -use stackable_hdfs_crd::UpgradeState; -use stackable_operator::utils::COMMON_BASH_TRAP_FUNCTIONS; use std::{collections::BTreeMap, str::FromStr}; use indoc::formatdoc; use snafu::{OptionExt, ResultExt, Snafu}; -use stackable_operator::kvp::Labels; +use stackable_hdfs_crd::{ + constants::{ + DEFAULT_DATA_NODE_METRICS_PORT, DEFAULT_JOURNAL_NODE_METRICS_PORT, + DEFAULT_NAME_NODE_METRICS_PORT, LISTENER_VOLUME_DIR, LISTENER_VOLUME_NAME, + LIVENESS_PROBE_FAILURE_THRESHOLD, LIVENESS_PROBE_INITIAL_DELAY_SECONDS, + LIVENESS_PROBE_PERIOD_SECONDS, NAMENODE_ROOT_DATA_DIR, READINESS_PROBE_FAILURE_THRESHOLD, + READINESS_PROBE_INITIAL_DELAY_SECONDS, READINESS_PROBE_PERIOD_SECONDS, + SERVICE_PORT_NAME_HTTP, SERVICE_PORT_NAME_HTTPS, SERVICE_PORT_NAME_IPC, + SERVICE_PORT_NAME_RPC, STACKABLE_ROOT_DATA_DIR, + }, + storage::DataNodeStorageConfig, + AnyNodeConfig, DataNodeContainer, HdfsCluster, HdfsPodRef, HdfsRole, NameNodeContainer, + UpgradeState, +}; use stackable_operator::{ builder::{ - pod::container::ContainerBuilder, - pod::resources::ResourceRequirementsBuilder, - pod::volume::{ - ListenerOperatorVolumeSourceBuilder, ListenerOperatorVolumeSourceBuilderError, - ListenerReference, SecretFormat, SecretOperatorVolumeSourceBuilder, - SecretOperatorVolumeSourceBuilderError, VolumeBuilder, VolumeMountBuilder, + self, + pod::{ + container::ContainerBuilder, + resources::ResourceRequirementsBuilder, + volume::{ + ListenerOperatorVolumeSourceBuilder, ListenerOperatorVolumeSourceBuilderError, + ListenerReference, SecretFormat, SecretOperatorVolumeSourceBuilder, + SecretOperatorVolumeSourceBuilderError, VolumeBuilder, VolumeMountBuilder, + }, + PodBuilder, }, - pod::PodBuilder, }, commons::product_image_selection::ResolvedProductImage, k8s_openapi::{ @@ -41,39 +52,31 @@ use stackable_operator::{ apimachinery::pkg::util::intstr::IntOrString, }, kube::{core::ObjectMeta, ResourceExt}, + kvp::Labels, memory::{BinaryMultiple, MemoryQuantity}, - product_logging::framework::{ - create_vector_shutdown_file_command, remove_vector_shutdown_file_command, - }, product_logging::{ self, + framework::{ + create_vector_shutdown_file_command, remove_vector_shutdown_file_command, LoggingError, + }, spec::{ ConfigMapLogConfig, ContainerLogConfig, ContainerLogConfigChoice, CustomContainerLogConfig, }, }, + utils::{cluster_info::KubernetesClusterInfo, COMMON_BASH_TRAP_FUNCTIONS}, }; use strum::{Display, EnumDiscriminants, IntoStaticStr}; -use stackable_hdfs_crd::{ - constants::{ - DEFAULT_DATA_NODE_METRICS_PORT, DEFAULT_JOURNAL_NODE_METRICS_PORT, - DEFAULT_NAME_NODE_METRICS_PORT, LISTENER_VOLUME_DIR, LISTENER_VOLUME_NAME, - LIVENESS_PROBE_FAILURE_THRESHOLD, LIVENESS_PROBE_INITIAL_DELAY_SECONDS, - LIVENESS_PROBE_PERIOD_SECONDS, NAMENODE_ROOT_DATA_DIR, READINESS_PROBE_FAILURE_THRESHOLD, - READINESS_PROBE_INITIAL_DELAY_SECONDS, READINESS_PROBE_PERIOD_SECONDS, - SERVICE_PORT_NAME_HTTP, SERVICE_PORT_NAME_HTTPS, SERVICE_PORT_NAME_IPC, - SERVICE_PORT_NAME_RPC, STACKABLE_ROOT_DATA_DIR, +use crate::{ + product_logging::{ + FORMAT_NAMENODES_LOG4J_CONFIG_FILE, FORMAT_ZOOKEEPER_LOG4J_CONFIG_FILE, + HDFS_LOG4J_CONFIG_FILE, MAX_FORMAT_NAMENODE_LOG_FILE_SIZE, + MAX_FORMAT_ZOOKEEPER_LOG_FILE_SIZE, MAX_HDFS_LOG_FILE_SIZE, + MAX_WAIT_NAMENODES_LOG_FILE_SIZE, MAX_ZKFC_LOG_FILE_SIZE, STACKABLE_LOG_DIR, + WAIT_FOR_NAMENODES_LOG4J_CONFIG_FILE, ZKFC_LOG4J_CONFIG_FILE, }, - storage::DataNodeStorageConfig, - AnyNodeConfig, DataNodeContainer, HdfsCluster, HdfsPodRef, HdfsRole, NameNodeContainer, -}; - -use crate::product_logging::{ - FORMAT_NAMENODES_LOG4J_CONFIG_FILE, FORMAT_ZOOKEEPER_LOG4J_CONFIG_FILE, HDFS_LOG4J_CONFIG_FILE, - MAX_FORMAT_NAMENODE_LOG_FILE_SIZE, MAX_FORMAT_ZOOKEEPER_LOG_FILE_SIZE, MAX_HDFS_LOG_FILE_SIZE, - MAX_WAIT_NAMENODES_LOG_FILE_SIZE, MAX_ZKFC_LOG_FILE_SIZE, STACKABLE_LOG_DIR, - WAIT_FOR_NAMENODES_LOG4J_CONFIG_FILE, ZKFC_LOG4J_CONFIG_FILE, + DATANODE_ROOT_DATA_DIR_PREFIX, JVM_SECURITY_PROPERTIES_FILE, LOG4J_PROPERTIES, }; pub(crate) const TLS_STORE_DIR: &str = "/stackable/tls"; @@ -122,6 +125,17 @@ pub enum Error { ListenerVolumeLabels { source: ListenerOperatorVolumeSourceBuilderError, }, + + #[snafu(display("failed to configure logging"))] + ConfigureLogging { source: LoggingError }, + + #[snafu(display("failed to add needed volume"))] + AddVolume { source: builder::pod::Error }, + + #[snafu(display("failed to add needed volumeMount"))] + AddVolumeMount { + source: builder::pod::container::Error, + }, } /// ContainerConfig contains information to create all main, side and init containers for @@ -203,6 +217,7 @@ impl ContainerConfig { pub fn add_containers_and_volumes( pb: &mut PodBuilder, hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, role: &HdfsRole, resolved_product_image: &ResolvedProductImage, merged_config: &AnyNodeConfig, @@ -214,9 +229,11 @@ impl ContainerConfig { ) -> Result<(), Error> { // HDFS main container let main_container_config = Self::from(*role); - pb.add_volumes(main_container_config.volumes(merged_config, object_name, labels)?); + pb.add_volumes(main_container_config.volumes(merged_config, object_name, labels)?) + .context(AddVolumeSnafu)?; pb.add_container(main_container_config.main_container( hdfs, + cluster_info, role, resolved_product_image, zk_config_map_name, @@ -227,18 +244,21 @@ impl ContainerConfig { // Vector side container if merged_config.vector_logging_enabled() { - pb.add_container(product_logging::framework::vector_container( - resolved_product_image, - ContainerConfig::HDFS_CONFIG_VOLUME_MOUNT_NAME, - ContainerConfig::STACKABLE_LOG_VOLUME_MOUNT_NAME, - Some(&merged_config.vector_logging()), - ResourceRequirementsBuilder::new() - .with_cpu_request("250m") - .with_cpu_limit("500m") - .with_memory_request("128Mi") - .with_memory_limit("128Mi") - .build(), - )); + pb.add_container( + product_logging::framework::vector_container( + resolved_product_image, + ContainerConfig::HDFS_CONFIG_VOLUME_MOUNT_NAME, + ContainerConfig::STACKABLE_LOG_VOLUME_MOUNT_NAME, + Some(&merged_config.vector_logging()), + ResourceRequirementsBuilder::new() + .with_cpu_request("250m") + .with_cpu_limit("500m") + .with_memory_request("128Mi") + .with_memory_limit("128Mi") + .build(), + ) + .context(ConfigureLoggingSnafu)?, + ); } if let Some(authentication_config) = hdfs.authentication_config() { @@ -258,7 +278,8 @@ impl ContainerConfig { })?, ) .build(), - ); + ) + .context(AddVolumeSnafu)?; pb.add_volume( VolumeBuilder::new(KERBEROS_VOLUME_NAME) @@ -275,7 +296,8 @@ impl ContainerConfig { })?, ) .build(), - ); + ) + .context(AddVolumeSnafu)?; } // role specific pod settings configured here @@ -287,9 +309,11 @@ impl ContainerConfig { merged_config, object_name, labels, - )?); + )?) + .context(AddVolumeSnafu)?; pb.add_container(zkfc_container_config.main_container( hdfs, + cluster_info, role, resolved_product_image, zk_config_map_name, @@ -305,9 +329,11 @@ impl ContainerConfig { merged_config, object_name, labels, - )?); + )?) + .context(AddVolumeSnafu)?; pb.add_init_container(format_namenodes_container_config.init_container( hdfs, + cluster_info, role, resolved_product_image, zk_config_map_name, @@ -324,9 +350,11 @@ impl ContainerConfig { merged_config, object_name, labels, - )?); + )?) + .context(AddVolumeSnafu)?; pb.add_init_container(format_zookeeper_container_config.init_container( hdfs, + cluster_info, role, resolved_product_image, zk_config_map_name, @@ -344,9 +372,11 @@ impl ContainerConfig { merged_config, object_name, labels, - )?); + )?) + .context(AddVolumeSnafu)?; pb.add_init_container(wait_for_namenodes_container_config.init_container( hdfs, + cluster_info, role, resolved_product_image, zk_config_map_name, @@ -415,6 +445,7 @@ impl ContainerConfig { fn main_container( &self, hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, role: &HdfsRole, resolved_product_image: &ResolvedProductImage, zookeeper_config_map_name: &str, @@ -431,7 +462,7 @@ impl ContainerConfig { cb.image_from_product_image(resolved_product_image) .command(Self::command()) - .args(self.args(hdfs, role, merged_config, &[])?) + .args(self.args(hdfs, cluster_info, role, merged_config, &[])?) .add_env_vars(self.env( hdfs, zookeeper_config_map_name, @@ -439,6 +470,7 @@ impl ContainerConfig { resources.as_ref(), )) .add_volume_mounts(self.volume_mounts(hdfs, merged_config, labels)?) + .context(AddVolumeMountSnafu)? .add_container_ports(self.container_ports(hdfs)); if let Some(resources) = resources { @@ -472,6 +504,7 @@ impl ContainerConfig { fn init_container( &self, hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, role: &HdfsRole, resolved_product_image: &ResolvedProductImage, zookeeper_config_map_name: &str, @@ -485,9 +518,10 @@ impl ContainerConfig { cb.image_from_product_image(resolved_product_image) .command(Self::command()) - .args(self.args(hdfs, role, merged_config, namenode_podrefs)?) + .args(self.args(hdfs, cluster_info, role, merged_config, namenode_podrefs)?) .add_env_vars(self.env(hdfs, zookeeper_config_map_name, env_overrides, None)) - .add_volume_mounts(self.volume_mounts(hdfs, merged_config, labels)?); + .add_volume_mounts(self.volume_mounts(hdfs, merged_config, labels)?) + .context(AddVolumeMountSnafu)?; // We use the main app container resources here in contrast to several operators (which use // hardcoded resources) due to the different code structure. @@ -536,6 +570,7 @@ impl ContainerConfig { fn args( &self, hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, role: &HdfsRole, merged_config: &AnyNodeConfig, namenode_podrefs: &[HdfsPodRef], @@ -618,7 +653,7 @@ wait_for_termination $! // If there is no active namenode, the current pod is not formatted we format as // active namenode. Otherwise as standby node. if hdfs.has_kerberos_enabled() { - args.push_str(&Self::get_kerberos_ticket(hdfs, role)?); + args.push_str(&Self::get_kerberos_ticket(hdfs, role, cluster_info)?); } args.push_str(&formatdoc!( r###" @@ -705,7 +740,7 @@ wait_for_termination $! )); } if hdfs.has_kerberos_enabled() { - args.push_str(&Self::get_kerberos_ticket(hdfs, role)?); + args.push_str(&Self::get_kerberos_ticket(hdfs, role, cluster_info)?); } args.push_str(&formatdoc!( r###" @@ -757,12 +792,17 @@ wait_for_termination $! /// Command to `kinit` a ticket using the principal created for the specified hdfs role /// Needs the KERBEROS_REALM env var, which will be written with `export_kerberos_real_env_var_command` /// Needs the POD_NAME env var to be present, which will be provided by the PodSpec - fn get_kerberos_ticket(hdfs: &HdfsCluster, role: &HdfsRole) -> Result { + fn get_kerberos_ticket( + hdfs: &HdfsCluster, + role: &HdfsRole, + cluster_info: &KubernetesClusterInfo, + ) -> Result { let principal = format!( - "{service_name}/{hdfs_name}.{namespace}.svc.cluster.local@${{KERBEROS_REALM}}", + "{service_name}/{hdfs_name}.{namespace}.svc.{cluster_domain}@${{KERBEROS_REALM}}", service_name = role.kerberos_service_name(), hdfs_name = hdfs.name_any(), namespace = hdfs.namespace().context(ObjectHasNoNamespaceSnafu)?, + cluster_domain = cluster_info.cluster_domain, ); Ok(formatdoc!( r###" diff --git a/rust/operator-binary/src/discovery.rs b/rust/operator-binary/src/discovery.rs index 3dca53ed..c41d8b75 100644 --- a/rust/operator-binary/src/discovery.rs +++ b/rust/operator-binary/src/discovery.rs @@ -4,11 +4,11 @@ use stackable_hdfs_crd::{ HdfsCluster, HdfsPodRef, HdfsRole, }; use stackable_operator::{ - builder::configmap::ConfigMapBuilder, - builder::meta::ObjectMetaBuilder, + builder::{configmap::ConfigMapBuilder, meta::ObjectMetaBuilder}, commons::product_image_selection::ResolvedProductImage, k8s_openapi::api::core::v1::ConfigMap, kube::{runtime::reflector::ObjectRef, ResourceExt}, + utils::cluster_info::KubernetesClusterInfo, }; use crate::{ @@ -46,6 +46,7 @@ pub enum Error { /// for clients. pub fn build_discovery_configmap( hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, controller: &str, namenode_podrefs: &[HdfsPodRef], resolved_product_image: &ResolvedProductImage, @@ -70,11 +71,11 @@ pub fn build_discovery_configmap( .metadata(metadata) .add_data( HDFS_SITE_XML, - build_discovery_hdfs_site_xml(hdfs, hdfs.name_any(), namenode_podrefs), + build_discovery_hdfs_site_xml(hdfs, cluster_info, hdfs.name_any(), namenode_podrefs), ) .add_data( CORE_SITE_XML, - build_discovery_core_site_xml(hdfs, hdfs.name_any())?, + build_discovery_core_site_xml(hdfs, cluster_info, hdfs.name_any())?, ) .build() .context(BuildConfigMapSnafu) @@ -82,23 +83,28 @@ pub fn build_discovery_configmap( fn build_discovery_hdfs_site_xml( hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, logical_name: String, namenode_podrefs: &[HdfsPodRef], ) -> String { HdfsSiteConfigBuilder::new(logical_name) .dfs_name_services() .dfs_ha_namenodes(namenode_podrefs) - .dfs_namenode_rpc_address_ha(namenode_podrefs) - .dfs_namenode_http_address_ha(hdfs, namenode_podrefs) + .dfs_namenode_rpc_address_ha(cluster_info, namenode_podrefs) + .dfs_namenode_http_address_ha(hdfs, cluster_info, namenode_podrefs) .dfs_client_failover_proxy_provider() .security_discovery_config(hdfs) .build_as_xml() } -fn build_discovery_core_site_xml(hdfs: &HdfsCluster, logical_name: String) -> Result { +fn build_discovery_core_site_xml( + hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, + logical_name: String, +) -> Result { Ok(CoreSiteConfigBuilder::new(logical_name) .fs_default_fs() - .security_discovery_config(hdfs) + .security_discovery_config(hdfs, cluster_info) .context(BuildSecurityDiscoveryConfigMapSnafu)? .build_as_xml()) } diff --git a/rust/operator-binary/src/hdfs_controller.rs b/rust/operator-binary/src/hdfs_controller.rs index 04d53aa3..18ca39c1 100644 --- a/rust/operator-binary/src/hdfs_controller.rs +++ b/rust/operator-binary/src/hdfs_controller.rs @@ -47,6 +47,7 @@ use stackable_operator::{ rollout::check_statefulset_rollout_complete, }, time::Duration, + utils::cluster_info::KubernetesClusterInfo, }; use strum::{EnumDiscriminants, IntoEnumIterator, IntoStaticStr}; @@ -397,6 +398,7 @@ pub async fn reconcile_hdfs(hdfs: Arc, ctx: Arc) -> HdfsOperat let rg_configmap = rolegroup_config_map( &hdfs, + &client.kubernetes_cluster_info, metadata, &rolegroup_ref, rolegroup_config, @@ -409,6 +411,7 @@ pub async fn reconcile_hdfs(hdfs: Arc, ctx: Arc) -> HdfsOperat let rg_statefulset = rolegroup_statefulset( &hdfs, + &client.kubernetes_cluster_info, metadata, &role, &rolegroup_ref, @@ -470,6 +473,7 @@ pub async fn reconcile_hdfs(hdfs: Arc, ctx: Arc) -> HdfsOperat // so that failure won't inhibit the rest of the cluster from booting up. let discovery_cm = build_discovery_configmap( &hdfs, + &client.kubernetes_cluster_info, HDFS_CONTROLLER, &hdfs .namenode_listener_refs(client) @@ -589,6 +593,7 @@ fn rolegroup_service( #[allow(clippy::too_many_arguments)] fn rolegroup_config_map( hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, metadata: &ObjectMetaBuilder, rolegroup_ref: &RoleGroupRef, rolegroup_config: &HashMap>, @@ -640,10 +645,10 @@ fn rolegroup_config_map( .dfs_replication(hdfs.spec.cluster_config.dfs_replication) .dfs_name_services() .dfs_ha_namenodes(namenode_podrefs) - .dfs_namenode_shared_edits_dir(journalnode_podrefs) + .dfs_namenode_shared_edits_dir(cluster_info, journalnode_podrefs) .dfs_namenode_name_dir_ha(namenode_podrefs) - .dfs_namenode_rpc_address_ha(namenode_podrefs) - .dfs_namenode_http_address_ha(hdfs, namenode_podrefs) + .dfs_namenode_rpc_address_ha(cluster_info, namenode_podrefs) + .dfs_namenode_http_address_ha(hdfs, cluster_info, namenode_podrefs) .dfs_client_failover_proxy_provider() .security_config(hdfs) .add("dfs.ha.fencing.methods", "shell(/bin/true)") @@ -672,7 +677,7 @@ fn rolegroup_config_map( core_site .fs_default_fs() .ha_zookeeper_quorum() - .security_config(hdfs) + .security_config(hdfs, cluster_info) .context(BuildSecurityConfigSnafu)?; if let Some(hdfs_opa_config) = hdfs_opa_config { hdfs_opa_config.add_core_site_config(&mut core_site); @@ -793,6 +798,7 @@ fn rolegroup_config_map( #[allow(clippy::too_many_arguments)] fn rolegroup_statefulset( hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, metadata: &ObjectMetaBuilder, role: &HdfsRole, rolegroup_ref: &RoleGroupRef, @@ -837,6 +843,7 @@ fn rolegroup_statefulset( ContainerConfig::add_containers_and_volumes( &mut pb, hdfs, + cluster_info, role, resolved_product_image, merged_config, @@ -892,6 +899,8 @@ pub fn error_policy(_obj: Arc, _error: &Error, _ctx: Arc) -> A #[cfg(test)] mod test { + use stackable_operator::commons::networking::DomainName; + use super::*; #[test] @@ -964,6 +973,9 @@ properties: [] ContainerConfig::add_containers_and_volumes( &mut pb, &hdfs, + &KubernetesClusterInfo { + cluster_domain: DomainName::try_from("cluster.local").unwrap(), + }, &role, &resolved_product_image, &merged_config, diff --git a/rust/operator-binary/src/main.rs b/rust/operator-binary/src/main.rs index a50b1419..6bc7ff74 100644 --- a/rust/operator-binary/src/main.rs +++ b/rust/operator-binary/src/main.rs @@ -57,6 +57,7 @@ async fn main() -> anyhow::Result<()> { product_config, watch_namespace, tracing_target, + cluster_info_opts, }) => { stackable_operator::logging::initialize_logging( "HDFS_OPERATOR_LOG", @@ -76,7 +77,9 @@ async fn main() -> anyhow::Result<()> { "deploy/config-spec/properties.yaml", "/etc/stackable/hdfs-operator/config-spec/properties.yaml", ])?; - let client = client::create_client(Some(OPERATOR_NAME.to_string())).await?; + let client = + client::initialize_operator(Some(OPERATOR_NAME.to_string()), &cluster_info_opts) + .await?; create_controller(client, product_config, watch_namespace).await; } }; diff --git a/rust/operator-binary/src/security/kerberos.rs b/rust/operator-binary/src/security/kerberos.rs index 88aa367d..9b44748c 100644 --- a/rust/operator-binary/src/security/kerberos.rs +++ b/rust/operator-binary/src/security/kerberos.rs @@ -3,7 +3,10 @@ use stackable_hdfs_crd::{ constants::{SSL_CLIENT_XML, SSL_SERVER_XML}, HdfsCluster, }; -use stackable_operator::kube::{runtime::reflector::ObjectRef, ResourceExt}; +use stackable_operator::{ + kube::{runtime::reflector::ObjectRef, ResourceExt}, + utils::cluster_info::KubernetesClusterInfo, +}; use crate::config::{CoreSiteConfigBuilder, HdfsSiteConfigBuilder}; @@ -50,9 +53,13 @@ impl HdfsSiteConfigBuilder { } impl CoreSiteConfigBuilder { - pub fn security_config(&mut self, hdfs: &HdfsCluster) -> Result<&mut Self> { + pub fn security_config( + &mut self, + hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, + ) -> Result<&mut Self> { if hdfs.authentication_config().is_some() { - let principal_host_part = principal_host_part(hdfs)?; + let principal_host_part = principal_host_part(hdfs, cluster_info)?; self.add("hadoop.security.authentication", "kerberos") // Not adding hadoop.registry.kerberos.realm, as it seems to not be used by our customers @@ -106,9 +113,13 @@ impl CoreSiteConfigBuilder { Ok(self) } - pub fn security_discovery_config(&mut self, hdfs: &HdfsCluster) -> Result<&mut Self> { + pub fn security_discovery_config( + &mut self, + hdfs: &HdfsCluster, + cluster_info: &KubernetesClusterInfo, + ) -> Result<&mut Self> { if hdfs.has_kerberos_enabled() { - let principal_host_part = principal_host_part(hdfs)?; + let principal_host_part = principal_host_part(hdfs, cluster_info)?; self.add("hadoop.security.authentication", "kerberos") .add( @@ -147,14 +158,15 @@ impl CoreSiteConfigBuilder { /// ``` /// /// After we have switched to using the following principals everything worked without problems -fn principal_host_part(hdfs: &HdfsCluster) -> Result { +fn principal_host_part(hdfs: &HdfsCluster, cluster_info: &KubernetesClusterInfo) -> Result { let hdfs_name = hdfs.name_any(); let hdfs_namespace = hdfs .namespace_or_error() .with_context(|_| ObjectHasNoNamespaceSnafu { obj_ref: ObjectRef::from_obj(hdfs), })?; + let cluster_domain = &cluster_info.cluster_domain; Ok(format!( - "{hdfs_name}.{hdfs_namespace}.svc.cluster.local@${{env.KERBEROS_REALM}}" + "{hdfs_name}.{hdfs_namespace}.svc.{cluster_domain}@${{env.KERBEROS_REALM}}", )) }