Skip to content

Commit

Permalink
Set nodeSelector on jobs and allow empty nodeSelector
Browse files Browse the repository at this point in the history
Switch to a pointer for nodeSelector to allow different logic for empty vs unset
  • Loading branch information
olliewalsh committed Nov 20, 2024
1 parent 340c4d7 commit c3bdb36
Show file tree
Hide file tree
Showing 11 changed files with 59 additions and 13 deletions.
2 changes: 1 addition & 1 deletion api/v1beta1/galera_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ type GaleraSpecCore struct {
Replicas *int32 `json:"replicas"`
// +kubebuilder:validation:Optional
// NodeSelector to target subset of worker nodes running this service
NodeSelector map[string]string `json:"nodeSelector,omitempty"`
NodeSelector *map[string]string `json:"nodeSelector,omitempty"`
// +kubebuilder:validation:Optional
// Customize config using this parameter to change service defaults,
// or overwrite rendered information using raw MariaDB config format.
Expand Down
10 changes: 7 additions & 3 deletions api/v1beta1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions controllers/mariadbaccount_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -282,7 +282,7 @@ func (r *MariaDBAccountReconciler) reconcileCreate(

log.Info(fmt.Sprintf("Running account create '%s' MariaDBDatabase '%s'", instance.Name, mariadbDatabaseName))

jobDef, err := mariadb.CreateDbAccountJob(instance, mariadbDatabase.Spec.Name, dbHostname, dbAdminSecret, dbContainerImage, serviceAccountName)
jobDef, err := mariadb.CreateDbAccountJob(instance, mariadbDatabase.Spec.Name, dbHostname, dbAdminSecret, dbContainerImage, serviceAccountName, dbGalera.Spec.NodeSelector)
if err != nil {
return ctrl.Result{}, err
}
Expand Down Expand Up @@ -507,7 +507,7 @@ func (r *MariaDBAccountReconciler) reconcileDelete(

log.Info(fmt.Sprintf("Running account delete '%s' MariaDBDatabase '%s'", instance.Name, mariadbDatabaseName))

jobDef, err := mariadb.DeleteDbAccountJob(instance, mariadbDatabase.Spec.Name, dbHostname, dbAdminSecret, dbContainerImage, serviceAccountName)
jobDef, err := mariadb.DeleteDbAccountJob(instance, mariadbDatabase.Spec.Name, dbHostname, dbAdminSecret, dbContainerImage, serviceAccountName, dbGalera.Spec.NodeSelector)
if err != nil {
return ctrl.Result{}, err
}
Expand Down
2 changes: 1 addition & 1 deletion controllers/mariadbdatabase_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -195,7 +195,7 @@ func (r *MariaDBDatabaseReconciler) Reconcile(ctx context.Context, req ctrl.Requ
)

// Define a new Job object (hostname, password, containerImage)
jobDef, err := mariadb.DbDatabaseJob(instance, dbHostname, dbSecret, dbContainerImage, serviceAccount, useTLS)
jobDef, err := mariadb.DbDatabaseJob(instance, dbHostname, dbSecret, dbContainerImage, serviceAccount, useTLS, dbGalera.Spec.NodeSelector)
if err != nil {
return ctrl.Result{}, err
}
Expand Down
12 changes: 10 additions & 2 deletions pkg/mariadb/account.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ type accountCreateOrDeleteOptions struct {
RequireTLS string
}

func CreateDbAccountJob(account *databasev1beta1.MariaDBAccount, databaseName string, databaseHostName string, databaseSecret string, containerImage string, serviceAccountName string) (*batchv1.Job, error) {
func CreateDbAccountJob(account *databasev1beta1.MariaDBAccount, databaseName string, databaseHostName string, databaseSecret string, containerImage string, serviceAccountName string, nodeSelector *map[string]string) (*batchv1.Job, error) {
var tlsStatement string
if account.Spec.RequireTLS {
tlsStatement = " REQUIRE SSL"
Expand Down Expand Up @@ -90,10 +90,14 @@ func CreateDbAccountJob(account *databasev1beta1.MariaDBAccount, databaseName st
},
}

if nodeSelector != nil {
job.Spec.Template.Spec.NodeSelector = *nodeSelector
}

return job, nil
}

func DeleteDbAccountJob(account *databasev1beta1.MariaDBAccount, databaseName string, databaseHostName string, databaseSecret string, containerImage string, serviceAccountName string) (*batchv1.Job, error) {
func DeleteDbAccountJob(account *databasev1beta1.MariaDBAccount, databaseName string, databaseHostName string, databaseSecret string, containerImage string, serviceAccountName string, nodeSelector *map[string]string) (*batchv1.Job, error) {

opts := accountCreateOrDeleteOptions{account.Spec.UserName, databaseName, databaseHostName, "root", ""}

Expand Down Expand Up @@ -140,5 +144,9 @@ func DeleteDbAccountJob(account *databasev1beta1.MariaDBAccount, databaseName st
},
}

if nodeSelector != nil {
job.Spec.Template.Spec.NodeSelector = *nodeSelector
}

return job, nil
}
12 changes: 10 additions & 2 deletions pkg/mariadb/database.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ type dbCreateOptions struct {
}

// DbDatabaseJob -
func DbDatabaseJob(database *databasev1beta1.MariaDBDatabase, databaseHostName string, databaseSecret string, containerImage string, serviceAccountName string, useTLS bool) (*batchv1.Job, error) {
func DbDatabaseJob(database *databasev1beta1.MariaDBDatabase, databaseHostName string, databaseSecret string, containerImage string, serviceAccountName string, useTLS bool, nodeSelector *map[string]string) (*batchv1.Job, error) {
var tlsStatement string
if useTLS {
tlsStatement = " REQUIRE SSL"
Expand Down Expand Up @@ -115,11 +115,15 @@ func DbDatabaseJob(database *databasev1beta1.MariaDBDatabase, databaseHostName s
},
}

if nodeSelector != nil && len(*nodeSelector) > 0 {
job.Spec.Template.Spec.NodeSelector = *nodeSelector
}

return job, nil
}

// DeleteDbDatabaseJob -
func DeleteDbDatabaseJob(database *databasev1beta1.MariaDBDatabase, databaseHostName string, databaseSecret string, containerImage string, serviceAccountName string) (*batchv1.Job, error) {
func DeleteDbDatabaseJob(database *databasev1beta1.MariaDBDatabase, databaseHostName string, databaseSecret string, containerImage string, serviceAccountName string, nodeSelector *map[string]string) (*batchv1.Job, error) {

opts := dbCreateOptions{
database.Spec.Name,
Expand Down Expand Up @@ -206,5 +210,9 @@ func DeleteDbDatabaseJob(database *databasev1beta1.MariaDBDatabase, databaseHost
},
}

if nodeSelector != nil {
job.Spec.Template.Spec.NodeSelector = *nodeSelector
}

return job, nil
}
4 changes: 2 additions & 2 deletions pkg/mariadb/statefulset.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,8 +78,8 @@ func StatefulSet(g *mariadbv1.Galera, configHash string) *appsv1.StatefulSet {
},
corev1.LabelHostname,
)
if len(g.Spec.NodeSelector) > 0 {
sts.Spec.Template.Spec.NodeSelector = g.Spec.NodeSelector
if g.Spec.NodeSelector != nil {
sts.Spec.Template.Spec.NodeSelector = *g.Spec.NodeSelector
}

return sts
Expand Down
7 changes: 7 additions & 0 deletions tests/kuttl/tests/account_create/01-assert.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ spec:
replicas: 1
secret: osp-secret
storageRequest: 500M
nodeSelector:
node-role.kubernetes.io/worker: ""
status:
bootstrapped: true
conditions:
Expand Down Expand Up @@ -72,6 +74,8 @@ spec:
cr: galera-openstack
galera/name: openstack
spec:
nodeSelector:
node-role.kubernetes.io/worker: ""
containers:
- command:
- /usr/bin/dumb-init
Expand All @@ -96,6 +100,9 @@ apiVersion: v1
kind: Pod
metadata:
name: openstack-galera-0
spec:
nodeSelector:
node-role.kubernetes.io/worker: ""
---
apiVersion: v1
kind: Service
Expand Down
2 changes: 2 additions & 0 deletions tests/kuttl/tests/account_create/01-deploy_galera.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,5 @@ spec:
storageClass: local-storage
storageRequest: 500M
replicas: 1
nodeSelector:
node-role.kubernetes.io/worker: ""
5 changes: 5 additions & 0 deletions tests/kuttl/tests/account_create/02-assert.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,10 @@ apiVersion: batch/v1
kind: Job
metadata:
name: kuttldb-accounttest-db-create
spec:
template:
spec:
nodeSelector:
node-role.kubernetes.io/worker: ""
status:
succeeded: 1
12 changes: 12 additions & 0 deletions tests/kuttl/tests/account_create/05-assert.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,15 @@ commands:
${MARIADB_KUTTL_DIR:-tests/kuttl/tests}/../common/scripts/check_db_account.sh openstack-galera-0 kuttldb_accounttest someuser dbsecret1
# ensure db users are configured without TLS connection restriction
oc rsh -n ${NAMESPACE} -c galera openstack-galera-0 /bin/sh -c 'mysql -uroot -p${DB_ROOT_PASSWORD} -e "show grants for \`someuser\`@\`%\`;"' | grep 'GRANT USAGE' | grep -v 'REQUIRE SSL'
---
apiVersion: batch/v1
kind: Job
metadata:
name: someuser-account-create
spec:
template:
spec:
nodeSelector:
node-role.kubernetes.io/worker: ""
status:
succeeded: 1

0 comments on commit c3bdb36

Please sign in to comment.