From 92743b02a6e3c8e3f18a94e15075d8a723231b3b Mon Sep 17 00:00:00 2001 From: Michael H <86672176+mh013370@users.noreply.github.com> Date: Tue, 14 Mar 2023 08:17:02 +0000 Subject: [PATCH] Make NiFi pod readiness and liveness checks configurable (#220) * Make NiFi pod readiness and liveness checks configurable * update changelog * update user guide with new probe configs * remove v1alpha1 changes --- CHANGELOG.md | 2 + api/v1/nificluster_types.go | 7 + api/v1/zz_generated.deepcopy.go | 10 ++ api/v1alpha1/common_conversion.go | 4 +- api/v1alpha1/nificluster_conversion.go | 12 +- .../nifi.konpyutaika.com_nificlusters.yaml | 156 ++++++++++++++++++ .../nifi.konpyutaika.com_nificlusters.yaml | 156 ++++++++++++++++++ main.go | 2 +- pkg/resources/nifi/pod.go | 77 +++++---- .../1_nifi_cluster/1_nifi_cluster.md | 2 + 10 files changed, 389 insertions(+), 39 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 064d0f0c36..a43a99e5e3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ### Added +- [PR #220](https://github.com/konpyutaika/nifikop/pull/220) - **[Operator/NifiCluster]** Made `Pod` readiness and liveness checks configurable. + ### Changed ### Fixed Bugs diff --git a/api/v1/nificluster_types.go b/api/v1/nificluster_types.go index 53697b9bf7..13ecb065b9 100644 --- a/api/v1/nificluster_types.go +++ b/api/v1/nificluster_types.go @@ -133,7 +133,14 @@ type PodPolicy struct { // Labels specifies additional labels to attach to the pods the operator creates Labels map[string]string `json:"labels,omitempty"` // A list of host aliases to include in every pod's /etc/hosts configuration in the scenario where DNS is not available. + // +optional HostAliases []corev1.HostAlias `json:"hostAliases,omitempty"` + // Override the default readiness probe settings + // +optional + ReadinessProbe *corev1.Probe `json:"readinessProbe,omitempty"` + // Override the default liveness probe settings + // +optional + LivenessProbe *corev1.Probe `json:"livenessProbe,omitempty"` } // rollingUpgradeConfig specifies the rolling upgrade config for the cluster diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index e155b1161a..a49e5c6b24 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -1397,6 +1397,16 @@ func (in *PodPolicy) DeepCopyInto(out *PodPolicy) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.ReadinessProbe != nil { + in, out := &in.ReadinessProbe, &out.ReadinessProbe + *out = new(corev1.Probe) + (*in).DeepCopyInto(*out) + } + if in.LivenessProbe != nil { + in, out := &in.LivenessProbe, &out.LivenessProbe + *out = new(corev1.Probe) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodPolicy. diff --git a/api/v1alpha1/common_conversion.go b/api/v1alpha1/common_conversion.go index 2e39e8a371..ae1b655128 100644 --- a/api/v1alpha1/common_conversion.go +++ b/api/v1alpha1/common_conversion.go @@ -1,6 +1,8 @@ package v1alpha1 -import v1 "github.com/konpyutaika/nifikop/api/v1" +import ( + v1 "github.com/konpyutaika/nifikop/api/v1" +) // SecretRef func getSecretRef(src v1.SecretReference) SecretReference { diff --git a/api/v1alpha1/nificluster_conversion.go b/api/v1alpha1/nificluster_conversion.go index e179a2335b..52a7e162d3 100644 --- a/api/v1alpha1/nificluster_conversion.go +++ b/api/v1alpha1/nificluster_conversion.go @@ -3,7 +3,7 @@ package v1alpha1 import ( "fmt" - "github.com/konpyutaika/nifikop/api/v1" + v1 "github.com/konpyutaika/nifikop/api/v1" "sigs.k8s.io/controller-runtime/pkg/conversion" ) @@ -100,9 +100,11 @@ func convertNifiClusterSecretRef(src SecretReference, dst *v1.NifiCluster) { func convertNifiClusterPodPolicy(src PodPolicy, dst *v1.NifiCluster) { dst.Spec.Pod = v1.PodPolicy{ - HostAliases: src.HostAliases, - Annotations: src.Annotations, - Labels: src.Labels, + HostAliases: src.HostAliases, + Annotations: src.Annotations, + Labels: src.Labels, + ReadinessProbe: nil, + LivenessProbe: nil, } } @@ -356,6 +358,7 @@ func convertInternalListeners(src []InternalListenerConfig) []v1.InternalListene func convertSSLSecrets(src *SSLSecrets, dst *v1.ListenersConfig) { if src == nil { dst.SSLSecrets = nil + return } dst.SSLSecrets = &v1.SSLSecrets{ TLSSecretName: src.TLSSecretName, @@ -793,6 +796,7 @@ func convertFromInternalListeners(src []v1.InternalListenerConfig) []InternalLis func convertFromSSLSecrets(src *v1.SSLSecrets, dst *ListenersConfig) { if src == nil { dst.SSLSecrets = nil + return } dst.SSLSecrets = &SSLSecrets{ TLSSecretName: src.TLSSecretName, diff --git a/config/crd/bases/nifi.konpyutaika.com_nificlusters.yaml b/config/crd/bases/nifi.konpyutaika.com_nificlusters.yaml index c1f1a4db33..1dc5b67860 100644 --- a/config/crd/bases/nifi.konpyutaika.com_nificlusters.yaml +++ b/config/crd/bases/nifi.konpyutaika.com_nificlusters.yaml @@ -3011,6 +3011,162 @@ spec: additionalProperties: type: string type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object type: object propagateLabels: type: boolean diff --git a/helm/nifikop/crds/nifi.konpyutaika.com_nificlusters.yaml b/helm/nifikop/crds/nifi.konpyutaika.com_nificlusters.yaml index c1f1a4db33..1dc5b67860 100644 --- a/helm/nifikop/crds/nifi.konpyutaika.com_nificlusters.yaml +++ b/helm/nifikop/crds/nifi.konpyutaika.com_nificlusters.yaml @@ -3011,6 +3011,162 @@ spec: additionalProperties: type: string type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object type: object propagateLabels: type: boolean diff --git a/main.go b/main.go index 616aa1b2da..6e427ecb77 100644 --- a/main.go +++ b/main.go @@ -6,9 +6,9 @@ import ( "os" "strings" - v1 "github.com/konpyutaika/nifikop/api/v1" certv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" "github.com/go-logr/zapr" + v1 "github.com/konpyutaika/nifikop/api/v1" "sigs.k8s.io/controller-runtime/pkg/cache" "github.com/konpyutaika/nifikop/pkg/common" diff --git a/pkg/resources/nifi/pod.go b/pkg/resources/nifi/pod.go index c014a4f96a..44911720b4 100644 --- a/pkg/resources/nifi/pod.go +++ b/pkg/resources/nifi/pod.go @@ -404,6 +404,48 @@ func (r *Reconciler) createNifiNodeContainer(nodeConfig *v1.NodeConfig, id int32 v1.TLSKey, GetServerPort(r.NifiCluster.Spec.ListenersConfig)) } + // TODO : Manage https setup use cases https://github.com/cetic/helm-nifi/blob/master/templates/statefulset.yaml#L165 + readinessProbe := &corev1.Probe{ + InitialDelaySeconds: readinessInitialDelaySeconds, + TimeoutSeconds: readinessHealthCheckTimeout, + PeriodSeconds: readinessHealthCheckPeriod, + FailureThreshold: readinessHealthCheckThreshold, + ProbeHandler: corev1.ProbeHandler{ + /*HTTPGet: &corev1.HTTPGetAction{ + Path: "/nifi-api", + Port: intstr.FromInt(int(GetServerPort(&r.NifiCluster.Spec.ListenersConfig))), + Scheme: corev1.URISchemeHTTPS, + //Host: nodeHostname, + },*/ + Exec: &corev1.ExecAction{ + Command: []string{ + "bash", + "-c", + readinessCommand, + }, + }, + }, + } + // if the readiness probe has been overridden, then use that + if r.NifiCluster.Spec.Pod.ReadinessProbe != nil { + readinessProbe = r.NifiCluster.Spec.Pod.ReadinessProbe + } + + livenessProbe := &corev1.Probe{ + InitialDelaySeconds: livenessInitialDelaySeconds, + TimeoutSeconds: livenessHealthCheckTimeout, + PeriodSeconds: livenessHealthCheckPeriod, + FailureThreshold: livenessHealthCheckThreshold, + ProbeHandler: corev1.ProbeHandler{ + TCPSocket: &corev1.TCPSocketAction{ + Port: *util.IntstrPointer(int(GetServerPort(r.NifiCluster.Spec.ListenersConfig))), + }, + }, + } + // if the liveness probe has been overridden, then use that + if r.NifiCluster.Spec.Pod.LivenessProbe != nil { + livenessProbe = r.NifiCluster.Spec.Pod.LivenessProbe + } nodeAddress := nifiutil.ComputeHostListenerNodeAddress( id, r.NifiCluster.Name, r.NifiCluster.Namespace, r.NifiCluster.Spec.ListenersConfig.GetClusterDomain(), @@ -445,39 +487,8 @@ exec bin/nifi.sh run`, resolveIp)} }, }, }, - // TODO : Manage https setup use cases https://github.com/cetic/helm-nifi/blob/master/templates/statefulset.yaml#L165 - ReadinessProbe: &corev1.Probe{ - InitialDelaySeconds: readinessInitialDelaySeconds, - TimeoutSeconds: readinessHealthCheckTimeout, - PeriodSeconds: readinessHealthCheckPeriod, - FailureThreshold: readinessHealthCheckThreshold, - ProbeHandler: corev1.ProbeHandler{ - /*HTTPGet: &corev1.HTTPGetAction{ - Path: "/nifi-api", - Port: intstr.FromInt(int(GetServerPort(&r.NifiCluster.Spec.ListenersConfig))), - Scheme: corev1.URISchemeHTTPS, - //Host: nodeHostname, - },*/ - Exec: &corev1.ExecAction{ - Command: []string{ - "bash", - "-c", - readinessCommand, - }, - }, - }, - }, - LivenessProbe: &corev1.Probe{ - InitialDelaySeconds: livenessInitialDelaySeconds, - TimeoutSeconds: livenessHealthCheckTimeout, - PeriodSeconds: livenessHealthCheckPeriod, - FailureThreshold: livenessHealthCheckThreshold, - ProbeHandler: corev1.ProbeHandler{ - TCPSocket: &corev1.TCPSocketAction{ - Port: *util.IntstrPointer(int(GetServerPort(r.NifiCluster.Spec.ListenersConfig))), - }, - }, - }, + ReadinessProbe: readinessProbe, + LivenessProbe: livenessProbe, Env: []corev1.EnvVar{ { Name: "NIFI_ZOOKEEPER_CONNECT_STRING", diff --git a/site/docs/5_references/1_nifi_cluster/1_nifi_cluster.md b/site/docs/5_references/1_nifi_cluster/1_nifi_cluster.md index fd3418202f..bb34c9d20b 100644 --- a/site/docs/5_references/1_nifi_cluster/1_nifi_cluster.md +++ b/site/docs/5_references/1_nifi_cluster/1_nifi_cluster.md @@ -161,6 +161,8 @@ spec: | annotations | map\[string\]string | Annotations specifies the annotations to attach to pods the NiFiKop operator creates | No | - | | labels | map\[string\]string | Labels specifies the Labels to attach to pods the NiFiKop operator creates | No | - | | hostAliases | \[\][HostAlias](https://pkg.go.dev/k8s.io/api/core/v1#HostAlias) | A list of host aliases to include in every pod's /etc/hosts configuration in the scenario where DNS is not available. | No | \[\] | +| readinessProbe | [Probe](https://pkg.go.dev/k8s.io/api/core/v1#Probe) | The readiness probe that the `Pod` is configured with. If not provided, a default will be used. | No | nil | +| livenessProbe | [Probe](https://pkg.go.dev/k8s.io/api/core/v1#Probe) | The liveness probe that the `Pod` is configured with. If not provided, a default will be used. | No | nil | ## ManagedUsers