Skip to content

etcdmanager / Etcd Deployment #436

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 45 commits into from
Oct 14, 2022
Merged

etcdmanager / Etcd Deployment #436

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
45 commits
Select commit Hold shift + click to select a range
36b0582
Initial commit of etcdmanager
eberlep Sep 27, 2022
1bffa2c
Fix linter error
eberlep Sep 27, 2022
d7e9844
Small fix
eberlep Sep 27, 2022
282245d
Dynamic configuration
eberlep Sep 27, 2022
3ea11f7
Fix linter error (by ignoring it)
eberlep Sep 27, 2022
a8242a1
improve logging
eberlep Sep 28, 2022
5332f63
Add missing label to selector
eberlep Sep 28, 2022
105dbd5
Change default value
eberlep Sep 28, 2022
5414da6
Try sth different
eberlep Sep 28, 2022
d8752ef
Remove dummy values
eberlep Sep 28, 2022
bea905a
Fix retrieval of sts after renaming it
eberlep Sep 28, 2022
2a0b06f
Add SA and Role for etcd
eberlep Sep 30, 2022
2c90cc3
Use updated Name for fetching
eberlep Sep 30, 2022
210378a
Refactoring
eberlep Sep 30, 2022
4b0d302
Add managedBy label
eberlep Oct 4, 2022
f9d8642
Update etcd name to postgreslet name
eberlep Oct 4, 2022
5147b5f
Add common labels to all created resources
eberlep Oct 4, 2022
095810e
Update svc names + selectors
eberlep Oct 4, 2022
0536b44
Initialize nil maps
eberlep Oct 4, 2022
5ec3c32
Fetch correctly named service
eberlep Oct 4, 2022
a86558c
Update client und peer urls
eberlep Oct 4, 2022
bc652da
Use index to access env value
eberlep Oct 4, 2022
2221b5e
Fall back to postgreslet PSP if etcd PSP is empty
eberlep Oct 4, 2022
561b36c
Update serviceAccountName as well
eberlep Oct 4, 2022
8e447fc
Use postgres partition id as bucket name
eberlep Oct 4, 2022
61d24f0
Proper etcd cluster init
eberlep Oct 6, 2022
ed84d17
Revert "Use postgres partition id as bucket name"
eberlep Oct 6, 2022
4fb9c88
Use PartitionID as object prefix
eberlep Oct 6, 2022
947bd38
Indentation
eberlep Oct 6, 2022
d54068d
Indentation
eberlep Oct 6, 2022
42a28da
Indentation
eberlep Oct 6, 2022
5710fe2
Use strings.Builder
eberlep Oct 6, 2022
3bad452
...
eberlep Oct 6, 2022
f79482f
Add optional removal of etcd
eberlep Oct 7, 2022
b9ae49e
For safety, add additional label
eberlep Oct 7, 2022
c191d4a
Rename label value
eberlep Oct 7, 2022
60ac9c2
Add new label to pods as well
eberlep Oct 7, 2022
94ef0e4
Cleanup labels
eberlep Oct 11, 2022
d6916ae
Remove unneccessary api permissions
eberlep Oct 11, 2022
585c4f0
Add servicemonitors
eberlep Oct 11, 2022
0a046a4
Update selector
eberlep Oct 11, 2022
4488791
rename flag
eberlep Oct 11, 2022
e74dba0
Change order of deletion
eberlep Oct 12, 2022
50ca741
Resolve review comments
eberlep Oct 12, 2022
bfc6e6b
Change default value
eberlep Oct 14, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ FROM gcr.io/distroless/static:nonroot
WORKDIR /
COPY --from=builder /workspace/bin/manager .
COPY external/svc-postgres-operator.yaml external/svc-postgres-operator.yaml
COPY external/svc-etcd.yaml external/svc-etcd.yaml
USER nonroot:nonroot

ENTRYPOINT ["/manager"]
325 changes: 325 additions & 0 deletions external/svc-etcd.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,325 @@


apiVersion: v1
kind: List
metadata: {}
items:
- kind: ServiceAccount
apiVersion: v1
metadata:
labels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
name: patroni-etcd
namespace: postgreslet-system
- kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
name: patroni-etcd
namespace: postgreslet-system
rules:
- apiGroups:
- extensions
resourceNames:
- postgreslet
resources:
- podsecuritypolicies
verbs:
- use
- kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
name: patroni-etcd
namespace: postgreslet-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: patroni-etcd
subjects:
- kind: ServiceAccount
name: patroni-etcd
namespace: postgreslet-system
- kind: ConfigMap
apiVersion: v1
metadata:
labels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
name: backup-restore-sidecar-config-etcd
namespace: postgreslet-system
data:
config.yaml: |
# SAMPLE VALUES, WILL BE OVERWRITTEN
db: etcd
db-data-directory: /data/etcd/
backup-provider: s3
backup-cron-schedule: "*/1 * * * *"
object-prefix: etcd-psql
compression-method: tarlz4
- kind: StatefulSet
apiVersion: apps/v1
metadata:
labels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
name: etcd-psql
namespace: postgreslet-system
spec:
podManagementPolicy: OrderedReady
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
postgres.database.fits.cloud/name: etcd-psql
serviceName: etcd-psql-client
template:
metadata:
labels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
postgres.database.fits.cloud/name: etcd-psql
spec:
serviceAccountName: patroni-etcd
containers:
- image: quay.io/coreos/etcd:v3.5.4
# can also be gcr.io/etcd-development/etcd
env:
- name: ETCD_ENABLE_V2
value: "true"
- name: ETCD_ADVERTISE_CLIENT_URLS
value: http://etcd-psql-headless.ft-etcd-psql.svc.cluster.local:2379,http://etcd-psql.ft-etcd-psql.svc.cluster.local:2379
- name: ETCD_LISTEN_CLIENT_URLS
value: http://0.0.0.0:2379
- name: ETCD_INITIAL_ADVERTISE_PEER_URLS
value: http://etcd-psql-headless.ft-etcd-psql.svc.cluster.local:2380
- name: ETCD_LISTEN_PEER_URLS
value: http://0.0.0.0:2380
- name: ETCD_INITIAL_CLUSTER
value: default=http://etcd-psql-headless.ft-etcd-psql.svc.cluster.local:2380
name: etcd
command:
- tini
- --
args:
- sh
- -c
- backup-restore-sidecar wait && etcd --data-dir=/data/etcd --listen-metrics-urls http://0.0.0.0:2381
imagePullPolicy: IfNotPresent
livenessProbe:
exec:
command:
- /usr/local/bin/etcdctl
- endpoint
- health
failureThreshold: 3
initialDelaySeconds: 15
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
httpGet:
path: /health
port: 2381
scheme: HTTP
initialDelaySeconds: 15
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
ports:
- containerPort: 2380
name: server
protocol: TCP
- containerPort: 2379
name: client
protocol: TCP
resources:
limits:
cpu: 900m
memory: 3G
requests:
cpu: 300m
memory: 1G
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /data
name: etcd
- name: bin-provision
subPath: backup-restore-sidecar
mountPath: /usr/local/bin/backup-restore-sidecar
- name: backup-restore-sidecar-config
mountPath: /etc/backup-restore-sidecar
- name: bin-provision
subPath: tini
mountPath: /usr/local/bin/tini
- image: quay.io/coreos/etcd:v3.5.4
name: backup-restore-sidecar
env:
- name: BACKUP_RESTORE_SIDECAR_S3_BUCKET_NAME
valueFrom:
secretKeyRef:
key: bucketName
name: etcd-backup-restore-s3-config
- name: BACKUP_RESTORE_SIDECAR_S3_ENDPOINT
valueFrom:
secretKeyRef:
key: endpoint
name: etcd-backup-restore-s3-config
- name: BACKUP_RESTORE_SIDECAR_S3_REGION
valueFrom:
secretKeyRef:
key: region
name: etcd-backup-restore-s3-config
- name: BACKUP_RESTORE_SIDECAR_S3_ACCESS_KEY
valueFrom:
secretKeyRef:
key: access-key
name: etcd-backup-restore-s3-config
- name: BACKUP_RESTORE_SIDECAR_S3_SECRET_KEY
valueFrom:
secretKeyRef:
key: secret-key
name: etcd-backup-restore-s3-config
command:
- tini
- --
args:
- sh
- -c
- mkdir -p /data/etcd && backup-restore-sidecar start --log-level debug
volumeMounts:
- name: etcd
mountPath: /data
- name: bin-provision
subPath: backup-restore-sidecar
mountPath: /usr/local/bin/backup-restore-sidecar
- name: backup-restore-sidecar-config
mountPath: /etc/backup-restore-sidecar
- name: bin-provision
subPath: tini
mountPath: /usr/local/bin/tini
- name: bin-provision
subPath: certs
mountPath: /etc/ssl/certs
initContainers:
- name: backup-restore-sidecar-provider
image: ghcr.io/metal-stack/backup-restore-sidecar:latest
imagePullPolicy: IfNotPresent
command:
- cp
- -r
- /etc/ssl/certs
- /backup-restore-sidecar
- /ubuntu/tini
- /bin-provision
ports:
- containerPort: 2112
volumeMounts:
- name: bin-provision
mountPath: /bin-provision
volumes:
- name: backup-restore-sidecar-config
configMap:
name: backup-restore-sidecar-config-etcd
- name: bin-provision
emptyDir: {}
- emptyDir:
sizeLimit: 1Gi
name: etcd
- kind: Service
apiVersion: v1
metadata:
labels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
postgres.database.fits.cloud/name: backup-restore-sidecar-svc
name: backup-restore-sidecar-svc
namespace: postgreslet-system
spec:
ports:
- name: metrics
port: 2112
protocol: TCP
targetPort: 2112
selector:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
postgres.database.fits.cloud/name: etcd-psql
sessionAffinity: None
type: ClusterIP
- kind: Service
apiVersion: v1
metadata:
labels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
postgres.database.fits.cloud/name: etcd-psql
name: etcd-psql
namespace: postgreslet-system
spec:
ports:
- name: client
port: 2379
protocol: TCP
targetPort: client
- name: server
port: 2380
protocol: TCP
targetPort: server
selector:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
postgres.database.fits.cloud/name: etcd-psql
sessionAffinity: None
type: ClusterIP
- kind: Service
apiVersion: v1
metadata:
labels:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
postgres.database.fits.cloud/name: etcd-psql-headless
name: etcd-psql-headless
namespace: postgreslet-system
spec:
clusterIP: None
clusterIPs:
- None
ports:
- name: client
port: 2379
protocol: TCP
targetPort: client
- name: server
port: 2380
protocol: TCP
targetPort: server
publishNotReadyAddresses: true
selector:
postgres.database.fits.cloud/partition-id: sample
postgres.database.fits.cloud/managed-by: postgreslet
postgres.database.fits.cloud/component: etcd
postgres.database.fits.cloud/name: etcd-psql
sessionAffinity: None
type: ClusterIP
Loading