-
Notifications
You must be signed in to change notification settings - Fork 594
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
operator/upgrade: switch from kafka to admin API for redpanda readiness #1159
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can't we use readiness probe for this? The advantage of that would be that the pod would be properly in API marked as non-ready until ready which has implication for all kind of stuff like registering services etc. Also it's transparent for anyone using the kubernetes API...
Given that this PR uses |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, can you run go mod tidy though? I think the sarama dep should go away
@@ -112,6 +112,7 @@ func (r *ClusterReconciler) Reconcile( | |||
pki.OperatorClientCert(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is getting really bad, I need to take a look at this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, maybe we could group them together in structs like "pkiInfo"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Similarly for the services
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did go mod tidy
also. No sarama dep anymore.
|
||
// TODO right now we support TLS only on one listener so if external | ||
// connectivity is enabled, TLS is enabled only on external listener. This | ||
// will be fixed by https://github.com/vectorizedio/redpanda/issues/1084 | ||
if !r.pandaCluster.Spec.ExternalConnectivity.Enabled && r.pandaCluster.Spec.Configuration.TLS.KafkaAPI.Enabled { | ||
if !r.pandaCluster.Spec.ExternalConnectivity.Enabled && r.pandaCluster.Spec.Configuration.TLS.AdminAPI.Enabled { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
now that we have admin api with multiple interfaces, should we update this PR too ?
maybe choose
the internal IP (but keep the tls check) so that at least the traffic doesn't go out through the internet.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have an external listener but do not expose it in the API yet. This check is based on the API fields. So, we have the following convention: if TLS is enabled we apply it to the external listener. If there is no external listener (external connectivity is disabled), we apply the TLS to the internal listener.
Once #1163 is merged, we'll update this line and be explicit about the listener.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But just to be clear, we are using the internal listener here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
makes sense.
21b5bc1
to
99da3d0
Compare
99da3d0
to
7f06022
Compare
7f06022
to
1bed80f
Compare
…-update operator/upgrade: switch from kafka to admin API for redpanda readiness
…ge-update operator/upgrade: switch from kafka to admin API for redpanda readiness
Cover letter
Due to the above, this PR changes the operator behavior such that it check the redpanda readiness using the Admin API. Since we don't have the ideal endpoint at the moment, we start by using
v1/state/ready
with the intention to develop an appropriate endpoint in the (hopefully near) future.