resourceReqs and podLabels for mover job/deploy

Resolves: backube#707 Signed-off-by: Tesshu Flower <tflower@redhat.com>
tesshuflower · Jan 24, 2024 · c91600a · c91600a
1 parent 6a16bdf
commit c91600a
Show file tree

Hide file tree

Showing 29 changed files with 2,305 additions and 309 deletions.
diff --git a/api/v1alpha1/common_types.go b/api/v1alpha1/common_types.go
@@ -33,6 +33,10 @@ limitations under the License.
 
 package v1alpha1
 
+import (
+	corev1 "k8s.io/api/core/v1"
+)
+
 // CopyMethodType defines the methods for creating point-in-time copies of
 // volumes.
 // +kubebuilder:validation:Enum=Direct;None;Clone;Snapshot
@@ -116,3 +120,26 @@ type CustomCASpec struct {
 	// The key within the Secret or ConfigMap containing the CA certificate
 	Key string `json:"key,omitempty"`
 }
+
+type MoverConfig struct {
+	// MoverSecurityContext allows specifying the PodSecurityContext that will
+	// be used by the data mover
+	MoverSecurityContext *corev1.PodSecurityContext `json:"moverSecurityContext,omitempty"`
+	// MoverServiceAccount allows specifying the name of the service account
+	// that will be used by the data mover. This should only be used by advanced
+	// users who want to override the service account normally used by the mover.
+	// The service account needs to exist in the same namespace as this CR.
+	//+optional
+	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+	// Labels that should be added to data mover pods
+	// These will be in addition to any labels that VolSync may add
+	// +optional
+	MoverPodLabels map[string]string `json:"moverPodLabels,omitempty"`
+	// Resources represents compute resources required by the data mover container.
+	// Immutable.
+	// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+	// This should only be used by advanced users as this can result in a mover
+	// pod being unschedulable or crashing due to limited resources.
+	// +optional
+	MoverResources *corev1.ResourceRequirements `json:"moverResources,omitempty"`
+}
diff --git a/api/v1alpha1/replicationdestination_types.go b/api/v1alpha1/replicationdestination_types.go
@@ -121,6 +121,17 @@ type ReplicationDestinationRsyncSpec struct {
 	// The service account needs to exist in the same namespace as the ReplicationDestination.
 	//+optional
 	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+	// Labels that should be added to data mover pods
+	// These will be in addition to any labels that VolSync may add
+	// +optional
+	MoverPodLabels map[string]string `json:"moverPodLabels,omitempty"`
+	// Resources represents compute resources required by the data mover container.
+	// Immutable.
+	// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+	// This should only be used by advanced users as this can result in a mover
+	// pod being unschedulable or crashing due to limited resources.
+	// +optional
+	MoverResources *corev1.ResourceRequirements `json:"moverResources,omitempty"`
 }
 
 // ReplicationDestinationRcloneSpec defines the field for rclone in replicationDestination.
@@ -134,15 +145,8 @@ type ReplicationDestinationRcloneSpec struct {
 	RcloneConfig *string `json:"rcloneConfig,omitempty"`
 	// customCA is a custom CA that will be used to verify the remote
 	CustomCA CustomCASpec `json:"customCA,omitempty"`
-	// MoverSecurityContext allows specifying the PodSecurityContext that will
-	// be used by the data mover
-	MoverSecurityContext *corev1.PodSecurityContext `json:"moverSecurityContext,omitempty"`
-	// MoverServiceAccount allows specifying the name of the service account
-	// that will be used by the data mover. This should only be used by advanced
-	// users who want to override the service account normally used by the mover.
-	// The service account needs to exist in the same namespace as the ReplicationDestination.
-	//+optional
-	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+
+	MoverConfig `json:",inline"`
 }
 
 // ReplicationDestinationExternalSpec defines the configuration when using an
@@ -228,15 +232,8 @@ type ReplicationDestinationResticSpec struct {
 	// +kubebuilder:validation:Format="date-time"
 	//+optional
 	RestoreAsOf *string `json:"restoreAsOf,omitempty"`
-	// MoverSecurityContext allows specifying the PodSecurityContext that will
-	// be used by the data mover
-	MoverSecurityContext *corev1.PodSecurityContext `json:"moverSecurityContext,omitempty"`
-	// MoverServiceAccount allows specifying the name of the service account
-	// that will be used by the data mover. This should only be used by advanced
-	// users who want to override the service account normally used by the mover.
-	// The service account needs to exist in the same namespace as the ReplicationDestination.
-	//+optional
-	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+
+	MoverConfig `json:",inline"`
 }
 
 // ReplicationDestinationStatus defines the observed state of ReplicationDestination

diff --git a/api/v1alpha1/replicationsource_types.go b/api/v1alpha1/replicationsource_types.go
@@ -123,6 +123,17 @@ type ReplicationSourceRsyncSpec struct {
 	// The service account needs to exist in the same namespace as the ReplicationSource.
 	//+optional
 	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+	// Labels that should be added to data mover pods
+	// These will be in addition to any labels that VolSync may add
+	// +optional
+	MoverPodLabels map[string]string `json:"moverPodLabels,omitempty"`
+	// Resources represents compute resources required by the data mover container.
+	// Immutable.
+	// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+	// This should only be used by advanced users as this can result in a mover
+	// pod being unschedulable or crashing due to limited resources.
+	// +optional
+	MoverResources *corev1.ResourceRequirements `json:"moverResources,omitempty"`
 }
 
 // ReplicationSourceRcloneSpec defines the field for rclone in replicationSource.
@@ -136,15 +147,8 @@ type ReplicationSourceRcloneSpec struct {
 	RcloneConfig *string `json:"rcloneConfig,omitempty"`
 	// customCA is a custom CA that will be used to verify the remote
 	CustomCA CustomCASpec `json:"customCA,omitempty"`
-	// MoverSecurityContext allows specifying the PodSecurityContext that will
-	// be used by the data mover
-	MoverSecurityContext *corev1.PodSecurityContext `json:"moverSecurityContext,omitempty"`
-	// MoverServiceAccount allows specifying the name of the service account
-	// that will be used by the data mover. This should only be used by advanced
-	// users who want to override the service account normally used by the mover.
-	// The service account needs to exist in the same namespace as the ReplicationSource.
-	//+optional
-	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+
+	MoverConfig `json:",inline"`
 }
 
 // ResticRetainPolicy defines the feilds for Restic backup
@@ -205,15 +209,8 @@ type ReplicationSourceResticSpec struct {
 	// then ran a backup.
 	// Unlock will not be run again unless spec.restic.unlock is set to a different value.
 	Unlock string `json:"unlock,omitempty"`
-	// MoverSecurityContext allows specifying the PodSecurityContext that will
-	// be used by the data mover
-	MoverSecurityContext *corev1.PodSecurityContext `json:"moverSecurityContext,omitempty"`
-	// MoverServiceAccount allows specifying the name of the service account
-	// that will be used by the data mover. This should only be used by advanced
-	// users who want to override the service account normally used by the mover.
-	// The service account needs to exist in the same namespace as the ReplicationSource.
-	//+optional
-	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+
+	MoverConfig `json:",inline"`
 }
 
 // ReplicationSourceResticStatus defines the field for ReplicationSourceStatus in ReplicationSourceStatus
@@ -243,15 +240,8 @@ type ReplicationSourceSyncthingSpec struct {
 	// Used to set the accessModes of Syncthing config volume.
 	//+optional
 	ConfigAccessModes []corev1.PersistentVolumeAccessMode `json:"configAccessModes,omitempty"`
-	// MoverSecurityContext allows specifying the PodSecurityContext that will
-	// be used by the data mover
-	MoverSecurityContext *corev1.PodSecurityContext `json:"moverSecurityContext,omitempty"`
-	// MoverServiceAccount allows specifying the name of the service account
-	// that will be used by the data mover. This should only be used by advanced
-	// users who want to override the service account normally used by the mover.
-	// The service account needs to exist in the same namespace as the ReplicationSource.
-	//+optional
-	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+
+	MoverConfig `json:",inline"`
 }
 
 // ReplicationSourceSpec defines the desired state of ReplicationSource

diff --git a/api/v1alpha1/rsync_tls_types.go b/api/v1alpha1/rsync_tls_types.go
@@ -54,15 +54,8 @@ type ReplicationSourceRsyncTLSSpec struct {
 	//+kubebuilder:validation:Maximum=65535
 	//+optional
 	Port *int32 `json:"port,omitempty"`
-	// MoverSecurityContext allows specifying the PodSecurityContext that will
-	// be used by the data mover
-	MoverSecurityContext *corev1.PodSecurityContext `json:"moverSecurityContext,omitempty"`
-	// MoverServiceAccount allows specifying the name of the service account
-	// that will be used by the data mover. This should only be used by advanced
-	// users who want to override the service account normally used by the mover.
-	// The service account needs to exist in the same namespace as the ReplicationSource.
-	//+optional
-	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+
+	MoverConfig `json:",inline"`
 }
 
 type ReplicationSourceRsyncTLSStatus struct {
@@ -92,15 +85,8 @@ type ReplicationDestinationRsyncTLSSpec struct {
 	// will be used instead of any VolSync default values.
 	//+optional
 	ServiceAnnotations *map[string]string `json:"serviceAnnotations,omitempty"`
-	// MoverSecurityContext allows specifying the PodSecurityContext that will
-	// be used by the data mover
-	MoverSecurityContext *corev1.PodSecurityContext `json:"moverSecurityContext,omitempty"`
-	// MoverServiceAccount allows specifying the name of the service account
-	// that will be used by the data mover. This should only be used by advanced
-	// users who want to override the service account normally used by the mover.
-	// The service account needs to exist in the same namespace as the ReplicationDestination.
-	//+optional
-	MoverServiceAccount *string `json:"moverServiceAccount,omitempty"`
+
+	MoverConfig `json:",inline"`
 }
 
 type ReplicationDestinationRsyncTLSStatus struct {