Merge pull request #1213 from jackyalbo/jacky-external-db

Supporting core connection string in operator
noobaa · Sep 3, 2023 · 7aa4663 · 7aa4663
2 parents 31c3ec1 + 7fcbcbf
commit 7aa4663
Show file tree

Hide file tree

Showing 9 changed files with 106 additions and 65 deletions.
diff --git a/deploy/internal/deployment-endpoint.yaml b/deploy/internal/deployment-endpoint.yaml
@@ -93,6 +93,7 @@ spec:
               value: nbcore
             - name: POSTGRES_USER
             - name: POSTGRES_PASSWORD
+            - name: POSTGRES_CONNECTION_STRING
             - name: VIRTUAL_HOSTS
             - name: REGION
             - name: ENDPOINT_GROUP_ID

diff --git a/deploy/internal/statefulset-core.yaml b/deploy/internal/statefulset-core.yaml
@@ -104,6 +104,7 @@ spec:
               value: nbcore
             - name: POSTGRES_USER
             - name: POSTGRES_PASSWORD
+            - name: POSTGRES_CONNECTION_STRING
             - name: DB_TYPE
               value: mongodb
             - name: CONTAINER_PLATFORM

diff --git a/pkg/bundle/deploy.go b/pkg/bundle/deploy.go
@@ -3655,7 +3655,7 @@ data:
           su postgres -c "bash -x /usr/bin/run-postgresql"
 `
 
-const Sha256_deploy_internal_deployment_endpoint_yaml = "b87bb78e630d9e007b71b5aa7745f5d6b6f1771cdd949735652ddc6ebb6ff9d5"
+const Sha256_deploy_internal_deployment_endpoint_yaml = "bdbc90cf86e4b67acccc7e7413522d46dacf1c2d04d1d5d5e823a2b45e5c9b97"
 
 const File_deploy_internal_deployment_endpoint_yaml = `apiVersion: apps/v1
 kind: Deployment
@@ -3752,6 +3752,7 @@ spec:
               value: nbcore
             - name: POSTGRES_USER
             - name: POSTGRES_PASSWORD
+            - name: POSTGRES_CONNECTION_STRING
             - name: VIRTUAL_HOSTS
             - name: REGION
             - name: ENDPOINT_GROUP_ID
@@ -4671,7 +4672,7 @@ spec:
       noobaa-s3-svc: "true"
 `
 
-const Sha256_deploy_internal_statefulset_core_yaml = "71a1afa6000a2ad334ec234951f0cd245d44ceea36fe57c444869accce9c75b7"
+const Sha256_deploy_internal_statefulset_core_yaml = "7020d2a21cd88a51c9e1056c2aac33163f47168b4c1fb326497d22554e31392e"
 
 const File_deploy_internal_statefulset_core_yaml = `apiVersion: apps/v1
 kind: StatefulSet
@@ -4779,6 +4780,7 @@ spec:
               value: nbcore
             - name: POSTGRES_USER
             - name: POSTGRES_PASSWORD
+            - name: POSTGRES_CONNECTION_STRING
             - name: DB_TYPE
               value: mongodb
             - name: CONTAINER_PLATFORM

diff --git a/pkg/options/options.go b/pkg/options/options.go
@@ -30,7 +30,7 @@ const (
 	// ContainerImageRepo is the repo of the default image url
 	ContainerImageRepo = "noobaa-core"
 	// ContainerImageTag is the tag of the default image url
-	ContainerImageTag = "master-20230725"
+	ContainerImageTag = "master-20230830"
 	// ContainerImageSemverLowerBound is the lower bound for supported image versions
 	ContainerImageSemverLowerBound = "5.0.0"
 	// ContainerImageSemverUpperBound is the upper bound for supported image versions

diff --git a/pkg/system/phase2_creating.go b/pkg/system/phase2_creating.go
@@ -111,7 +111,7 @@ func (r *Reconciler) ReconcilePhaseCreatingForMainClusters() error {
 	if err := r.ReconcileObject(r.SecretServer, nil); err != nil {
 		return err
 	}
-	if r.NooBaa.Spec.DBType == "postgres" {
+	if r.NooBaa.Spec.DBType == "postgres" && r.NooBaa.Spec.ExternalPgSecret == nil {
 		if err := r.ReconcileObject(r.SecretDB, nil); err != nil {
 			return err
 		}
@@ -398,34 +398,10 @@ func (r *Reconciler) setDesiredCoreEnv(c *corev1.Container) {
 			}
 
 		case "POSTGRES_HOST":
-			if r.PgExternalHost != "" {
-				c.Env[j].Value = r.PgExternalHost
-			} else {
+			if r.NooBaa.Spec.ExternalPgSecret == nil {
 				c.Env[j].Value = r.NooBaaPostgresDB.Name + "-0." + r.NooBaaPostgresDB.Spec.ServiceName
 			}
 
-		case "POSTGRES_PORT":
-			if r.PgExternalPort != "" {
-				c.Env[j].Value = r.PgExternalPort
-			} else {
-				c.Env[j].Value = "5432"
-			}
-
-		case "POSTGRES_DBNAME":
-			if r.NooBaa.Spec.DBType == "postgres" && r.NooBaa.Spec.ExternalPgSecret != nil {
-				if c.Env[j].Value != "" {
-					c.Env[j].Value = ""
-				}
-				c.Env[j].ValueFrom = &corev1.EnvVarSource{
-					SecretKeyRef: &corev1.SecretKeySelector{
-						LocalObjectReference: corev1.LocalObjectReference{
-							Name: r.SecretDB.Name,
-						},
-						Key: "dbname",
-					},
-				}
-			}
-
 		case "DB_TYPE":
 			if r.NooBaa.Spec.DBType == "postgres" {
 				c.Env[j].Value = "postgres"
@@ -441,7 +417,7 @@ func (r *Reconciler) setDesiredCoreEnv(c *corev1.Container) {
 				c.Env[j].Value = r.OAuthEndpoints.TokenEndpoint
 			}
 		case "POSTGRES_USER":
-			if r.NooBaa.Spec.DBType == "postgres" {
+			if r.NooBaa.Spec.DBType == "postgres" && r.NooBaa.Spec.ExternalPgSecret == nil {
 				if c.Env[j].Value != "" {
 					c.Env[j].Value = ""
 				}
@@ -455,7 +431,7 @@ func (r *Reconciler) setDesiredCoreEnv(c *corev1.Container) {
 				}
 			}
 		case "POSTGRES_PASSWORD":
-			if r.NooBaa.Spec.DBType == "postgres" {
+			if r.NooBaa.Spec.DBType == "postgres" && r.NooBaa.Spec.ExternalPgSecret == nil {
 				if c.Env[j].Value != "" {
 					c.Env[j].Value = ""
 				}
@@ -468,6 +444,20 @@ func (r *Reconciler) setDesiredCoreEnv(c *corev1.Container) {
 					},
 				}
 			}
+		case "POSTGRES_CONNECTION_STRING":
+			if r.NooBaa.Spec.DBType == "postgres" && r.NooBaa.Spec.ExternalPgSecret != nil {
+				if c.Env[j].Value != "" {
+					c.Env[j].Value = ""
+				}
+				c.Env[j].ValueFrom = &corev1.EnvVarSource{
+					SecretKeyRef: &corev1.SecretKeySelector{
+						LocalObjectReference: corev1.LocalObjectReference{
+							Name: r.NooBaa.Spec.ExternalPgSecret.Name,
+						},
+						Key: "db_url",
+					},
+				}
+			}
 		case "NOOBAA_ROOT_SECRET":
 			c.Env[j].Value = r.SecretRootMasterKey
 		case "NODE_EXTRA_CA_CERTS":

diff --git a/pkg/system/reconciler.go b/pkg/system/reconciler.go
@@ -3,8 +3,6 @@ package system
 import (
 	"context"
 	"fmt"
-	"net"
-	"net/url"
 	"os"
 	goruntime "runtime"
 	"strings"
@@ -121,8 +119,6 @@ type Reconciler struct {
 	KedaTriggerAuthentication *kedav1alpha1.TriggerAuthentication
 	KedaScaled                *kedav1alpha1.ScaledObject
 	AdapterHPA                *autoscalingv2.HorizontalPodAutoscaler
-	PgExternalHost            string
-	PgExternalPort            string
 }
 
 // NewReconciler initializes a reconciler to be used for loading or reconciling a noobaa system
@@ -284,9 +280,10 @@ func NewReconciler(
 	r.SecretServer.StringData["jwt"] = util.RandomBase64(16)
 	r.SecretServer.StringData["server_secret"] = util.RandomHex(4)
 
-	r.SecretDB.StringData["user"] = "noobaa"
-	r.SecretDB.StringData["password"] = util.RandomBase64(10)
-	r.SecretDB.StringData["db_name"] = "nbcore"
+	if r.NooBaa.Spec.ExternalPgSecret == nil {
+		r.SecretDB.StringData["user"] = "noobaa"
+		r.SecretDB.StringData["password"] = util.RandomBase64(10)
+	}
 
 	// Set STS default backing store session name
 	r.AWSSTSRoleSessionName = "noobaa-sts-default-backing-store-session"
@@ -309,7 +306,7 @@ func (r *Reconciler) CheckAll() {
 	util.KubeCheck(r.ServiceMgmt)
 	util.KubeCheck(r.ServiceS3)
 	util.KubeCheck(r.ServiceSts)
-	if r.NooBaa.Spec.MongoDbURL == "" {
+	if r.NooBaa.Spec.MongoDbURL == "" && r.NooBaa.Spec.ExternalPgSecret == nil {
 		if r.NooBaa.Spec.DBType == "postgres" {
 			util.KubeCheck(r.SecretDB)
 			if r.NooBaa.Spec.ExternalPgSecret == nil {
@@ -405,21 +402,11 @@ func (r *Reconciler) Reconcile() (reconcile.Result, error) {
 			log.Errorf("❌ External DB secret %q was not found or deleted", r.NooBaa.Spec.ExternalPgSecret.Name)
 			return res, nil
 		}
-		u, err := url.Parse(secret.StringData["db_url"])
+		err = CheckPostgresURL(secret.StringData["db_url"])
 		if err != nil {
-			log.Errorf("❌ Failed pasting external DB url in secret: %q", r.NooBaa.Spec.ExternalPgSecret.Name)
+			log.Errorf(`❌ %s`, err)
 			return res, nil
 		}
-		r.SecretDB.StringData["user"] = u.User.Username()
-		r.SecretDB.StringData["password"], _ = u.User.Password()
-		r.SecretDB.StringData["dbname"] = u.Path[1:]
-		r.PgExternalHost = u.Host
-		r.PgExternalPort = "5432"
-		host, port, err := net.SplitHostPort(u.Host)
-		if err == nil {
-			r.PgExternalHost = host
-			r.PgExternalPort = port
-		}
 	}
 
 	err = r.ReconcilePhases()

diff --git a/pkg/system/system.go b/pkg/system/system.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"net"
 	"net/url"
 	"os"
 	"strconv"
@@ -190,6 +191,13 @@ func LoadSystemDefaults() *nbv1.NooBaa {
 		mongoDbURL := options.MongoDbURL
 		sys.Spec.MongoDbURL = mongoDbURL
 	}
+	if options.PostgresDbURL != "" {
+		sys.Spec.ExternalPgSecret = &corev1.SecretReference{
+			Name:      "noobaa-external-pg-db",
+			Namespace: sys.Namespace,
+		}
+	}
+
 	if options.PVPoolDefaultStorageClass != "" {
 		sc := options.PVPoolDefaultStorageClass
 		sys.Spec.PVPoolDefaultStorageClass = &sc
@@ -369,6 +377,9 @@ func RunCreate(cmd *cobra.Command, args []string) {
 	}
 
 	if options.PostgresDbURL != "" {
+		if sys.Spec.MongoDbURL != "" {
+			log.Fatalf("❌ Can't used both options: postgres-url and mongodb-url, please use only one")
+		}
 		if sys.Spec.DBType != "postgres" {
 			log.Fatalf("❌ expecting the DBType to be postgres when using external PostgresDbURL, got %s", sys.Spec.DBType)
 		}
@@ -378,17 +389,13 @@ func RunCreate(cmd *cobra.Command, args []string) {
 		}
 		o := util.KubeObject(bundle.File_deploy_internal_secret_empty_yaml)
 		secret := o.(*corev1.Secret)
-		secret.Namespace = options.Namespace
-		secret.Name = "noobaa-external-pg-db"
+		secret.Namespace = sys.Spec.ExternalPgSecret.Namespace
+		secret.Name = sys.Spec.ExternalPgSecret.Name
 		secret.StringData = map[string]string{
 			"db_url": options.PostgresDbURL,
 		}
 		secret.Data = nil
 		util.KubeCreateSkipExisting(secret)
-		sys.Spec.ExternalPgSecret = &corev1.SecretReference{
-			Name:      secret.Name,
-			Namespace: secret.Namespace,
-		}
 	}
 
 	// TODO check PVC if exist and the system does not exist -
@@ -450,11 +457,10 @@ func RunDelete(cmd *cobra.Command, args []string) {
 	if sys.Spec.ExternalPgSecret != nil {
 		secret := &corev1.Secret{
 			ObjectMeta: metav1.ObjectMeta{
-				Name:      "noobaa-external-db",
-				Namespace: options.Namespace,
+				Name:      sys.Spec.ExternalPgSecret.Name,
+				Namespace: sys.Spec.ExternalPgSecret.Namespace,
 			},
 		}
-
 		util.KubeDelete(secret)
 	} else if isMongoDbURL == "" {
 		// NoobaaDB
@@ -673,7 +679,9 @@ func RunSystemVersionsStatus(cmd *cobra.Command, args []string) {
 
 	if isSystemExists {
 		noobaaImage = CheckNooBaaImages(cmd, sys, args)
-		noobaaDbImage = CheckNooBaaDBImages(cmd, sys, args)
+		if sys.Spec.ExternalPgSecret == nil {
+			noobaaDbImage = CheckNooBaaDBImages(cmd, sys, args)
+		}
 		noobaaOperatorImage = CheckOperatorImage(cmd, args)
 	} else {
 		noobaaImage = options.NooBaaImage
@@ -688,7 +696,9 @@ func RunSystemVersionsStatus(cmd *cobra.Command, args []string) {
 	log.Printf("CLI version: %s\n", version.Version)
 	log.Printf("noobaa-image: %s\n", noobaaImage)
 	log.Printf("operator-image: %s\n", noobaaOperatorImage)
-	log.Printf("noobaa-db-image: %s\n", noobaaDbImage)
+	if options.PostgresDbURL == "" && sys.Spec.ExternalPgSecret == nil {
+		log.Printf("noobaa-db-image: %s\n", noobaaDbImage)
+	}
 }
 
 // RunStatus runs a CLI command
@@ -846,7 +856,7 @@ func WaitReady() bool {
 	sysKey := client.ObjectKey{Namespace: options.Namespace, Name: options.SystemName}
 	interval := time.Duration(3)
 
-	err := wait.PollUntilContextCancel(ctx,interval*time.Second, true, func(ctx context.Context) (bool, error) {
+	err := wait.PollUntilContextCancel(ctx, interval*time.Second, true, func(ctx context.Context) (bool, error) {
 		sys := &nbv1.NooBaa{}
 		err := klient.Get(util.Context(), sysKey, sys)
 		if err != nil {
@@ -1173,6 +1183,15 @@ func CheckMongoURL(sys *nbv1.NooBaa) error {
 
 // CheckPostgresURL checks if the postgresurl structure is valid and if we use postgres as db
 func CheckPostgresURL(postgresDbURL string) error {
+	// This is temporary checks - In next PRs we will change to psql client checks instead
+	u, err := url.Parse(postgresDbURL)
+	if err != nil {
+		return fmt.Errorf("failed parsing external DB url: %q", postgresDbURL)
+	}
+	_, _, err = net.SplitHostPort(u.Host)
+	if err != nil {
+		return fmt.Errorf("failed splitting host and port from external DB url: %q", postgresDbURL)
+	}
 	if !strings.Contains(postgresDbURL, "postgres://") &&
 		!strings.Contains(postgresDbURL, "postgresql://") {
 		return fmt.Errorf("invalid postgres db url %s, expecting the url to start with postgres:// or postgresql://", postgresDbURL)

diff --git a/test/cli/test_cli_flow.sh b/test/cli/test_cli_flow.sh
@@ -31,14 +31,23 @@ function post_install_tests {
 }
 
 function main {
-    noobaa_install
+    local install_external=$((RANDOM%2))
+    if [ ${install_external} -eq 0 ]
+    then
+        noobaa_install_external
+    else
+        noobaa_install
+    fi
     if [ "${CM}" == "true" ]
     then
         check_core_config_map
     else
         post_install_tests
     fi
-    noobaa_uninstall
+    if [ ${install_external} -eq 0 ]
+    then
+        delete_external_postgres
+    fi
  }
 
 function usage {

diff --git a/test/cli/test_cli_functions.sh b/test/cli/test_cli_functions.sh
@@ -187,6 +187,29 @@ function install {
     done
 }
 
+function run_external_postgres {
+    kubectl run postgres-external --image=postgres:15 --env POSTGRES_PASSWORD=password --port 5432 --expose
+}
+
+function delete_external_postgres {
+    kubectl delete pod postgres-external
+    kubectl delete service postgres-external
+}
+
+function install_external {    
+    local postgres_url="postgresql://postgres:password@postgres-external.${NAMESPACE}.svc:5432/postgres"
+    echo_time "Installing NooBaa in external postgres mode postgres-url=${postgres_url}"
+    test_noobaa install --mini --postgres-url=${postgres_url}"
+
+    local status=$(kuberun silence get noobaa noobaa -o 'jsonpath={.status.phase}')
+    while [ "${status}" != "Ready" ]
+    do
+        echo_time "💬  Waiting for status Ready, Status is ${status}"
+        sleep 10
+        status=$(kuberun silence get noobaa noobaa -o 'jsonpath={.status.phase}')
+    done
+}
+
 function noobaa_install {
     #noobaa timeout install # Maybe when creating server we can use local PV
     install
@@ -196,6 +219,15 @@ function noobaa_install {
     test_admission_deployment
 }
 
+function noobaa_install_external {
+    #noobaa timeout install # Maybe when creating server we can use local PV
+    run_external_postgres
+    install_external
+    test_noobaa status
+    kuberun get noobaa
+    kuberun describe noobaa
+}
+
 function test_admission_deployment {
     kuberun get Secret "admission-webhook-secret"
     kuberun get ValidatingWebhookConfiguration "admission-validation-webhook"