ceohelpers

package
v0.0.0-alpha.0....-61b7fb5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 8, 2025 License: Apache-2.0 Imports: 40 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// DelayedBootstrapScalingStrategyAnnotation is an annotation on the openshift-etcd
	// namespace which, if present, indicates that one of the delayed scaling strategies
	// should be used. This is generally used by the assisted installer to ensure that
	// the bootstrap node can reboot into a cluster node.
	//
	// For HA clusters, this will be set to DelayedHAScalingStrategy.
	//
	// For Two Node OpenShift with Fencing, this is set to DelayedTwoNodeScalingStrategy.
	DelayedBootstrapScalingStrategyAnnotation = "openshift.io/delayed-bootstrap"

	// DelayedHABootstrapScalingStrategyAnnotation performs the same function as the annotation
	// above, and is kept for backwards compatibility.
	DelayedHABootstrapScalingStrategyAnnotation = "openshift.io/delayed-ha-bootstrap"
)
View Source
const InfrastructureClusterName = "cluster"
View Source
const MachineDeletionHookName = "EtcdQuorumOperator"

MachineDeletionHookName holds a name of the Machine Deletion Hook

View Source
const MachineDeletionHookOwner = "clusteroperator/etcd"

MachineDeletionHookOwner holds an owner of the Machine Deletion Hook

Variables

View Source
var RevisionRolloutInProgressErr = fmt.Errorf("revision rollout in progress, can't establish current revision")

Functions

func CheckSafeToScaleCluster

func CheckSafeToScaleCluster(
	staticPodClient v1helpers.StaticPodOperatorClient,
	namespaceLister corev1listers.NamespaceLister,
	infraLister configv1listers.InfrastructureLister,
	etcdClient etcdcli.AllMemberLister) error

CheckSafeToScaleCluster is used to implement the bootstrap scaling strategy invariants. This function returns nil if cluster conditions are such that it's safe to scale the etcd cluster based on the scaling strategy in use, and otherwise will return an error explaining why it's unsafe to scale.

func CurrentMemberMachinesWithDeletionHooks

func CurrentMemberMachinesWithDeletionHooks(machineSelector labels.Selector, machineLister machinelistersv1beta1.MachineLister) ([]*machinev1beta1.Machine, error)

CurrentMemberMachinesWithDeletionHooks returns machines with the deletion hooks from the lister

func CurrentRevision

func CurrentRevision(status operatorv1.StaticPodOperatorStatus) (int32, error)

CurrentRevision will only return the current revision if no revision rollout is in progress and all revisions across nodes are the exact same. Otherwise, an error will be returned.

func FilterMachinesPendingDeletion

func FilterMachinesPendingDeletion(machines []*machinev1beta1.Machine) []*machinev1beta1.Machine

FilterMachinesPendingDeletion a convenience function for filtering machines pending deletion

func FilterMachinesWithMachineDeletionHook

func FilterMachinesWithMachineDeletionHook(machines []*machinev1beta1.Machine) []*machinev1beta1.Machine

FilterMachinesWithMachineDeletionHook a convenience function for filtering only machines with the machine deletion hook present

func FilterMachinesWithoutMachineDeletionHook

func FilterMachinesWithoutMachineDeletionHook(machines []*machinev1beta1.Machine) []*machinev1beta1.Machine

FilterMachinesWithoutMachineDeletionHook a convenience function for filtering only machines without the machine deletion hook present

func FindMachineByNodeInternalIP

func FindMachineByNodeInternalIP(nodeInternalIP string, machineSelector labels.Selector, machineLister machinelistersv1beta1.MachineLister) (*machinev1beta1.Machine, error)

FindMachineByNodeInternalIP finds the machine that matches the given nodeInternalIP is safe because the MAO:

syncs the addresses in the Machine with those assigned to real nodes by the cloud provider,
checks that the Machine and Node lists match before issuing a serving certification for the kubelet
when the host disappears from the cloud side, it stops updating the Machine so the addresses and information
should persist there as a tombstone as the Machine is marked Failed

func GetControlPlaneTopology

func GetControlPlaneTopology(infraLister configv1listers.InfrastructureLister) (configv1.TopologyMode, error)

func HasMachineDeletionHook

func HasMachineDeletionHook(machine *machinev1beta1.Machine) bool

HasMachineDeletionHook simply checks if the given machine has the machine deletion hook present

func IndexMachinesByNodeInternalIP

func IndexMachinesByNodeInternalIP(machines []*machinev1beta1.Machine) map[string]*machinev1beta1.Machine

IndexMachinesByNodeInternalIP maps machines to IPs

Note that a machine can have multiple internal IPs with different types (v4/v6)

func IsArbiterNodeTopology

func IsArbiterNodeTopology(ctx context.Context, infraClient configv1client.InfrastructureInterface) (bool, error)

IsArbiterNodeTopology returns if the cluster infrastructure ControlPlaneTopology is set to HighlyAvailableArbiterMode We use the infra interface in this situation instead of the lister because typically you are looking to find out this information in order to configure controllers before the informers are running.

func IsBootstrapComplete

func IsBootstrapComplete(configmapLister corev1listers.ConfigMapLister, etcdClient etcdcli.AllMemberLister) (bool, error)

IsBootstrapComplete returns true if bootstrap has completed.

func IsDualReplicaTopology

func IsDualReplicaTopology(ctx context.Context, infraLister configv1listers.InfrastructureLister) (bool, error)

func IsExternalEtcdSupport

func IsExternalEtcdSupport(spec *operatorv1.StaticPodOperatorSpec) (bool, error)

IsExternalEtcdSupport returns true if useExternalEtcdSupport is set to any parsable value.

func IsRevisionStable

func IsRevisionStable(staticPodClient v1helpers.StaticPodOperatorClient) (bool, error)

IsRevisionStable checks the stability of revisions and returns true if the revision is stable

func IsUnsupportedUnsafeEtcdContainerRemoval

func IsUnsupportedUnsafeEtcdContainerRemoval(spec *operatorv1.StaticPodOperatorSpec) (bool, error)

IsUnsupportedUnsafeEtcdContainerRemoval returns true if useUnsupportedUnsafeEtcdContainerRemoval is set to any parsable value.

func LoglevelToZap

func LoglevelToZap(logLevel operatorv1.LogLevel) string

LoglevelToZap converts a openshift/api/operator/v1 LogLevel into a corresponding Zap log level string

func MemberToNodeInternalIP

func MemberToNodeInternalIP(member *etcdserverpb.Member) (string, error)

MemberToNodeInternalIP extracts assigned IP address from the given member

func NewAlreadySyncedInformer

func NewAlreadySyncedInformer(informer cache.SharedInformer) cache.SharedInformer

func NewMultiSelectorNodeLister

func NewMultiSelectorNodeLister(indexer cache.Indexer, selectors ...labels.Selector) corev1listers.NodeLister

NewMultiSelectorNodeLister create a node lister that allows for querying based on multiple selectors for ORing on keys. This is done because of a performance design choice in selector queries that does not allow for ORing on keys. see: https://github.com/kubernetes/kubernetes/issues/90549#issuecomment-620625847

NOTE: If you are selecting based on ORing values, that is already supported, please use a format like `key in (value1,value2)` see: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#set-based-requirement

func ReadDesiredControlPlaneReplicasCount

func ReadDesiredControlPlaneReplicasCount(operatorClient v1helpers.StaticPodOperatorClient) (int, error)

ReadDesiredControlPlaneReplicasCount reads the current Control Plane replica count

func RenderTemplate

func RenderTemplate(templateName string, subs *PodSubstitutionTemplate) (string, error)

RenderTemplate renders a Pod template from the Assets with the data from a PodSubstitutionTemplate

func RevisionRolloutInProgress

func RevisionRolloutInProgress(status operatorv1.StaticPodOperatorStatus) bool

RevisionRolloutInProgress will return true if any node status reports its target revision is different from the current revision and the latest known revision.

func VotingMemberIPListSet

func VotingMemberIPListSet(ctx context.Context, cli etcdcli.EtcdClient) (sets.String, error)

Types

type AlreadySyncedInformer

type AlreadySyncedInformer struct {
	cache.SharedInformer
}

AlreadySyncedInformer wraps an ordinary cache.SharedInformer, but allows us to fake HasSynced results. This is to allow controllers to proceed when an informer could not sync (eg when the API isn't available).

func (*AlreadySyncedInformer) HasSynced

func (s *AlreadySyncedInformer) HasSynced() bool

type AlwaysSafeQuorumChecker

type AlwaysSafeQuorumChecker struct {
}

AlwaysSafeQuorumChecker can be used for testing and always returns that it is safe to update a revision

func (*AlwaysSafeQuorumChecker) IsSafeToUpdateRevision

func (c *AlwaysSafeQuorumChecker) IsSafeToUpdateRevision() (bool, error)

IsSafeToUpdateRevision always returns true, nil

type BootstrapScalingStrategy

type BootstrapScalingStrategy string

BootstrapScalingStrategy describes the invariants which will be enforced when scaling the etcd cluster.

const (
	// HAScalingStrategy means the etcd cluster will only be scaled up when at least
	// 3 node are available so that HA is enforced at all times. This rule applies
	// during bootstrapping and the steady state.
	//
	// This is the default strategy.
	HAScalingStrategy BootstrapScalingStrategy = "HAScalingStrategy"

	// DelayedHAScalingStrategy means that during bootstrapping, the etcd cluster will
	// be allowed to scale when at least 2 members are available (which is not HA),
	// but after bootstrapping any further scaling will require 3 nodes in the same
	// way as HAScalingStrategy.
	//
	// This strategy is selected by adding the `openshift.io/delayed-ha-bootstrap`
	// annotation to the openshift-etcd namesapce.
	DelayedHAScalingStrategy BootstrapScalingStrategy = "DelayedHAScalingStrategy"

	// TwoNodeScalingStrategy means the etcd cluster will only be scaled up when at least
	// 2 nodes are available so that quorum is maintained at all times. This rule applies
	// during bootstrapping and the steady state.
	//
	// This strategy is used for deployments of Two Node OpenShift with Fencing.
	TwoNodeScalingStrategy BootstrapScalingStrategy = "TwoNodeScalingStrategy"

	// DelayedTwoNodeScalingStrategy means that during bootstrapping, the etcd cluster will
	// be allowed to scale when at least 1 member is available (which is unsafe),
	// but after bootstrapping any further scaling will require 2 nodes in the same
	// way as TwoNodeScalingStrategy.
	//
	// This strategy is intended for deploys of Two Node OpenShift with Fencing via
	// the assisted or agent-based installers.
	DelayedTwoNodeScalingStrategy BootstrapScalingStrategy = "DelayedTwoNodeScalingStrategy"

	// BootstrapInPlaceStrategy means that the bootstrap node will never exist
	// during the lifecycle of the cluster. Bootkube will run on a live iso
	// afterwards the node will pivot into the manifests generated during that
	// process.
	//
	// This strategy is selected by observing the existence of `bootstrapInPlace`
	// root key in the install-config.
	BootstrapInPlaceStrategy BootstrapScalingStrategy = "BootstrapInPlaceStrategy"

	// UnsafeScalingStrategy means scaling will occur without regards to nodes and
	// any effect on quorum. Use of this strategy isn't officially tested or supported,
	// but is made available for ad-hoc use.
	//
	// This strategy is selected by setting unsupportedConfigOverrides on the
	// operator config.
	UnsafeScalingStrategy BootstrapScalingStrategy = "UnsafeScalingStrategy"
)

func GetBootstrapScalingStrategy

func GetBootstrapScalingStrategy(staticPodClient v1helpers.StaticPodOperatorClient, namespaceLister corev1listers.NamespaceLister, infraLister configv1listers.InfrastructureLister) (BootstrapScalingStrategy, error)

GetBootstrapScalingStrategy determines the scaling strategy to use

type MachineAPI

type MachineAPI struct {
	// contains filtered or unexported fields
}

MachineAPI a simple struct that helps determine if the Machine API is functional

Note:

since this type needs to take into account only master machine objects
make sure machineInformer contain only filtered data
otherwise it might be expensive to react to every node update in larger installations

as a safety net this type requires masterMachineSelector, just in case a caller won't provide a filtered informer

func NewMachineAPI

func NewMachineAPI(masterMachineInformer cache.SharedIndexInformer,
	masterMachineLister machinelistersv1beta1.MachineLister,
	masterMachineSelector labels.Selector,
	versionInformer configv1informers.ClusterVersionInformer,
	dynamicClient dynamic.Interface) *MachineAPI

func (*MachineAPI) IsAvailable

func (m *MachineAPI) IsAvailable() (bool, error)

IsAvailable checks if the Machine API is available as an API on the API server.

func (*MachineAPI) IsEnabled

func (m *MachineAPI) IsEnabled() (bool, error)

IsEnabled checks if the Machine API is enabled. As of today Machine API is enabled when: * clusterVersionInformer is synced * clusterVersion has "MachineAPI" as an enabled capability This method might not be reliable under some configuration, thus it's important to also check whether it IsAvailable

func (*MachineAPI) IsFunctional

func (m *MachineAPI) IsFunctional() (bool, error)

IsFunctional checks if the Machine API is (enabled OR available) AND functional. As of today Machine API is functional when: * clusterVersionInformer is synced * clusterVersion has MachineAPI as an enabled capability OR the API enabled on the api server * MachineInformer is synced * we find at least one Machine resources in the Running state.

type MachineAPIChecker

type MachineAPIChecker interface {
	// IsFunctional checks if the Machine API is functional (that requires it to be either enabled OR available)
	IsFunctional() (bool, error)
	// IsEnabled checks if the Machine API is enabled via CVO
	IsEnabled() (bool, error)
	// IsAvailable checks if the Machine API is available on the API server
	IsAvailable() (bool, error)
}

MachineAPIChecker captures a set of functions for working with the Machine API

type NameValue

type NameValue struct {
	Name  string
	Value string
}

type PodSubstitutionTemplate

type PodSubstitutionTemplate struct {
	Image               string
	OperatorImage       string
	ListenAddress       string
	LocalhostAddress    string
	LogLevel            string
	EnvVars             []NameValue
	BackupArgs          []string
	CipherSuites        string
	EnableEtcdContainer bool
	ReadinessProbe      ProbeConfig
	LivenessProbe       ProbeConfig
	StartupProbe        ProbeConfig
}

func GetPodSubstitution

func GetPodSubstitution(
	operatorSpec *operatorv1.StaticPodOperatorSpec,
	imagePullSpec, operatorImagePullSpec string,
	envVarMap map[string]string,
	etcd *operatorv1.Etcd) (*PodSubstitutionTemplate, error)

GetPodSubstitution creates a PodSubstitutionTemplate with values derived from StaticPodOperatorSpec, image pull spec and environment variables. It determines whether the Etcd container should be enabled based on the operator's configuration.

type ProbeConfig

type ProbeConfig struct {
	TimeoutSeconds      int
	PeriodSeconds       int
	SuccessThreshold    int
	FailureThreshold    int
	InitialDelaySeconds int
}

type QuorumCheck

type QuorumCheck struct {
	// contains filtered or unexported fields
}

QuorumCheck is just a convenience struct around bootstrap.go

func (*QuorumCheck) IsSafeToUpdateRevision

func (c *QuorumCheck) IsSafeToUpdateRevision() (bool, error)

type QuorumChecker

type QuorumChecker interface {
	// IsSafeToUpdateRevision checks the current etcd cluster and returns true if the cluster can tolerate the
	// loss of a single etcd member. Such loss is common during new static pod revision.
	// Returns True when it is absolutely safe, false if not. Error otherwise, which always indicates it is unsafe.
	IsSafeToUpdateRevision() (bool, error)
}

func NewQuorumChecker

func NewQuorumChecker(
	namespaceLister corev1listers.NamespaceLister,
	infraLister configv1listers.InfrastructureLister,
	operatorClient v1helpers.StaticPodOperatorClient,
	etcdClient etcdcli.AllMemberLister,
) QuorumChecker

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL