Skip to content

Commit

Permalink
Removed code and tests for server version < 6.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@abhishekdwivedi3060
abhishekdwivedi3060 committed Jan 21, 2025
1 parent b18b6fb commit cb6bf66
Show file tree
Hide file tree
Showing 12 changed files with 62 additions and 542 deletions.
9 changes: 0 additions & 9 deletions PROJECT
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,15 +11,6 @@ plugins:
projectName: aerospike-kubernetes-operator
repo: github.com/aerospike/aerospike-kubernetes-operator
resources:
- api:
crdVersion: v1
namespaced: true
controller: true
domain: aerospike.com
group: asdb
kind: AerospikeCluster
path: github.com/aerospike/aerospike-kubernetes-operator/api/v1beta1
version: v1beta1
- api:
crdVersion: v1
namespaced: true
Expand Down
2 changes: 1 addition & 1 deletion api/v1/access_control_validate.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ func IsAerospikeAccessControlValid(aerospikeClusterSpec *AerospikeClusterSpec) (
return false, err
}

enabled, err := IsSecurityEnabled(version, aerospikeClusterSpec.AerospikeConfig)
enabled, err := IsSecurityEnabled(aerospikeClusterSpec.AerospikeConfig)
if err != nil {
return false, err
}
Expand Down
146 changes: 19 additions & 127 deletions api/v1/aerospikecluster_validating_webhook.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,8 +125,7 @@ func (c *AerospikeCluster) ValidateUpdate(oldObj runtime.Object) (admission.Warn

// Validate AerospikeConfig update
if err := validateAerospikeConfigUpdate(
aslog, incomingVersion, outgoingVersion,
c.Spec.AerospikeConfig, old.Spec.AerospikeConfig,
aslog, c.Spec.AerospikeConfig, old.Spec.AerospikeConfig,
c.Status.AerospikeConfig,
); err != nil {
return nil, err
Expand Down Expand Up @@ -192,7 +191,7 @@ func (c *AerospikeCluster) validate(aslog logr.Logger) error {
)
}

err = validateClusterSize(aslog, version, int(c.Spec.Size))
err = validateClusterSize(aslog, int(c.Spec.Size))
if err != nil {
return err
}
Expand Down Expand Up @@ -228,7 +227,7 @@ func (c *AerospikeCluster) validate(aslog logr.Logger) error {
}

if err := validateRequiredFileStorageForMetadata(
rack.AerospikeConfig, &rack.Storage, c.Spec.ValidationPolicy, version,
rack.AerospikeConfig, &rack.Storage, c.Spec.ValidationPolicy,
); err != nil {
return err
}
Expand Down Expand Up @@ -423,16 +422,6 @@ func (c *AerospikeCluster) validateRackUpdate(
return nil
}

outgoingVersion, err := GetImageVersion(old.Spec.Image)
if err != nil {
return err
}

incomingVersion, err := GetImageVersion(c.Spec.Image)
if err != nil {
return err
}

// Old racks cannot be updated
// Also need to exclude a default rack with default rack ID. No need to check here,
// user should not provide or update default rackID
Expand Down Expand Up @@ -466,8 +455,7 @@ func (c *AerospikeCluster) validateRackUpdate(

// Validate aerospikeConfig update
if err := validateAerospikeConfigUpdate(
aslog, incomingVersion, outgoingVersion,
&newRack.AerospikeConfig, &oldRack.AerospikeConfig,
aslog, &newRack.AerospikeConfig, &oldRack.AerospikeConfig,
rackStatusConfig,
); err != nil {
return fmt.Errorf(
Expand Down Expand Up @@ -691,29 +679,11 @@ func getNsConfForNamespaces(rackConfig RackConfig) map[string]nsConf {
// ******************************************************************************

// TODO: This should be version specific and part of management lib.
// max cluster size for pre-5.0 cluster
const maxEnterpriseClusterSzLt5_0 = 128

// max cluster size for 5.0+ cluster
const maxEnterpriseClusterSzGt5_0 = 256

const versionForSzCheck = "5.0.0"

func validateClusterSize(_ logr.Logger, version string, sz int) error {
val, err := lib.CompareVersions(version, versionForSzCheck)
if err != nil {
return fmt.Errorf(
"failed to validate cluster size limit from version: %v", err,
)
}

if val < 0 && sz > maxEnterpriseClusterSzLt5_0 {
return fmt.Errorf(
"cluster size cannot be more than %d", maxEnterpriseClusterSzLt5_0,
)
}

if val > 0 && sz > maxEnterpriseClusterSzGt5_0 {
func validateClusterSize(_ logr.Logger, sz int) error {
if sz > maxEnterpriseClusterSzGt5_0 {
return fmt.Errorf(
"cluster size cannot be more than %d", maxEnterpriseClusterSzGt5_0,
)
Expand Down Expand Up @@ -1281,82 +1251,41 @@ func getNamespaceReplicationFactor(nsConf map[string]interface{}) (int, error) {
return rf, nil
}

func validateSecurityConfigUpdate(
newVersion, oldVersion string, newSpec, oldSpec, currentStatus *AerospikeConfigSpec) error {
func validateSecurityConfigUpdate(newSpec, oldSpec, currentStatus *AerospikeConfigSpec) error {
if currentStatus != nil {
currentSecurityConfig, err := IsSecurityEnabled(oldVersion, currentStatus)
currentSecurityEnabled, err := IsSecurityEnabled(currentStatus)
if err != nil {
return err
}

desiredSecurityConfig, err := IsSecurityEnabled(newVersion, newSpec)
desiredSecurityEnabled, err := IsSecurityEnabled(newSpec)
if err != nil {
return err
}

if currentSecurityConfig && !desiredSecurityConfig {
if currentSecurityEnabled && !desiredSecurityEnabled {
return fmt.Errorf("cannot disable cluster security in running cluster")
}
}

nv, err := lib.CompareVersions(newVersion, "5.7.0")
if err != nil {
return err
}

ov, err := lib.CompareVersions(oldVersion, "5.7.0")
if err != nil {
return err
}

if nv >= 0 || ov >= 0 {
return validateSecurityContext(newVersion, oldVersion, newSpec, oldSpec)
}

return validateEnableSecurityConfig(newSpec, oldSpec)
}

func validateEnableSecurityConfig(newConfSpec, oldConfSpec *AerospikeConfigSpec) error {
newConf := newConfSpec.Value
oldConf := oldConfSpec.Value

oldSec, oldSecConfFound := oldConf["security"]
if !oldSecConfFound {
return nil
}

newSec, newSecConfFound := newConf["security"]
if !newSecConfFound {
return fmt.Errorf("cannot remove cluster security config")
}

oldSecFlag, oldEnableSecurityFlagFound := oldSec.(map[string]interface{})["enable-security"]
newSecFlag, newEnableSecurityFlagFound := newSec.(map[string]interface{})["enable-security"]

if oldEnableSecurityFlagFound && oldSecFlag.(bool) && (!newEnableSecurityFlagFound || !newSecFlag.(bool)) {
return fmt.Errorf("cannot disable cluster security in running cluster")
}

return nil
return validateSecurityContext(newSpec, oldSpec)
}

func validateSecurityContext(
newVersion, oldVersion string, newSpec, oldSpec *AerospikeConfigSpec) error {
ovflag, err := IsSecurityEnabled(oldVersion, oldSpec)
func validateSecurityContext(newSpec, oldSpec *AerospikeConfigSpec) error {
ovflag, err := IsSecurityEnabled(oldSpec)
if err != nil {
if !errors.Is(err, internalerrors.ErrNotFound) {
return fmt.Errorf(
"validateEnableSecurityConfig got an error - oldVersion: %s: %w",
oldVersion, err,
"failed to validate Security context of old aerospike conf: %w", err,
)
}
}

ivflag, err := IsSecurityEnabled(newVersion, newSpec)
ivflag, err := IsSecurityEnabled(newSpec)
if err != nil {
if !errors.Is(err, internalerrors.ErrNotFound) {
return fmt.Errorf(
"validateEnableSecurityConfig got an error: %w", err,
"failed to validate Security context of new aerospike conf: %w", err,
)
}
}
Expand All @@ -1369,14 +1298,12 @@ func validateSecurityContext(
}

func validateAerospikeConfigUpdate(
aslog logr.Logger, incomingVersion, outgoingVersion string,
aslog logr.Logger,
incomingSpec, outgoingSpec, currentStatus *AerospikeConfigSpec,
) error {
aslog.Info("Validate AerospikeConfig update")

if err := validateSecurityConfigUpdate(
incomingVersion, outgoingVersion, incomingSpec, outgoingSpec,
currentStatus); err != nil {
if err := validateSecurityConfigUpdate(incomingSpec, outgoingSpec, currentStatus); err != nil {
return err
}

Expand Down Expand Up @@ -1759,7 +1686,7 @@ func validateWorkDir(workDirPath string, fileStorageList []string) error {

func validateRequiredFileStorageForMetadata(
configSpec AerospikeConfigSpec, storage *AerospikeStorageSpec,
validationPolicy *ValidationPolicySpec, version string,
validationPolicy *ValidationPolicySpec,
) error {
_, onlyPVFileStorageList, err := storage.getAerospikeStorageList(true)
if err != nil {
Expand Down Expand Up @@ -1788,41 +1715,6 @@ func validateRequiredFileStorageForMetadata(
}
}

if !validationPolicy.SkipXdrDlogFileValidate {
val, err := lib.CompareVersions(version, "5.0.0")
if err != nil {
return fmt.Errorf("failed to check image version: %v", err)
}

if val < 0 {
// Validate xdr-digestlog-path for pre-5.0.0 versions.
if IsXdrEnabled(configSpec) {
dglogFilePath, err := GetDigestLogFile(configSpec)
if err != nil {
return err
}

if !filepath.IsAbs(*dglogFilePath) {
return fmt.Errorf(
"xdr digestlog path %v must be absolute in storage config %v",
dglogFilePath, storage,
)
}

dglogDirPath := filepath.Dir(*dglogFilePath)

if !isFileStorageConfiguredForDir(
onlyPVFileStorageList, dglogDirPath,
) {
return fmt.Errorf(
"xdr digestlog path %v not mounted in Storage config %v",
dglogFilePath, storage,
)
}
}
}
}

return nil
}

Expand Down
17 changes: 2 additions & 15 deletions api/v1/utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ const (
)

const (
baseVersion = "4.9.0.3"
baseVersion = "6.0.0.0"
baseInitVersion = "1.0.0"
minInitVersionForDynamicConf = "2.2.0"
)
Expand Down Expand Up @@ -242,20 +242,7 @@ func IsServiceTLSEnabled(aerospikeConfigSpec *AerospikeConfigSpec) bool {

// IsSecurityEnabled tells if security is enabled in cluster
// TODO: can an invalid map come here
func IsSecurityEnabled(
version string, aerospikeConfig *AerospikeConfigSpec,
) (bool, error) {
retval, err := lib.CompareVersions(version, "5.7.0")
if err != nil {
return false, err
}

if retval == -1 {
return IsAttributeEnabled(
aerospikeConfig, "security", "enable-security",
)
}

func IsSecurityEnabled(aerospikeConfig *AerospikeConfigSpec) (bool, error) {
if _, err := GetConfigContext(aerospikeConfig, "security"); err != nil {
if errors.Is(err, internalerrors.ErrNotFound) {
return false, nil
Expand Down
61 changes: 0 additions & 61 deletions config/manifests/bases/aerospike-kubernetes-operator.clusterserviceversion.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,67 +163,6 @@ spec:
displayName: Validation Policy
path: validationPolicy
version: v1
- description: AerospikeCluster is the schema for the AerospikeCluster API
displayName: Aerospike Cluster
kind: AerospikeCluster
name: aerospikeclusters.asdb.aerospike.com
resources:
- kind: Pod
name: ""
version: v1
- kind: Service
name: ""
version: v1
- kind: StatefulSet
name: ""
version: v1
specDescriptors:
- description: Has the Aerospike roles and users definitions. Required if aerospike
cluster security is enabled.
displayName: Access Control
path: aerospikeAccessControl
- description: Sets config in aerospike.conf file. Other configs are taken as
default
displayName: Aerospike Server Configuration
path: aerospikeConfig
- description: AerospikeNetworkPolicy specifies how clients and tools access
the Aerospike cluster.
displayName: Aerospike Network Policy
path: aerospikeNetworkPolicy
- description: Aerospike server image
displayName: Server Image
path: image
- description: Certificates to connect to Aerospike.
displayName: Operator Client Cert
path: operatorClientCert
- description: Specify additional configuration for the Aerospike pods
displayName: Pod Configuration
path: podSpec
- description: |-
RackConfig Configures the operator to deploy rack aware Aerospike cluster.
Pods will be deployed in given racks based on given configuration
displayName: Rack Config
path: rackConfig
- description: |-
SeedsFinderServices creates additional Kubernetes service that allow
clients to discover Aerospike cluster nodes.
displayName: Seeds Finder Services
path: seedsFinderServices
- description: Aerospike cluster size
displayName: Cluster Size
path: size
- description: Storage specify persistent storage to use for the Aerospike pods
displayName: Storage
path: storage
- description: ValidationPolicy controls validation of the Aerospike cluster
resource.
displayName: Validation Policy
path: validationPolicy
statusDescriptors:
- description: Aerospike cluster size
displayName: Cluster Size
path: size
version: v1beta1
- description: AerospikeRestore is the Schema for the aerospikerestores API
displayName: Aerospike Restore
kind: AerospikeRestore
Expand Down
Loading

0 comments on commit cb6bf66

Please sign in to comment.