From 61c66051dae482288826c31e48a00ffc688e2b45 Mon Sep 17 00:00:00 2001 From: Thomas Jungblut Date: Tue, 7 Oct 2025 16:55:35 +0200 Subject: [PATCH] CNTRLPLANE-1576: add event-ttl configuration to kube-apiserver This adds a minute based configuration to configure the event ttl setting in kube-apiserver. Default will stay 3h, as currently defined in KAS-O. Signed-off-by: Thomas Jungblut --- .../generated_openapi/zz_generated.openapi.go | 7 +++ openapi/openapi.json | 5 ++ .../EventTTL.yaml | 47 +++++++++++++++++++ operator/v1/types_kubeapiserver.go | 14 ++++++ ..._kube-apiserver_01_kubeapiservers.crd.yaml | 14 ++++++ .../AAA_ungated.yaml | 14 ++++++ .../v1/zz_generated.swagger_doc_generated.go | 8 ++++ ..._kube-apiserver_01_kubeapiservers.crd.yaml | 14 ++++++ 8 files changed, 123 insertions(+) create mode 100644 operator/v1/tests/kubeapiservers.operator.openshift.io/EventTTL.yaml diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index b267d878aca..ed143e7ea35 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -52217,6 +52217,13 @@ func schema_openshift_api_operator_v1_KubeAPIServerSpec(ref common.ReferenceCall Format: "int32", }, }, + "eventTTLMinutes": { + SchemaProps: spec.SchemaProps{ + Description: "eventTTLMinutes specifies the amount of time that the events are stored before being deleted. The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours).\n\nLowering this value will reduce the storage required in etcd. Note that this setting will only apply to new events being created and will not update existing events.\n\nWhen omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is 3h (180 minutes).", + Type: []string{"integer"}, + Format: "int32", + }, + }, }, Required: []string{"managementState", "forceRedeploymentReason"}, }, diff --git a/openapi/openapi.json b/openapi/openapi.json index d2bf4d75c32..fffa5ae1eb6 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -30290,6 +30290,11 @@ "forceRedeploymentReason" ], "properties": { + "eventTTLMinutes": { + "description": "eventTTLMinutes specifies the amount of time that the events are stored before being deleted. The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours).\n\nLowering this value will reduce the storage required in etcd. Note that this setting will only apply to new events being created and will not update existing events.\n\nWhen omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is 3h (180 minutes).", + "type": "integer", + "format": "int32" + }, "failedRevisionLimit": { "description": "failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, 0 or unset = 5 (default)", "type": "integer", diff --git a/operator/v1/tests/kubeapiservers.operator.openshift.io/EventTTL.yaml b/operator/v1/tests/kubeapiservers.operator.openshift.io/EventTTL.yaml new file mode 100644 index 00000000000..c8cb5f1f401 --- /dev/null +++ b/operator/v1/tests/kubeapiservers.operator.openshift.io/EventTTL.yaml @@ -0,0 +1,47 @@ +apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this +name: "KubeAPIServer" +crdName: kubeapiservers.operator.openshift.io +tests: + onCreate: + - name: Should be able to create default omitted event ttl + initial: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + spec: {} # No spec is required for a KubeAPIServer + expected: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + spec: + logLevel: Normal + operatorLogLevel: Normal + - name: Should be able to create a normal hour event ttl + initial: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + spec: + eventTTLMinutes: 60 + expected: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + spec: + logLevel: Normal + operatorLogLevel: Normal + eventTTLMinutes: 60 + - name: Should not be able to create with less than 5 minutes + initial: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + metadata: + name: gg1 + spec: + eventTTLMinutes: 4 + expectedError: "Invalid value: 4: spec.eventTTLMinutes in body should be greater than or equal to 5" + - name: Should not be able to create more than 360 minutes + initial: | + apiVersion: operator.openshift.io/v1 + kind: KubeAPIServer + metadata: + name: gg1 + spec: + eventTTLMinutes: 181 + expectedError: "Invalid value: 181: spec.eventTTLMinutes in body should be less than or equal to 180" diff --git a/operator/v1/types_kubeapiserver.go b/operator/v1/types_kubeapiserver.go index 7d468755a19..7d492d86434 100644 --- a/operator/v1/types_kubeapiserver.go +++ b/operator/v1/types_kubeapiserver.go @@ -35,6 +35,20 @@ type KubeAPIServer struct { type KubeAPIServerSpec struct { StaticPodOperatorSpec `json:",inline"` + + // eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + // The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + // + // Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + // to new events being created and will not update existing events. + // + // When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + // The current default value is 3h (180 minutes). + // + // +kubebuilder:validation:Minimum=5 + // +kubebuilder:validation:Maximum=180 + // +optional + EventTTLMinutes int32 `json:"eventTTLMinutes,omitempty"` } type KubeAPIServerStatus struct { diff --git a/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml index a8664362d67..3af37917d61 100644 --- a/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml +++ b/operator/v1/zz_generated.crd-manifests/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml @@ -47,6 +47,20 @@ spec: description: spec is the specification of the desired behavior of the Kubernetes API Server properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer failedRevisionLimit: description: |- failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api diff --git a/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/AAA_ungated.yaml b/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/AAA_ungated.yaml index 7d8985a1866..9de9aa9f501 100644 --- a/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/AAA_ungated.yaml +++ b/operator/v1/zz_generated.featuregated-crd-manifests/kubeapiservers.operator.openshift.io/AAA_ungated.yaml @@ -48,6 +48,20 @@ spec: description: spec is the specification of the desired behavior of the Kubernetes API Server properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer failedRevisionLimit: description: |- failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go index be0185eda9b..3ee4e999bf5 100644 --- a/operator/v1/zz_generated.swagger_doc_generated.go +++ b/operator/v1/zz_generated.swagger_doc_generated.go @@ -1314,6 +1314,14 @@ func (KubeAPIServerList) SwaggerDoc() map[string]string { return map_KubeAPIServerList } +var map_KubeAPIServerSpec = map[string]string{ + "eventTTLMinutes": "eventTTLMinutes specifies the amount of time that the events are stored before being deleted. The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours).\n\nLowering this value will reduce the storage required in etcd. Note that this setting will only apply to new events being created and will not update existing events.\n\nWhen omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. The current default value is 3h (180 minutes).", +} + +func (KubeAPIServerSpec) SwaggerDoc() map[string]string { + return map_KubeAPIServerSpec +} + var map_KubeAPIServerStatus = map[string]string{ "serviceAccountIssuers": "serviceAccountIssuers tracks history of used service account issuers. The item without expiration time represents the currently used service account issuer. The other items represents service account issuers that were used previously and are still being trusted. The default expiration for the items is set by the platform and it defaults to 24h. see: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#service-account-token-volume-projection", } diff --git a/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml index a8664362d67..3af37917d61 100644 --- a/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml +++ b/payload-manifests/crds/0000_20_kube-apiserver_01_kubeapiservers.crd.yaml @@ -47,6 +47,20 @@ spec: description: spec is the specification of the desired behavior of the Kubernetes API Server properties: + eventTTLMinutes: + description: |- + eventTTLMinutes specifies the amount of time that the events are stored before being deleted. + The TTL is allowed between 5 minutes minimum up to a maximum of 180 minutes (3 hours). + + Lowering this value will reduce the storage required in etcd. Note that this setting will only apply + to new events being created and will not update existing events. + + When omitted this means no opinion, and the platform is left to choose a reasonable default, which is subject to change over time. + The current default value is 3h (180 minutes). + format: int32 + maximum: 180 + minimum: 5 + type: integer failedRevisionLimit: description: |- failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api