Skip to content

Commit

Permalink
feat: setup admission webhook (#236)
Browse files Browse the repository at this point in the history
* feat: setup admission webhook

* chore: change package version

* fix: e2e failed

* fix: e2e failed

* fix: e2e failed

* chore: change admission webhook cert directory

* chore: change kafka metadataVersion to 3.9

* fix: change kafka metadataVersion version to string
  • Loading branch information
daviderli614 authored Dec 25, 2024
1 parent a390045 commit 967064b
Show file tree
Hide file tree
Showing 5 changed files with 54 additions and 16 deletions.
25 changes: 25 additions & 0 deletions cmd/operator/app/command.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (

monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
"github.com/spf13/cobra"
admissionv1 "k8s.io/api/admission/v1"
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
"k8s.io/apimachinery/pkg/runtime"
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
Expand All @@ -30,6 +31,7 @@ import (
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/healthz"
metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
"sigs.k8s.io/controller-runtime/pkg/webhook"

"github.com/GreptimeTeam/greptimedb-operator/apis/v1alpha1"
"github.com/GreptimeTeam/greptimedb-operator/cmd/operator/app/options"
Expand Down Expand Up @@ -63,6 +65,9 @@ func init() {
// Add [PodMetrics](https://github.com/kubernetes/metrics/blob/master/pkg/apis/metrics/v1beta1/types.go) for fetching PodMetrics from metrics-server.
utilruntime.Must(podmetricsv1beta1.AddToScheme(scheme))

// Add admission webhook scheme.
utilruntime.Must(admissionv1.AddToScheme(scheme))

// +kubebuilder:scaffold:scheme
}

Expand All @@ -77,6 +82,14 @@ func NewOperatorCommand() *cobra.Command {
setupLog := ctrl.Log.WithName("setup")
cfg := ctrl.GetConfigOrDie()

webhookServer := webhook.NewServer(webhook.Options{})
if o.EnableAdmissionWebhook {
webhookServerOptions := webhook.Options{
Port: o.AdmissionWebhookPort,
CertDir: o.AdmissionWebhookCertDir,
}
webhookServer = webhook.NewServer(webhookServerOptions)
}
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
Scheme: scheme,
HealthProbeBindAddress: o.HealthProbeAddr,
Expand All @@ -85,6 +98,7 @@ func NewOperatorCommand() *cobra.Command {
Metrics: metricsserver.Options{
BindAddress: o.MetricsAddr,
},
WebhookServer: webhookServer,
})
if err != nil {
setupLog.Error(err, "unable to start manager")
Expand All @@ -111,6 +125,17 @@ func NewOperatorCommand() *cobra.Command {
os.Exit(1)
}

if o.EnableAdmissionWebhook {
if err := (&v1alpha1.GreptimeDBCluster{}).SetupWebhookWithManager(mgr); err != nil {
setupLog.Error(err, "unable to setup admission webhook", "controller", "greptimedbcluster")
os.Exit(1)
}
if err := (&v1alpha1.GreptimeDBStandalone{}).SetupWebhookWithManager(mgr); err != nil {
setupLog.Error(err, "unable to setup admission webhook", "controller", "greptimedbstandalone")
os.Exit(1)
}
}

if o.EnableAPIServer {
server, err := apiserver.NewServer(mgr, &apiserver.Options{
Port: o.APIServerPort,
Expand Down
39 changes: 25 additions & 14 deletions cmd/operator/app/options/options.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,27 +19,35 @@ import (
)

const (
defaultMetricsAddr = ":8080"
defaultHealthProbeAddr = ":9494"
defaultAPIServerPort = 8081
defaultMetricsAddr = ":8080"
defaultHealthProbeAddr = ":9494"
defaultAPIServerPort = 8081
defaultAdmissionWebhookPort = 8082
defaultAdmissionWebhookCertDir = "/etc/greptimedb/admission-webhook-tls"
)

type Options struct {
MetricsAddr string
HealthProbeAddr string
EnableLeaderElection bool
EnableAPIServer bool
APIServerPort int32
EnablePodMetrics bool
MetricsAddr string
HealthProbeAddr string
EnableLeaderElection bool
EnableAPIServer bool
APIServerPort int32
EnablePodMetrics bool
EnableAdmissionWebhook bool
AdmissionWebhookPort int
AdmissionWebhookCertDir string
}

func NewDefaultOptions() *Options {
return &Options{
MetricsAddr: defaultMetricsAddr,
HealthProbeAddr: defaultHealthProbeAddr,
APIServerPort: defaultAPIServerPort,
EnableAPIServer: false,
EnablePodMetrics: false,
MetricsAddr: defaultMetricsAddr,
HealthProbeAddr: defaultHealthProbeAddr,
APIServerPort: defaultAPIServerPort,
EnableAPIServer: false,
EnablePodMetrics: false,
EnableAdmissionWebhook: false,
AdmissionWebhookPort: defaultAdmissionWebhookPort,
AdmissionWebhookCertDir: defaultAdmissionWebhookCertDir,
}
}

Expand All @@ -50,4 +58,7 @@ func (o *Options) AddFlags(fs *pflag.FlagSet) {
fs.BoolVar(&o.EnableAPIServer, "enable-apiserver", o.EnableAPIServer, "Enable API server for GreptimeDB operator.")
fs.Int32Var(&o.APIServerPort, "apiserver-port", o.APIServerPort, "The port the API server binds to.")
fs.BoolVar(&o.EnablePodMetrics, "enable-pod-metrics", o.EnablePodMetrics, "Enable fetching PodMetrics from metrics-server.")
fs.BoolVar(&o.EnableAdmissionWebhook, "enable-admission-webhook", o.EnableAdmissionWebhook, "Enable admission webhook for GreptimeDB operator.")
fs.IntVar(&o.AdmissionWebhookPort, "admission-webhook-port", o.AdmissionWebhookPort, "The port the admission webhook binds to.")
fs.StringVar(&o.AdmissionWebhookCertDir, "admission-webhook-cert-dir", o.AdmissionWebhookCertDir, "The directory that contains the server key and certificate.")
}
1 change: 1 addition & 0 deletions config/manager/manager.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ spec:
args:
- --enable-leader-election
image: controller:latest
imagePullPolicy: IfNotPresent
name: manager
livenessProbe:
httpGet:
Expand Down
1 change: 1 addition & 0 deletions manifests/bundle.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22475,6 +22475,7 @@ spec:
command:
- greptimedb-operator
image: greptime/greptimedb-operator:latest
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /healthz
Expand Down
4 changes: 2 additions & 2 deletions tests/e2e/setup/kafka-wal.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,8 @@ metadata:
strimzi.io/kraft: enabled
spec:
kafka:
version: 3.7.0
metadataVersion: 3.7-IV4
version: 3.9.0
metadataVersion: "3.9"
listeners:
- name: plain
port: 9092
Expand Down

0 comments on commit 967064b

Please sign in to comment.