From 24d4c968c70532ac205f14251cf42e2c9fffc7e5 Mon Sep 17 00:00:00 2001 From: shuijing198799 Date: Mon, 16 Mar 2020 10:57:17 +0800 Subject: [PATCH 1/2] make tikv support add serviceaccount and switch rclone env_auth to true --- images/tidb-backup-manager/entrypoint.sh | 2 +- manifests/crd.yaml | 3 +++ pkg/apis/pingcap/v1alpha1/openapi_generated.go | 7 +++++++ pkg/apis/pingcap/v1alpha1/types.go | 3 +++ pkg/manager/member/tikv_member_manager.go | 1 + 5 files changed, 15 insertions(+), 1 deletion(-) diff --git a/images/tidb-backup-manager/entrypoint.sh b/images/tidb-backup-manager/entrypoint.sh index 427139451e..fc11dc02f2 100755 --- a/images/tidb-backup-manager/entrypoint.sh +++ b/images/tidb-backup-manager/entrypoint.sh @@ -19,7 +19,7 @@ echo "Create rclone.conf file." cat < /tmp/rclone.conf [s3] type = s3 -env_auth = false +env_auth = true provider = ${S3_PROVIDER} access_key_id = ${AWS_ACCESS_KEY_ID} secret_access_key = ${AWS_SECRET_ACCESS_KEY:-$AWS_SECRET_KEY} diff --git a/manifests/crd.yaml b/manifests/crd.yaml index bdcc5d2fdd..d69a3a1d49 100644 --- a/manifests/crd.yaml +++ b/manifests/crd.yaml @@ -5996,6 +5996,9 @@ spec: description: 'SchedulerName of the component. Override the cluster-level one if present Optional: Defaults to cluster-level setting' type: string + serviceAccount: + description: Specify a Service Account for tikv + type: string storageClassName: description: The storageClassName of the persistent volume for TiKV data storage. Defaults to Kubernetes default storage class. diff --git a/pkg/apis/pingcap/v1alpha1/openapi_generated.go b/pkg/apis/pingcap/v1alpha1/openapi_generated.go index d91d3d8bb5..077d8ddad4 100644 --- a/pkg/apis/pingcap/v1alpha1/openapi_generated.go +++ b/pkg/apis/pingcap/v1alpha1/openapi_generated.go @@ -5449,6 +5449,13 @@ func schema_pkg_apis_pingcap_v1alpha1_TiKVSpec(ref common.ReferenceCallback) com }, }, }, + "serviceAccount": { + SchemaProps: spec.SchemaProps{ + Description: "Specify a Service Account for tikv", + Type: []string{"string"}, + Format: "", + }, + }, "replicas": { SchemaProps: spec.SchemaProps{ Description: "The desired ready replicas", diff --git a/pkg/apis/pingcap/v1alpha1/types.go b/pkg/apis/pingcap/v1alpha1/types.go index da833c1cc2..e0de883d86 100644 --- a/pkg/apis/pingcap/v1alpha1/types.go +++ b/pkg/apis/pingcap/v1alpha1/types.go @@ -238,6 +238,9 @@ type TiKVSpec struct { ComponentSpec `json:",inline"` corev1.ResourceRequirements `json:",inline"` + // Specify a Service Account for tikv + ServiceAccount string `json:"serviceAccount,omitempty"` + // The desired ready replicas // +kubebuilder:validation:Minimum=1 Replicas int32 `json:"replicas"` diff --git a/pkg/manager/member/tikv_member_manager.go b/pkg/manager/member/tikv_member_manager.go index 44eea0305a..80953161ba 100644 --- a/pkg/manager/member/tikv_member_manager.go +++ b/pkg/manager/member/tikv_member_manager.go @@ -445,6 +445,7 @@ func getNewTiKVSetForTidbCluster(tc *v1alpha1.TidbCluster, cm *corev1.ConfigMap) podSpec.SecurityContext = podSecurityContext podSpec.InitContainers = initContainers podSpec.Containers = []corev1.Container{tikvContainer} + podSpec.ServiceAccountName = tc.Spec.TiKV.ServiceAccount tikvset := &apps.StatefulSet{ ObjectMeta: metav1.ObjectMeta{ From fb3da0510552bde9f943aaf084ff0449bf5a4985 Mon Sep 17 00:00:00 2001 From: shuijing198799 Date: Mon, 16 Mar 2020 20:23:58 +0800 Subject: [PATCH 2/2] generate crd ref --- docs/api-references/docs.html | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docs/api-references/docs.html b/docs/api-references/docs.html index 11f503b00f..ada50d8c62 100644 --- a/docs/api-references/docs.html +++ b/docs/api-references/docs.html @@ -10703,6 +10703,17 @@

TiKVSpec +serviceAccount
+ +string + + + +

Specify a Service Account for tikv

+ + + + replicas
int32