diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index b5707cfe..b2b69db1 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -27,18 +27,6 @@ rules: - list - update - watch -- apiGroups: - - apps - resources: - - deployments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - apps resources: diff --git a/controllers/cinderapi_controller.go b/controllers/cinderapi_controller.go index f158264b..50cfa23d 100644 --- a/controllers/cinderapi_controller.go +++ b/controllers/cinderapi_controller.go @@ -41,7 +41,6 @@ import ( keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1" "github.com/openstack-k8s-operators/lib-common/modules/common" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" - "github.com/openstack-k8s-operators/lib-common/modules/common/deployment" "github.com/openstack-k8s-operators/lib-common/modules/common/endpoint" "github.com/openstack-k8s-operators/lib-common/modules/common/env" "github.com/openstack-k8s-operators/lib-common/modules/common/helper" @@ -49,6 +48,7 @@ import ( nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" "github.com/openstack-k8s-operators/lib-common/modules/common/secret" "github.com/openstack-k8s-operators/lib-common/modules/common/service" + "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/util" ) @@ -97,7 +97,7 @@ var ( // +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;create;update;patch;delete;watch // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list; // +kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;create;update;patch;delete;watch -// +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;create;update;patch;delete;watch +// +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;create;update;patch;delete;watch // +kubebuilder:rbac:groups=keystone.openstack.org,resources=keystoneservices,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=keystone.openstack.org,resources=keystoneendpoints,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=k8s.cni.cncf.io,resources=network-attachment-definitions,verbs=get;list;watch @@ -255,7 +255,7 @@ func (r *CinderAPIReconciler) SetupWithManager(mgr ctrl.Manager) error { For(&cinderv1beta1.CinderAPI{}). Owns(&keystonev1.KeystoneService{}). Owns(&keystonev1.KeystoneEndpoint{}). - Owns(&appsv1.Deployment{}). + Owns(&appsv1.StatefulSet{}). Owns(&corev1.Service{}). // watch the secrets we don't own Watches(&source.Kind{Type: &corev1.Secret{}}, @@ -658,14 +658,14 @@ func (r *CinderAPIReconciler) reconcileNormal(ctx context.Context, instance *cin // normal reconcile tasks // - // Define a new Deployment object - deplDef := cinderapi.Deployment(instance, inputHash, serviceLabels, serviceAnnotations) - depl := deployment.NewDeployment( - deplDef, + // Deploy a statefulset + ssDef := cinderapi.StatefulSet(instance, inputHash, serviceLabels, serviceAnnotations) + ss := statefulset.NewStatefulSet( + ssDef, time.Duration(5)*time.Second, ) - ctrlResult, err = depl.CreateOrPatch(ctx, helper) + ctrlResult, err = ss.CreateOrPatch(ctx, helper) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.DeploymentReadyCondition, @@ -682,7 +682,7 @@ func (r *CinderAPIReconciler) reconcileNormal(ctx context.Context, instance *cin condition.DeploymentReadyRunningMessage)) return ctrlResult, nil } - instance.Status.ReadyCount = depl.GetDeployment().Status.ReadyReplicas + instance.Status.ReadyCount = ss.GetStatefulSet().Status.ReadyReplicas // verify if network attachment matches expectations networkReady := false @@ -720,7 +720,7 @@ func (r *CinderAPIReconciler) reconcileNormal(ctx context.Context, instance *cin if instance.Status.ReadyCount > 0 { instance.Status.Conditions.MarkTrue(condition.DeploymentReadyCondition, condition.DeploymentReadyMessage) } - // create Deployment - end + // create StatefulSet - end r.Log.Info(fmt.Sprintf("Reconciled Service '%s' successfully", instance.Name)) return ctrl.Result{}, nil diff --git a/pkg/cinderapi/deployment.go b/pkg/cinderapi/statefuleset.go similarity index 92% rename from pkg/cinderapi/deployment.go rename to pkg/cinderapi/statefuleset.go index 91570e58..16df6552 100644 --- a/pkg/cinderapi/deployment.go +++ b/pkg/cinderapi/statefuleset.go @@ -33,13 +33,13 @@ const ( ServiceCommand = "/usr/local/bin/kolla_set_configs && /usr/local/bin/kolla_start" ) -// Deployment func -func Deployment( +// StatefulSet func +func StatefulSet( instance *cinderv1beta1.CinderAPI, configHash string, labels map[string]string, annotations map[string]string, -) *appsv1.Deployment { +) *appsv1.StatefulSet { runAsUser := int64(0) livenessProbe := &corev1.Probe{ @@ -80,13 +80,13 @@ func Deployment( envVars["KOLLA_CONFIG_STRATEGY"] = env.SetValue("COPY_ALWAYS") envVars["CONFIG_HASH"] = env.SetValue(configHash) - deployment := &appsv1.Deployment{ + statefulset := &appsv1.StatefulSet{ ObjectMeta: metav1.ObjectMeta{ Name: instance.Name, Namespace: instance.Namespace, Labels: labels, }, - Spec: appsv1.DeploymentSpec{ + Spec: appsv1.StatefulSetSpec{ Selector: &metav1.LabelSelector{ MatchLabels: labels, }, @@ -144,7 +144,7 @@ func Deployment( }, }, } - deployment.Spec.Template.Spec.Volumes = GetVolumes( + statefulset.Spec.Template.Spec.Volumes = GetVolumes( cinder.GetOwningCinderName(instance), instance.Name, instance.Spec.ExtraMounts) @@ -152,7 +152,7 @@ func Deployment( // If possible two pods of the same service should not // run on the same worker node. If this is not possible // the get still created on the same worker node. - deployment.Spec.Template.Spec.Affinity = affinity.DistributePods( + statefulset.Spec.Template.Spec.Affinity = affinity.DistributePods( common.AppSelector, []string{ cinder.ServiceName, @@ -160,8 +160,8 @@ func Deployment( corev1.LabelHostname, ) if instance.Spec.NodeSelector != nil && len(instance.Spec.NodeSelector) > 0 { - deployment.Spec.Template.Spec.NodeSelector = instance.Spec.NodeSelector + statefulset.Spec.Template.Spec.NodeSelector = instance.Spec.NodeSelector } - return deployment + return statefulset } diff --git a/test/functional/cinder_controller_test.go b/test/functional/cinder_controller_test.go index a84d4e3d..51ef91f1 100644 --- a/test/functional/cinder_controller_test.go +++ b/test/functional/cinder_controller_test.go @@ -385,7 +385,7 @@ var _ = Describe("Cinder controller", func() { keystone.SimulateKeystoneServiceReady(cinderTest.CinderKeystoneService) }) It("Check the resulting endpoints of the generated sub-CRs", func() { - th.SimulateDeploymentReadyWithPods( + th.SimulateStatefulSetReplicaReadyWithPods( cinderTest.CinderAPI, map[string][]string{cinderName.Namespace + "/internalapi": {"10.0.0.1"}}, ) diff --git a/test/kuttl/common/assert_sample_deployment.yaml b/test/kuttl/common/assert_sample_deployment.yaml index 0be564e0..9d491807 100644 --- a/test/kuttl/common/assert_sample_deployment.yaml +++ b/test/kuttl/common/assert_sample_deployment.yaml @@ -21,7 +21,7 @@ spec: replicas: 1 --- apiVersion: apps/v1 -kind: Deployment +kind: StatefulSet metadata: name: cinder-api ownerReferences: @@ -31,18 +31,13 @@ metadata: kind: CinderAPI name: cinder-api spec: - progressDeadlineSeconds: 600 + podManagementPolicy: OrderedReady replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: component: cinder-api service: cinder - strategy: - rollingUpdate: - maxSurge: 25% - maxUnavailable: 25% - type: RollingUpdate template: metadata: creationTimestamp: null @@ -162,6 +157,10 @@ spec: name: config-data-custom - emptyDir: {} name: logs + updateStrategy: + rollingUpdate: + partition: 0 + type: RollingUpdate status: availableReplicas: 1 replicas: 1