Documentation
¶
Index ¶
- Constants
- Variables
- func CentralLoggingConfiguration() (component.CentralLoggingConfig, error)
- func CheckEtcdObject(obj client.Object) error
- func DependencyWatchdogEndpointConfiguration(role string) (map[string]restarterapi.Service, error)
- func NewBootstrapper(c client.Client, namespace string, image string, imageVectorOverwrite *string) component.DeployWaiter
- func ServiceName(role string) string
- type BackupConfig
- type Class
- type HVPAConfig
- type Interface
- type Secrets
Constants ¶
View Source
const ( // ClassNormal is a constant for a normal etcd (without extensive metrics or higher resource settings, etc.) ClassNormal Class = "normal" // ClassImportant is a constant for an important etcd (with extensive metrics or higher resource settings, etc.). // Such etcds are also unsafe to evict (from the PoV of the cluster-autoscaler when trying to scale down). ClassImportant Class = "important" // SecretNameCA is the name of the secret containing the CA certificate and key for the etcd. SecretNameCA = v1beta1constants.SecretNameCAETCD // SecretNameServer is the name of the secret containing the server certificate and key for the etcd. SecretNameServer = "etcd-server-cert" // SecretNameClient is the name of the secret containing the client certificate and key for the etcd. SecretNameClient = "etcd-client-tls" // LabelAppValue is the value of a label whose key is 'app'. LabelAppValue = "etcd-statefulset" // NetworkPolicyName is the name of a network policy that allows ingress traffic to etcd from certain sources. NetworkPolicyName = "allow-etcd" )
View Source
const ( // DefaultInterval is the default interval for retry operations. DefaultInterval = 5 * time.Second // DefaultSevereThreshold is the default threshold until an error reported by another component is treated as 'severe'. DefaultSevereThreshold = 3 * time.Minute // DefaultTimeout is the default timeout and defines how long Gardener should wait // for a successful reconciliation of an Etcd resource. DefaultTimeout = 5 * time.Minute )
View Source
const ( // CrdYAML is yaml representation of the custom resource of the ETCD. CrdYAML = `apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: ` + crdName + ` annotations: controller-gen.kubebuilder.io/version: v0.4.1 labels: ` + gutil.DeletionProtected + `: "true" spec: group: druid.gardener.cloud names: kind: Etcd listKind: EtcdList plural: etcds singular: etcd scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.ready name: Ready type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1alpha1 schema: openAPIV3Schema: description: Etcd is the Schema for the etcds API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: EtcdSpec defines the desired state of Etcd properties: annotations: additionalProperties: type: string type: object backup: description: BackupSpec defines parametes associated with the full and delta snapshots of etcd properties: compression: description: SnapshotCompression defines the specification for compression of Snapshots. properties: enabled: type: boolean policy: description: CompressionPolicy defines the type of policy for compression of snapshots. enum: - gzip - lzw - zlib type: string type: object deltaSnapshotMemoryLimit: anyOf: - type: integer - type: string description: DeltaSnapshotMemoryLimit defines the memory limit after which delta snapshots will be taken pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true deltaSnapshotPeriod: description: DeltaSnapshotPeriod defines the period after which delta snapshots will be taken type: string fullSnapshotSchedule: description: FullSnapshotSchedule defines the cron standard schedule for full snapshots. type: string garbageCollectionPeriod: description: GarbageCollectionPeriod defines the period for garbage collecting old backups type: string garbageCollectionPolicy: description: GarbageCollectionPolicy defines the policy for garbage collecting old backups enum: - Exponential - LimitBased type: string image: description: Image defines the etcd container image and tag type: string port: description: Port define the port on which etcd-backup-restore server will exposed. format: int32 type: integer resources: description: 'Resources defines the compute Resources required by backup-restore container. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object type: object store: description: Store defines the specification of object store provider for storing backups. properties: container: type: string prefix: type: string provider: description: StorageProvider defines the type of object store provider for storing backups. type: string secretRef: description: SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace properties: name: description: Name is unique within a namespace to reference a secret resource. type: string namespace: description: Namespace defines the space within which the secret name must be unique. type: string type: object required: - prefix type: object tls: description: TLSConfig hold the TLS configuration details. properties: clientTLSSecretRef: description: SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace properties: name: description: Name is unique within a namespace to reference a secret resource. type: string namespace: description: Namespace defines the space within which the secret name must be unique. type: string type: object serverTLSSecretRef: description: SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace properties: name: description: Name is unique within a namespace to reference a secret resource. type: string namespace: description: Namespace defines the space within which the secret name must be unique. type: string type: object tlsCASecretRef: description: SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace properties: name: description: Name is unique within a namespace to reference a secret resource. type: string namespace: description: Namespace defines the space within which the secret name must be unique. type: string type: object required: - clientTLSSecretRef - serverTLSSecretRef - tlsCASecretRef type: object type: object etcd: description: EtcdConfig defines parameters associated etcd deployed properties: authSecretRef: description: SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace properties: name: description: Name is unique within a namespace to reference a secret resource. type: string namespace: description: Namespace defines the space within which the secret name must be unique. type: string type: object clientPort: format: int32 type: integer defragmentationSchedule: description: DefragmentationSchedule defines the cron standard schedule for defragmentation of etcd. type: string image: description: Image defines the etcd container image and tag type: string metrics: description: Metrics defines the level of detail for exported metrics of etcd, specify 'extensive' to include histogram metrics. enum: - basic - extensive type: string quota: anyOf: - type: integer - type: string description: Quota defines the etcd DB quota. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resources: description: 'Resources defines the compute Resources required by etcd container. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object type: object serverPort: format: int32 type: integer tls: description: TLSConfig hold the TLS configuration details. properties: clientTLSSecretRef: description: SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace properties: name: description: Name is unique within a namespace to reference a secret resource. type: string namespace: description: Namespace defines the space within which the secret name must be unique. type: string type: object serverTLSSecretRef: description: SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace properties: name: description: Name is unique within a namespace to reference a secret resource. type: string namespace: description: Namespace defines the space within which the secret name must be unique. type: string type: object tlsCASecretRef: description: SecretReference represents a Secret Reference. It has enough information to retrieve secret in any namespace properties: name: description: Name is unique within a namespace to reference a secret resource. type: string namespace: description: Namespace defines the space within which the secret name must be unique. type: string type: object required: - clientTLSSecretRef - serverTLSSecretRef - tlsCASecretRef type: object type: object labels: additionalProperties: type: string type: object priorityClassName: description: PriorityClassName is the name of a priority class that shall be used for the etcd pods. type: string replicas: type: integer selector: description: 'selector is a label query over pods that should match the replica count. It must match the pod template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object sharedConfig: description: SharedConfig defines parameters shared and used by Etcd as well as backup-restore sidecar. properties: autoCompactionMode: description: AutoCompactionMode defines the auto-compaction-mode:'periodic' mode or 'revision' mode for etcd and embedded-Etcd of backup-restore sidecar. enum: - periodic - revision type: string autoCompactionRetention: description: AutoCompactionRetention defines the auto-compaction-retention length for etcd as well as for embedded-Etcd of backup-restore sidecar. type: string type: object storageCapacity: anyOf: - type: integer - type: string description: StorageCapacity defines the size of persistent volume. pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true storageClass: description: 'StorageClass defines the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeClaimTemplate: description: VolumeClaimTemplate defines the volume claim template to be created type: string required: - backup - etcd - labels - replicas - selector type: object status: description: EtcdStatus defines the observed state of Etcd properties: conditions: items: description: Condition holds the information about the state of a resource. properties: lastTransitionTime: description: Last time the condition transitioned from one status to another. format: date-time type: string lastUpdateTime: description: Last time the condition was updated. format: date-time type: string message: description: A human readable message indicating details about the transition. type: string reason: description: The reason for the condition's last transition. type: string status: description: Status of the condition, one of True, False, Unknown. type: string type: description: Type of the Etcd condition. type: string type: object type: array currentReplicas: format: int32 type: integer etcd: description: CrossVersionObjectReference contains enough information to let you identify the referred resource. properties: apiVersion: description: API version of the referent type: string kind: description: Kind of the referent type: string name: description: Name of the referent type: string type: object labelSelector: description: selector is a label query over pods that should match the replica count. It must match the pod template's labels. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object lastError: type: string observedGeneration: description: ObservedGeneration is the most recent generation observed for this resource. format: int64 type: integer ready: type: boolean readyReplicas: format: int32 type: integer replicas: format: int32 type: integer serviceName: type: string updatedReplicas: format: int32 type: integer type: object type: object served: true storage: true subresources: scale: labelSelectorPath: .status.labelSelector specReplicasPath: .spec.replicas statusReplicasPath: .status.replicas status: {} ` )
View Source
const (
// Druid is a constant for the name of the etcd-druid.
Druid = "etcd-druid"
)
Variables ¶
View Source
var ( // TimeNow is a function returning the current time exposed for testing. TimeNow = time.Now // PortEtcdServer is the port exposed by etcd for server-to-server communication. PortEtcdServer = int32(2380) // PortEtcdClient is the port exposed by etcd for client communication. PortEtcdClient = int32(2379) // PortBackupRestore is the client port exposed by the backup-restore sidecar container. PortBackupRestore = int32(8080) )
View Source
var TimeoutWaitForManagedResource = 2 * time.Minute
TimeoutWaitForManagedResource is the timeout used while waiting for the ManagedResources to become healthy or deleted.
Functions ¶
func CentralLoggingConfiguration ¶
func CentralLoggingConfiguration() (component.CentralLoggingConfig, error)
CentralLoggingConfiguration returns a fluent-bit parser and filter for the etcd and backup-restore sidecar logs.
func CheckEtcdObject ¶ added in v1.25.0
CheckEtcdObject checks if the given Etcd object was reconciled successfully.
func DependencyWatchdogEndpointConfiguration ¶ added in v1.27.0
func DependencyWatchdogEndpointConfiguration(role string) (map[string]restarterapi.Service, error)
DependencyWatchdogEndpointConfiguration returns the configuration for the dependency watchdog ensuring that its dependant pods are restarted as soon as it recovers from a crash loop.
func NewBootstrapper ¶
func NewBootstrapper(c client.Client, namespace string, image string, imageVectorOverwrite *string) component.DeployWaiter
NewBootstrapper creates a new instance of DeployWaiter for the etcd bootstrapper.
func ServiceName ¶
ServiceName returns the service name for an etcd for the given role.
Types ¶
type BackupConfig ¶
type BackupConfig struct {
// Provider is the name of the infrastructure provider for the blob storage bucket.
Provider string
// Container is the name of the blob storage bucket.
Container string
// SecretRefName is the name of a Secret object containing the credentials of the selected infrastructure provider.
SecretRefName string
// Prefix is a prefix that shall be used for the filename of the backups of this etcd.
Prefix string
// FullSnapshotSchedule is a cron schedule that declares how frequent full snapshots shall be taken.
FullSnapshotSchedule string
}
BackupConfig contains information for configuring the backup-restore sidecar so that it takes regularly backups of the etcd's data directory.
type HVPAConfig ¶
type HVPAConfig struct {
// Enabled states whether an HVPA object shall be deployed.
Enabled bool
// MaintenanceTimeWindow contains begin and end of a time window that allows down-scaling the etcd in case its
// resource requests/limits are unnecessarily high.
MaintenanceTimeWindow gardencorev1beta1.MaintenanceTimeWindow
// The update mode to use for scale down.
ScaleDownUpdateMode *string
}
HVPAConfig contains information for configuring the HVPA object for the etcd.
type Interface ¶ added in v1.24.0
type Interface interface {
component.DeployWaiter
component.MonitoringComponent
// ServiceDNSNames returns the service DNS names for the etcd.
ServiceDNSNames() []string
// Snapshot triggers the backup-restore sidecar to perform a full snapshot in case backup configuration is provided.
Snapshot(context.Context, kubernetes.PodExecutor) error
// SetSecrets sets the secrets.
SetSecrets(Secrets)
// SetBackupConfig sets the backup configuration.
SetBackupConfig(config *BackupConfig)
// SetHVPAConfig sets the HVPA configuration.
SetHVPAConfig(config *HVPAConfig)
}
Interface contains functions for a etcd deployer.
type Secrets ¶
type Secrets struct {
// CA is a secret containing the CA certificate and key.
CA component.Secret
// Server is a secret containing the server certificate and key.
Server component.Secret
// Client is a secret containing the client certificate and key.
Client component.Secret
}
Secrets is collection of secrets for the etcd.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.