diff --git a/cmd/operator/app/command.go b/cmd/operator/app/command.go index a381109b..e883e09b 100644 --- a/cmd/operator/app/command.go +++ b/cmd/operator/app/command.go @@ -20,6 +20,7 @@ import ( monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" "github.com/spf13/cobra" + admissionv1 "k8s.io/api/admission/v1" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" @@ -30,6 +31,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/healthz" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" + "sigs.k8s.io/controller-runtime/pkg/webhook" "github.com/GreptimeTeam/greptimedb-operator/apis/v1alpha1" "github.com/GreptimeTeam/greptimedb-operator/cmd/operator/app/options" @@ -63,6 +65,9 @@ func init() { // Add [PodMetrics](https://github.com/kubernetes/metrics/blob/master/pkg/apis/metrics/v1beta1/types.go) for fetching PodMetrics from metrics-server. utilruntime.Must(podmetricsv1beta1.AddToScheme(scheme)) + // Add admission webhook scheme. + utilruntime.Must(admissionv1.AddToScheme(scheme)) + // +kubebuilder:scaffold:scheme } @@ -77,6 +82,14 @@ func NewOperatorCommand() *cobra.Command { setupLog := ctrl.Log.WithName("setup") cfg := ctrl.GetConfigOrDie() + webhookServer := webhook.NewServer(webhook.Options{}) + if o.EnableAdmissionWebhook { + webhookServerOptions := webhook.Options{ + Port: o.AdmissionWebhookPort, + CertDir: o.AdmissionWebhookCertDir, + } + webhookServer = webhook.NewServer(webhookServerOptions) + } mgr, err := ctrl.NewManager(cfg, ctrl.Options{ Scheme: scheme, HealthProbeBindAddress: o.HealthProbeAddr, @@ -85,6 +98,7 @@ func NewOperatorCommand() *cobra.Command { Metrics: metricsserver.Options{ BindAddress: o.MetricsAddr, }, + WebhookServer: webhookServer, }) if err != nil { setupLog.Error(err, "unable to start manager") @@ -111,6 +125,17 @@ func NewOperatorCommand() *cobra.Command { os.Exit(1) } + if o.EnableAdmissionWebhook { + if err := (&v1alpha1.GreptimeDBCluster{}).SetupWebhookWithManager(mgr); err != nil { + setupLog.Error(err, "unable to setup admission webhook", "controller", "greptimedbcluster") + os.Exit(1) + } + if err := (&v1alpha1.GreptimeDBStandalone{}).SetupWebhookWithManager(mgr); err != nil { + setupLog.Error(err, "unable to setup admission webhook", "controller", "greptimedbstandalone") + os.Exit(1) + } + } + if o.EnableAPIServer { server, err := apiserver.NewServer(mgr, &apiserver.Options{ Port: o.APIServerPort, diff --git a/cmd/operator/app/options/options.go b/cmd/operator/app/options/options.go index a4e155c5..09c6fa14 100644 --- a/cmd/operator/app/options/options.go +++ b/cmd/operator/app/options/options.go @@ -19,27 +19,35 @@ import ( ) const ( - defaultMetricsAddr = ":8080" - defaultHealthProbeAddr = ":9494" - defaultAPIServerPort = 8081 + defaultMetricsAddr = ":8080" + defaultHealthProbeAddr = ":9494" + defaultAPIServerPort = 8081 + defaultAdmissionWebhookPort = 8082 + defaultAdmissionWebhookCertDir = "/etc/greptimedb/admission-webhook-tls" ) type Options struct { - MetricsAddr string - HealthProbeAddr string - EnableLeaderElection bool - EnableAPIServer bool - APIServerPort int32 - EnablePodMetrics bool + MetricsAddr string + HealthProbeAddr string + EnableLeaderElection bool + EnableAPIServer bool + APIServerPort int32 + EnablePodMetrics bool + EnableAdmissionWebhook bool + AdmissionWebhookPort int + AdmissionWebhookCertDir string } func NewDefaultOptions() *Options { return &Options{ - MetricsAddr: defaultMetricsAddr, - HealthProbeAddr: defaultHealthProbeAddr, - APIServerPort: defaultAPIServerPort, - EnableAPIServer: false, - EnablePodMetrics: false, + MetricsAddr: defaultMetricsAddr, + HealthProbeAddr: defaultHealthProbeAddr, + APIServerPort: defaultAPIServerPort, + EnableAPIServer: false, + EnablePodMetrics: false, + EnableAdmissionWebhook: false, + AdmissionWebhookPort: defaultAdmissionWebhookPort, + AdmissionWebhookCertDir: defaultAdmissionWebhookCertDir, } } @@ -50,4 +58,7 @@ func (o *Options) AddFlags(fs *pflag.FlagSet) { fs.BoolVar(&o.EnableAPIServer, "enable-apiserver", o.EnableAPIServer, "Enable API server for GreptimeDB operator.") fs.Int32Var(&o.APIServerPort, "apiserver-port", o.APIServerPort, "The port the API server binds to.") fs.BoolVar(&o.EnablePodMetrics, "enable-pod-metrics", o.EnablePodMetrics, "Enable fetching PodMetrics from metrics-server.") + fs.BoolVar(&o.EnableAdmissionWebhook, "enable-admission-webhook", o.EnableAdmissionWebhook, "Enable admission webhook for GreptimeDB operator.") + fs.IntVar(&o.AdmissionWebhookPort, "admission-webhook-port", o.AdmissionWebhookPort, "The port the admission webhook binds to.") + fs.StringVar(&o.AdmissionWebhookCertDir, "admission-webhook-cert-dir", o.AdmissionWebhookCertDir, "The directory that contains the server key and certificate.") } diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 53accf7e..239db3ee 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -44,6 +44,7 @@ spec: args: - --enable-leader-election image: controller:latest + imagePullPolicy: IfNotPresent name: manager livenessProbe: httpGet: diff --git a/manifests/bundle.yaml b/manifests/bundle.yaml index d5cbaa8f..96154c59 100644 --- a/manifests/bundle.yaml +++ b/manifests/bundle.yaml @@ -22475,6 +22475,7 @@ spec: command: - greptimedb-operator image: greptime/greptimedb-operator:latest + imagePullPolicy: IfNotPresent livenessProbe: httpGet: path: /healthz diff --git a/tests/e2e/setup/kafka-wal.yaml b/tests/e2e/setup/kafka-wal.yaml index 2c8c2a3b..04e2318c 100644 --- a/tests/e2e/setup/kafka-wal.yaml +++ b/tests/e2e/setup/kafka-wal.yaml @@ -26,8 +26,8 @@ metadata: strimzi.io/kraft: enabled spec: kafka: - version: 3.7.0 - metadataVersion: 3.7-IV4 + version: 3.9.0 + metadataVersion: "3.9" listeners: - name: plain port: 9092