diff --git a/README.md b/README.md index 4a65746..0cea9d3 100644 --- a/README.md +++ b/README.md @@ -93,9 +93,15 @@ $ curl -k -u "$IRONIC_USER:$IRONIC_PASSWORD" https://10.89.0.2:6385/v1/drivers ### More detailed example In this example, a MariaDB database is used instead of SQLite, and a -provisioning network is configured. You will need to generate your TLS -certificates with one more `subjectAltName` in the format `-database..svc` (in this example, `ironic-database.test.svc`). +provisioning network is configured. + +You will need to generate your TLS certificates with one more `subjectAltName` +in the format `-database..svc` (in this example, +`ironic-database.test.svc`). If you want to include the domain, you need to +pass the `CLUSTER_DOMAIN` environment variable to the operator. For example, +`CLUSTER_DOMAIN=cluster.local` will result in +`ironic-database.test.svc.cluster.local` used by Ironic to access the database. + Then another resource needs to be created for the database itself: ```yaml diff --git a/controllers/ironic_controller.go b/controllers/ironic_controller.go index 3b29b25..327f92f 100644 --- a/controllers/ironic_controller.go +++ b/controllers/ironic_controller.go @@ -19,6 +19,7 @@ package controllers import ( "context" "fmt" + "os" "reflect" "time" @@ -63,12 +64,15 @@ func (r *IronicReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctr logger := r.Log.WithValues("Ironic", req.NamespacedName) logger.Info("starting reconcile") + domain := os.Getenv("CLUSTER_DOMAIN") + cctx := ironic.ControllerContext{ Context: ctx, Client: r.Client, KubeClient: r.KubeClient, Scheme: r.Scheme, Logger: logger, + Domain: domain, } ironicConf, err := getIronic(cctx, req.NamespacedName) diff --git a/pkg/ironic/containers.go b/pkg/ironic/containers.go index 520ba0d..1305d57 100644 --- a/pkg/ironic/containers.go +++ b/pkg/ironic/containers.go @@ -126,7 +126,7 @@ func buildCommonEnvVars(ironic *metal3api.Ironic) []corev1.EnvVar { return result } -func buildIronicEnvVars(ironic *metal3api.Ironic, db *metal3api.IronicDatabase, htpasswd string) []corev1.EnvVar { +func buildIronicEnvVars(ironic *metal3api.Ironic, db *metal3api.IronicDatabase, htpasswd string, domain string) []corev1.EnvVar { result := buildCommonEnvVars(ironic) result = append(result, []corev1.EnvVar{ { @@ -154,7 +154,7 @@ func buildIronicEnvVars(ironic *metal3api.Ironic, db *metal3api.IronicDatabase, result = append(result, corev1.EnvVar{ Name: "MARIADB_HOST", - Value: DatabaseDNSName(db), + Value: DatabaseDNSName(db, domain), }, ) } @@ -390,7 +390,7 @@ func newDnsmasqContainer(ironic *metal3api.Ironic) corev1.Container { } } -func newIronicPodTemplate(ironic *metal3api.Ironic, db *metal3api.IronicDatabase, apiSecret *corev1.Secret) (corev1.PodTemplateSpec, error) { +func newIronicPodTemplate(ironic *metal3api.Ironic, db *metal3api.IronicDatabase, apiSecret *corev1.Secret, domain string) (corev1.PodTemplateSpec, error) { var htpasswd string if apiSecret != nil { if len(apiSecret.Data[htpasswdKey]) == 0 { @@ -436,7 +436,7 @@ func newIronicPodTemplate(ironic *metal3api.Ironic, db *metal3api.IronicDatabase Image: ironic.Spec.Images.Ironic, ImagePullPolicy: corev1.PullAlways, Command: []string{"/bin/runironic"}, - Env: buildIronicEnvVars(ironic, db, htpasswd), + Env: buildIronicEnvVars(ironic, db, htpasswd, domain), VolumeMounts: mounts, SecurityContext: &corev1.SecurityContext{ RunAsUser: pointer.Int64(ironicUser), diff --git a/pkg/ironic/database.go b/pkg/ironic/database.go index 0382c7e..3ddbc1f 100644 --- a/pkg/ironic/database.go +++ b/pkg/ironic/database.go @@ -21,8 +21,11 @@ func databaseDeploymentName(db *metal3api.IronicDatabase) string { return fmt.Sprintf("%s-database", db.Name) } -func DatabaseDNSName(db *metal3api.IronicDatabase) string { - return fmt.Sprintf("%s.%s.%s:%d", databaseDeploymentName(db), db.Namespace, serviceDNSSuffix, databasePort) +func DatabaseDNSName(db *metal3api.IronicDatabase, domain string) string { + if domain != "" && domain[0] != '.' { + domain = fmt.Sprintf(".%s", domain) + } + return fmt.Sprintf("%s.%s.%s%s:%d", databaseDeploymentName(db), db.Namespace, serviceDNSSuffix, domain, databasePort) } func commonDatabaseVars(db *metal3api.IronicDatabase) []corev1.EnvVar { diff --git a/pkg/ironic/ironic.go b/pkg/ironic/ironic.go index fd528c2..5215819 100644 --- a/pkg/ironic/ironic.go +++ b/pkg/ironic/ironic.go @@ -21,7 +21,7 @@ func ironicDeploymentName(ironic *metal3api.Ironic) string { } func ensureIronicDaemonSet(cctx ControllerContext, ironic *metal3api.Ironic, db *metal3api.IronicDatabase, apiSecret *corev1.Secret) (status metal3api.IronicStatusConditionType, err error) { - template, err := newIronicPodTemplate(ironic, db, apiSecret) + template, err := newIronicPodTemplate(ironic, db, apiSecret, cctx.Domain) if err != nil { return metal3api.IronicStatusProgressing, err } @@ -50,7 +50,7 @@ func ensureIronicDaemonSet(cctx ControllerContext, ironic *metal3api.Ironic, db } func ensureIronicDeployment(cctx ControllerContext, ironic *metal3api.Ironic, db *metal3api.IronicDatabase, apiSecret *corev1.Secret) (status metal3api.IronicStatusConditionType, err error) { - template, err := newIronicPodTemplate(ironic, db, apiSecret) + template, err := newIronicPodTemplate(ironic, db, apiSecret, cctx.Domain) if err != nil { return metal3api.IronicStatusProgressing, err } diff --git a/pkg/ironic/utils.go b/pkg/ironic/utils.go index b5b88dc..56f67d0 100644 --- a/pkg/ironic/utils.go +++ b/pkg/ironic/utils.go @@ -33,6 +33,7 @@ type ControllerContext struct { KubeClient kubernetes.Interface Scheme *runtime.Scheme Logger logr.Logger + Domain string } func getDeploymentStatus(deploy *appsv1.Deployment) (metal3api.IronicStatusConditionType, error) {