ensuring cluster node removing into nifi cluster

config/samples/nifi.orange.com_v1alpha1_nificluster_demo.yaml

@@ -0,0 +1,215 @@
+apiVersion: nifi.orange.com/v1alpha1
+kind: NifiCluster
+metadata:
+  name: mynifi
+spec:
+  # headlessServiceEnabled specifies if the cluster should use headlessService for Nifi or individual services
+  # using service per nodes may come an handy case of service mesh.
+  headlessServiceEnabled: true
+  # zKAddresse specifies the ZooKeeper connection string
+  # in the form hostname:port where host and port are those of a Zookeeper server.
+  zkAddresse: "zookeepercluster-client.zookeeper:2181"
+  # zKPath specifies the Zookeeper chroot path as part
+  # of its Zookeeper connection string which puts its data under same path in the global ZooKeeper namespace.
+  zkPath: "/myNiFi"
+  # clusterImage can specify the whole nificluster image in one place
+  clusterImage: "apache/nifi:1.11.2"
+  # readOnlyConfig specifies the read-only type Nifi config cluster wide, all theses
+  # will be merged with node specified readOnly configurations, so it can be overwritten per node.
+  readOnlyConfig:
+    # NifiProperties configuration that will be applied to the node.
+    nifiProperties:
+      # Additionnals nifi.properties configuration that will override the one produced based
+      # on template and configurations.
+      overrideConfigs: |
+        nifi.ui.banner.text=NiFiKop by Orange
+      # Site to Site properties Secure mode : https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#site_to_site_properties
+      siteToSiteSecure: false
+      # Cluster nodes secure mode : https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#cluster_common_properties
+      clusterSecure: false
+      # A comma separated list of allowed HTTP Host header values to consider when NiFi
+      # is running securely and will be receiving requests to a different host[:port] than it is bound to.
+      # https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#web-properties
+#        webProxyHost:
+      # Nifi security client auth
+      needClientAuth: false
+      # Indicates which of the configured authorizers in the authorizers.xml file to use
+      # https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#authorizer-configuration
+#        authorizer:
+    # ZookeeperProperties configuration that will be applied to the node.
+    zookeeperProperties:
+      # Additionnals zookeeper.properties configuration that will override the one produced based
+      # on template and configurations.
+      overrideConfigs: |
+        initLimit=15
+        autopurge.purgeInterval=24
+        syncLimit=5
+        tickTime=2000
+        dataDir=./state/zookeeper
+        autopurge.snapRetainCount=30
+    # BootstrapProperties configuration that will be applied to the node.
+    bootstrapProperties:
+      # JVM memory settings
+      nifiJvmMemory: "512m"
+      # Additionnals bootstrap.properties configuration that will override the one produced based
+      # on template and configurations.
+      # https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#bootstrap_properties
+      overrideConfigs: |
+        # java.arg.4=-Djava.net.preferIPv4Stack=true
+  # nodeConfigGroups specifies multiple node configs with unique name
+  nodeConfigGroups:
+    default_group:
+      # provenanceStorage allow to specify the maximum amount of data provenance information to store at a time
+      # https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#write-ahead-provenance-repository-properties
+      provenanceStorage: "10 GB"
+      #RunAsUser define the id of the user to run in the Nifi image
+      # +kubebuilder:validation:Minimum=1
+      runAsUser: 1000
+      # Set this to true if the instance is a node in a cluster.
+      # https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#basic-cluster-setup
+      isNode: true
+      # Docker image used by the operator to create the node associated
+      # https://hub.docker.com/r/apache/nifi/
+#        image: "apache/nifi:1.11.2"
+      # nodeAffinity can be specified, operator populates this value if new pvc added later to node
+      # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity
+#        nodeAffinity:
+      # storageConfigs specifies the node log related configs
+      storageConfigs:
+          # Name of the storage config, used to name PV to reuse into sidecars for example.
+        - name: provenance-repository
+          # Path where the volume will be mount into the main nifi container inside the pod.
+          mountPath: "/opt/nifi/provenance_repository"
+          # Kubernetes PVC spec
+          # https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim
+          pvcSpec:
+            accessModes:
+              - ReadWriteOnce
+            storageClassName: "standard"
+            resources:
+              requests:
+                storage: 10Gi
+        - mountPath: "/opt/nifi/nifi-current/logs"
+          name: logs
+          pvcSpec:
+            accessModes:
+              - ReadWriteOnce
+            storageClassName: "standard"
+            resources:
+              requests:
+                storage: 10Gi
+      # serviceAccountName specifies the serviceAccount used for this specific node
+      serviceAccountName: "default"
+      # resourceRequirements works exactly like Container resources, the user can specify the limit and the requests
+      # through this property
+      # https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+      resourcesRequirements:
+        limits:
+          cpu: "2"
+          memory: 3Gi
+        requests:
+          cpu: "1"
+          memory: 1Gi
+      # imagePullSecrets specifies the secret to use when using private registry
+      # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#localobjectreference-v1-core
+#        imagePullSecrets:
+      # nodeSelector can be specified, which set the pod to fit on a node
+      # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
+#        nodeSelector:
+      # tolerations can be specified, which set the pod's tolerations
+      # https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/#concepts
+#        tolerations:
+      # Additionnal annotation to attach to the pod associated
+      # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set
+#        nodeAnnotations:
+  # all node requires an image, unique id, and storageConfigs settings
+  nodes:
+      # Unique Node id
+    - id: 0
+      # nodeConfigGroup can be used to ease the node configuration, if set no only the id is required
+      nodeConfigGroup: "default_group"
+      # readOnlyConfig can be used to pass Nifi node config
+      # which has type read-only these config changes will trigger rolling upgrade
+      readOnlyConfig:
+        nifiProperties:
+          overrideConfigs: |
+            nifi.ui.banner.text=NiFiKop by Orange - Node 0
+      # node configuration
+#        nodeConfig:
+    - id: 2
+      # readOnlyConfig can be used to pass Nifi node config
+      # which has type read-only these config changes will trigger rolling upgrade
+      readOnlyConfig:
+        overrideConfigs: |
+          nifi.ui.banner.text=NiFiKop by Orange - Node 2
+      # node configuration
+      nodeConfig:
+        resourcesRequirements:
+          limits:
+            cpu: "2"
+            memory: 3Gi
+          requests:
+            cpu: "1"
+            memory: 1Gi
+        storageConfigs:
+          # Name of the storage config, used to name PV to reuse into sidecars for example.
+          - name: provenance-repository
+            # Path where the volume will be mount into the main nifi container inside the pod.
+            mountPath: "/opt/nifi/provenance_repository"
+            # Kubernetes PVC spec
+            # https://kubernetes.io/docs/tasks/configure-pod-container/configure-persistent-volume-storage/#create-a-persistentvolumeclaim
+            pvcSpec:
+              accessModes:
+                - ReadWriteOnce
+              storageClassName: "standard"
+              resources:
+                requests:
+                  storage: 8Gi
+  # rollingUpgradeConfig specifies the rolling upgrade config for the cluster
+  rollingUpgradeConfig:
+    # failureThreshold states that how many errors can the cluster tolerate during rolling upgrade
+    failureThreshold: 10
+  # oneNifiNodePerNode if set to true every nifi node is started on a new node, if there is not enough node to do that
+  # it will stay in pending state. If set to false the operator also tries to schedule the nifi node to a unique node
+  # but if the node number is insufficient the nifi node will be scheduled to a node where a nifi node is already running.
+  oneNifiNodePerNode: false
+  #
+  propagateLabels: true
+  # LdapConfiguration specifies the configuration if you want to use LDAP
+  ldapConfiguration:
+    # If set to true, we will enable ldap usage into nifi.properties configuration.
+    enabled: false
+    # Space-separated list of URLs of the LDAP servers (i.e. ldap://<hostname>:<port>).
+#      url:
+    # Base DN for searching for users (i.e. CN=Users,DC=example,DC=com).
+#    searchBase:
+    # Filter for searching for users against the 'User Search Base'.
+    # (i.e. sAMAccountName={0}). The user specified name is inserted into '{0}'.
+#      searchFilter:
+  # NifiClusterTaskSpec specifies the configuration of the nifi cluster Tasks
+  nifiClusterTaskSpec:
+    # retryDurationMinutes describes the amount of time the Operator waits for the task
+    retryDurationMinutes: 10
+  # listenerConfig specifies nifi's listener specifig configs
+  listenersConfig:
+    # internalListeners specifies settings required to access nifi internally
+    internalListeners:
+      # (Optional field) Type allow to specify if we are in a specific nifi listener
+      # it's allowing to define some required information such as Cluster Port,
+      # Http Port, Https Port or S2S port
+      # {"cluster", "http", "https", "s2s"}
+      - type: "http"
+        # An identifier for the port which will be configured.
+        name: "http"
+        # The container port.
+        containerPort: 8080
+      - type: "cluster"
+        name: "cluster"
+        containerPort: 6007
+      - type: "s2s"
+        name: "s2s"
+        containerPort: 10000
+      - name: "prometheus"
+        containerPort: 9020
+      - name: "rsyslog"
+        containerPort: 10001

deploy/crds/nifi.orange.com_nificlusters_crd.yaml

@@ -353,7 +353,7 @@ spec:
                     description: provenanceStorage allow to specify the maximum amount
                       of data provenance information to store at a time https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#write-ahead-provenance-repository-properties
                     type: string
-                  resourceRequirements:
+                  resourcesRequirements:
                     description: resourceRequirements works exactly like Container
                       resources, the user can specify the limit and the requests through
                       this property
@@ -833,7 +833,7 @@ spec:
                           amount of data provenance information to store at a time
                           https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#write-ahead-provenance-repository-properties
                         type: string
-                      resourceRequirements:
+                      resourcesRequirements:
                         description: resourceRequirements works exactly like Container
                           resources, the user can specify the limit and the requests
                           through this property

nifi-operator.env

@@ -34,24 +34,24 @@ MYNIFI_SERVICE_PORT_HTTP=8080
 MYNIFI_SERVICE_PORT_PROMETHEUS=9020
 MYNIFI_SERVICE_PORT_RSYSLOG=10001
 MYNIFI_SERVICE_PORT_S2S=10000
-NIFIKOP_METRICS_PORT=tcp://10.39.254.58:8383
-NIFIKOP_METRICS_PORT_8383_TCP=tcp://10.39.254.58:8383
-NIFIKOP_METRICS_PORT_8383_TCP_ADDR=10.39.254.58
+NIFIKOP_METRICS_PORT=tcp://10.39.255.70:8383
+NIFIKOP_METRICS_PORT_8383_TCP=tcp://10.39.255.70:8383
+NIFIKOP_METRICS_PORT_8383_TCP_ADDR=10.39.255.70
 NIFIKOP_METRICS_PORT_8383_TCP_PORT=8383
 NIFIKOP_METRICS_PORT_8383_TCP_PROTO=tcp
-NIFIKOP_METRICS_PORT_8686_TCP=tcp://10.39.254.58:8686
-NIFIKOP_METRICS_PORT_8686_TCP_ADDR=10.39.254.58
+NIFIKOP_METRICS_PORT_8686_TCP=tcp://10.39.255.70:8686
+NIFIKOP_METRICS_PORT_8686_TCP_ADDR=10.39.255.70
 NIFIKOP_METRICS_PORT_8686_TCP_PORT=8686
 NIFIKOP_METRICS_PORT_8686_TCP_PROTO=tcp
-NIFIKOP_METRICS_SERVICE_HOST=10.39.254.58
+NIFIKOP_METRICS_SERVICE_HOST=10.39.255.70
 NIFIKOP_METRICS_SERVICE_PORT=8383
 NIFIKOP_METRICS_SERVICE_PORT_CR_METRICS=8686
 NIFIKOP_METRICS_SERVICE_PORT_HTTP_METRICS=8383
 OPERATOR_NAME=nifikop
-POD_NAME=nifikop-8ddfad0ea07847e794e8b9e50ee59196-584d4ff945-qp7zm
+POD_NAME=nifikop-30f47286730947c398dc5f2d11a752cc-6674c7bc6c-qx2sq
 TELEPRESENCE_CONTAINER=nifikop
 TELEPRESENCE_CONTAINER_NAMESPACE=nifi-demo
 TELEPRESENCE_MOUNTS=/var/run/secrets/kubernetes.io/serviceaccount
-TELEPRESENCE_POD=nifikop-8ddfad0ea07847e794e8b9e50ee59196-584d4ff945-qp7zm
+TELEPRESENCE_POD=nifikop-30f47286730947c398dc5f2d11a752cc-6674c7bc6c-qx2sq
 TELEPRESENCE_ROOT=/tmp/known
 WATCH_NAMESPACE=nifi-demo

pkg/apis/nifi/v1alpha1/nificluster_types.go

@@ -155,7 +155,7 @@ type NodeConfig struct {
 	ServiceAccountName 		string                        `json:"serviceAccountName,omitempty"`
 	// resourceRequirements works exactly like Container resources, the user can specify the limit and the requests
 	// through this property
-	ResourcesRequirements	*corev1.ResourceRequirements  `json:"resourceRequirements,omitempty"`
+	ResourcesRequirements	*corev1.ResourceRequirements  `json:"resourcesRequirements,omitempty"`
 	// imagePullSecrets specifies the secret to use when using private registry
 	ImagePullSecrets   		[]corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"`
 	// nodeSelector can be specified, which set the pod to fit on a node

pkg/controller/nificlustertask/nificlustertask_controller.go

@@ -250,8 +250,8 @@ func (r *ReconcileNifiClusterTask) handlePodRunningTask(nifiCluster *v1alpha1.Ni
 
 		// If node is disconnected, performing offload
 		if nifiCluster.Status.NodesState[nodeId].GracefulActionState.ActionStep == v1alpha1.DisconnectStatus {
-			actionStep, taskStartTime, err := scale.OffloadClusterNode(nifiCluster.Spec.HeadlessServiceEnabled, nifiCluster.Spec.Nodes, nifiResources.GetServerPort(&nifiCluster.Spec.ListenersConfig), nodeId,
-				nifiCluster.Namespace, nifiCluster.Name)
+			actionStep, taskStartTime, err := scale.OffloadClusterNode(nifiCluster.Spec.HeadlessServiceEnabled, nifiCluster.Spec.Nodes,
+				nifiResources.GetServerPort(&nifiCluster.Spec.ListenersConfig), nodeId, nifiCluster.Namespace, nifiCluster.Name)
 			if err != nil {
 				log.Info(fmt.Sprintf("nifi cluster communication error during removing node id: %s", nodeId))
 				return errorfactory.New(errorfactory.NifiClusterNotReady{}, err, fmt.Sprintf("node id: %s", nodeId))

pkg/resources/nifi/nifi.go

@@ -288,6 +288,14 @@ OUTERLOOP:
 			}
 		}
 	}
+
+	// TODO: Ensure usage and needing
+	err = scale.EnsureRemovedNodes(r.NifiCluster.Spec.HeadlessServiceEnabled, r.NifiCluster.Spec.Nodes, r.NifiCluster.Status.NodesState,
+		GetServerPort(&r.NifiCluster.Spec.ListenersConfig), r.NifiCluster.Namespace, r.NifiCluster.Name)
+	if err != nil {
+		return err
+	}
+
 	return nil
 }