migrate addons to controller-runtime

This commit merges token exchange addon and maintenance addon into a single operator and migrates it to controller-runtime. This operator is now considered a single addon and is deployed as such. Due to this change reconciles are now driven via events and watches as opposed to the previous periodic resync approach. These events are handled much more efficiently and will provide better resource utilization and faster event handling. Signed-off-by: Umanga Chapagain <chapagainumanga@gmail.com>
red-hat-storage · Feb 22, 2024 · 7ba19be · 7ba19be
1 parent 3675a7b
commit 7ba19be
Show file tree

Hide file tree

Showing 47 changed files with 623 additions and 1,954 deletions.
diff --git a/...n-exchange/agent_mirrorpeer_controller.go → addons/agent_mirrorpeer_controller.go b/...n-exchange/agent_mirrorpeer_controller.go → addons/agent_mirrorpeer_controller.go
@@ -52,16 +52,6 @@ type MirrorPeerReconciler struct {
 	SpokeClusterName string
 }
 
-const (
-	RookCSIEnableKey          = "CSI_ENABLE_OMAP_GENERATOR"
-	RookConfigMapName         = "rook-ceph-operator-config"
-	RBDProvisionerTemplate    = "%s.rbd.csi.ceph.com"
-	RamenLabelTemplate        = "ramendr.openshift.io/%s"
-	StorageIDKey              = "storageid"
-	CephFSProvisionerTemplate = "%s.cephfs.csi.ceph.com"
-	SpokeMirrorPeerFinalizer  = "spoke.multicluster.odf.openshift.io"
-)
-
 // Reconcile is part of the main kubernetes reconciliation loop which aims to
 // move the current state of the cluster closer to the desired state.
 //

diff --git a/...hange/agent_mirrorpeer_controller_test.go → addons/agent_mirrorpeer_controller_test.go b/...hange/agent_mirrorpeer_controller_test.go → addons/agent_mirrorpeer_controller_test.go
diff --git a/addons/blue_secret_controller.go b/addons/blue_secret_controller.go
@@ -0,0 +1,77 @@
+package addons
+
+import (
+	"context"
+
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/builder"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/event"
+	"sigs.k8s.io/controller-runtime/pkg/handler"
+	"sigs.k8s.io/controller-runtime/pkg/predicate"
+	"sigs.k8s.io/controller-runtime/pkg/source"
+
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/klog/v2"
+)
+
+// BlueSecretReconciler reconciles a MirrorPeer object
+type BlueSecretReconciler struct {
+	Scheme           *runtime.Scheme
+	HubClient        client.Client
+	SpokeClient      client.Client
+	SpokeClusterName string
+}
+
+// SetupWithManager sets up the controller with the Manager.
+func (r *BlueSecretReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	isBlueSecret := func(obj interface{}) bool {
+		return getBlueSecretFilterForRook(obj)
+	}
+
+	blueSecretPredicate := predicate.Funcs{
+		CreateFunc: func(e event.CreateEvent) bool {
+			return isBlueSecret(e.Object)
+		},
+		DeleteFunc: func(e event.DeleteEvent) bool {
+			return isBlueSecret(e.Object)
+		},
+		UpdateFunc: func(e event.UpdateEvent) bool {
+			return isBlueSecret(e.ObjectNew)
+		},
+		GenericFunc: func(_ event.GenericEvent) bool {
+			return false
+		},
+	}
+
+	return ctrl.NewControllerManagedBy(mgr).
+		Named("bluesecret_controller").
+		Watches(&source.Kind{Type: &corev1.Secret{}}, &handler.EnqueueRequestForObject{},
+			builder.WithPredicates(predicate.GenerationChangedPredicate{}, blueSecretPredicate)).
+		Complete(r)
+}
+
+func (r *BlueSecretReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
+	var err error
+	var secret corev1.Secret
+
+	klog.Infof("Reconciling blue secret", "secret", req.NamespacedName.String())
+	err = r.SpokeClient.Get(ctx, req.NamespacedName, &secret)
+	if err != nil {
+		if errors.IsNotFound(err) {
+			klog.Infof("Could not find secret. Ignoring since it must have been deleted")
+			return ctrl.Result{}, nil
+		}
+		klog.Errorf("Failed to get secret.", err)
+		return ctrl.Result{}, err
+	}
+
+	err = r.syncBlueSecretForRook(ctx, secret)
+	if err != nil {
+		return ctrl.Result{}, err
+	}
+
+	return ctrl.Result{}, nil
+}
diff --git a/addons/blue_secret_controller_test.go b/addons/blue_secret_controller_test.go
@@ -0,0 +1 @@
+package addons
diff --git a/addons/constants.go b/addons/constants.go
@@ -0,0 +1,13 @@
+package addons
+
+const (
+	RBDProvisionerTemplate        = "%s.rbd.csi.ceph.com"
+	MaintenanceModeFinalizer      = "maintenance.multicluster.odf.openshift.io"
+	RBDMirrorDeploymentNamePrefix = "rook-ceph-rbd-mirror"
+	RookCSIEnableKey              = "CSI_ENABLE_OMAP_GENERATOR"
+	RookConfigMapName             = "rook-ceph-operator-config"
+	RamenLabelTemplate            = "ramendr.openshift.io/%s"
+	StorageIDKey                  = "storageid"
+	CephFSProvisionerTemplate     = "%s.cephfs.csi.ceph.com"
+	SpokeMirrorPeerFinalizer      = "spoke.multicluster.odf.openshift.io"
+)
diff --git a/addons/green_secret_controller.go b/addons/green_secret_controller.go
@@ -0,0 +1,87 @@
+package addons
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/red-hat-storage/odf-multicluster-orchestrator/controllers/utils"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/klog/v2"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/builder"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/event"
+	"sigs.k8s.io/controller-runtime/pkg/handler"
+	"sigs.k8s.io/controller-runtime/pkg/predicate"
+	"sigs.k8s.io/controller-runtime/pkg/source"
+)
+
+// GreenSecretReconciler reconciles a MirrorPeer object
+type GreenSecretReconciler struct {
+	Scheme           *runtime.Scheme
+	HubClient        client.Client
+	SpokeClient      client.Client
+	SpokeClusterName string
+}
+
+// SetupWithManager sets up the controller with the Manager.
+func (r *GreenSecretReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	isGreenSecret := func(obj interface{}) bool {
+		metaObj, has := obj.(metav1.Object)
+		if has {
+			return metaObj.GetLabels()[utils.SecretLabelTypeKey] == string(utils.DestinationLabel)
+		}
+		return false
+	}
+
+	greenSecretPredicate := predicate.Funcs{
+		CreateFunc: func(e event.CreateEvent) bool {
+			return isGreenSecret(e.Object)
+		},
+		DeleteFunc: func(e event.DeleteEvent) bool {
+			return isGreenSecret(e.Object)
+		},
+		UpdateFunc: func(e event.UpdateEvent) bool {
+			return isGreenSecret(e.ObjectNew)
+		},
+		GenericFunc: func(_ event.GenericEvent) bool {
+			return false
+		},
+	}
+
+	return ctrl.NewControllerManagedBy(mgr).
+		Named("greensecret_controller").
+		Watches(&source.Kind{Type: &corev1.Secret{}}, &handler.EnqueueRequestForObject{},
+			builder.WithPredicates(predicate.GenerationChangedPredicate{}, greenSecretPredicate)).
+		Complete(r)
+}
+
+func (r *GreenSecretReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
+	var err error
+	var greenSecret corev1.Secret
+
+	klog.Infof("Reconciling green secret", "secret", req.NamespacedName.String())
+	err = r.HubClient.Get(ctx, req.NamespacedName, &greenSecret)
+	if err != nil {
+		if errors.IsNotFound(err) {
+			klog.Infof("Could not find secret. Ignoring since it must have been deleted")
+			return ctrl.Result{}, nil
+		}
+		klog.Errorf("Failed to get secret.", err)
+		return ctrl.Result{}, err
+	}
+
+	if err = validateGreenSecret(greenSecret); err != nil {
+		return ctrl.Result{}, fmt.Errorf("failed to validate secret %q", greenSecret.Name)
+	}
+
+	err = r.syncGreenSecretForRook(ctx, greenSecret)
+	if err != nil {
+		return ctrl.Result{}, err
+	}
+
+	return ctrl.Result{}, nil
+}
diff --git a/addons/green_secret_controller_test.go b/addons/green_secret_controller_test.go
@@ -0,0 +1 @@
+package addons
diff --git a/addons/maintainence-agent/maintainence_mode_agent.go b/addons/maintainence-agent/maintainence_mode_agent.go
diff --git a/addons/maintainence-agent/manager.go b/addons/maintainence-agent/manager.go