70 load balancer

Makefile

@@ -42,7 +42,13 @@ manager: generate fmt vet
 
 # Run against the configured Kubernetes cluster in ~/.kube/config
 run: generate fmt vet manifests install-crd-cwnp
-	go run ./main.go -partition-id sample-partition -tenant sample-tenant -controlplane-kubeconfig "./kubeconfig"
+	go run ./main.go \
+	-partition-id sample-partition \
+	-tenant sample-tenant \
+	-controlplane-kubeconfig "./kubeconfig" \
+	-load-balancer-ip "127.0.0.1" \
+	-port-range-start 32000 \
+	-port-range-size 8000
 
 # Install CRDs into a cluster
 install: manifests

api/v1/postgres_types.go

@@ -28,6 +28,8 @@ import (
 // +kubebuilder:subresource:status
 // +kubebuilder:printcolumn:name="Version",type=string,JSONPath=`.spec.version`
 // +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.description`
+// +kubebuilder:printcolumn:name="Load-Balancer-IP",type=string,JSONPath=`.status.socket.ip`
+// +kubebuilder:printcolumn:name="Load-Balancer-Port",type=integer,JSONPath=`.status.socket.port`
 
 // Postgres is the Schema for the postgres API
 type Postgres struct {
@@ -142,6 +144,14 @@ type PostgresStatus struct {
 	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
 	// Important: Run "make" to regenerate code after modifying this file
 	Description string `json:"description,omitempty"`
+
+	Socket Socket `json:"socket,omitempty"`
+}
+
+// Socket represents load-balancer socket of Postgres
+type Socket struct {
+	IP   string `json:"ip,omitempty"`
+	Port int32  `json:"port,omitempty"`
 }
 
 // +kubebuilder:object:root=true
@@ -205,6 +215,57 @@ func (p *Postgres) ToKey() *types.NamespacedName {
 	}
 }
 
+var SvcLoadBalancerLabel = map[string]string{
+	"postgres.database.fits.cloud/managed-by": "postgreslet",
+}
+
+func (p *Postgres) ToSvcLB(lbIP string, lbPort int32) *corev1.Service {
+	lb := &corev1.Service{}
+	lb.Spec.Type = "LoadBalancer"
+
+	lb.Annotations = map[string]string{
+		"metallb.universe.tf/allow-shared-ip": "spilo",
+	}
+
+	lb.Namespace = p.ToPeripheralResourceNamespace()
+	lb.Name = p.ToSvcLBName()
+	lb.SetLabels(SvcLoadBalancerLabel)
+
+	// svc.Spec.LoadBalancerSourceRanges // todo: Do we need to set this?
+
+	port := corev1.ServicePort{}
+	port.Name = "postgresql"
+	port.Port = lbPort
+	port.Protocol = corev1.ProtocolTCP
+	port.TargetPort = intstr.FromInt(5432)
+	lb.Spec.Ports = []corev1.ServicePort{port}
+
+	lb.Spec.Selector = map[string]string{
+		"application":  "spilo",
+		"cluster-name": p.ToPeripheralResourceName(),
+		"spilo-role":   "master",
+		"team":         p.generateTeamID(),
+	}
+
+	lb.Spec.LoadBalancerIP = lbIP
+
+	return lb
+}
+
+// ToSvcLBName returns the name of the peripheral resource Service LoadBalancer.
+// It's different from all other peripheral resources because the operator
+// already generates one service with that name.
+func (p *Postgres) ToSvcLBName() string {
+	return p.ToPeripheralResourceName() + "-external"
+}
+
+func (p *Postgres) ToSvcLBNamespacedName() *types.NamespacedName {
+	return &types.NamespacedName{
+		Namespace: p.ToPeripheralResourceNamespace(),
+		Name:      p.ToSvcLBName(),
+	}
+}
+
 func (p *Postgres) ToPeripheralResourceName() string {
 
 	return p.generateTeamID() + "-" + p.generateDatabaseName()
@@ -238,16 +299,19 @@ func (p *Postgres) generateDatabaseName() string {
 	return generatedDatabaseName
 }
 
+func (p *Postgres) ToPeripheralResourceNamespace() string {
+	return p.Spec.ProjectID
+}
+
 // Name of the label referencing the owning Postgres resource in the control cluster
 const LabelName string = "postgres.database.fits.cloud/uuid"
 
 func (p *Postgres) ToZalandoPostgres() *ZalandoPostgres {
-	projectID := p.Spec.ProjectID
 	return &ZalandoPostgres{
 		TypeMeta: ZalandoPostgresTypeMeta,
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      p.ToPeripheralResourceName(),
-			Namespace: projectID, // todo: Check if the projectID is too long for zalando operator.
+			Namespace: p.ToPeripheralResourceNamespace(),
 			Labels:    map[string]string{LabelName: string(p.UID)},
 		},
 		Spec: ZalandoPostgresSpec{

charts/postgreslet-support/crds/postgres.yaml

@@ -1,8 +1,11 @@
+
+---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.2.5
+  creationTimestamp: null
   name: postgres.database.fits.cloud
 spec:
   group: database.fits.cloud
@@ -20,16 +23,26 @@ spec:
     - jsonPath: .status.description
       name: Status
       type: string
+    - jsonPath: .status.lbSocket.ip
+      name: Load-Balancer-IP
+      type: string
+    - jsonPath: .status.lbSocket.port
+      name: Load-Balancer-Port
+      type: integer
     name: v1
     schema:
       openAPIV3Schema:
         description: Postgres is the Schema for the postgres API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
             type: string
           metadata:
             type: object
@@ -40,7 +53,8 @@ spec:
                 description: AccessList defines access restrictions
                 properties:
                   sourceRanges:
-                    description: SourceRanges defines a list of prefixes in CIDR Notation e.g. 1.2.3.0/24 FIXME implement validation if source is a parsable CIDR
+                    description: SourceRanges defines a list of prefixes in CIDR Notation
+                      e.g. 1.2.3.0/24 or fdaa::/104
                     items:
                       type: string
                     type: array
@@ -53,17 +67,24 @@ spec:
                     format: int32
                     type: integer
                   s3BucketURL:
-                    description: S3BucketURL defines the URL of the S3 bucket for backup
+                    description: S3BucketURL defines the URL of the S3 bucket for
+                      backup
                     type: string
                   schedule:
-                    description: Schedule defines how often a backup should be made, in cron format
+                    description: Schedule defines how often a backup should be made,
+                      in cron format
+                    type: string
+                  secretname:
+                    description: SecretName reference to the secret where the backup
+                      credentials are stored
                     type: string
                 type: object
               description:
                 description: Description
                 type: string
               maintenance:
-                description: 'todo: add default Maintenance defines automatic maintenance of the database'
+                description: 'todo: add default Maintenance defines automatic maintenance
+                  of the database'
                 properties:
                   timeWindow:
                     description: TimeWindow defines when the maintenance should happen
@@ -76,7 +97,8 @@ spec:
                         type: string
                     type: object
                   weekday:
-                    description: Weekday defines when the operator is allowed to do maintenance
+                    description: Weekday defines when the operator is allowed to do
+                      maintenance
                     type: integer
                 type: object
               numberOfInstances:
@@ -91,6 +113,10 @@ spec:
               projectID:
                 description: ProjectID metal project ID
                 type: string
+              secretname:
+                description: SecretName reference to the secret where the user credentials
+                  are stored
+                type: string
               size:
                 description: Size of the database
                 properties:
@@ -102,7 +128,8 @@ spec:
                     type: string
                   storageSize:
                     default: 1Gi
-                    description: StorageSize the amount of Storage this database will get
+                    description: StorageSize the amount of Storage this database will
+                      get
                     pattern: ^[1-9][0-9]*Gi
                     type: string
                 type: object
@@ -120,8 +147,19 @@ spec:
             description: PostgresStatus defines the observed state of Postgres
             properties:
               description:
-                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file'
+                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
+                  of cluster Important: Run "make" to regenerate code after modifying
+                  this file'
                 type: string
+              socket:
+                description: Socket represents load-balancer socket of Postgres
+                properties:
+                  ip:
+                    type: string
+                  port:
+                    format: int32
+                    type: integer
+                type: object
             type: object
         type: object
     served: true

charts/postgreslet/templates/configmap.yaml

@@ -5,6 +5,9 @@ data:
   METRICS_ADDR_SVC_MGR: {{ .Values.postgreslet.metricsAddr | quote }}
   PARTITION_ID: {{ .Values.postgreslet.partitionId | quote }}
   TENANT: {{ .Values.postgreslet.tenant | quote }}
+  LOAD_BALANCER_IP: {{ .Values.postgreslet.loadBalancerIP | quote }}
+  PORT_RANGE_START: {{ .Values.postgreslet.portRangeStart }}
+  PORT_RANGE_SIZE: {{ .Values.postgreslet.portRangeSize }}
   CUSTOM_PSP_NAME: {{ include "postgreslet.pspName" . | quote  }}
 kind: ConfigMap
 metadata:

charts/postgreslet/templates/deployment.yaml

@@ -44,6 +44,9 @@ spec:
             - --enable-leader-election=$(ENABLE_LEADER_ELECTION)
             - --partition-id=$(PARTITION_ID)
             - --tenant=$(TENANT)
+            - --load-balancer-ip=$(LOAD_BALANCER_IP)
+            - --port-range-start=$(PORT_RANGE_START)
+            - --port-range-size=$(PORT_RANGE_SIZE)
             - --custom-psp-name=$(CUSTOM_PSP_NAME)
           envFrom:
             - configMapRef:

charts/postgreslet/values.yaml

@@ -66,6 +66,12 @@ postgreslet:
   tenant: sample-tenant
   # metricsAddr defines the listen address of the metrics endpoint
   metricsAddr: ":8080"
+  # loadBalancerIP defines the load-balancer IP of postgres in this cluster
+  loadBalancerIP: "127.0.0.1"
+  # portRangeStart deinfes the start of the port range of services LoadBalancer
+  portRangeStart: 32000
+  # portRangesize defines the size of the port range of services LoadBalancer
+  portRangeSize: 8000
   # customPspName The name to use for our custom psp
   # If not set, a name is generated using the fullname template
-  customPspName: ""
+  customPspName: ""

config/crd/bases/database.fits.cloud_postgres.yaml

@@ -23,6 +23,12 @@ spec:
     - jsonPath: .status.description
       name: Status
       type: string
+    - jsonPath: .status.socket.ip
+      name: Load-Balancer-IP
+      type: string
+    - jsonPath: .status.socket.port
+      name: Load-Balancer-Port
+      type: integer
     name: v1
     schema:
       openAPIV3Schema:
@@ -68,6 +74,10 @@ spec:
                     description: Schedule defines how often a backup should be made,
                       in cron format
                     type: string
+                  secretname:
+                    description: SecretName reference to the secret where the backup
+                      credentials are stored
+                    type: string
                 type: object
               description:
                 description: Description
@@ -103,6 +113,10 @@ spec:
               projectID:
                 description: ProjectID metal project ID
                 type: string
+              secretname:
+                description: SecretName reference to the secret where the user credentials
+                  are stored
+                type: string
               size:
                 description: Size of the database
                 properties:
@@ -137,6 +151,15 @@ spec:
                   of cluster Important: Run "make" to regenerate code after modifying
                   this file'
                 type: string
+              socket:
+                description: Socket represents load-balancer socket of Postgres
+                properties:
+                  ip:
+                    type: string
+                  port:
+                    format: int32
+                    type: integer
+                type: object
             type: object
         type: object
     served: true

config/manager/configmap.yaml

@@ -5,6 +5,9 @@ data:
   METRICS_ADDR_SVC_MGR: ":8080"
   PARTITION_ID: sample-partition
   TENANT: sample-tenant
+  LOAD_BALANCER_IP: "127.0.0.1"
+  PORT_RANGE_START: 32000
+  PORT_RANGE_SIZE: 8000
 kind: ConfigMap
 metadata:
   creationTimestamp: null

config/manager/manager.yaml

@@ -31,6 +31,9 @@ spec:
         - --enable-leader-election=$(ENABLE_LEADER_ELECTION)
         - --partition-id=$(PARTITION_ID)
         - --tenant=$(TENANT)
+        - --load-balancer-ip=$(LOAD_BALANCER_IP)
+        - --port-range-start=$(PORT_RANGE_START)
+        - --port-range-size=$(PORT_RANGE_SIZE)
         envFrom:
           - configMapRef:
               name: controller-manager-configmap