Skip to content

Commit

Permalink
Fix issues for releasing 0.4.0 (#41)
Browse files Browse the repository at this point in the history
* Several improvments for 0.4.0 release

  * Bump up SkyWalking OAP to 8.8.1(latest)
  * Update README.md laid in the binary package
  * Add a docker build tool to the binary package where users can
    build the docker image from binaries in the bin folder
  * Update release document and bash script to insert "v" into
    the git release tag.

Signed-off-by: Gao Hongtao <[email protected]>

* Fix issues found in testing

Storage controller:

  * Introduce readiness probe to statefulset
  * Apply authorization to controller
  * Opt to parrelle pod management strategy
  * Add init container to increase "vm.max_map_count"
  * Add password to pks12 key/cert

Java agent injector:

  * Fix backend services validation

UI:

 * Add "http" schema to the backend service url
  • Loading branch information
hanahmily authored Oct 31, 2021
1 parent a4b7888 commit 7601e43
Show file tree
Hide file tree
Showing 27 changed files with 406 additions and 143 deletions.
2 changes: 1 addition & 1 deletion apis/operator/v1alpha1/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ type ServiceTemplate struct {
LoadBalancerSourceRanges []string `json:"loadBalancerSourceRanges,omitempty"`
}

// Service Type string describes ingress methods for a service
// ServiceType string describes ingress methods for a service
type ServiceType string

const (
Expand Down
2 changes: 1 addition & 1 deletion apis/operator/v1alpha1/storage_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ type StorageStatus struct {
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Instances",type="string",JSONPath=".spec.instances",description="The number of expected instance"
// +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".spec.type",description="The type of strorage"
// +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".spec.type",description="The type of storage"
// +kubebuilder:printcolumn:name="Version",type="string",JSONPath=".spec.version",description="The version"
// +kubebuilder:printcolumn:name="ConnectType",type="string",JSONPath=".spec.connectType",description="the way to connect storage"

Expand Down
4 changes: 2 additions & 2 deletions apis/operator/v1alpha1/storage_webhook.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,11 +79,11 @@ func (r *Storage) ValidateDelete() error {

func (r *Storage) valid() error {
var allErrs field.ErrorList
if r.Spec.Type != "elasticsearch7" {
if r.Spec.Type != "elasticsearch" {
storagelog.Info("Invalid Storage Type")
err := field.Invalid(field.NewPath("spec").Child("type"),
r.Spec.Type,
"d. must be elasticsearch or elasticsearch7")
"d. must be elasticsearch")
allErrs = append(allErrs, err)
}
if r.Spec.ConnectType != "internal" && r.Spec.ConnectType != "external" {
Expand Down
2 changes: 1 addition & 1 deletion apis/operator/v1alpha1/ui_webhook.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ func (r *UI) Default() {

r.Spec.Service.Template.Default()
if r.Spec.OAPServerAddress == "" {
r.Spec.OAPServerAddress = fmt.Sprintf("%s-oap.%s:12800", r.Name, r.Namespace)
r.Spec.OAPServerAddress = fmt.Sprintf("http://%s-oap.%s:12800", r.Name, r.Namespace)
}
}

Expand Down
10 changes: 5 additions & 5 deletions cmd/manager/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -105,11 +105,11 @@ func main() {
}

if err = (&operatorcontroller.StorageReconciler{
Client: mgr.GetClient(),
Log: ctrl.Log.WithName("controllers").WithName("Storage"),
Scheme: mgr.GetScheme(),
FileRepo: repo.NewRepo("storage"),
Recorder: mgr.GetEventRecorderFor("storage-controller"),
Client: mgr.GetClient(),
Log: ctrl.Log.WithName("controllers").WithName("Storage"),
Scheme: mgr.GetScheme(),
FileRepo: repo.NewRepo("storage"),
RestConfig: mgr.GetConfig(),
}).SetupWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create controller", "controller", "Storage")
os.Exit(1)
Expand Down
2 changes: 1 addition & 1 deletion config/adapter/namespaced/adapter/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,4 +22,4 @@ kind: Kustomization
images:
- name: metrics-adapter
newName: apache/skywalking-swck
newTag: 0.3.0
newTag: v0.4.0
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ spec:
name: Instances
type: string
- JSONPath: .spec.type
description: The type of strorage
description: The type of storage
name: Type
type: string
- JSONPath: .spec.version
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ spec:
name: Instances
type: string
- JSONPath: .spec.type
description: The type of strorage
description: The type of storage
name: Type
type: string
- JSONPath: .spec.version
Expand Down
2 changes: 1 addition & 1 deletion config/operator/manager/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,4 +22,4 @@ kind: Kustomization
images:
- name: controller
newName: apache/skywalking-swck
newTag: 0.3.0
newTag: v0.4.0
4 changes: 4 additions & 0 deletions config/operator/rbac/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,3 +27,7 @@ resources:
- auth_proxy_role.yaml
- auth_proxy_role_binding.yaml
- auth_proxy_client_clusterrole.yaml

patchesStrategicMerge:
- role_patch.yaml

32 changes: 31 additions & 1 deletion config/operator/rbac/role.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,20 @@ rules:
- patch
- update
- watch
- apiGroups:
- ""
resources:
- secrets
- serviceaccounts
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
Expand Down Expand Up @@ -89,7 +103,7 @@ rules:
- apiGroups:
- apps
resources:
- statefulset
- statefulsets
verbs:
- create
- delete
Expand All @@ -98,6 +112,22 @@ rules:
- patch
- update
- watch
- apiGroups:
- certificates.k8s.io
resources:
- certificatesigningrequests
verbs:
- create
- delete
- get
- list
- watch
- apiGroups:
- certificates.k8s.io
resources:
- certificatesigningrequests/approval
verbs:
- update
- apiGroups:
- coordination.k8s.io
resources:
Expand Down
31 changes: 31 additions & 0 deletions config/operator/rbac/role_patch.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# Licensed to Apache Software Foundation (ASF) under one or more contributor
# license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright
# ownership. Apache Software Foundation (ASF) licenses this file to you under
# the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.


apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: manager-role
rules:
- apiGroups:
- certificates.k8s.io
resources:
- signers
resourceNames:
- kubernetes.io/*
verbs:
- approve
2 changes: 1 addition & 1 deletion config/operator/samples/default.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ spec:
version: 8.8.1
instances: 1
image: apache/skywalking-ui:8.8.1
OAPServerAddress: default-oap:12800
OAPServerAddress: http://default-oap:12800
service:
template:
type: ClusterIP
Expand Down
5 changes: 4 additions & 1 deletion controllers/operator/oapserver_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -129,6 +129,9 @@ func (r *OAPServerReconciler) checkState(ctx context.Context, log logr.Logger, o

//InjectStorage Inject Storage
func (r *OAPServerReconciler) InjectStorage(ctx context.Context, log logr.Logger, oapServer *operatorv1alpha1.OAPServer) {
if oapServer.Spec.StorageConfig.Name == "" {
return
}
storage := &operatorv1alpha1.Storage{}
err := r.Client.Get(ctx, client.ObjectKey{Namespace: oapServer.Namespace, Name: oapServer.Spec.StorageConfig.Name}, storage)
if err == nil {
Expand All @@ -145,7 +148,7 @@ func (r *OAPServerReconciler) ConfigStorage(ctx context.Context, log logr.Logger
SwEsUser := ""
SwEsPassword := ""
SwStorageEsSslJksPath := ""
SwStorageEsSslJksPass := ""
SwStorageEsSslJksPass := "skywalking"
SwStorageEsClusterNodes := ""
o.Spec.StorageConfig.Storage = *s
if user.SecretName != "" {
Expand Down
45 changes: 35 additions & 10 deletions controllers/operator/storage_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,8 @@ import (
"encoding/asn1"
"encoding/pem"
"fmt"
"strconv"
"strings"
"time"

"github.com/go-logr/logr"
Expand Down Expand Up @@ -60,10 +62,10 @@ type StorageReconciler struct {

// +kubebuilder:rbac:groups=operator.skywalking.apache.org,resources=storages,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups=operator.skywalking.apache.org,resources=storages/status,verbs=get;update;patch
// +kubebuilder:rbac:groups=apps,resources=statefulset,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups="",resources=services;serviceaccounts,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups=coordination.k8s.io,resources=leases,verbs=get;create;update
// +kubebuilder:rbac:groups=rbac.authorization.k8s.io,resources=clusterroles;clusterrolebindings,verbs=*
// +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups="",resources=services;serviceaccounts;secrets,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups=certificates.k8s.io,resources=certificatesigningrequests,verbs=get;list;watch;create;delete
// +kubebuilder:rbac:groups=certificates.k8s.io,resources=certificatesigningrequests/approval,verbs=update

func (r *StorageReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
log := r.Log.WithValues("Storage", req.NamespacedName)
Expand Down Expand Up @@ -91,6 +93,7 @@ func (r *StorageReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
CR: &storage,
GVK: operatorv1alpha1.GroupVersion.WithKind("Storage"),
Recorder: r.Recorder,
TmplFunc: tmplFunc(),
}
if err := app.ApplyAll(ctx, ff, log); err != nil {
return ctrl.Result{}, err
Expand All @@ -103,6 +106,17 @@ func (r *StorageReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
return ctrl.Result{RequeueAfter: schedDuration}, nil
}

func tmplFunc() map[string]interface{} {
return map[string]interface{}{"getProtocol": getProtocol}
}

func getProtocol(tls bool) string {
if tls {
return "https"
}
return "http"
}

func (r *StorageReconciler) checkState(ctx context.Context, log logr.Logger, storage *operatorv1alpha1.Storage) error {
overlay := operatorv1alpha1.StorageStatus{}
statefulset := apps.StatefulSet{}
Expand Down Expand Up @@ -158,11 +172,22 @@ func (r *StorageReconciler) checkSecurity(ctx context.Context, log logr.Logger,
if s.Spec.ResourceCnfig.Limit == "" && s.Spec.ResourceCnfig.Requests == "" {
s.Spec.ResourceCnfig.Limit, s.Spec.ResourceCnfig.Requests = "1000m", "100m"
}
clusterInitialMasterNodes := s.Name + "-elasticsearch7-0" + "," + s.Name + "-elasticsearch7-1"
esJavaOptsValue := "-Xms512m -Xmx512m"

setDefaultJavaOpts := true
for _, envVar := range s.Spec.Config {
if envVar.Name == "ES_JAVA_OPTS" {
setDefaultJavaOpts = false
}
}
if setDefaultJavaOpts {
s.Spec.Config = append(s.Spec.Config, core.EnvVar{Name: "ES_JAVA_OPTS", Value: "-Xms1g -Xmx1g"})
}
s.Spec.Config = append(s.Spec.Config, core.EnvVar{Name: "discovery.seed_hosts", Value: s.Spec.ServiceName})
s.Spec.Config = append(s.Spec.Config, core.EnvVar{Name: "cluster.initial_master_nodes", Value: clusterInitialMasterNodes})
s.Spec.Config = append(s.Spec.Config, core.EnvVar{Name: "ES_JAVA_OPTS", Value: esJavaOptsValue})
clusterInitialMasterNodes := make([]string, s.Spec.Instances)
for i := 0; i < int(s.Spec.Instances); i++ {
clusterInitialMasterNodes[i] = s.Name + "-elasticsearch-" + strconv.Itoa(i)
}
s.Spec.Config = append(s.Spec.Config, core.EnvVar{Name: "cluster.initial_master_nodes", Value: strings.Join(clusterInitialMasterNodes, ",")})
}

func (r *StorageReconciler) createCert(ctx context.Context, log logr.Logger, s *operatorv1alpha1.Storage) {
Expand Down Expand Up @@ -219,7 +244,7 @@ func (r *StorageReconciler) createCert(ctx context.Context, log logr.Logger, s *
log.Info("fail encode CERTIFICATE REQUEST")
return
}
singername := "kubernetes.io/kube-apiserver-client"
singername := "kubernetes.io/kubelet-serving"
request := certv1beta1.CertificateSigningRequest{
TypeMeta: metav1.TypeMeta{
Kind: "CertificateSigningRequest",
Expand Down Expand Up @@ -273,7 +298,7 @@ func (r *StorageReconciler) createCert(ctx context.Context, log logr.Logger, s *
log.Info("fail parse certificate")
return
}
p12, err := pkcs12.Encode(rand.Reader, key, cert, nil, "")
p12, err := pkcs12.Encode(rand.Reader, key, cert, nil, "skywalking")

if err != nil {
log.Info("fail encode pkcs12")
Expand Down
12 changes: 6 additions & 6 deletions docs/examples/java-agent-injector-usage.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ spec:
spec:
containers:
- name: demo1
image: dashanji/swck-spring-demo:v0.0.3
image: ghcr.io/apache/skywalking-swck-spring-demo:v0.0.1
command: ["java"]
args: ["-jar","$(AGENT_OPTS)","-jar","/app.jar"]
Expand All @@ -55,7 +55,7 @@ spec:
env:
- name: AGENT_OPTS
value: -javaagent:/sky/agent/skywalking-agent.jar
image: dashanji/swck-spring-demo:v0.0.3
image: ghcr.io/apache/skywalking-swck-spring-demo:v0.0.1
name: demo1
- mountPath: /sky/agent
name: sky-agent
Expand Down Expand Up @@ -170,7 +170,7 @@ spec:
spec:
containers:
- name: demo2
image: dashanji/swck-spring-demo:v0.0.3
image: ghcr.io/apache/skywalking-swck-spring-demo:v0.0.1
command: ["java"]
args: ["-jar","$(AGENT_OPTS)","-jar","/app.jar"]
```
Expand All @@ -190,7 +190,7 @@ spec:
env:
- name: AGENT_OPTS
value: -javaagent:/skytest/agent/skywalking-agent.jar
image: dashanji/swck-spring-demo:v0.0.3
image: ghcr.io/apache/skywalking-swck-spring-demo:v0.0.1
name: demo2
- mountPath: /skytest/agent
name: sky-agent
Expand Down Expand Up @@ -311,7 +311,7 @@ spec:
spec:
containers:
- name: demo3
image: dashanji/swck-spring-demo:v0.0.3
image: ghcr.io/apache/skywalking-swck-spring-demo:v0.0.1
command: ["java"]
args: ["-jar","$(AGENT_OPTS)","-jar","/app.jar"]
```
Expand All @@ -334,7 +334,7 @@ spec:
env:
- name: AGENT_OPTS
value: -javaagent:/sky/agent/skywalking-agent.jar=agent.ignore_suffix='jpg,.jpeg',agent.class_cache_mode=MEMORY,agent.sample_n_per_3_secs=6,agent.service_name=app,plugin.mount='plugins,activations',plugin.influxdb.trace_influxql=false,plugin.mongodb.trace_param=true
image: dashanji/swck-spring-demo:v0.0.3
image: ghcr.io/apache/skywalking-swck-spring-demo:v0.0.1
name: demo3
- mountPath: /sky/agent
name: sky-agent
Expand Down
Loading

0 comments on commit 7601e43

Please sign in to comment.