Add initial watcher api conf generation

Implement an initial version of watcher config generation. This change adds a watcher config template and generates a secret with the templated config. Some fields that require changes in the watcher controller like the transporturl and memcached servers. This change also moidifies the WatcherAPI functional tests so the WatcherAPI instances use a different name that the Watcher one, so it's easier to debug.
openstack-k8s-operators · Dec 13, 2024 · cfd6038 · cfd6038
1 parent 3ad65c4
commit cfd6038
Show file tree

Hide file tree

Showing 22 changed files with 428 additions and 35 deletions.
diff --git a/api/bases/watcher.openstack.org_watcherapis.yaml b/api/bases/watcher.openstack.org_watcherapis.yaml
@@ -49,6 +49,10 @@ spec:
                   MariaDB instance name
                   Required to use the mariadb-operator instance to create the DB and user
                 type: string
+              memcachedInstance:
+                description: MemcachedInstance is the name of the Memcached CR that
+                  all watcher service will use.
+                type: string
               passwordSelectors:
                 default:
                   service: WatcherPassword
@@ -64,8 +68,15 @@ spec:
               secret:
                 description: Secret containing all passwords / keys needed
                 type: string
+              serviceUser:
+                default: watcher
+                description: |-
+                  ServiceUser - optional username used for this service to register in
+                  keystone
+                type: string
             required:
             - databaseInstance
+            - memcachedInstance
             - secret
             type: object
           status:

diff --git a/api/bases/watcher.openstack.org_watchers.yaml b/api/bases/watcher.openstack.org_watchers.yaml
@@ -49,6 +49,11 @@ spec:
                   MariaDB instance name
                   Required to use the mariadb-operator instance to create the DB and user
                 type: string
+              memcachedInstance:
+                default: memcached
+                description: MemcachedInstance is the name of the Memcached CR that
+                  all watcher service will use.
+                type: string
               passwordSelectors:
                 default:
                   service: WatcherPassword
@@ -71,6 +76,12 @@ spec:
                 default: osp-secret
                 description: Secret containing all passwords / keys needed
                 type: string
+              serviceUser:
+                default: watcher
+                description: |-
+                  ServiceUser - optional username used for this service to register in
+                  keystone
+                type: string
             required:
             - databaseInstance
             - rabbitMqClusterName

diff --git a/api/v1beta1/common_types.go b/api/v1beta1/common_types.go
@@ -32,6 +32,12 @@ type WatcherCommon struct {
 	// +kubebuilder:default=watcher
 	// DatabaseAccount - MariaDBAccount CR name used for watcher DB, defaults to watcher
 	DatabaseAccount string `json:"databaseAccount"`
+
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:default=watcher
+	// ServiceUser - optional username used for this service to register in
+	// keystone
+	ServiceUser string `json:"serviceUser"`
 }
 
 // WatcherTemplate defines the fields used in the top level CR

diff --git a/api/v1beta1/watcher_types.go b/api/v1beta1/watcher_types.go
@@ -27,6 +27,11 @@ type WatcherSpec struct {
 	// Important: Run "make" to regenerate code after modifying this file
 
 	WatcherTemplate `json:",inline"`
+
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:default=memcached
+	// MemcachedInstance is the name of the Memcached CR that all watcher service will use.
+	MemcachedInstance string `json:"memcachedInstance"`
 }
 
 // WatcherStatus defines the observed state of Watcher

diff --git a/api/v1beta1/watcherapi_types.go b/api/v1beta1/watcherapi_types.go
@@ -27,9 +27,14 @@ type WatcherAPISpec struct {
 	// Important: Run "make" to regenerate code after modifying this file
 
 	WatcherCommon `json:",inline"`
+
 	// +kubebuilder:validation:Required
 	// Secret containing all passwords / keys needed
 	Secret string `json:"secret"`
+
+	// +kubebuilder:validation:Required
+	// MemcachedInstance is the name of the Memcached CR that all watcher service will use.
+	MemcachedInstance string `json:"memcachedInstance"`
 }
 
 // WatcherAPIStatus defines the observed state of WatcherAPI

diff --git a/config/crd/bases/watcher.openstack.org_watcherapis.yaml b/config/crd/bases/watcher.openstack.org_watcherapis.yaml
@@ -49,6 +49,10 @@ spec:
                   MariaDB instance name
                   Required to use the mariadb-operator instance to create the DB and user
                 type: string
+              memcachedInstance:
+                description: MemcachedInstance is the name of the Memcached CR that
+                  all watcher service will use.
+                type: string
               passwordSelectors:
                 default:
                   service: WatcherPassword
@@ -64,8 +68,15 @@ spec:
               secret:
                 description: Secret containing all passwords / keys needed
                 type: string
+              serviceUser:
+                default: watcher
+                description: |-
+                  ServiceUser - optional username used for this service to register in
+                  keystone
+                type: string
             required:
             - databaseInstance
+            - memcachedInstance
             - secret
             type: object
           status:

diff --git a/config/crd/bases/watcher.openstack.org_watchers.yaml b/config/crd/bases/watcher.openstack.org_watchers.yaml
@@ -49,6 +49,11 @@ spec:
                   MariaDB instance name
                   Required to use the mariadb-operator instance to create the DB and user
                 type: string
+              memcachedInstance:
+                default: memcached
+                description: MemcachedInstance is the name of the Memcached CR that
+                  all watcher service will use.
+                type: string
               passwordSelectors:
                 default:
                   service: WatcherPassword
@@ -71,6 +76,12 @@ spec:
                 default: osp-secret
                 description: Secret containing all passwords / keys needed
                 type: string
+              serviceUser:
+                default: watcher
+                description: |-
+                  ServiceUser - optional username used for this service to register in
+                  keystone
+                type: string
             required:
             - databaseInstance
             - rabbitMqClusterName

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
@@ -28,6 +28,38 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - keystone.openstack.org
+  resources:
+  - keystoneapis
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - keystone.openstack.org
+  resources:
+  - keystoneendpoints
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - keystone.openstack.org
+  resources:
+  - keystoneservices
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
 - apiGroups:
   - mariadb.openstack.org
   resources:
@@ -58,6 +90,23 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - memcached.openstack.org
+  resources:
+  - memcacheds
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - memcached.openstack.org
+  resources:
+  - memcacheds/finalizers
+  verbs:
+  - patch
+  - update
 - apiGroups:
   - rabbitmq.openstack.org
   resources:

diff --git a/config/samples/watcher_v1beta1_watcherapi.yaml b/config/samples/watcher_v1beta1_watcherapi.yaml
@@ -8,3 +8,4 @@ metadata:
 spec:
   databaseInstance: "openstack"
   secret: "osp-secret"
+  memcachedInstance: "memcached"
diff --git a/controllers/watcher_common.go b/controllers/watcher_common.go
@@ -15,7 +15,11 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/log"
 
+	memcachedv1 "github.com/openstack-k8s-operators/infra-operator/apis/memcached/v1beta1"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/condition"
+	"github.com/openstack-k8s-operators/lib-common/modules/common/env"
+	"github.com/openstack-k8s-operators/lib-common/modules/common/helper"
+	"github.com/openstack-k8s-operators/lib-common/modules/common/secret"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/util"
 )
 
@@ -188,3 +192,78 @@ func ensureSecret(
 
 	return hash, ctrl.Result{}, *secret, nil
 }
+
+func GenerateConfigsGeneric(
+	ctx context.Context, helper *helper.Helper,
+	instance client.Object,
+	envVars *map[string]env.Setter,
+	templateParameters map[string]interface{},
+	customData map[string]string,
+	cmLabels map[string]string,
+	scripts bool,
+) error {
+
+	cms := []util.Template{
+		// Templates where the watcher config is stored
+		{
+			Name:          fmt.Sprintf("%s-config-data", instance.GetName()),
+			Namespace:     instance.GetNamespace(),
+			Type:          util.TemplateTypeConfig,
+			InstanceType:  instance.GetObjectKind().GroupVersionKind().Kind,
+			ConfigOptions: templateParameters,
+			CustomData:    customData,
+			Labels:        cmLabels,
+		},
+	}
+	if scripts {
+		cms = append(cms, util.Template{
+			Name:          fmt.Sprintf("%s-scripts", instance.GetName()),
+			Namespace:     instance.GetNamespace(),
+			Type:          util.TemplateTypeScripts,
+			InstanceType:  instance.GetObjectKind().GroupVersionKind().Kind,
+			ConfigOptions: templateParameters,
+			Labels:        cmLabels,
+		})
+	}
+	return secret.EnsureSecrets(ctx, helper, instance, cms, envVars)
+}
+
+// ensureMemcached - gets the Memcached instance cell specific used for nova services cache backend
+func ensureMemcached(
+	ctx context.Context,
+	helper *helper.Helper,
+	namespaceName string,
+	memcachedName string,
+	conditionUpdater conditionUpdater,
+) (*memcachedv1.Memcached, error) {
+	memcached, err := memcachedv1.GetMemcachedByName(ctx, helper, memcachedName, namespaceName)
+	if err != nil {
+		if k8s_errors.IsNotFound(err) {
+			conditionUpdater.Set(condition.FalseCondition(
+				condition.MemcachedReadyCondition,
+				condition.RequestedReason,
+				condition.SeverityInfo,
+				condition.MemcachedReadyWaitingMessage))
+			return nil, fmt.Errorf("memcached %s not found", memcachedName)
+		}
+		conditionUpdater.Set(condition.FalseCondition(
+			condition.MemcachedReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityWarning,
+			condition.MemcachedReadyErrorMessage,
+			err.Error()))
+		return nil, err
+	}
+
+	if !memcached.IsReady() {
+		conditionUpdater.Set(condition.FalseCondition(
+			condition.MemcachedReadyCondition,
+			condition.RequestedReason,
+			condition.SeverityInfo,
+			condition.MemcachedReadyWaitingMessage))
+		return nil, fmt.Errorf("memcached %s is not ready", memcachedName)
+	}
+	conditionUpdater.MarkTrue(condition.MemcachedReadyCondition, condition.MemcachedReadyMessage)
+
+	return memcached, err
+}