From 8a5b6b140819a5021850859aecd6de1a0481cb90 Mon Sep 17 00:00:00 2001 From: Nicholas Cioli Date: Thu, 11 Jul 2024 20:39:32 -0400 Subject: [PATCH] add operator config for ephemeral volumes --- charts/postgres-operator/crds/operatorconfigurations.yaml | 3 +++ .../postgres-operator/templates/operatorconfiguration.yaml | 1 + charts/postgres-operator/values.yaml | 3 +++ manifests/configmap.yaml | 1 + manifests/operatorconfiguration.crd.yaml | 3 +++ manifests/postgresql-operator-default-configuration.yaml | 1 + pkg/apis/acid.zalan.do/v1/crds.go | 3 +++ pkg/apis/acid.zalan.do/v1/operator_configuration_type.go | 2 ++ pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go | 5 +++++ pkg/cluster/k8sres.go | 3 +++ pkg/controller/operator_config.go | 3 +++ pkg/util/config/config.go | 1 + 12 files changed, 29 insertions(+) diff --git a/charts/postgres-operator/crds/operatorconfigurations.yaml b/charts/postgres-operator/crds/operatorconfigurations.yaml index bf4ae34b1..5976c80ff 100644 --- a/charts/postgres-operator/crds/operatorconfigurations.yaml +++ b/charts/postgres-operator/crds/operatorconfigurations.yaml @@ -692,6 +692,9 @@ spec: enable_patroni_failsafe_mode: type: boolean default: false + allow_ephemeral_volumes: + type: boolean + default: false status: type: object additionalProperties: diff --git a/charts/postgres-operator/templates/operatorconfiguration.yaml b/charts/postgres-operator/templates/operatorconfiguration.yaml index b72bfb899..d09a682c2 100644 --- a/charts/postgres-operator/templates/operatorconfiguration.yaml +++ b/charts/postgres-operator/templates/operatorconfiguration.yaml @@ -42,4 +42,5 @@ configuration: {{ tpl (toYaml .Values.configConnectionPooler) . | indent 4 }} patroni: {{ tpl (toYaml .Values.configPatroni) . | indent 4 }} + allow_ephemeral_volumes: {{ .Values.allowEphemeralVolumes }} {{- end }} diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index 5700ff783..9326f1639 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -454,6 +454,9 @@ configPatroni: # Zalando's internal CDC stream feature enableStreams: false +# Allow ephemeral instances +allowEphemeralVolumes: false + rbac: # Specifies whether RBAC resources should be created create: true diff --git a/manifests/configmap.yaml b/manifests/configmap.yaml index 7f76d0b33..2122afa14 100644 --- a/manifests/configmap.yaml +++ b/manifests/configmap.yaml @@ -7,6 +7,7 @@ data: # additional_pod_capabilities: "SYS_NICE" # additional_secret_mount: "some-secret-name" # additional_secret_mount_path: "/some/dir" + # allow_ephemeral_volumes: true api_port: "8080" aws_region: eu-central-1 cluster_domain: cluster.local diff --git a/manifests/operatorconfiguration.crd.yaml b/manifests/operatorconfiguration.crd.yaml index 887577940..804ecabba 100644 --- a/manifests/operatorconfiguration.crd.yaml +++ b/manifests/operatorconfiguration.crd.yaml @@ -690,6 +690,9 @@ spec: enable_patroni_failsafe_mode: type: boolean default: false + allow_ephemeral_volumes: + type: boolean + default: false status: type: object additionalProperties: diff --git a/manifests/postgresql-operator-default-configuration.yaml b/manifests/postgresql-operator-default-configuration.yaml index ee3123e32..2a401f1cf 100644 --- a/manifests/postgresql-operator-default-configuration.yaml +++ b/manifests/postgresql-operator-default-configuration.yaml @@ -220,3 +220,4 @@ configuration: # connection_pooler_user: "pooler" patroni: enable_patroni_failsafe_mode: false + allow_ephemeral_volumes: false \ No newline at end of file diff --git a/pkg/apis/acid.zalan.do/v1/crds.go b/pkg/apis/acid.zalan.do/v1/crds.go index 9e65869e7..65e104070 100644 --- a/pkg/apis/acid.zalan.do/v1/crds.go +++ b/pkg/apis/acid.zalan.do/v1/crds.go @@ -1966,6 +1966,9 @@ var OperatorConfigCRDResourceValidation = apiextv1.CustomResourceValidation{ }, }, }, + "allow_ephemeral_volums": { + Type: "boolean", + }, }, }, "status": { diff --git a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go index 48fd0a13c..9a42102c9 100644 --- a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go +++ b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go @@ -287,6 +287,8 @@ type OperatorConfigurationData struct { MinInstances int32 `json:"min_instances,omitempty"` MaxInstances int32 `json:"max_instances,omitempty"` IgnoreInstanceLimitsAnnotationKey string `json:"ignore_instance_limits_annotation_key,omitempty"` + + AllowEphemeralVolumes *bool `json:"allow_ephemeral_volumes,omitempty"` } // Duration shortens this frequently used name diff --git a/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go b/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go index 80bc7b34d..30dab7a0d 100644 --- a/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go +++ b/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go @@ -461,6 +461,11 @@ func (in *OperatorConfigurationData) DeepCopyInto(out *OperatorConfigurationData out.LogicalBackup = in.LogicalBackup in.ConnectionPooler.DeepCopyInto(&out.ConnectionPooler) in.Patroni.DeepCopyInto(&out.Patroni) + if in.AllowEphemeralVolumes != nil { + in, out := &in.AllowEphemeralVolumes, &out.AllowEphemeralVolumes + *out = new(bool) + **out = **in + } return } diff --git a/pkg/cluster/k8sres.go b/pkg/cluster/k8sres.go index eb4402f03..1a6f3b885 100644 --- a/pkg/cluster/k8sres.go +++ b/pkg/cluster/k8sres.go @@ -692,6 +692,7 @@ func generateContainer( privilegedMode bool, privilegeEscalationMode *bool, additionalPodCapabilities *v1.Capabilities, + useEphemeralVolumes *bool, ) *v1.Container { return &v1.Container{ Name: name, @@ -1394,6 +1395,7 @@ func (c *Cluster) generateStatefulSet(spec *acidv1.PostgresSpec) (*appsv1.Statef c.OpConfig.Resources.SpiloPrivileged, c.OpConfig.Resources.SpiloAllowPrivilegeEscalation, generateCapabilities(c.OpConfig.AdditionalPodCapabilities), + nil, ) // Patroni responds 200 to probe only if it either owns the leader lock or postgres is running and DCS is accessible @@ -2288,6 +2290,7 @@ func (c *Cluster) generateLogicalBackupJob() (*batchv1.CronJob, error) { c.OpConfig.SpiloPrivileged, // use same value as for normal DB pods c.OpConfig.SpiloAllowPrivilegeEscalation, nil, + nil, ) logicalBackupJobLabel := map[string]string{ diff --git a/pkg/controller/operator_config.go b/pkg/controller/operator_config.go index 88f1d73c0..fb6cd01fd 100644 --- a/pkg/controller/operator_config.go +++ b/pkg/controller/operator_config.go @@ -277,5 +277,8 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur fromCRD.ConnectionPooler.MaxDBConnections, k8sutil.Int32ToPointer(constants.ConnectionPoolerMaxDBConnections)) + // Ephemeral config + result.AllowEphemeralVolumes = util.CoalesceBool(fromCRD.AllowEphemeralVolumes, util.False()) + return result } diff --git a/pkg/util/config/config.go b/pkg/util/config/config.go index 829c1d19e..a38a25cd8 100644 --- a/pkg/util/config/config.go +++ b/pkg/util/config/config.go @@ -253,6 +253,7 @@ type Config struct { EnableSecretsDeletion *bool `name:"enable_secrets_deletion" default:"true"` EnablePersistentVolumeClaimDeletion *bool `name:"enable_persistent_volume_claim_deletion" default:"true"` PersistentVolumeClaimRetentionPolicy map[string]string `name:"persistent_volume_claim_retention_policy" default:"when_deleted:retain,when_scaled:retain"` + AllowEphemeralVolumes *bool `json:"allow_ephemeral_volumes,omitempty"` } // MustMarshal marshals the config or panics