From 52f6471f4736f1e8e4a1f5af6568a5e658c751d9 Mon Sep 17 00:00:00 2001 From: Tom Weininger Date: Tue, 20 Feb 2024 08:08:01 -0500 Subject: [PATCH] migrate von databaseUsername to databaseAccount and fully use MariaDBAccount --- ...enstack.org_octaviaamphoracontrollers.yaml | 16 ++-- .../octavia.openstack.org_octaviaapis.yaml | 16 ++-- api/bases/octavia.openstack.org_octavias.yaml | 82 +++++++++++-------- api/v1beta1/amphoracontroller_types.go | 11 ++- api/v1beta1/octavia_types.go | 14 ++-- api/v1beta1/octaviaapi_types.go | 11 ++- ...enstack.org_octaviaamphoracontrollers.yaml | 16 ++-- .../octavia.openstack.org_octaviaapis.yaml | 16 ++-- .../bases/octavia.openstack.org_octavias.yaml | 82 +++++++++++-------- config/samples/octavia_v1beta1_octavia.yaml | 10 +-- controllers/octavia_controller.go | 29 ++++--- go.mod | 2 + go.sum | 10 +-- .../files/octavia_v1beta1_octavia.yaml | 10 +-- pkg/amphoracontrollers/daemonset.go | 2 +- pkg/octavia/dbsync.go | 2 +- pkg/octavia/initcontainer.go | 4 +- pkg/octaviaapi/deployment.go | 2 +- .../common/assert_sample_deployment.yaml | 12 +-- 19 files changed, 193 insertions(+), 154 deletions(-) diff --git a/api/bases/octavia.openstack.org_octaviaamphoracontrollers.yaml b/api/bases/octavia.openstack.org_octaviaamphoracontrollers.yaml index 6a8e5d8d..26e9f0d6 100644 --- a/api/bases/octavia.openstack.org_octaviaamphoracontrollers.yaml +++ b/api/bases/octavia.openstack.org_octaviaamphoracontrollers.yaml @@ -70,6 +70,15 @@ spec: added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. As an interim solution, octavia-controller will + generate the MariaDBAccount object of the given name if it's not + present in the cluster. Later, openstack-operator will perform + this generation and also populate this field for the Octavia objects + it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -78,12 +87,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia DB, - defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -121,7 +124,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret diff --git a/api/bases/octavia.openstack.org_octaviaapis.yaml b/api/bases/octavia.openstack.org_octaviaapis.yaml index 32c6fade..353216c7 100644 --- a/api/bases/octavia.openstack.org_octaviaapis.yaml +++ b/api/bases/octavia.openstack.org_octaviaapis.yaml @@ -59,6 +59,15 @@ spec: added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. As an interim solution, octavia-controller will + generate the MariaDBAccount object of the given name if it's not + present in the cluster. Later, openstack-operator will perform + this generation and also populate this field for the Octavia objects + it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -67,12 +76,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia DB, - defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -269,7 +272,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret diff --git a/api/bases/octavia.openstack.org_octavias.yaml b/api/bases/octavia.openstack.org_octavias.yaml index 9f9ca882..36f0afeb 100644 --- a/api/bases/octavia.openstack.org_octavias.yaml +++ b/api/bases/octavia.openstack.org_octavias.yaml @@ -57,17 +57,20 @@ spec: added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. As an interim solution, octavia-controller will + generate the MariaDBAccount object of the given name if it's not + present in the cluster. Later, openstack-operator will perform + this generation and also populate this field for the Octavia objects + it creates + type: string databaseInstance: description: MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia DB, - defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -112,6 +115,15 @@ spec: content gets added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. As an interim solution, octavia-controller + will generate the MariaDBAccount object of the given name if + it's not present in the cluster. Later, openstack-operator + will perform this generation and also populate this field for + the Octavia objects it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -120,12 +132,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia - DB, defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -330,7 +336,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret @@ -455,6 +460,15 @@ spec: content gets added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. As an interim solution, octavia-controller + will generate the MariaDBAccount object of the given name if + it's not present in the cluster. Later, openstack-operator + will perform this generation and also populate this field for + the Octavia objects it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -463,12 +477,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia - DB, defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -506,7 +514,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret @@ -640,6 +647,15 @@ spec: content gets added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. As an interim solution, octavia-controller + will generate the MariaDBAccount object of the given name if + it's not present in the cluster. Later, openstack-operator + will perform this generation and also populate this field for + the Octavia objects it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -648,12 +664,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia - DB, defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -691,7 +701,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret @@ -825,6 +834,15 @@ spec: content gets added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. As an interim solution, octavia-controller + will generate the MariaDBAccount object of the given name if + it's not present in the cluster. Later, openstack-operator + will perform this generation and also populate this field for + the Octavia objects it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -833,12 +851,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia - DB, defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -876,7 +888,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret @@ -987,7 +998,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret @@ -1016,7 +1026,7 @@ spec: type: string secret: description: Secret containing OpenStack password information for - octavia OctaviaDatabasePassword, AdminPassword + octavia's keystone password; no longer used for database password type: string serviceUser: default: octavia diff --git a/api/v1beta1/amphoracontroller_types.go b/api/v1beta1/amphoracontroller_types.go index ec17c306..97a71e7a 100644 --- a/api/v1beta1/amphoracontroller_types.go +++ b/api/v1beta1/amphoracontroller_types.go @@ -41,9 +41,12 @@ type OctaviaAmphoraControllerSpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=octavia - // DatabaseUser - optional username used for octavia DB, defaults to octavia - // TODO: -> implement needs work in mariadb-operator, right now only octavia - DatabaseUser string `json:"databaseUser"` + // DatabaseAccount - name of MariaDBAccount which will be used to connect. + // As an interim solution, octavia-controller will + // generate the MariaDBAccount object of the given name if it's not + // present in the cluster. Later, openstack-operator will perform this + // generation and also populate this field for the Octavia objects it creates + DatabaseAccount string `json:"databaseAccount"` // +kubebuilder:validation:Optional // DatabaseHostname - Octavia DB hostname @@ -91,7 +94,7 @@ type OctaviaAmphoraControllerSpec struct { LoadBalancerSSHPrivKey string `json:"sshPrivkeySecret,omitempty"` // +kubebuilder:validation:Optional - // +kubebuilder:default={database: OctaviaDatabasePassword, service: OctaviaPassword} + // +kubebuilder:default={service: OctaviaPassword} // PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret PasswordSelectors PasswordSelector `json:"passwordSelectors,omitempty"` diff --git a/api/v1beta1/octavia_types.go b/api/v1beta1/octavia_types.go index a6f0690a..7ab75c84 100644 --- a/api/v1beta1/octavia_types.go +++ b/api/v1beta1/octavia_types.go @@ -51,9 +51,12 @@ type OctaviaSpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=octavia - // DatabaseUser - optional username used for octavia DB, defaults to octavia - // TODO: -> implement needs work in mariadb-operator, right now only octavia - DatabaseUser string `json:"databaseUser"` + // DatabaseAccount - name of MariaDBAccount which will be used to connect. + // As an interim solution, octavia-controller will + // generate the MariaDBAccount object of the given name if it's not + // present in the cluster. Later, openstack-operator will perform this + // generation and also populate this field for the Octavia objects it creates + DatabaseAccount string `json:"databaseAccount"` // +kubebuilder:validation:Required // +kubebuilder:default=rabbitmq @@ -67,11 +70,12 @@ type OctaviaSpec struct { ServiceUser string `json:"serviceUser"` // +kubebuilder:validation:Required - // Secret containing OpenStack password information for octavia OctaviaDatabasePassword, AdminPassword + // Secret containing OpenStack password information for octavia's keystone + // password; no longer used for database password Secret string `json:"secret"` // +kubebuilder:validation:Optional - // +kubebuilder:default={database: OctaviaDatabasePassword, service: OctaviaPassword} + // +kubebuilder:default={service: OctaviaPassword} // PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret PasswordSelectors PasswordSelector `json:"passwordSelectors,omitempty"` diff --git a/api/v1beta1/octaviaapi_types.go b/api/v1beta1/octaviaapi_types.go index d5b57daf..06f3b099 100644 --- a/api/v1beta1/octaviaapi_types.go +++ b/api/v1beta1/octaviaapi_types.go @@ -46,9 +46,12 @@ type OctaviaAPISpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=octavia - // DatabaseUser - optional username used for octavia DB, defaults to octavia - // TODO: -> implement needs work in mariadb-operator, right now only octavia - DatabaseUser string `json:"databaseUser"` + // DatabaseAccount - name of MariaDBAccount which will be used to connect. + // As an interim solution, octavia-controller will + // generate the MariaDBAccount object of the given name if it's not + // present in the cluster. Later, openstack-operator will perform this + // generation and also populate this field for the Octavia objects it creates + DatabaseAccount string `json:"databaseAccount"` // +kubebuilder:validation:Optional // DatabaseHostname - Octavia DB hostname @@ -79,7 +82,7 @@ type OctaviaAPISpec struct { Secret string `json:"secret"` // +kubebuilder:validation:Optional - // +kubebuilder:default={database: OctaviaDatabasePassword, service: OctaviaPassword} + // +kubebuilder:default={service: OctaviaPassword} // PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret PasswordSelectors PasswordSelector `json:"passwordSelectors,omitempty"` diff --git a/config/crd/bases/octavia.openstack.org_octaviaamphoracontrollers.yaml b/config/crd/bases/octavia.openstack.org_octaviaamphoracontrollers.yaml index 6a8e5d8d..26e9f0d6 100644 --- a/config/crd/bases/octavia.openstack.org_octaviaamphoracontrollers.yaml +++ b/config/crd/bases/octavia.openstack.org_octaviaamphoracontrollers.yaml @@ -70,6 +70,15 @@ spec: added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. As an interim solution, octavia-controller will + generate the MariaDBAccount object of the given name if it's not + present in the cluster. Later, openstack-operator will perform + this generation and also populate this field for the Octavia objects + it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -78,12 +87,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia DB, - defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -121,7 +124,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret diff --git a/config/crd/bases/octavia.openstack.org_octaviaapis.yaml b/config/crd/bases/octavia.openstack.org_octaviaapis.yaml index 32c6fade..353216c7 100644 --- a/config/crd/bases/octavia.openstack.org_octaviaapis.yaml +++ b/config/crd/bases/octavia.openstack.org_octaviaapis.yaml @@ -59,6 +59,15 @@ spec: added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. As an interim solution, octavia-controller will + generate the MariaDBAccount object of the given name if it's not + present in the cluster. Later, openstack-operator will perform + this generation and also populate this field for the Octavia objects + it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -67,12 +76,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia DB, - defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -269,7 +272,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret diff --git a/config/crd/bases/octavia.openstack.org_octavias.yaml b/config/crd/bases/octavia.openstack.org_octavias.yaml index 9f9ca882..36f0afeb 100644 --- a/config/crd/bases/octavia.openstack.org_octavias.yaml +++ b/config/crd/bases/octavia.openstack.org_octavias.yaml @@ -57,17 +57,20 @@ spec: added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will be + used to connect. As an interim solution, octavia-controller will + generate the MariaDBAccount object of the given name if it's not + present in the cluster. Later, openstack-operator will perform + this generation and also populate this field for the Octavia objects + it creates + type: string databaseInstance: description: MariaDB instance name Right now required by the maridb-operator to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia DB, - defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -112,6 +115,15 @@ spec: content gets added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. As an interim solution, octavia-controller + will generate the MariaDBAccount object of the given name if + it's not present in the cluster. Later, openstack-operator + will perform this generation and also populate this field for + the Octavia objects it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -120,12 +132,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia - DB, defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -330,7 +336,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret @@ -455,6 +460,15 @@ spec: content gets added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. As an interim solution, octavia-controller + will generate the MariaDBAccount object of the given name if + it's not present in the cluster. Later, openstack-operator + will perform this generation and also populate this field for + the Octavia objects it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -463,12 +477,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia - DB, defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -506,7 +514,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret @@ -640,6 +647,15 @@ spec: content gets added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. As an interim solution, octavia-controller + will generate the MariaDBAccount object of the given name if + it's not present in the cluster. Later, openstack-operator + will perform this generation and also populate this field for + the Octavia objects it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -648,12 +664,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia - DB, defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -691,7 +701,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret @@ -825,6 +834,15 @@ spec: content gets added to to /etc//.conf.d directory as custom.conf file. type: string + databaseAccount: + default: octavia + description: DatabaseAccount - name of MariaDBAccount which will + be used to connect. As an interim solution, octavia-controller + will generate the MariaDBAccount object of the given name if + it's not present in the cluster. Later, openstack-operator + will perform this generation and also populate this field for + the Octavia objects it creates + type: string databaseHostname: description: DatabaseHostname - Octavia DB hostname type: string @@ -833,12 +851,6 @@ spec: to get the credentials from the instance to create the DB Might not be required in future type: string - databaseUser: - default: octavia - description: 'DatabaseUser - optional username used for octavia - DB, defaults to octavia TODO: -> implement needs work in mariadb-operator, - right now only octavia' - type: string defaultConfigOverwrite: additionalProperties: type: string @@ -876,7 +888,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and AdminUser password from the Secret @@ -987,7 +998,6 @@ spec: type: object passwordSelectors: default: - database: OctaviaDatabasePassword service: OctaviaPassword description: PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret @@ -1016,7 +1026,7 @@ spec: type: string secret: description: Secret containing OpenStack password information for - octavia OctaviaDatabasePassword, AdminPassword + octavia's keystone password; no longer used for database password type: string serviceUser: default: octavia diff --git a/config/samples/octavia_v1beta1_octavia.yaml b/config/samples/octavia_v1beta1_octavia.yaml index 357d3c45..33ffbf7e 100644 --- a/config/samples/octavia_v1beta1_octavia.yaml +++ b/config/samples/octavia_v1beta1_octavia.yaml @@ -4,7 +4,7 @@ metadata: name: octavia spec: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia rabbitMqClusterName: rabbitmq secret: osp-secret @@ -14,7 +14,7 @@ spec: debug = true octaviaHousekeeping: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia serviceAccount: octavia role: housekeeping @@ -27,7 +27,7 @@ spec: debug = true octaviaHealthManager: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia serviceAccount: octavia role: healthmanager @@ -40,7 +40,7 @@ spec: debug = true octaviaWorker: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia serviceAccount: octavia role: worker @@ -53,7 +53,7 @@ spec: debug = true octaviaAPI: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia serviceAccount: octavia secret: osp-secret diff --git a/controllers/octavia_controller.go b/controllers/octavia_controller.go index 6cfe8056..971af4e8 100644 --- a/controllers/octavia_controller.go +++ b/controllers/octavia_controller.go @@ -213,7 +213,7 @@ func (r *OctaviaReconciler) reconcileDelete(ctx context.Context, instance *octav util.LogForObject(helper, "Reconciling Service delete", instance) // remove db finalizer first - db, err := mariadbv1.GetDatabaseByName(ctx, helper, instance.Name) + db, err := mariadbv1.GetDatabaseByNameAndAccount(ctx, helper, instance.Name, instance.Spec.DatabaseAccount, instance.Namespace) if err != nil && !k8s_errors.IsNotFound(err) { return ctrl.Result{}, err } @@ -246,19 +246,20 @@ func (r *OctaviaReconciler) reconcileInit( // // create service DB instance // - db := mariadbv1.NewDatabase( - instance.Name, - instance.Spec.DatabaseUser, - instance.Spec.Secret, - map[string]string{ - "dbName": instance.Spec.DatabaseInstance, - }, + db := mariadbv1.NewDatabaseForAccount( + instance.Spec.DatabaseInstance, // mariadb/galera service to target + instance.Name, // name used in CREATE DATABASE in mariadb + instance.Name, // CR name for MariaDBDatabase + instance.Spec.DatabaseAccount, // CR name for MariaDBAccount + instance.Namespace, // namespace ) // create or patch the DB - ctrlResult, err := db.CreateOrPatchDB( + ctrlResult, err := db.CreateOrPatchDBByName( ctx, helper, + instance.Spec.DatabaseInstance, ) + if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.DBReadyCondition, @@ -661,6 +662,12 @@ func (r *OctaviaReconciler) reconcileNormal(ctx context.Context, instance *octav instance.Status.Conditions.MarkTrue(amphoraControllerReadyCondition(octaviav1.Worker), condition.DeploymentReadyMessage) } + // remove finalizers from unused MariaDBAccount records + err = mariadbv1.DeleteUnusedMariaDBAccountFinalizers(ctx, helper, octavia.DatabaseName, instance.Spec.DatabaseAccount, instance.Namespace) + if err != nil { + return ctrl.Result{}, err + } + // create Deployment - end Log.Info("Reconciled Service successfully") @@ -761,7 +768,7 @@ func (r *OctaviaReconciler) apiDeploymentCreateOrUpdate(instance *octaviav1.Octa deployment.Spec = instance.Spec.OctaviaAPI deployment.Spec.DatabaseInstance = instance.Spec.DatabaseInstance deployment.Spec.DatabaseHostname = instance.Status.DatabaseHostname - deployment.Spec.DatabaseUser = instance.Spec.DatabaseUser + deployment.Spec.DatabaseAccount = instance.Spec.DatabaseAccount deployment.Spec.ServiceUser = instance.Spec.ServiceUser deployment.Spec.TransportURLSecret = instance.Status.TransportURLSecret deployment.Spec.Secret = instance.Spec.Secret @@ -817,7 +824,7 @@ func (r *OctaviaReconciler) amphoraControllerDaemonSetCreateOrUpdate( daemonset.Spec.Role = role daemonset.Spec.DatabaseInstance = instance.Spec.DatabaseInstance daemonset.Spec.DatabaseHostname = instance.Status.DatabaseHostname - daemonset.Spec.DatabaseUser = instance.Spec.DatabaseUser + daemonset.Spec.DatabaseAccount = instance.Spec.DatabaseAccount daemonset.Spec.ServiceUser = instance.Spec.ServiceUser daemonset.Spec.Secret = instance.Spec.Secret daemonset.Spec.TransportURLSecret = instance.Status.TransportURLSecret diff --git a/go.mod b/go.mod index f1d006b3..576ee8aa 100644 --- a/go.mod +++ b/go.mod @@ -87,3 +87,5 @@ replace github.com/openstack-k8s-operators/octavia-operator/api => ./api // mschuppert: map to latest commit from release-4.13 tag // must consistent within modules and service operators replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 //allow-merging + +replace github.com/openstack-k8s-operators/mariadb-operator/api => github.com/zzzeek/mariadb-operator/api v0.3.1-0.20240219194300-cc53ce6bfb27 //allow-merging \ No newline at end of file diff --git a/go.sum b/go.sum index 32c51e35..c7f08834 100644 --- a/go.sum +++ b/go.sum @@ -11,7 +11,6 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/emicklei/go-restful/v3 v3.11.2 h1:1onLa9DcsMYO9P+CXaL0dStDqQ2EHHXLiz+BtnqkLAU= github.com/emicklei/go-restful/v3 v3.11.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= -github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= @@ -63,9 +62,7 @@ github.com/k8snetworkplumbingwg/network-attachment-definition-client v1.4.0/go.m github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -89,8 +86,6 @@ github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.2024021414 github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240214144842-5dcac51e5b36/go.mod h1:bQwzyQtWCR9F0+IvWZ30J9d1lB6tcX3CNJ0Ten1smDw= github.com/openstack-k8s-operators/lib-common/modules/openstack v0.3.1-0.20240214144842-5dcac51e5b36 h1:begkUHw1qhTc4PBuUinhjxvw4IFQyJtWH1svdMAX8Eg= github.com/openstack-k8s-operators/lib-common/modules/openstack v0.3.1-0.20240214144842-5dcac51e5b36/go.mod h1:8QsCFttAm+X6A8I8EQThGjNjeMAYt2hK7ivbvnR3434= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240208072109-4447f245e487 h1:CyrE+x+AuXjURsiqj+fxOSEbn73hjOvh9g6ZXD4eU9k= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240208072109-4447f245e487/go.mod h1:D4sr4UipU4qjyrcO2mjW8YlSm48AdkY69dloASUbNYE= github.com/openstack-k8s-operators/ovn-operator/api v0.3.1-0.20240214165507-93933dc002b7 h1:jRc4BQlOdn/gv3zjIIkCrnxUkItiXIHUcL9m6HvBOuM= github.com/openstack-k8s-operators/ovn-operator/api v0.3.1-0.20240214165507-93933dc002b7/go.mod h1:h0tc1Gz7eXL9A9VgY4yUjtufGrIg/L/7Ckinat3nca8= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -106,19 +101,17 @@ github.com/prometheus/common v0.46.0/go.mod h1:Tp0qkxpb9Jsg54QMe+EAmqXkSV7Evdy1B github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= -github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/zzzeek/mariadb-operator/api v0.3.1-0.20240219194300-cc53ce6bfb27 h1:VRqE9hlRwVbKTisiE81BBEZmlN5AKWiUevUlyZuoRY0= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= @@ -195,7 +188,6 @@ google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7 google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/install_yamls_setup/roles/podified_cp/files/octavia_v1beta1_octavia.yaml b/install_yamls_setup/roles/podified_cp/files/octavia_v1beta1_octavia.yaml index 33aa16f4..f60a5752 100644 --- a/install_yamls_setup/roles/podified_cp/files/octavia_v1beta1_octavia.yaml +++ b/install_yamls_setup/roles/podified_cp/files/octavia_v1beta1_octavia.yaml @@ -4,7 +4,7 @@ metadata: name: octavia spec: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia rabbitMqClusterName: rabbitmq secret: osp-secret @@ -17,7 +17,7 @@ spec: debug = true octaviaHousekeeping: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia serviceAccount: octavia role: housekeeping @@ -30,7 +30,7 @@ spec: debug = true octaviaHealthManager: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia serviceAccount: octavia role: healthmanager @@ -43,7 +43,7 @@ spec: debug = true octaviaWorker: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia serviceAccount: octavia role: worker @@ -56,7 +56,7 @@ spec: debug = true octaviaAPI: databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia serviceUser: octavia serviceAccount: octavia secret: osp-secret diff --git a/pkg/amphoracontrollers/daemonset.go b/pkg/amphoracontrollers/daemonset.go index ef21689e..7407488b 100644 --- a/pkg/amphoracontrollers/daemonset.go +++ b/pkg/amphoracontrollers/daemonset.go @@ -139,7 +139,7 @@ func DaemonSet( initContainerDetails := octavia.APIDetails{ ContainerImage: instance.Spec.ContainerImage, DatabaseHost: instance.Spec.DatabaseHostname, - DatabaseUser: instance.Spec.DatabaseUser, + DatabaseAccount: instance.Spec.DatabaseAccount, DatabaseName: octavia.DatabaseName, OSPSecret: instance.Spec.Secret, TransportURLSecret: instance.Spec.TransportURLSecret, diff --git a/pkg/octavia/dbsync.go b/pkg/octavia/dbsync.go index 82b8eca1..33ca2a09 100644 --- a/pkg/octavia/dbsync.go +++ b/pkg/octavia/dbsync.go @@ -83,7 +83,7 @@ func DbSyncJob( initContainerDetails := APIDetails{ ContainerImage: instance.Spec.OctaviaAPI.ContainerImage, DatabaseHost: instance.Status.DatabaseHostname, - DatabaseUser: instance.Spec.DatabaseUser, + DatabaseAccount: instance.Spec.DatabaseAccount, DatabaseName: DatabaseName, OSPSecret: instance.Spec.Secret, DBPasswordSelector: instance.Spec.PasswordSelectors.Database, diff --git a/pkg/octavia/initcontainer.go b/pkg/octavia/initcontainer.go index dff67b1c..17ea7f11 100644 --- a/pkg/octavia/initcontainer.go +++ b/pkg/octavia/initcontainer.go @@ -25,7 +25,7 @@ import ( type APIDetails struct { ContainerImage string DatabaseHost string - DatabaseUser string + DatabaseAccount string DatabaseName string TransportURLSecret string OSPSecret string @@ -50,7 +50,7 @@ func InitContainer(init APIDetails) []corev1.Container { envVars := map[string]env.Setter{} envVars["DatabaseHost"] = env.SetValue(init.DatabaseHost) - envVars["DatabaseUser"] = env.SetValue(init.DatabaseUser) + envVars["DatabaseUser"] = env.SetValue(init.DatabaseAccount) envVars["DatabaseName"] = env.SetValue(init.DatabaseName) envs := []corev1.EnvVar{ diff --git a/pkg/octaviaapi/deployment.go b/pkg/octaviaapi/deployment.go index 93600aae..bb392918 100644 --- a/pkg/octaviaapi/deployment.go +++ b/pkg/octaviaapi/deployment.go @@ -148,7 +148,7 @@ func Deployment( initContainerDetails := octavia.APIDetails{ ContainerImage: instance.Spec.ContainerImage, DatabaseHost: instance.Spec.DatabaseHostname, - DatabaseUser: instance.Spec.DatabaseUser, + DatabaseAccount: instance.Spec.DatabaseAccount, DatabaseName: octavia.DatabaseName, OSPSecret: instance.Spec.Secret, TransportURLSecret: instance.Spec.TransportURLSecret, diff --git a/tests/kuttl/common/assert_sample_deployment.yaml b/tests/kuttl/common/assert_sample_deployment.yaml index 18455dba..68eb0961 100644 --- a/tests/kuttl/common/assert_sample_deployment.yaml +++ b/tests/kuttl/common/assert_sample_deployment.yaml @@ -18,7 +18,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia passwordSelectors: service: OctaviaPassword database: OctaviaDatabasePassword @@ -30,7 +30,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia passwordSelectors: service: OctaviaPassword database: OctaviaDatabasePassword @@ -43,7 +43,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia passwordSelectors: service: OctaviaPassword database: OctaviaDatabasePassword @@ -54,7 +54,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia passwordSelectors: service: OctaviaPassword database: OctaviaDatabasePassword @@ -65,7 +65,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: octavia + databaseAccount: octavia passwordSelectors: service: OctaviaPassword database: OctaviaDatabasePassword @@ -177,7 +177,7 @@ spec: value: openstack - name: DatabaseName value: octavia - - name: DatabaseUser + - name: databaseAccount value: octavia imagePullPolicy: IfNotPresent name: init