Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix stack controller test by making privileged init containers optional #9

Merged
merged 2 commits into from
Oct 31, 2018
Merged

fix stack controller test by making privileged init containers optional #9

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3cfe37b
fix stack controller test by making privileged init containers optional
nkvoll Oct 31, 2018
3632e5b
rename ShouldSetVmMaxMapCount to SetVmMaxMapCount
nkvoll Oct 31, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions config/crds/deployments_v1alpha1_stack.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ spec:
nodeCount:
format: int32
type: integer
setVmMaxMapCount:
type: boolean
type: object
version:
type: string
Expand Down
1 change: 1 addition & 0 deletions config/samples/deployments_v1alpha1_stack.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,4 @@ spec:
version: "6.4.2"
elasticsearch:
nodeCount: 3
setVmMaxMapCount: true
5 changes: 5 additions & 0 deletions pkg/apis/deployments/v1alpha1/stack_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,11 @@ type ElasticsearchSpec struct {

// NodeCount defines how many nodes the Elasticsearch Cluster must have.
NodeCount int32 `json:"nodeCount,omitempty"`

// SetVmMaxMapCount indicates whether a init container should be used to ensure that the `vm.max_map_count`
// is set according to https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html.
// Setting this to true requires the kubelet to allow running privileged containers.
SetVmMaxMapCount bool `json:"setVmMaxMapCount,omitempty"`
}

// StackStatus defines the observed state of Stack
Expand Down
27 changes: 20 additions & 7 deletions pkg/controller/stack/elasticsearch/pod.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,11 @@ type NewPodSpecParams struct {
DiscoveryServiceName string
// DiscoveryZenMinimumMasterNodes is the setting for minimum master node in Zen Discovery
DiscoveryZenMinimumMasterNodes int

// SetVmMaxMapCount indicates whether a init container should be used to ensure that the `vm.max_map_count`
// is set according to https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html.
// Setting this to true requires the kubelet to allow running privileged containers.
SetVmMaxMapCount bool
}

// NewPodSpec creates a new PodSpec for an Elasticsearch instance in this cluster.
Expand All @@ -73,14 +78,11 @@ func NewPodSpec(p NewPodSpecParams) corev1.PodSpec {
imageName = p.CustomImageName
}

initContainerPrivileged := defaultInitContainerPrivileged
initContainerRunAsUser := defaultInitContainerRunAsUser

terminationGracePeriodSeconds := defaultTerminationGracePeriodSeconds

// TODO: Volumes, Security Context, Optional init container

return corev1.PodSpec{
podSpec := corev1.PodSpec{
Containers: []corev1.Container{{
Env: []corev1.EnvVar{
{Name: "node.name", Value: "", ValueFrom: &corev1.EnvVarSource{
Expand Down Expand Up @@ -134,7 +136,15 @@ func NewPodSpec(p NewPodSpecParams) corev1.PodSpec {
},
},
}},
InitContainers: []corev1.Container{{
InitContainers: []corev1.Container{},
TerminationGracePeriodSeconds: &terminationGracePeriodSeconds,
}

if p.SetVmMaxMapCount {
initContainerPrivileged := defaultInitContainerPrivileged
initContainerRunAsUser := defaultInitContainerRunAsUser

initContainerConfigureSysCtl := corev1.Container{
Image: imageName,
ImagePullPolicy: corev1.PullIfNotPresent,
Name: "configure-sysctl",
Expand All @@ -143,7 +153,10 @@ func NewPodSpec(p NewPodSpecParams) corev1.PodSpec {
RunAsUser: &initContainerRunAsUser,
},
Command: []string{"sysctl", "-w", "vm.max_map_count=262144"},
}},
TerminationGracePeriodSeconds: &terminationGracePeriodSeconds,
}

podSpec.InitContainers = append(podSpec.InitContainers, initContainerConfigureSysCtl)
}

return podSpec
}
1 change: 1 addition & 0 deletions pkg/controller/stack/stack_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,7 @@ func (r *ReconcileStack) Reconcile(request reconcile.Request) (reconcile.Result,
ClusterName: instance.Name,
DiscoveryZenMinimumMasterNodes: 1,
DiscoveryServiceName: "localhost",
SetVmMaxMapCount: instance.Spec.Elasticsearch.SetVmMaxMapCount,
}

// Define the desired Deployment object
Expand Down
9 changes: 8 additions & 1 deletion pkg/controller/stack/stack_controller_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,14 @@ const timeout = time.Second * 5

func TestReconcile(t *testing.T) {
g := gomega.NewGomegaWithT(t)
instance := &deploymentsv1alpha1.Stack{ObjectMeta: metav1.ObjectMeta{Name: "foo", Namespace: "default"}}
instance := &deploymentsv1alpha1.Stack{
ObjectMeta: metav1.ObjectMeta{Name: "foo", Namespace: "default"},
Spec: deploymentsv1alpha1.StackSpec{
Elasticsearch: deploymentsv1alpha1.ElasticsearchSpec{
SetVmMaxMapCount: false,
},
},
}

// Setup the Manager and Controller. Wrap the Controller Reconcile function so it writes each request to a
// channel when it is finished.
Expand Down