Configure tls_enabled for swifts cache

configure tls_enabled which is either true/false depending on if the memcached instance supports tls. Jira: OSPRH-5283
stuggi · Apr 8, 2024 · 4a61ede · 4a61ede
1 parent feee616
commit 4a61ede
Show file tree

Hide file tree

Showing 15 changed files with 171 additions and 52 deletions.
diff --git a/api/bases/swift.openstack.org_swiftproxies.yaml b/api/bases/swift.openstack.org_swiftproxies.yaml
@@ -66,9 +66,9 @@ spec:
                 default: false
                 description: Encrypts new objects at rest
                 type: boolean
-              memcachedServers:
-                default: ""
-                description: List of memcached servers.
+              memcachedInstance:
+                default: memcached
+                description: Memcached instance name.
                 type: string
               networkAttachments:
                 description: NetworkAttachments is a list of NetworkAttachment resource
@@ -315,7 +315,7 @@ spec:
                 type: object
             required:
             - containerImageProxy
-            - memcachedServers
+            - memcachedInstance
             - rabbitMqClusterName
             - replicas
             - secret

diff --git a/api/bases/swift.openstack.org_swifts.yaml b/api/bases/swift.openstack.org_swifts.yaml
@@ -85,9 +85,9 @@ spec:
                     default: false
                     description: Encrypts new objects at rest
                     type: boolean
-                  memcachedServers:
-                    default: ""
-                    description: List of memcached servers.
+                  memcachedInstance:
+                    default: memcached
+                    description: Memcached instance name.
                     type: string
                   networkAttachments:
                     description: NetworkAttachments is a list of NetworkAttachment
@@ -342,7 +342,7 @@ spec:
                     type: object
                 required:
                 - containerImageProxy
-                - memcachedServers
+                - memcachedInstance
                 - rabbitMqClusterName
                 - replicas
                 - secret
@@ -414,9 +414,9 @@ spec:
                     description: DefaultConfigOverwrite - can be used to add additionalfiles.
                       Those get added to the service config dir in /etc/<servicename>-conf.d
                     type: object
-                  memcachedServers:
-                    default: ""
-                    description: List of memcached servers.
+                  memcachedInstance:
+                    default: memcached
+                    description: Memcached instance name.
                     type: string
                   networkAttachments:
                     description: NetworkAttachments is a list of NetworkAttachment
@@ -442,7 +442,7 @@ spec:
                 - containerImageContainer
                 - containerImageObject
                 - containerImageProxy
-                - memcachedServers
+                - memcachedInstance
                 - replicas
                 - storageClass
                 - storageRequest

diff --git a/api/bases/swift.openstack.org_swiftstorages.yaml b/api/bases/swift.openstack.org_swiftstorages.yaml
@@ -70,9 +70,9 @@ spec:
                 description: DefaultConfigOverwrite - can be used to add additionalfiles.
                   Those get added to the service config dir in /etc/<servicename>-conf.d
                 type: object
-              memcachedServers:
-                default: ""
-                description: List of memcached servers.
+              memcachedInstance:
+                default: memcached
+                description: Memcached instance name.
                 type: string
               networkAttachments:
                 description: NetworkAttachments is a list of NetworkAttachment resource
@@ -98,7 +98,7 @@ spec:
             - containerImageContainer
             - containerImageObject
             - containerImageProxy
-            - memcachedServers
+            - memcachedInstance
             - replicas
             - storageClass
             - storageRequest

diff --git a/api/v1beta1/swiftproxy_types.go b/api/v1beta1/swiftproxy_types.go
@@ -74,9 +74,9 @@ type SwiftProxySpecCore struct {
 	NetworkAttachments []string `json:"networkAttachments,omitempty"`
 
 	// +kubebuilder:validation:Required
-	// +kubebuilder:default=""
-	// List of memcached servers.
-	MemcachedServers string `json:"memcachedServers"`
+	// +kubebuilder:default=memcached
+	// Memcached instance name.
+	MemcachedInstance string `json:"memcachedInstance"`
 
 	// +kubebuilder:validation:Required
 	// +kubebuilder:default=rabbitmq

diff --git a/api/v1beta1/swiftstorage_types.go b/api/v1beta1/swiftstorage_types.go
@@ -67,9 +67,9 @@ type SwiftStorageSpecCore struct {
 	NetworkAttachments []string `json:"networkAttachments,omitempty"`
 
 	// +kubebuilder:validation:Required
-	// +kubebuilder:default=""
-	// List of memcached servers.
-	MemcachedServers string `json:"memcachedServers"`
+	// +kubebuilder:default=memcached
+	// Memcached instance name.
+	MemcachedInstance string `json:"memcachedInstance"`
 
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default=false

diff --git a/config/crd/bases/swift.openstack.org_swiftproxies.yaml b/config/crd/bases/swift.openstack.org_swiftproxies.yaml
@@ -66,9 +66,9 @@ spec:
                 default: false
                 description: Encrypts new objects at rest
                 type: boolean
-              memcachedServers:
-                default: ""
-                description: List of memcached servers.
+              memcachedInstance:
+                default: memcached
+                description: Memcached instance name.
                 type: string
               networkAttachments:
                 description: NetworkAttachments is a list of NetworkAttachment resource
@@ -315,7 +315,7 @@ spec:
                 type: object
             required:
             - containerImageProxy
-            - memcachedServers
+            - memcachedInstance
             - rabbitMqClusterName
             - replicas
             - secret

diff --git a/config/crd/bases/swift.openstack.org_swifts.yaml b/config/crd/bases/swift.openstack.org_swifts.yaml
@@ -85,9 +85,9 @@ spec:
                     default: false
                     description: Encrypts new objects at rest
                     type: boolean
-                  memcachedServers:
-                    default: ""
-                    description: List of memcached servers.
+                  memcachedInstance:
+                    default: memcached
+                    description: Memcached instance name.
                     type: string
                   networkAttachments:
                     description: NetworkAttachments is a list of NetworkAttachment
@@ -342,7 +342,7 @@ spec:
                     type: object
                 required:
                 - containerImageProxy
-                - memcachedServers
+                - memcachedInstance
                 - rabbitMqClusterName
                 - replicas
                 - secret
@@ -414,9 +414,9 @@ spec:
                     description: DefaultConfigOverwrite - can be used to add additionalfiles.
                       Those get added to the service config dir in /etc/<servicename>-conf.d
                     type: object
-                  memcachedServers:
-                    default: ""
-                    description: List of memcached servers.
+                  memcachedInstance:
+                    default: memcached
+                    description: Memcached instance name.
                     type: string
                   networkAttachments:
                     description: NetworkAttachments is a list of NetworkAttachment
@@ -442,7 +442,7 @@ spec:
                 - containerImageContainer
                 - containerImageObject
                 - containerImageProxy
-                - memcachedServers
+                - memcachedInstance
                 - replicas
                 - storageClass
                 - storageRequest

diff --git a/config/crd/bases/swift.openstack.org_swiftstorages.yaml b/config/crd/bases/swift.openstack.org_swiftstorages.yaml
@@ -70,9 +70,9 @@ spec:
                 description: DefaultConfigOverwrite - can be used to add additionalfiles.
                   Those get added to the service config dir in /etc/<servicename>-conf.d
                 type: object
-              memcachedServers:
-                default: ""
-                description: List of memcached servers.
+              memcachedInstance:
+                default: memcached
+                description: Memcached instance name.
                 type: string
               networkAttachments:
                 description: NetworkAttachments is a list of NetworkAttachment resource
@@ -98,7 +98,7 @@ spec:
             - containerImageContainer
             - containerImageObject
             - containerImageProxy
-            - memcachedServers
+            - memcachedInstance
             - replicas
             - storageClass
             - storageRequest

diff --git a/controllers/swift_controller.go b/controllers/swift_controller.go
@@ -268,10 +268,8 @@ func (r *SwiftReconciler) reconcileNormal(ctx context.Context, instance *swiftv1
 		condition.MemcachedReadyCondition, condition.MemcachedReadyMessage)
 	// run check memcached - end
 
-	memcachedServers := memcached.GetMemcachedServerListString()
-
 	// create or update Swift storage
-	swiftStorage, op, err := r.storageCreateOrUpdate(ctx, instance, memcachedServers)
+	swiftStorage, op, err := r.storageCreateOrUpdate(ctx, instance)
 	if err != nil {
 		instance.Status.Conditions.Set(condition.FalseCondition(
 			swiftv1.SwiftStorageReadyCondition,
@@ -313,7 +311,7 @@ func (r *SwiftReconciler) reconcileNormal(ctx context.Context, instance *swiftv1
 	}
 
 	// create or update Swift proxy
-	swiftProxy, op, err := r.proxyCreateOrUpdate(ctx, instance, memcachedServers)
+	swiftProxy, op, err := r.proxyCreateOrUpdate(ctx, instance)
 	if err != nil {
 		instance.Status.Conditions.Set(condition.FalseCondition(
 			swiftv1.SwiftProxyReadyCondition,
@@ -399,7 +397,7 @@ func (r *SwiftReconciler) ringCreateOrUpdate(ctx context.Context, instance *swif
 	return deployment, op, err
 }
 
-func (r *SwiftReconciler) storageCreateOrUpdate(ctx context.Context, instance *swiftv1.Swift, memcachedServers string) (*swiftv1.SwiftStorage, controllerutil.OperationResult, error) {
+func (r *SwiftReconciler) storageCreateOrUpdate(ctx context.Context, instance *swiftv1.Swift) (*swiftv1.SwiftStorage, controllerutil.OperationResult, error) {
 
 	swiftStorageSpec := swiftv1.SwiftStorageSpec{
 		ContainerImageAccount:   instance.Spec.SwiftStorage.ContainerImageAccount,
@@ -411,7 +409,7 @@ func (r *SwiftReconciler) storageCreateOrUpdate(ctx context.Context, instance *s
 			StorageClass:            instance.Spec.SwiftStorage.StorageClass,
 			StorageRequest:          instance.Spec.SwiftStorage.StorageRequest,
 			NetworkAttachments:      instance.Spec.SwiftStorage.NetworkAttachments,
-			MemcachedServers:        memcachedServers,
+			MemcachedInstance:       instance.Spec.MemcachedInstance,
 			ContainerSharderEnabled: instance.Spec.SwiftStorage.ContainerSharderEnabled,
 			DefaultConfigOverwrite:  instance.Spec.SwiftStorage.DefaultConfigOverwrite,
 		},
@@ -437,7 +435,7 @@ func (r *SwiftReconciler) storageCreateOrUpdate(ctx context.Context, instance *s
 	return deployment, op, err
 }
 
-func (r *SwiftReconciler) proxyCreateOrUpdate(ctx context.Context, instance *swiftv1.Swift, memcachedServers string) (*swiftv1.SwiftProxy, controllerutil.OperationResult, error) {
+func (r *SwiftReconciler) proxyCreateOrUpdate(ctx context.Context, instance *swiftv1.Swift) (*swiftv1.SwiftProxy, controllerutil.OperationResult, error) {
 
 	swiftProxySpec := swiftv1.SwiftProxySpec{
 		ContainerImageProxy: instance.Spec.SwiftProxy.ContainerImageProxy,
@@ -448,7 +446,7 @@ func (r *SwiftReconciler) proxyCreateOrUpdate(ctx context.Context, instance *swi
 			PasswordSelectors:      instance.Spec.SwiftProxy.PasswordSelectors,
 			Override:               instance.Spec.SwiftProxy.Override,
 			NetworkAttachments:     instance.Spec.SwiftProxy.NetworkAttachments,
-			MemcachedServers:       memcachedServers,
+			MemcachedInstance:      instance.Spec.MemcachedInstance,
 			TLS:                    instance.Spec.SwiftProxy.TLS,
 			DefaultConfigOverwrite: instance.Spec.SwiftProxy.DefaultConfigOverwrite,
 			EncryptionEnabled:      instance.Spec.SwiftProxy.EncryptionEnabled,

diff --git a/controllers/swiftproxy_controller.go b/controllers/swiftproxy_controller.go
@@ -55,6 +55,7 @@ import (
 	"github.com/openstack-k8s-operators/lib-common/modules/common/tls"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/util"
 
+	memcachedv1 "github.com/openstack-k8s-operators/infra-operator/apis/memcached/v1beta1"
 	rabbitmqv1 "github.com/openstack-k8s-operators/infra-operator/apis/rabbitmq/v1beta1"
 	keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1"
 	swiftv1beta1 "github.com/openstack-k8s-operators/swift-operator/api/v1beta1"
@@ -533,14 +534,36 @@ func (r *SwiftProxyReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 		return ctrl.Result{}, err
 	}
 
+	//
+	// Check for required memcached used for caching
+	//
+	memcached, err := memcachedv1.GetMemcachedByName(ctx, helper, instance.Spec.MemcachedInstance, instance.Namespace)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			instance.Status.Conditions.Set(condition.FalseCondition(
+				condition.MemcachedReadyCondition,
+				condition.RequestedReason,
+				condition.SeverityInfo,
+				condition.MemcachedReadyWaitingMessage))
+			return ctrl.Result{RequeueAfter: 10 * time.Second}, fmt.Errorf("memcached %s not found", instance.Spec.MemcachedInstance)
+		}
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			condition.MemcachedReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityWarning,
+			condition.MemcachedReadyErrorMessage,
+			err.Error()))
+		return ctrl.Result{}, err
+	}
+
 	// Create a Secret populated with content from templates/
 	tpl := swiftproxy.SecretTemplates(
 		instance,
 		serviceLabels,
 		keystonePublicURL,
 		keystoneInternalURL,
 		password,
-		instance.Spec.MemcachedServers,
+		memcached,
 		bindIP,
 		secretRef,
 		os.GetRegion(),
@@ -674,6 +697,8 @@ func (r *SwiftProxyReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 
 // SetupWithManager sets up the controller with the Manager.
 func (r *SwiftProxyReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	logger := mgr.GetLogger()
+
 	// index passwordSecretField
 	if err := mgr.GetFieldIndexer().IndexField(context.Background(), &swiftv1beta1.SwiftProxy{}, passwordSecretField, func(rawObj client.Object) []string {
 		// Extract the secret name from the spec, if one is provided
@@ -722,6 +747,35 @@ func (r *SwiftProxyReconciler) SetupWithManager(mgr ctrl.Manager) error {
 		return err
 	}
 
+	memcachedFn := func(ctx context.Context, o client.Object) []reconcile.Request {
+		result := []reconcile.Request{}
+
+		// get all SwiftProxy CRs
+		crList := &swiftv1beta1.SwiftProxyList{}
+		listOpts := []client.ListOption{
+			client.InNamespace(o.GetNamespace()),
+		}
+		if err := r.Client.List(context.Background(), crList, listOpts...); err != nil {
+			logger.Error(err, "Unable to retrieve SwiftProxy CRs %w")
+			return nil
+		}
+
+		for _, cr := range crList.Items {
+			if o.GetName() == cr.Spec.MemcachedInstance {
+				name := client.ObjectKey{
+					Namespace: o.GetNamespace(),
+					Name:      cr.Name,
+				}
+				logger.Info(fmt.Sprintf("Memcached %s is used by SwiftProxy CR %s", o.GetName(), cr.Name))
+				result = append(result, reconcile.Request{NamespacedName: name})
+			}
+		}
+		if len(result) > 0 {
+			return result
+		}
+		return nil
+	}
+
 	return ctrl.NewControllerManagedBy(mgr).
 		For(&swiftv1beta1.SwiftProxy{}).
 		Owns(&corev1.Secret{}).
@@ -735,6 +789,8 @@ func (r *SwiftProxyReconciler) SetupWithManager(mgr ctrl.Manager) error {
 			handler.EnqueueRequestsFromMapFunc(r.findObjectsForSrc),
 			builder.WithPredicates(predicate.ResourceVersionChangedPredicate{}),
 		).
+		Watches(&memcachedv1.Memcached{},
+			handler.EnqueueRequestsFromMapFunc(memcachedFn)).
 		Complete(r)
 }