Skip to content

Commit 179a385

Browse files
author
Nigel Foucha
committed
feat(operator): update pod definition and nifi reconciliation for istio compatibility
this pushes the zk connectivity check into the pod command instead of the init container and removes istio overrides from reconciliation checks relates to konpyutaika#172
1 parent bf5159e commit 179a385

File tree

2 files changed

+85
-44
lines changed

2 files changed

+85
-44
lines changed

pkg/resources/nifi/nifi.go

+55-2
Original file line numberDiff line numberDiff line change
@@ -661,6 +661,12 @@ func (r *Reconciler) reconcileNifiPod(log zap.Logger, desiredPod *corev1.Pod) (e
661661
}
662662

663663
if err == nil {
664+
// k8s-objectmatcher options
665+
opts := []patch.CalculateOption{
666+
patch.IgnoreStatusFields(),
667+
patch.IgnoreVolumeClaimTemplateTypeMetaAndStatus(),
668+
patch.IgnorePDBSelector(),
669+
}
664670
// Since toleration does not support patchStrategy:"merge,retainKeys", we need to add all toleration from the current pod if the toleration is set in the CR
665671
if len(desiredPod.Spec.Tolerations) > 0 {
666672
desiredPod.Spec.Tolerations = append(desiredPod.Spec.Tolerations, currentPod.Spec.Tolerations...)
@@ -674,8 +680,55 @@ func (r *Reconciler) reconcileNifiPod(log zap.Logger, desiredPod *corev1.Pod) (e
674680
}
675681
desiredPod.Spec.Tolerations = uniqueTolerations
676682
}
683+
// If there are extra initContainers from webhook injections we need to add them
684+
if len(currentPod.Spec.InitContainers) > len(desiredPod.Spec.InitContainers) {
685+
desiredPod.Spec.InitContainers = append(currentPod.Spec.InitContainers, desiredPod.Spec.InitContainers...)
686+
uniqueContainers := []corev1.Container{}
687+
keys := make(map[string]bool)
688+
for _, c := range desiredPod.Spec.InitContainers {
689+
if _, value := keys[c.Name]; !value {
690+
keys[c.Name] = true
691+
uniqueContainers = append(uniqueContainers, c)
692+
}
693+
}
694+
desiredPod.Spec.InitContainers = uniqueContainers
695+
}
696+
// If there are extra containers from webhook injections we need to add them
697+
if len(currentPod.Spec.Containers) > len(desiredPod.Spec.Containers) {
698+
desiredPod.Spec.Containers = append(currentPod.Spec.Containers, desiredPod.Spec.Containers...)
699+
uniqueContainers := []corev1.Container{}
700+
keys := make(map[string]bool)
701+
for _, c := range desiredPod.Spec.Containers {
702+
if _, value := keys[c.Name]; !value {
703+
keys[c.Name] = true
704+
uniqueContainers = append(uniqueContainers, c)
705+
}
706+
}
707+
desiredPod.Spec.Containers = uniqueContainers
708+
}
709+
// Remove problematic fields if istio
710+
if _, ok := currentPod.Annotations["istio.io/rev"]; ok {
711+
// Prometheus scrape port is overridden by istio injection
712+
delete(currentPod.Annotations, "prometheus.io/port")
713+
delete(desiredPod.Annotations, "prometheus.io/port")
714+
// Liveness probe port is overridden by istio injection
715+
desiredContainer := corev1.Container{}
716+
for _, c := range desiredPod.Spec.Containers {
717+
if c.Name == "nifi" {
718+
desiredContainer = c
719+
}
720+
}
721+
currentContainers := []corev1.Container{}
722+
for _, c := range currentPod.Spec.Containers {
723+
if c.Name == "nifi" {
724+
c.LivenessProbe = desiredContainer.LivenessProbe
725+
}
726+
currentContainers = append(currentContainers, c)
727+
}
728+
currentPod.Spec.Containers = currentContainers
729+
}
677730
// Check if the resource actually updated
678-
patchResult, err := patch.DefaultPatchMaker.Calculate(currentPod, desiredPod)
731+
patchResult, err := patch.DefaultPatchMaker.Calculate(currentPod, desiredPod, opts...)
679732
if err != nil {
680733
log.Error("could not match pod objects",
681734
zap.String("clusterName", r.NifiCluster.Name),
@@ -697,7 +750,7 @@ func (r *Reconciler) reconcileNifiPod(log zap.Logger, desiredPod *corev1.Pod) (e
697750

698751
log.Debug("pod resource is in sync",
699752
zap.String("clusterName", r.NifiCluster.Name),
700-
zap.String("podName", desiredPod.Name))
753+
zap.String("podName", currentPod.Name))
701754

702755
return nil, k8sutil.PodReady(currentPod)
703756
}

pkg/resources/nifi/pod.go

+30-42
Original file line numberDiff line numberDiff line change
@@ -95,46 +95,6 @@ func (r *Reconciler) pod(node v1.Node, nodeConfig *v1.NodeConfig, pvcs []corev1.
9595
}...)
9696

9797
podInitContainers := r.injectAdditionalFields(nodeConfig, initContainers)
98-
if len(zkAddress) > 0 {
99-
podInitContainers = r.injectAdditionalFields(nodeConfig, append(initContainers, []corev1.Container{
100-
{
101-
Name: "zookeeper",
102-
Image: r.NifiCluster.Spec.GetInitContainerImage(),
103-
ImagePullPolicy: nodeConfig.GetImagePullPolicy(),
104-
Env: []corev1.EnvVar{
105-
{
106-
Name: "ZK_ADDRESS",
107-
Value: zkAddress,
108-
},
109-
},
110-
// The zookeeper init check here just ensures that at least one configured zookeeper host is alive
111-
Command: []string{"bash", "-c", `
112-
set -e
113-
echo "Trying to contact Zookeeper using connection string: ${ZK_ADDRESS}"
114-
115-
connected=0
116-
IFS=',' read -r -a zk_hosts <<< "${ZK_ADDRESS}"
117-
until [ $connected -eq 1 ]
118-
do
119-
for zk_host in "${zk_hosts[@]}"
120-
do
121-
IFS=':' read -r -a zk_host_port <<< "${zk_host}"
122-
123-
echo "Checking Zookeeper Host: [${zk_host_port[0]}] Port: [${zk_host_port[1]}]"
124-
nc -vzw 1 ${zk_host_port[0]} ${zk_host_port[1]}
125-
if [ $? -eq 0 ]; then
126-
echo "Connected to ${zk_host_port}"
127-
connected=1
128-
fi
129-
done
130-
131-
sleep 1
132-
done
133-
`},
134-
Resources: generateInitContainerResources(),
135-
},
136-
}...))
137-
}
13898

13999
sort.Slice(podVolumes, func(i, j int) bool {
140100
return podVolumes[i].Name < podVolumes[j].Name
@@ -534,12 +494,40 @@ do
534494
notMatchedIp=false
535495
fi
536496
done
537-
echo "Hostname is successfully binded withy IP address"`, nodeAddress, nodeAddress)
497+
echo "Hostname is successfully binded with IP address"`, nodeAddress, nodeAddress)
498+
}
499+
500+
zkResolve := ""
501+
if len(zkAddress) > 0 {
502+
zkResolve = `echo "Trying to contact Zookeeper using connection string: ${NIFI_ZOOKEEPER_CONNECT_STRING}"
503+
504+
connected=0
505+
IFS=',' read -r -a zk_hosts <<< "${NIFI_ZOOKEEPER_CONNECT_STRING}"
506+
until [ $connected -eq 1 ]
507+
do
508+
for zk_host in "${zk_hosts[@]}"
509+
do
510+
IFS=':' read -r -a zk_host_port <<< "${zk_host}"
511+
512+
echo "Checking Zookeeper Host: [${zk_host_port[0]}] Port: [${zk_host_port[1]}]"
513+
set +e
514+
curl --telnet-option 'BOGUS=1' --connect-timeout 2 -s telnet://${zk_host_port[0]}:${zk_host_port[1]} < /dev/null
515+
if [ $? -eq 48 ]; then
516+
echo "Connected to ${zk_host_port}"
517+
connected=1
518+
fi
519+
set -e
520+
done
521+
522+
sleep 1
523+
done`
538524
}
525+
539526
command := []string{"bash", "-ce", fmt.Sprintf(`cp ${NIFI_HOME}/tmp/* ${NIFI_HOME}/conf/
540527
%s
541528
%s
542-
exec bin/nifi.sh run`, resolveIp, singleUser)}
529+
%s
530+
exec bin/nifi.sh run`, zkResolve, resolveIp, singleUser)}
543531

544532
return corev1.Container{
545533
Name: ContainerName,

0 commit comments

Comments
 (0)