Skip to content

Commit

Permalink
Factorize Kibana and APM deployments to use hash comparison (elastic#…
Browse files Browse the repository at this point in the history 
…1820)

* Factorize Kibana and APM deployments to use a hash

Use a hash for APM deployments comparison, similar to what we do for
Kibana.
Since both can reuse the same deployment reconciliation mechanism, make
it a common pkg.

* Add missing license header
  • Loading branch information
@sebgl
sebgl committed Oct 1, 2019
1 parent 66d8524 commit 13cc776
Show file tree
Hide file tree
Showing 10 changed files with 305 additions and 400 deletions.
18 changes: 9 additions & 9 deletions pkg/controller/apmserver/apmserver_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
"github.com/elastic/cloud-on-k8s/pkg/controller/common/certificates"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/certificates/http"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/defaults"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/deployment"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/driver"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/events"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/finalizer"
Expand Down Expand Up @@ -307,7 +308,7 @@ func (r *ReconcileApmServer) reconcileApmServerSecret(as *apmv1alpha1.ApmServer)
func (r *ReconcileApmServer) deploymentParams(
as *apmv1alpha1.ApmServer,
params PodSpecParams,
) (DeploymentParams, error) {
) (deployment.Params, error) {

podSpec := newPodSpec(as, params)
podLabels := labels.NewLabels(as.Name)
Expand Down Expand Up @@ -337,7 +338,7 @@ func (r *ReconcileApmServer) deploymentParams(
var esPublicCASecret corev1.Secret
key := types.NamespacedName{Namespace: as.Namespace, Name: esCASecretName}
if err := r.Get(key, &esPublicCASecret); err != nil {
return DeploymentParams{}, err
return deployment.Params{}, err
}
if certPem, ok := esPublicCASecret.Data[certificates.CertFileName]; ok {
certsChecksum = fmt.Sprintf("%x", sha256.Sum224(certPem))
Expand Down Expand Up @@ -365,7 +366,7 @@ func (r *ReconcileApmServer) deploymentParams(
Name: certificates.HTTPCertsInternalSecretName(apmname.APMNamer, as.Name),
}, &httpCerts)
if err != nil {
return DeploymentParams{}, err
return deployment.Params{}, err
}
if httpCert, ok := httpCerts.Data[certificates.CertFileName]; ok {
_, _ = configChecksum.Write(httpCert)
Expand All @@ -379,15 +380,14 @@ func (r *ReconcileApmServer) deploymentParams(
podLabels[configChecksumLabelName] = fmt.Sprintf("%x", configChecksum.Sum(nil))
// TODO: also need to hash secret token?

deploymentLabels := labels.NewLabels(as.Name)
podSpec.Labels = defaults.SetDefaultLabels(podSpec.Labels, podLabels)

return DeploymentParams{
return deployment.Params{
Name: apmname.Deployment(as.Name),
Namespace: as.Namespace,
Replicas: as.Spec.NodeCount,
Selector: deploymentLabels,
Labels: deploymentLabels,
Selector: labels.NewLabels(as.Name),
Labels: labels.NewLabels(as.Name),
PodTemplateSpec: podSpec,
}, nil
}
Expand Down Expand Up @@ -432,8 +432,8 @@ func (r *ReconcileApmServer) reconcileApmServerDeployment(
return state, err
}

deploy := NewDeployment(params)
result, err := r.ReconcileDeployment(deploy, as)
deploy := deployment.New(params)
result, err := deployment.Reconcile(r.K8sClient(), r.Scheme(), deploy, as)
if err != nil {
return state, err
}
Expand Down
181 changes: 92 additions & 89 deletions pkg/controller/apmserver/apmserver_controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"github.com/elastic/cloud-on-k8s/pkg/controller/common/certificates"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/certificates/http"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/defaults"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/deployment"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/keystore"
"github.com/elastic/cloud-on-k8s/pkg/controller/common/watches"
"github.com/elastic/cloud-on-k8s/pkg/utils/k8s"
Expand All @@ -28,7 +29,9 @@ import (

var certSecretName = "test-apm-server-apm-http-certs-internal" // nolint

type testParams = DeploymentParams
type testParams struct {
deployment.Params
}

func (tp testParams) withConfigChecksum(checksum string) testParams {
tp.PodTemplateSpec.Labels["apm.k8s.elastic.co/config-file-checksum"] = checksum
Expand Down Expand Up @@ -78,113 +81,113 @@ func (tp testParams) withInitContainer() testParams {

func expectedDeploymentParams() testParams {
false := false
return DeploymentParams{
Name: "test-apm-server-apm-server",
Namespace: "",
Selector: map[string]string{"apm.k8s.elastic.co/name": "test-apm-server", "common.k8s.elastic.co/type": "apm-server"},
Labels: map[string]string{"apm.k8s.elastic.co/name": "test-apm-server", "common.k8s.elastic.co/type": "apm-server"},
PodTemplateSpec: corev1.PodTemplateSpec{
ObjectMeta: metav1.ObjectMeta{
Labels: map[string]string{
"common.k8s.elastic.co/type": "apm-server",
"apm.k8s.elastic.co/name": "test-apm-server",
"apm.k8s.elastic.co/config-file-checksum": "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f",
},
},
Spec: corev1.PodSpec{
Volumes: []corev1.Volume{
{
Name: "config",
VolumeSource: corev1.VolumeSource{
Secret: &corev1.SecretVolumeSource{
SecretName: "test-apm-config",
Optional: &false,
},
},
},
{
Name: "config-volume",
VolumeSource: corev1.VolumeSource{
EmptyDir: &corev1.EmptyDirVolumeSource{},
},
},
{
Name: http.HTTPCertificatesSecretVolumeName,
VolumeSource: corev1.VolumeSource{
Secret: &corev1.SecretVolumeSource{
SecretName: certSecretName,
Optional: &false,
},
},
return testParams{
deployment.Params{
Name: "test-apm-server-apm-server",
Namespace: "",
Selector: map[string]string{"apm.k8s.elastic.co/name": "test-apm-server", "common.k8s.elastic.co/type": "apm-server"},
Labels: map[string]string{"apm.k8s.elastic.co/name": "test-apm-server", "common.k8s.elastic.co/type": "apm-server"},
PodTemplateSpec: corev1.PodTemplateSpec{
ObjectMeta: metav1.ObjectMeta{
Labels: map[string]string{
"common.k8s.elastic.co/type": "apm-server",
"apm.k8s.elastic.co/name": "test-apm-server",
"apm.k8s.elastic.co/config-file-checksum": "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f",
},
},
Containers: []corev1.Container{{
VolumeMounts: []corev1.VolumeMount{
Spec: corev1.PodSpec{
Volumes: []corev1.Volume{
{
Name: "config",
ReadOnly: true,
MountPath: "/usr/share/apm-server/config/config-secret",
Name: "config",
VolumeSource: corev1.VolumeSource{
Secret: &corev1.SecretVolumeSource{
SecretName: "test-apm-config",
Optional: &false,
},
},
},
{
Name: "config-volume",
ReadOnly: false,
MountPath: "/usr/share/apm-server/config",
Name: "config-volume",
VolumeSource: corev1.VolumeSource{
EmptyDir: &corev1.EmptyDirVolumeSource{},
},
},
{
Name: "elastic-internal-http-certificates",
ReadOnly: true,
MountPath: "/mnt/elastic-internal/http-certs",
Name: http.HTTPCertificatesSecretVolumeName,
VolumeSource: corev1.VolumeSource{
Secret: &corev1.SecretVolumeSource{
SecretName: certSecretName,
Optional: &false,
},
},
},
},
Name: apmv1alpha1.APMServerContainerName,
Image: "docker.elastic.co/apm/apm-server:1.0",
Command: []string{
"apm-server",
"run",
"-e",
"-c",
"config/config-secret/apm-server.yml",
},
Env: append(defaults.PodDownwardEnvVars, corev1.EnvVar{
Name: "SECRET_TOKEN",
ValueFrom: &corev1.EnvVarSource{
SecretKeyRef: &corev1.SecretKeySelector{
LocalObjectReference: corev1.LocalObjectReference{
Name: "test-apm-server-apm-token",
Containers: []corev1.Container{{
VolumeMounts: []corev1.VolumeMount{
{
Name: "config",
ReadOnly: true,
MountPath: "/usr/share/apm-server/config/config-secret",
},
{
Name: "config-volume",
ReadOnly: false,
MountPath: "/usr/share/apm-server/config",
},
{
Name: "elastic-internal-http-certificates",
ReadOnly: true,
MountPath: "/mnt/elastic-internal/http-certs",
},
},
Name: apmv1alpha1.APMServerContainerName,
Image: "docker.elastic.co/apm/apm-server:1.0",
Command: []string{
"apm-server",
"run",
"-e",
"-c",
"config/config-secret/apm-server.yml",
},
Env: append(defaults.PodDownwardEnvVars, corev1.EnvVar{
Name: "SECRET_TOKEN",
ValueFrom: &corev1.EnvVarSource{
SecretKeyRef: &corev1.SecretKeySelector{
LocalObjectReference: corev1.LocalObjectReference{
Name: "test-apm-server-apm-token",
},
Key: "secret-token",
},
Key: "secret-token",
},
}),
Ports: []corev1.ContainerPort{
{Name: "http", ContainerPort: int32(8200), Protocol: corev1.ProtocolTCP},
},
}),
Ports: []corev1.ContainerPort{
{Name: "http", ContainerPort: int32(8200), Protocol: corev1.ProtocolTCP},
},
ReadinessProbe: &corev1.Probe{
FailureThreshold: 3,
InitialDelaySeconds: 10,
PeriodSeconds: 10,
SuccessThreshold: 1,
TimeoutSeconds: 5,
Handler: corev1.Handler{
HTTPGet: &corev1.HTTPGetAction{
Port: intstr.FromInt(8200),
Path: "/",
Scheme: corev1.URISchemeHTTPS,
ReadinessProbe: &corev1.Probe{
FailureThreshold: 3,
InitialDelaySeconds: 10,
PeriodSeconds: 10,
SuccessThreshold: 1,
TimeoutSeconds: 5,
Handler: corev1.Handler{
HTTPGet: &corev1.HTTPGetAction{
Port: intstr.FromInt(8200),
Path: "/",
Scheme: corev1.URISchemeHTTPS,
},
},
},
},
Resources: DefaultResources,
}},
AutomountServiceAccountToken: &false,
Resources: DefaultResources,
}},
AutomountServiceAccountToken: &false,
},
},
Replicas: 0,
},
Replicas: 0,
}

}

func TestReconcileApmServer_deploymentParams(t *testing.T) {

s := scheme.Scheme
if err := apmv1alpha1.SchemeBuilder.AddToScheme(s); err != nil {
t.Error(err)
Expand Down Expand Up @@ -345,7 +348,7 @@ func TestReconcileApmServer_deploymentParams(t *testing.T) {
return
}
deep.MaxDepth = 15
if diff := deep.Equal(got, tt.want); diff != nil {
if diff := deep.Equal(got, tt.want.Params); diff != nil {
t.Error(diff)
}
})
Expand Down
77 changes: 0 additions & 77 deletions pkg/controller/apmserver/deployment_control.go
View file

This file was deleted.

0 comments on commit 13cc776

Please sign in to comment.