Skip to content

Commit

Permalink
Add etcd defragmentaion option
Browse files Browse the repository at this point in the history
  • Loading branch information
tsorya committed Sep 18, 2024
1 parent fbe7f39 commit b726d04
Show file tree
Hide file tree
Showing 5 changed files with 32 additions and 0 deletions.
1 change: 1 addition & 0 deletions run_seed.sh
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,7 @@ else
--cluster-rename new-name:foo.com:some-random-infra-id \
--hostname test.hostname \
--ip 192.168.126.99 \
--etcd-defrag \
--install-config 'additionalTrustBundlePolicy: Proxyonly
apiVersion: v1
baseDomain: ibo0.redhat.com
Expand Down
13 changes: 13 additions & 0 deletions src/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ pub(crate) struct RecertConfig {
pub(crate) regenerate_server_ssh_keys: Option<ConfigPath>,
pub(crate) summary_file: Option<ConfigPath>,
pub(crate) summary_file_clean: Option<ConfigPath>,
pub(crate) etcd_defrag: bool,

#[serde(serialize_with = "config_file_raw_optionally_redacted")]
pub(crate) config_file_raw: Option<String>,
Expand Down Expand Up @@ -130,6 +131,7 @@ impl RecertConfig {
Ok(RecertConfig {
dry_run: true,
etcd_endpoint: None,
etcd_defrag: false,
crypto_customizations: CryptoCustomizations {
dirs: vec![],
files: vec![],
Expand Down Expand Up @@ -258,6 +260,11 @@ impl RecertConfig {
.unwrap_or(Value::Bool(false))
.as_bool()
.context("dry_run must be a boolean")?;
let etcd_defrag = value
.remove("etcd_defrag")
.unwrap_or(Value::Bool(false))
.as_bool()
.context("etcd_defrag must be a boolean")?;
let etcd_endpoint = match value.remove("etcd_endpoint") {
Some(value) => Some(value.as_str().context("etcd_endpoint must be a string")?.to_string()),
None => None,
Expand Down Expand Up @@ -328,6 +335,7 @@ impl RecertConfig {
cli_raw: None,
config_file_raw: Some(String::from_utf8_lossy(config_bytes).to_string()),
postprocess_only,
etcd_defrag,
};

ensure!(
Expand All @@ -344,13 +352,18 @@ impl RecertConfig {
!(recert_config.dry_run && recert_config.crypto_customizations.extend_expiration),
"dry_run and extend_expiration are mutually exclusive"
);
ensure!(
!(recert_config.dry_run && recert_config.etcd_defrag),
"dry_run and etcd_defrag are mutually exclusive"
);

Ok(recert_config)
}

pub(crate) fn parse_from_cli(cli: Cli) -> Result<Self> {
Ok(Self {
dry_run: cli.dry_run,
etcd_defrag: cli.etcd_defrag,
postprocess_only: cli.postprocess_only,
etcd_endpoint: cli.etcd_endpoint,
crypto_customizations: CryptoCustomizations {
Expand Down
4 changes: 4 additions & 0 deletions src/config/cli.rs
Original file line number Diff line number Diff line change
Expand Up @@ -192,4 +192,8 @@ pub(crate) struct Cli {
/// those intentionally expired dates.
#[clap(long, groups = &["dry", "expiration"])]
pub(crate) force_expire: bool,

/// Run etcd defragment command after recertification
#[clap(long, group = "dry")]
pub(crate) etcd_defrag: bool,
}
6 changes: 6 additions & 0 deletions src/k8s_etcd.rs
Original file line number Diff line number Diff line change
Expand Up @@ -206,6 +206,12 @@ impl InMemoryK8sEtcd {
);
Ok(())
}

pub(crate) async fn defragment(&self) -> Result<()> {
let etcd_client = self.etcd_client.as_ref().context("etcd client not configured")?;
etcd_client.maintenance_client().defragment().await.context("defragment etcd")?;
Ok(())
}
}

fn is_too_many_requests_error(delete_response: &std::prelude::v1::Result<etcd_client::DeleteResponse, etcd_client::Error>) -> bool {
Expand Down
8 changes: 8 additions & 0 deletions src/recert.rs
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ pub(crate) async fn run(recert_config: &RecertConfig, cluster_crypto: &mut Clust
&recert_config.cluster_customizations,
recert_config.regenerate_server_ssh_keys.as_deref(),
recert_config.dry_run,
recert_config.etcd_defrag,
)
.await
.context("finalizing")?;
Expand Down Expand Up @@ -115,6 +116,7 @@ async fn finalize(
cluster_customizations: &ClusterCustomizations,
regenerate_server_ssh_keys: Option<&Path>,
dry_run: bool,
etcd_defrag: bool,
) -> Result<FinalizeTiming> {
log::info!("Committing cryptographic objects to etcd and disk");

Expand Down Expand Up @@ -156,6 +158,12 @@ async fn finalize(
.context("commiting etcd cache to actual etcd")?;
}

// in case etcd maintenance flag was set we gonna run it after finishing all etcd work
if etcd_defrag {
log::info!("Defragmenting etcd");
in_memory_etcd_client.defragment().await.context("defragmenting etcd")?;
}

let commit_to_actual_etcd_run_time = RunTime::since_start(start);

Ok(FinalizeTiming {
Expand Down

0 comments on commit b726d04

Please sign in to comment.