forked from pravega/pravega-operator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pravegacluster_types.go
236 lines (192 loc) · 6.74 KB
/
pravegacluster_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
/**
* Copyright (c) 2018 Dell Inc., or its subsidiaries. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*/
package v1alpha1
import (
"k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
const (
// DefaultZookeeperUri is the default ZooKeeper URI in the form of "hostname:port"
DefaultZookeeperUri = "zk-client:2181"
// DefaultServiceType is the default service type for external access
DefaultServiceType = v1.ServiceTypeLoadBalancer
// DefaultPravegaVersion is the default tag used for for the Pravega
// Docker image
DefaultPravegaVersion = "0.4.0"
)
func init() {
SchemeBuilder.Register(&PravegaCluster{}, &PravegaClusterList{})
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// PravegaClusterList contains a list of PravegaCluster
type PravegaClusterList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []PravegaCluster `json:"items"`
}
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// PravegaCluster is the Schema for the pravegaclusters API
// +k8s:openapi-gen=true
type PravegaCluster struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec ClusterSpec `json:"spec,omitempty"`
Status ClusterStatus `json:"status,omitempty"`
}
// WithDefaults set default values when not defined in the spec.
func (p *PravegaCluster) WithDefaults() (changed bool) {
changed = p.Spec.withDefaults()
return changed
}
// ClusterSpec defines the desired state of PravegaCluster
type ClusterSpec struct {
// ZookeeperUri specifies the hostname/IP address and port in the format
// "hostname:port".
// By default, the value "zk-client:2181" is used, that corresponds to the
// default Zookeeper service created by the Pravega Zookkeeper operator
// available at: https://github.com/pravega/zookeeper-operator
ZookeeperUri string `json:"zookeeperUri"`
// ExternalAccess specifies whether or not to allow external access
// to clients and the service type to use to achieve it
// By default, external access is not enabled
ExternalAccess *ExternalAccess `json:"externalAccess"`
// TLS is the Pravega security configuration that is passed to the Pravega processes.
// See the following file for a complete list of options:
// https://github.com/pravega/pravega/blob/master/documentation/src/docs/security/pravega-security-configurations.md
TLS *TLSPolicy `json:"tls,omitempty"`
// Authentication can be enabled for authorizing all communication from clients to controller and segment store
// See the following file for a complete list of options:
// https://github.com/pravega/pravega/blob/master/documentation/src/docs/security/pravega-security-configurations.md
Authentication *AuthenticationParameters `json:"authentication,omitempty"`
// Version is the expected version of the Pravega cluster.
// The pravega-operator will eventually make the Pravega cluster version
// equal to the expected version.
//
// The version must follow the [semver]( http://semver.org) format, for example "3.2.13".
// Only Pravega released versions are supported: https://github.com/pravega/pravega/releases
//
// If version is not set, default is "0.4.0".
Version string `json:"version"`
// Bookkeeper configuration
Bookkeeper *BookkeeperSpec `json:"bookkeeper"`
// Pravega configuration
Pravega *PravegaSpec `json:"pravega"`
}
func (s *ClusterSpec) withDefaults() (changed bool) {
if s.ZookeeperUri == "" {
changed = true
s.ZookeeperUri = DefaultZookeeperUri
}
if s.ExternalAccess == nil {
changed = true
s.ExternalAccess = &ExternalAccess{}
}
if s.ExternalAccess.withDefaults() {
changed = true
}
if s.TLS == nil {
changed = true
s.TLS = &TLSPolicy{
Static: &StaticTLS{},
}
}
if s.Authentication == nil {
changed = true
s.Authentication = &AuthenticationParameters{}
}
if s.Version == "" {
s.Version = DefaultPravegaVersion
changed = true
}
if s.Bookkeeper == nil {
changed = true
s.Bookkeeper = &BookkeeperSpec{}
}
if s.Bookkeeper.withDefaults() {
changed = true
}
if s.Pravega == nil {
changed = true
s.Pravega = &PravegaSpec{}
}
if s.Pravega.withDefaults() {
changed = true
}
return changed
}
// ExternalAccess defines the configuration of the external access
type ExternalAccess struct {
// Enabled specifies whether or not external access is enabled
// By default, external access is not enabled
Enabled bool `json:"enabled"`
// Type specifies the service type to achieve external access.
// Options are "LoadBalancer" and "NodePort".
// By default, if external access is enabled, it will use "LoadBalancer"
Type v1.ServiceType `json:"type,omitempty"`
// Domain Name to be used for External Access
// This value is ignored if External Access is disabled
DomainName string `json:"domainName,omitempty"`
}
func (e *ExternalAccess) withDefaults() (changed bool) {
if e.Enabled == false && (e.Type != "" || e.DomainName != "") {
changed = true
e.Type = ""
e.DomainName = ""
}
return changed
}
type TLSPolicy struct {
// Static TLS means keys/certs are generated by the user and passed to an operator.
Static *StaticTLS `json:"static,omitempty"`
}
type StaticTLS struct {
ControllerSecret string `json:"controllerSecret,omitempty"`
SegmentStoreSecret string `json:"segmentStoreSecret,omitempty"`
CaBundle string `json:"caBundle,omitempty"`
}
func (tp *TLSPolicy) IsSecureController() bool {
if tp == nil || tp.Static == nil {
return false
}
return len(tp.Static.ControllerSecret) != 0
}
func (tp *TLSPolicy) IsSecureSegmentStore() bool {
if tp == nil || tp.Static == nil {
return false
}
return len(tp.Static.SegmentStoreSecret) != 0
}
func (tp *TLSPolicy) IsCaBundlePresent() bool {
if tp == nil || tp.Static == nil {
return false
}
return len(tp.Static.CaBundle) != 0
}
type AuthenticationParameters struct {
// Enabled specifies whether or not authentication is enabled
// By default, authentication is not enabled
Enabled bool `json:"enabled"`
// name of Secret containing Password based Authentication Parameters like username, password and acl
// optional - used only by PasswordAuthHandler for authentication
PasswordAuthSecret string `json:"passwordAuthSecret,omitempty"`
}
func (ap *AuthenticationParameters) IsEnabled() bool {
if ap == nil {
return false
}
return ap.Enabled
}
// ImageSpec defines the fields needed for a Docker repository image
type ImageSpec struct {
Repository string `json:"repository"`
// Deprecated: Use `spec.Version` instead
Tag string `json:"tag,omitempty"`
PullPolicy v1.PullPolicy `json:"pullPolicy"`
}