From 0a6afdac04281e7fa2826112c348b74e963d673d Mon Sep 17 00:00:00 2001 From: AWS Controllers for Kubernetes Bot <82905295+ack-bot@users.noreply.github.com> Date: Thu, 7 Mar 2024 12:09:44 -0600 Subject: [PATCH] Update to ACK runtime `v0.32.0`, code-generator `v0.32.1` (#125) ### Update to ACK runtime `v0.32.0`, code-generator `v0.32.1` ---------- * ACK code-generator `v0.32.1` [release notes](https://github.com/aws-controllers-k8s/code-generator/releases/tag/v0.32.1) * ACK runtime `v0.32.0` [release notes](https://github.com/aws-controllers-k8s/runtime/releases/tag/v0.32.0) ---------- NOTE: This PR increments the release version of service controller from `v1.0.9` to `v1.0.10` Once this PR is merged, release `v1.0.10` will be automatically created for `s3-controller` **Please close this PR, if you do not want the new patch release for `s3-controller`** ---------- #### stdout for `make build-controller`: ``` building ack-generate ... ok. ==== building s3-controller ==== Copying common custom resource definitions into s3 Building Kubernetes API objects for s3 Generating deepcopy code for s3 Generating custom resource definitions for s3 Building service controller for s3 Generating RBAC manifests for s3 Running gofmt against generated code for s3 Updating additional GitHub repository maintenance files ==== building s3-controller release artifacts ==== Building release artifacts for s3-v1.0.10 Generating common custom resource definitions Generating custom resource definitions for s3 Generating RBAC manifests for s3 ``` ---------- By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --- apis/v1alpha1/ack-generate-metadata.yaml | 8 +++--- cmd/controller/main.go | 19 ++++++++++++++ config/controller/deployment.yaml | 16 ++++++++++++ config/controller/kustomization.yaml | 2 +- go.mod | 4 +-- go.sum | 8 +++--- helm/Chart.yaml | 4 +-- helm/templates/NOTES.txt | 2 +- helm/templates/_helpers.tpl | 3 ++- helm/templates/deployment.yaml | 32 ++++++++++++++++++++++-- helm/values.schema.json | 8 +++++- helm/values.yaml | 8 +++++- 12 files changed, 95 insertions(+), 19 deletions(-) diff --git a/apis/v1alpha1/ack-generate-metadata.yaml b/apis/v1alpha1/ack-generate-metadata.yaml index 282ee1a..1aa3d67 100755 --- a/apis/v1alpha1/ack-generate-metadata.yaml +++ b/apis/v1alpha1/ack-generate-metadata.yaml @@ -1,9 +1,9 @@ ack_generate_info: - build_date: "2024-02-14T04:03:57Z" - build_hash: 947081ffebdeefcf2c61c4ca6d7e68810bdf9d08 + build_date: "2024-03-06T21:33:25Z" + build_hash: a5ba3c851434263128a1464a2c41e528779eeefa go_version: go1.22.0 - version: v0.30.0 -api_directory_checksum: f50cdf03c85532166479736d285eaf6330f91d2b + version: v0.32.1 +api_directory_checksum: 82bfc8d45e816b2a02a83a4b7cedd72056accddd api_version: v1alpha1 aws_sdk_go_version: v1.44.93 generator_config_info: diff --git a/cmd/controller/main.go b/cmd/controller/main.go index 38a15b4..828da7c 100644 --- a/cmd/controller/main.go +++ b/cmd/controller/main.go @@ -30,6 +30,7 @@ import ( clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrlrt "sigs.k8s.io/controller-runtime" ctrlrtcache "sigs.k8s.io/controller-runtime/pkg/cache" + ctrlrthealthz "sigs.k8s.io/controller-runtime/pkg/healthz" ctrlrtmetrics "sigs.k8s.io/controller-runtime/pkg/metrics" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" ctrlrtwebhook "sigs.k8s.io/controller-runtime/pkg/webhook" @@ -116,6 +117,9 @@ func main() { LeaderElection: ackCfg.EnableLeaderElection, LeaderElectionID: "ack-" + awsServiceAPIGroup, LeaderElectionNamespace: ackCfg.LeaderElectionNamespace, + HealthProbeBindAddress: ackCfg.HealthzAddr, + LivenessEndpointName: "/healthz", + ReadinessEndpointName: "/readyz", }) if err != nil { setupLog.Error( @@ -166,6 +170,21 @@ func main() { os.Exit(1) } + if err = mgr.AddHealthzCheck("health", ctrlrthealthz.Ping); err != nil { + setupLog.Error( + err, "unable to set up health check", + "aws.service", awsServiceAlias, + ) + os.Exit(1) + } + if err = mgr.AddReadyzCheck("check", ctrlrthealthz.Ping); err != nil { + setupLog.Error( + err, "unable to set up ready check", + "aws.service", awsServiceAlias, + ) + os.Exit(1) + } + setupLog.Info( "starting manager", "aws.service", awsServiceAlias, diff --git a/config/controller/deployment.yaml b/config/controller/deployment.yaml index fc61284..d715751 100644 --- a/config/controller/deployment.yaml +++ b/config/controller/deployment.yaml @@ -39,6 +39,8 @@ spec: - --enable-leader-election=$(ENABLE_LEADER_ELECTION) - --leader-election-namespace - "$(LEADER_ELECTION_NAMESPACE)" + - --reconcile-default-max-concurrent-syncs + - "$(RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS)" image: controller:latest name: controller ports: @@ -72,6 +74,8 @@ spec: value: "false" - name: LEADER_ELECTION_NAMESPACE value: "ack-system" + - name: "RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS" + value: "1" securityContext: allowPrivilegeEscalation: false privileged: false @@ -79,6 +83,18 @@ spec: capabilities: drop: - ALL + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 securityContext: seccompProfile: type: RuntimeDefault diff --git a/config/controller/kustomization.yaml b/config/controller/kustomization.yaml index f2eaf9f..63cc930 100644 --- a/config/controller/kustomization.yaml +++ b/config/controller/kustomization.yaml @@ -6,4 +6,4 @@ kind: Kustomization images: - name: controller newName: public.ecr.aws/aws-controllers-k8s/s3-controller - newTag: 1.0.9 + newTag: 1.0.10 diff --git a/go.mod b/go.mod index eb81c9d..06d325b 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.21 toolchain go1.21.5 require ( - github.com/aws-controllers-k8s/runtime v0.30.0 + github.com/aws-controllers-k8s/runtime v0.32.0 github.com/aws/aws-sdk-go v1.49.0 github.com/go-logr/logr v1.4.1 github.com/pkg/errors v0.9.1 @@ -14,7 +14,7 @@ require ( k8s.io/api v0.29.0 k8s.io/apimachinery v0.29.0 k8s.io/client-go v0.29.0 - sigs.k8s.io/controller-runtime v0.17.0 + sigs.k8s.io/controller-runtime v0.17.2 ) require ( diff --git a/go.sum b/go.sum index 2528b62..0877638 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -github.com/aws-controllers-k8s/runtime v0.30.0 h1:AibYRdi/7xUA3t8BA0u8g+J+OioaTAT6R4Vq8hxLiYw= -github.com/aws-controllers-k8s/runtime v0.30.0/go.mod h1:Pv1ozlUaO11KO2mwPN/HzhAtZ70ZDE9UP24mjsbkul0= +github.com/aws-controllers-k8s/runtime v0.32.0 h1:R0dQs8vRlK50KZ7rgdExqExdlUgFSAzDT8q1HCxc1uc= +github.com/aws-controllers-k8s/runtime v0.32.0/go.mod h1:6qr9ULkjOHo0fTwEUkE+48IxHqNbHxvvf/9JzGoR8pM= github.com/aws/aws-sdk-go v1.49.0 h1:g9BkW1fo9GqKfwg2+zCD+TW/D36Ux+vtfJ8guF4AYmY= github.com/aws/aws-sdk-go v1.49.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -215,8 +215,8 @@ k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/A k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.17.0 h1:fjJQf8Ukya+VjogLO6/bNX9HE6Y2xpsO5+fyS26ur/s= -sigs.k8s.io/controller-runtime v0.17.0/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= +sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeGOUvw0= +sigs.k8s.io/controller-runtime v0.17.2/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 9e3d07e..a961cd9 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: s3-chart description: A Helm chart for the ACK service controller for Amazon Simple Storage Service (S3) -version: 1.0.9 -appVersion: 1.0.9 +version: 1.0.10 +appVersion: 1.0.10 home: https://github.com/aws-controllers-k8s/s3-controller icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index 048b252..6e6b08c 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,5 +1,5 @@ {{ .Chart.Name }} has been installed. -This chart deploys "public.ecr.aws/aws-controllers-k8s/s3-controller:1.0.9". +This chart deploys "public.ecr.aws/aws-controllers-k8s/s3-controller:1.0.10". Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl index 588cf02..5323917 100644 --- a/helm/templates/_helpers.tpl +++ b/helm/templates/_helpers.tpl @@ -44,7 +44,8 @@ If release name contains chart name it will be used as a full name. {{/* The path the shared credentials file is mounted */}} {{- define "ack-s3-controller.aws.credentials.path" -}} -{{- printf "%s/%s" (include "aws.credentials.secret_mount_path" .) .Values.aws.credentials.secretKey -}} +{{ $secret_mount_path := include "ack-s3-controller.aws.credentials.secret_mount_path" . }} +{{- printf "%s/%s" $secret_mount_path .Values.aws.credentials.secretKey -}} {{- end -}} {{/* The rules a of ClusterRole or Role */}} diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index 28a671f..09828f6 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -64,13 +64,21 @@ spec: - --leader-election-namespace - "$(LEADER_ELECTION_NAMESPACE)" {{- end }} -{{- if gt .Values.reconcile.defaultResyncPeriod 0.0 }} +{{- if gt (int .Values.reconcile.defaultResyncPeriod) 0 }} - --reconcile-default-resync-seconds - "$(RECONCILE_DEFAULT_RESYNC_SECONDS)" {{- end }} {{- range $key, $value := .Values.reconcile.resourceResyncPeriods }} - --reconcile-resource-resync-seconds - "$(RECONCILE_RESOURCE_RESYNC_SECONDS_{{ $key | upper }})" +{{- end }} +{{- if gt (int .Values.reconcile.defaultMaxConcurrentSyncs) 0 }} + - --reconcile-default-max-concurrent-syncs + - "$(RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS)" +{{- end }} +{{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} + - --reconcile-resource-max-concurrent-syncs + - "$(RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }})" {{- end }} image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} @@ -99,13 +107,21 @@ spec: value: {{ .Values.log.level | quote }} - name: ACK_RESOURCE_TAGS value: {{ join "," .Values.resourceTags | quote }} -{{- if gt .Values.reconcile.defaultResyncPeriod 0.0 }} +{{- if gt (int .Values.reconcile.defaultResyncPeriod) 0 }} - name: RECONCILE_DEFAULT_RESYNC_SECONDS value: {{ .Values.reconcile.defaultResyncPeriod | quote }} {{- end }} {{- range $key, $value := .Values.reconcile.resourceResyncPeriods }} - name: RECONCILE_RESOURCE_RESYNC_SECONDS_{{ $key | upper }} value: {{ $key }}={{ $value }} +{{- end }} +{{- if gt (int .Values.reconcile.defaultMaxConcurrentSyncs) 0 }} + - name: RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS + value: {{ .Values.reconcile.defaultMaxConcurrentSyncs | quote }} +{{- end }} +{{- range $key, $value := .Values.reconcile.resourceMaxConcurrentSyncs }} + - name: RECONCILE_RESOURCE_MAX_CONCURRENT_SYNCS_{{ $key | upper }} + value: {{ $key }}={{ $value }} {{- end }} {{- if .Values.aws.credentials.secretName }} - name: AWS_SHARED_CREDENTIALS_FILE @@ -132,6 +148,18 @@ spec: capabilities: drop: - ALL + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 securityContext: seccompProfile: type: RuntimeDefault diff --git a/helm/values.schema.json b/helm/values.schema.json index ac28b68..742163e 100644 --- a/helm/values.schema.json +++ b/helm/values.schema.json @@ -223,13 +223,19 @@ "enum": ["delete", "retain"] }, "reconcile": { - "description": "Reconcile resync settings. Parameters to tune the controller's drift remediation period.", + "description": "Reconcile settings. This is used to configure the controller's reconciliation behavior. e.g resyncPeriod and maxConcurrentSyncs", "properties": { "defaultResyncPeriod": { "type": "number" }, "resourceResyncPeriods": { "type": "object" + }, + "defaultMaxConcurentSyncs": { + "type": "number" + }, + "resourceMaxConcurrentSyncs": { + "type": "object" } }, "type": "object" diff --git a/helm/values.yaml b/helm/values.yaml index 1e93ae1..a213071 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,7 @@ image: repository: public.ecr.aws/aws-controllers-k8s/s3-controller - tag: 1.0.9 + tag: 1.0.10 pullPolicy: IfNotPresent pullSecrets: [] @@ -128,6 +128,12 @@ reconcile: # An object representing the reconcile resync configuration for each specific resource. resourceResyncPeriods: {} + # The default number of concurrent syncs that a reconciler can perform. + defaultMaxConcurrentSyncs: 1 + # An object representing the reconcile max concurrent syncs configuration for each specific + # resource. + resourceMaxConcurrentSyncs: {} + serviceAccount: # Specifies whether a service account should be created create: true