Name container ports according to protocol (#2498)

elastic · Feb 3, 2020 · a7b7649 · a7b7649
1 parent e2f5808
commit a7b7649
Show file tree

Hide file tree

Showing 9 changed files with 166 additions and 30 deletions.
diff --git a/pkg/controller/apmserver/apmserver_controller_test.go b/pkg/controller/apmserver/apmserver_controller_test.go
@@ -165,7 +165,7 @@ func expectedDeploymentParams() testParams {
 							},
 						}),
 						Ports: []corev1.ContainerPort{
-							{Name: "http", ContainerPort: int32(8200), Protocol: corev1.ProtocolTCP},
+							{Name: "https", ContainerPort: int32(8200), Protocol: corev1.ProtocolTCP},
 						},
 						ReadinessProbe: &corev1.Probe{
 							FailureThreshold:    3,

diff --git a/pkg/controller/apmserver/pod.go b/pkg/controller/apmserver/pod.go
@@ -64,10 +64,6 @@ func readinessProbe(tls bool) corev1.Probe {
 	}
 }
 
-var ports = []corev1.ContainerPort{
-	{Name: "http", ContainerPort: int32(HTTPPort), Protocol: corev1.ProtocolTCP},
-}
-
 var command = []string{
 	"apm-server",
 	"run",
@@ -110,6 +106,8 @@ func newPodSpec(as *apmv1.ApmServer, p PodSpecParams) corev1.PodTemplateSpec {
 		},
 	})
 
+	ports := getDefaultContainerPorts(*as)
+
 	builder := defaults.NewPodTemplateBuilder(
 		p.PodTemplate, apmv1.ApmServerContainerName).
 		WithResources(DefaultResources).
@@ -134,3 +132,7 @@ func newPodSpec(as *apmv1.ApmServer, p PodSpecParams) corev1.PodTemplateSpec {
 
 	return builder.PodTemplate
 }
+
+func getDefaultContainerPorts(as apmv1.ApmServer) []corev1.ContainerPort {
+	return []corev1.ContainerPort{{Name: as.Spec.HTTP.Protocol(), ContainerPort: int32(HTTPPort), Protocol: corev1.ProtocolTCP}}
+}
diff --git a/pkg/controller/apmserver/pod_test.go b/pkg/controller/apmserver/pod_test.go
@@ -8,12 +8,13 @@ import (
 	"reflect"
 	"testing"
 
-	corev1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
 	apmv1 "github.com/elastic/cloud-on-k8s/pkg/apis/apm/v1"
+	commonv1 "github.com/elastic/cloud-on-k8s/pkg/apis/common/v1"
 	"github.com/elastic/cloud-on-k8s/pkg/controller/common/volume"
 	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/settings"
+	"github.com/stretchr/testify/assert"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
 func TestNewPodSpec(t *testing.T) {
@@ -89,7 +90,7 @@ func TestNewPodSpec(t *testing.T) {
 								},
 							},
 							ReadinessProbe: &probe,
-							Ports:          ports,
+							Ports:          []corev1.ContainerPort{{Name: "https", ContainerPort: int32(HTTPPort), Protocol: corev1.ProtocolTCP}},
 							Command:        command,
 							VolumeMounts: []corev1.VolumeMount{
 								configSecretVol.VolumeMount(), configVolume.VolumeMount(),
@@ -109,3 +110,46 @@ func TestNewPodSpec(t *testing.T) {
 		})
 	}
 }
+
+func Test_getDefaultContainerPorts(t *testing.T) {
+	tt := []struct {
+		name string
+		as   apmv1.ApmServer
+		want []corev1.ContainerPort
+	}{
+		{
+			name: "https",
+			as: apmv1.ApmServer{
+				Spec: apmv1.ApmServerSpec{
+					Version: "7.5.2",
+				},
+			},
+			want: []corev1.ContainerPort{
+				{Name: "https", HostPort: 0, ContainerPort: int32(HTTPPort), Protocol: "TCP", HostIP: ""},
+			},
+		},
+		{
+			name: "http",
+			as: apmv1.ApmServer{
+				Spec: apmv1.ApmServerSpec{
+					HTTP: commonv1.HTTPConfig{
+						TLS: commonv1.TLSOptions{
+							SelfSignedCertificate: &commonv1.SelfSignedCertificate{
+								Disabled: true,
+							},
+						},
+					},
+				},
+			},
+			want: []corev1.ContainerPort{
+				{Name: "http", HostPort: 0, ContainerPort: int32(HTTPPort), Protocol: "TCP", HostIP: ""},
+			},
+		},
+	}
+
+	for _, tc := range tt {
+		t.Run(tc.name, func(t *testing.T) {
+			assert.Equal(t, getDefaultContainerPorts(tc.as), tc.want)
+		})
+	}
+}
diff --git a/pkg/controller/elasticsearch/nodespec/defaults.go b/pkg/controller/elasticsearch/nodespec/defaults.go
@@ -15,7 +15,6 @@ import (
 	commonv1 "github.com/elastic/cloud-on-k8s/pkg/apis/common/v1"
 	"github.com/elastic/cloud-on-k8s/pkg/controller/common/defaults"
 	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/label"
-	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/network"
 	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/settings"
 	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/user"
 	esvolume "github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/volume"
@@ -30,12 +29,6 @@ const (
 )
 
 var (
-	// DefaultContainerPorts are the default Elasticsearch port mappings
-	DefaultContainerPorts = []corev1.ContainerPort{
-		{Name: "http", ContainerPort: network.HTTPPort, Protocol: corev1.ProtocolTCP},
-		{Name: "transport", ContainerPort: network.TransportPort, Protocol: corev1.ProtocolTCP},
-	}
-
 	DefaultMemoryLimits = resource.MustParse("2Gi")
 	// DefaultResources for the Elasticsearch container. The JVM default heap size is 1Gi, so we
 	// request at least 2Gi for the container to make sure ES can work properly.

diff --git a/pkg/controller/elasticsearch/nodespec/podspec.go b/pkg/controller/elasticsearch/nodespec/podspec.go
@@ -18,6 +18,7 @@ import (
 	"github.com/elastic/cloud-on-k8s/pkg/controller/common/volume"
 	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/initcontainer"
 	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/label"
+	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/network"
 	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/settings"
 	esvolume "github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/volume"
 	"github.com/elastic/cloud-on-k8s/pkg/utils/k8s"
@@ -49,11 +50,12 @@ func BuildPodTemplateSpec(
 	if err != nil {
 		return corev1.PodTemplateSpec{}, err
 	}
+	defaultContainerPorts := getDefaultContainerPorts(es)
 
 	builder = builder.
 		WithResources(DefaultResources).
 		WithTerminationGracePeriod(DefaultTerminationGracePeriodSeconds).
-		WithPorts(DefaultContainerPorts).
+		WithPorts(defaultContainerPorts).
 		WithReadinessProbe(*NewReadinessProbe()).
 		WithAffinity(DefaultAffinity(es.Name)).
 		WithEnv(DefaultEnvVars(es.Spec.HTTP, HeadlessServiceName(esv1.StatefulSet(es.Name, nodeSet.Name)))...).
@@ -68,6 +70,13 @@ func BuildPodTemplateSpec(
 	return builder.PodTemplate, nil
 }
 
+func getDefaultContainerPorts(es esv1.Elasticsearch) []corev1.ContainerPort {
+	return []corev1.ContainerPort{
+		{Name: es.Spec.HTTP.Protocol(), ContainerPort: network.HTTPPort, Protocol: corev1.ProtocolTCP},
+		{Name: "transport", ContainerPort: network.TransportPort, Protocol: corev1.ProtocolTCP},
+	}
+}
+
 func transportCertificatesVolume(esName string) volume.SecretVolume {
 	return volume.NewSecretVolumeWithMountPath(
 		esv1.TransportCertificatesSecret(esName),

diff --git a/pkg/controller/elasticsearch/nodespec/podspec_test.go b/pkg/controller/elasticsearch/nodespec/podspec_test.go
@@ -17,6 +17,7 @@ import (
 	"github.com/elastic/cloud-on-k8s/pkg/controller/elasticsearch/settings"
 	"github.com/go-test/deep"
 
+	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -170,7 +171,7 @@ func TestBuildPodTemplateSpec(t *testing.T) {
 					Name:  "elasticsearch",
 					Image: "docker.elastic.co/elasticsearch/elasticsearch:7.2.0",
 					Ports: []corev1.ContainerPort{
-						{Name: "http", HostPort: 0, ContainerPort: 9200, Protocol: "TCP", HostIP: ""},
+						{Name: "https", HostPort: 0, ContainerPort: 9200, Protocol: "TCP", HostIP: ""},
 						{Name: "transport", HostPort: 0, ContainerPort: 9300, Protocol: "TCP", HostIP: ""},
 					},
 					Env: append(
@@ -193,3 +194,44 @@ func TestBuildPodTemplateSpec(t *testing.T) {
 	deep.MaxDepth = 25
 	require.Nil(t, deep.Equal(expected, actual))
 }
+
+func Test_getDefaultContainerPorts(t *testing.T) {
+	tt := []struct {
+		name string
+		es   esv1.Elasticsearch
+		want []corev1.ContainerPort
+	}{
+		{
+			name: "https",
+			es:   sampleES,
+			want: []corev1.ContainerPort{
+				{Name: "https", HostPort: 0, ContainerPort: 9200, Protocol: "TCP", HostIP: ""},
+				{Name: "transport", HostPort: 0, ContainerPort: 9300, Protocol: "TCP", HostIP: ""},
+			},
+		},
+		{
+			name: "http",
+			es: esv1.Elasticsearch{
+				Spec: esv1.ElasticsearchSpec{
+					HTTP: commonv1.HTTPConfig{
+						TLS: commonv1.TLSOptions{
+							SelfSignedCertificate: &commonv1.SelfSignedCertificate{
+								Disabled: true,
+							},
+						},
+					},
+				},
+			},
+			want: []corev1.ContainerPort{
+				{Name: "http", HostPort: 0, ContainerPort: 9200, Protocol: "TCP", HostIP: ""},
+				{Name: "transport", HostPort: 0, ContainerPort: 9300, Protocol: "TCP", HostIP: ""},
+			},
+		},
+	}
+
+	for _, tc := range tt {
+		t.Run(tc.name, func(t *testing.T) {
+			assert.Equal(t, getDefaultContainerPorts(tc.es), tc.want)
+		})
+	}
+}
diff --git a/pkg/controller/kibana/driver_test.go b/pkg/controller/kibana/driver_test.go
@@ -9,6 +9,7 @@ import (
 	"fmt"
 	"testing"
 
+	"github.com/go-test/deep"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	appsv1 "k8s.io/api/apps/v1"
@@ -252,6 +253,7 @@ func TestDriverDeploymentParams(t *testing.T) {
 				params.PodTemplateSpec.Spec.Volumes = params.PodTemplateSpec.Spec.Volumes[:3]
 				params.PodTemplateSpec.Spec.Containers[0].VolumeMounts = params.PodTemplateSpec.Spec.Containers[0].VolumeMounts[:3]
 				params.PodTemplateSpec.Spec.Containers[0].ReadinessProbe.Handler.HTTPGet.Scheme = corev1.URISchemeHTTP
+				params.PodTemplateSpec.Spec.Containers[0].Ports[0].Name = "http"
 				return params
 			}(),
 			wantErr: false,
@@ -380,7 +382,9 @@ func TestDriverDeploymentParams(t *testing.T) {
 				return
 			}
 
-			require.Equal(t, tt.want, got)
+			if diff := deep.Equal(got, tt.want); diff != nil {
+				t.Error(diff)
+			}
 		})
 	}
 }
@@ -510,7 +514,7 @@ func expectedDeploymentParams() deployment.Params {
 					Image: "my-image",
 					Name:  kbv1.KibanaContainerName,
 					Ports: []corev1.ContainerPort{
-						{Name: "http", ContainerPort: int32(5601), Protocol: corev1.ProtocolTCP},
+						{Name: "https", ContainerPort: int32(5601), Protocol: corev1.ProtocolTCP},
 					},
 					ReadinessProbe: &corev1.Probe{
 						FailureThreshold:    3,

diff --git a/pkg/controller/kibana/pod/pod.go b/pkg/controller/kibana/pod/pod.go
@@ -26,11 +26,6 @@ const (
 	defaultImageRepositoryAndName string = "docker.elastic.co/kibana/kibana"
 )
 
-// ports to set in the Kibana container
-var ports = []corev1.ContainerPort{
-	{Name: "http", ContainerPort: int32(HTTPPort), Protocol: corev1.ProtocolTCP},
-}
-
 var (
 	DefaultMemoryLimits = resource.MustParse("1Gi")
 	DefaultResources    = corev1.ResourceRequirements{
@@ -77,7 +72,7 @@ func imageWithVersion(image string, version string) string {
 func NewPodTemplateSpec(kb kbv1.Kibana, keystore *keystore.Resources) corev1.PodTemplateSpec {
 	labels := label.NewLabels(kb.Name)
 	labels[label.KibanaVersionLabelName] = kb.Spec.Version
-
+	ports := getDefaultContainerPorts(kb)
 	builder := defaults.NewPodTemplateBuilder(kb.Spec.PodTemplate, kbv1.KibanaContainerName).
 		WithResources(DefaultResources).
 		WithLabels(labels).
@@ -101,3 +96,7 @@ func NewPodTemplateSpec(kb kbv1.Kibana, keystore *keystore.Resources) corev1.Pod
 func GetKibanaContainer(podSpec corev1.PodSpec) *corev1.Container {
 	return pod.ContainerByName(podSpec, kbv1.KibanaContainerName)
 }
+
+func getDefaultContainerPorts(kb kbv1.Kibana) []corev1.ContainerPort {
+	return []corev1.ContainerPort{{Name: kb.Spec.HTTP.Protocol(), ContainerPort: int32(HTTPPort), Protocol: corev1.ProtocolTCP}}
+}
diff --git a/pkg/controller/kibana/pod/pod_test.go b/pkg/controller/kibana/pod/pod_test.go
@@ -7,15 +7,15 @@ package pod
 import (
 	"testing"
 
+	commonv1 "github.com/elastic/cloud-on-k8s/pkg/apis/common/v1"
+	kbv1 "github.com/elastic/cloud-on-k8s/pkg/apis/kibana/v1"
+	"github.com/elastic/cloud-on-k8s/pkg/controller/common/keystore"
+	"github.com/elastic/cloud-on-k8s/pkg/controller/kibana/label"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
-	kbv1 "github.com/elastic/cloud-on-k8s/pkg/apis/kibana/v1"
-	"github.com/elastic/cloud-on-k8s/pkg/controller/common/keystore"
-	"github.com/elastic/cloud-on-k8s/pkg/controller/kibana/label"
 )
 
 func Test_imageWithVersion(t *testing.T) {
@@ -243,3 +243,46 @@ func TestNewPodTemplateSpec(t *testing.T) {
 		})
 	}
 }
+
+func Test_getDefaultContainerPorts(t *testing.T) {
+	tt := []struct {
+		name string
+		kb   kbv1.Kibana
+		want []corev1.ContainerPort
+	}{
+		{
+			name: "https",
+			kb: kbv1.Kibana{
+				Spec: kbv1.KibanaSpec{
+					Version: "7.5.2",
+				},
+			},
+			want: []corev1.ContainerPort{
+				{Name: "https", HostPort: 0, ContainerPort: int32(HTTPPort), Protocol: "TCP", HostIP: ""},
+			},
+		},
+		{
+			name: "http",
+			kb: kbv1.Kibana{
+				Spec: kbv1.KibanaSpec{
+					HTTP: commonv1.HTTPConfig{
+						TLS: commonv1.TLSOptions{
+							SelfSignedCertificate: &commonv1.SelfSignedCertificate{
+								Disabled: true,
+							},
+						},
+					},
+				},
+			},
+			want: []corev1.ContainerPort{
+				{Name: "http", HostPort: 0, ContainerPort: int32(HTTPPort), Protocol: "TCP", HostIP: ""},
+			},
+		},
+	}
+
+	for _, tc := range tt {
+		t.Run(tc.name, func(t *testing.T) {
+			assert.Equal(t, getDefaultContainerPorts(tc.kb), tc.want)
+		})
+	}
+}