diff --git a/api/v1alpha1/groupversion_info.go b/api/v1alpha1/groupversion_info.go deleted file mode 100755 index d1cfc6fd..00000000 --- a/api/v1alpha1/groupversion_info.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2020 VEXXHOST, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +kubebuilder:object:generate=true -// +groupName=infrastructure.vexxhost.cloud -package v1alpha1 - -import ( - "k8s.io/apimachinery/pkg/runtime/schema" - "sigs.k8s.io/controller-runtime/pkg/scheme" -) - -var ( - // GroupVersion is group version used to register these objects - GroupVersion = schema.GroupVersion{Group: "infrastructure.vexxhost.cloud", Version: "v1alpha1"} - - // SchemeBuilder is used to add go types to the GroupVersionKind scheme - SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} - - // AddToScheme adds the types in this group-version to the given scheme. - AddToScheme = SchemeBuilder.AddToScheme -) diff --git a/api/v1alpha1/rabbitmq_type.go b/api/v1alpha1/rabbitmq_type.go deleted file mode 100644 index a0b340b4..00000000 --- a/api/v1alpha1/rabbitmq_type.go +++ /dev/null @@ -1,79 +0,0 @@ -// Copyright 2020 VEXXHOST, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha1 - -import ( - v1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// RabbitmqPolicySpec defines the Rabbitmq Policy Spec for the Vhost -type RabbitmqPolicyDefinitionSpec struct { - Vhost string `json:"vhost,omitempty"` - Name string `json:"name"` - Pattern string `json:"pattern"` - Definition RabbitmqPolicyDefinition `json:"definition"` - Priority int64 `json:"priority"` - ApplyTo string `json:"apply-to"` -} - -// RabbitmqPolicyDefinition defines the Rabbitmq Policy content -type RabbitmqPolicyDefinition struct { - FederationUpstreamSet string `json:"federation-upstream-set,omitempty"` - HaMode string `json:"ha-mode,omitempty"` - HaParams int `json:"ha-params,omitempty"` - HaSyncMode string `json:"ha-sync-mode,omitempty"` - Expires int `json:"expires,omitempty"` - MessageTTL int `json:"message-ttl,omitempty"` - MaxLen int `json:"max-length,omitempty"` - MaxLenBytes int `json:"max-length-bytes,omitempty"` -} - -// RabbitmqSpec defines the desired state of Rabbitmq -type RabbitmqSpec struct { - AuthSecret string `json:"authSecret"` - Policies []RabbitmqPolicyDefinitionSpec `json:"policies,omitempty"` - NodeSelector map[string]string `json:"nodeSelector,omitempty"` - Tolerations []v1.Toleration `json:"tolerations,omitempty"` -} - -// RabbitmqStatus defines the observed state of Rabbitmq -type RabbitmqStatus struct { - // +kubebuilder:validation:Default=Pending - Phase string `json:"phase"` -} - -// Rabbitmq is the Schema for the Rabbitmqs API -// +kubebuilder:object:root=true -type Rabbitmq struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec RabbitmqSpec `json:"spec,omitempty"` - Status RabbitmqStatus `json:"status,omitempty"` -} - -// +kubebuilder:object:root=true - -// RabbitmqList contains a list of Rabbitmq -type RabbitmqList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - Items []Rabbitmq `json:"items"` -} - -func init() { - SchemeBuilder.Register(&Rabbitmq{}, &RabbitmqList{}) -} diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go deleted file mode 100755 index 4782fbe4..00000000 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,163 +0,0 @@ -// +build !ignore_autogenerated - -// Copyright 2020 VEXXHOST, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by controller-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - "k8s.io/api/core/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Rabbitmq) DeepCopyInto(out *Rabbitmq) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rabbitmq. -func (in *Rabbitmq) DeepCopy() *Rabbitmq { - if in == nil { - return nil - } - out := new(Rabbitmq) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Rabbitmq) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RabbitmqList) DeepCopyInto(out *RabbitmqList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Rabbitmq, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RabbitmqList. -func (in *RabbitmqList) DeepCopy() *RabbitmqList { - if in == nil { - return nil - } - out := new(RabbitmqList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *RabbitmqList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RabbitmqPolicyDefinition) DeepCopyInto(out *RabbitmqPolicyDefinition) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RabbitmqPolicyDefinition. -func (in *RabbitmqPolicyDefinition) DeepCopy() *RabbitmqPolicyDefinition { - if in == nil { - return nil - } - out := new(RabbitmqPolicyDefinition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RabbitmqPolicyDefinitionSpec) DeepCopyInto(out *RabbitmqPolicyDefinitionSpec) { - *out = *in - out.Definition = in.Definition -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RabbitmqPolicyDefinitionSpec. -func (in *RabbitmqPolicyDefinitionSpec) DeepCopy() *RabbitmqPolicyDefinitionSpec { - if in == nil { - return nil - } - out := new(RabbitmqPolicyDefinitionSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RabbitmqSpec) DeepCopyInto(out *RabbitmqSpec) { - *out = *in - if in.Policies != nil { - in, out := &in.Policies, &out.Policies - *out = make([]RabbitmqPolicyDefinitionSpec, len(*in)) - copy(*out, *in) - } - if in.NodeSelector != nil { - in, out := &in.NodeSelector, &out.NodeSelector - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Tolerations != nil { - in, out := &in.Tolerations, &out.Tolerations - *out = make([]v1.Toleration, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RabbitmqSpec. -func (in *RabbitmqSpec) DeepCopy() *RabbitmqSpec { - if in == nil { - return nil - } - out := new(RabbitmqSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *RabbitmqStatus) DeepCopyInto(out *RabbitmqStatus) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RabbitmqStatus. -func (in *RabbitmqStatus) DeepCopy() *RabbitmqStatus { - if in == nil { - return nil - } - out := new(RabbitmqStatus) - in.DeepCopyInto(out) - return out -} diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml index e53a48bf..85c92fb5 100644 --- a/chart/templates/deployment.yaml +++ b/chart/templates/deployment.yaml @@ -27,6 +27,8 @@ spec: - openstack_operator.mcrouter - -m - openstack_operator.memcached + - -m + - openstack_operator.rabbitmq resources: limits: cpu: 100m diff --git a/controllers/rabbitmq_controller.go b/controllers/rabbitmq_controller.go deleted file mode 100644 index 1874d15b..00000000 --- a/controllers/rabbitmq_controller.go +++ /dev/null @@ -1,253 +0,0 @@ -// Copyright 2020 VEXXHOST, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package controllers - -import ( - "context" - "fmt" - - "github.com/go-logr/logr" - appsv1 "k8s.io/api/apps/v1" - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - - monitoringv1 "opendev.org/vexxhost/openstack-operator/api/monitoring/v1" - infrastructurev1alpha1 "opendev.org/vexxhost/openstack-operator/api/v1alpha1" - "opendev.org/vexxhost/openstack-operator/builders" - "opendev.org/vexxhost/openstack-operator/utils/baseutils" - "opendev.org/vexxhost/openstack-operator/utils/k8sutils" -) - -// RabbitmqReconciler reconciles a Rabbitmq object -type RabbitmqReconciler struct { - client.Client - Log logr.Logger - Scheme *runtime.Scheme -} - -const ( - _rabbitmqDefaultUsernameCfgKey = "username" - _rabbitmqDefaultPasswordCfgKey = "password" - _rabbitmqBuiltinMetricPort = 15692 - _rabbitmqPort = 5672 - _rabbitmqRunAsUser = 999 - _rabbitmqRunAsGroup = 999 -) - -// +kubebuilder:rbac:groups=infrastructure.vexxhost.cloud,resources=rabbitmqs,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=infrastructure.vexxhost.cloud,resources=rabbitmqs/status,verbs=get;update;patch -// +kubebuilder:rbac:groups=monitoring.coreos.com,resources=prometheusrules,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=monitoring.coreos.com,resources=podmonitors,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=core,resources=secrets;services,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete - -// Reconcile does the reconcilication of Rabbitmq instances -func (r *RabbitmqReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { - ctx := context.Background() - log := r.Log.WithValues("rabbitmq", req.NamespacedName) - - var Rabbitmq infrastructurev1alpha1.Rabbitmq - if err := r.Get(ctx, req.NamespacedName, &Rabbitmq); err != nil { - return ctrl.Result{}, client.IgnoreNotFound(err) - } - - // Labels - typeLabels := baseutils.MergeMapsWithoutOverwrite(map[string]string{ - "app.kubernetes.io/name": "rabbitmq", - "app.kubernetes.io/managed-by": "openstack-operator", - }, Rabbitmq.Labels) - - labels := map[string]string{ - "app.kubernetes.io/name": "rabbitmq", - "app.kubernetes.io/managed-by": "openstack-operator", - "app.kubernetes.io/instance": req.Name, - } - - // Deployment - if res, err := r.ReconcileDeployment(ctx, req, &Rabbitmq, log, labels); err != nil || res != (ctrl.Result{}) { - return res, err - } - - // PodMonitor - if res, err := r.ReconcilePodMonitor(ctx, req, &Rabbitmq, log, typeLabels); err != nil || res != (ctrl.Result{}) { - return res, err - } - - // Alertrule - if res, err := r.ReconcilePrometheusRule(ctx, req, &Rabbitmq, log, typeLabels); err != nil || res != (ctrl.Result{}) { - return res, err - } - - // Service - if res, err := r.ReconcileService(ctx, req, &Rabbitmq, log, labels); err != nil || res != (ctrl.Result{}) { - return res, err - } - return ctrl.Result{}, nil -} - -// SetupWithManager initializes the controller with primary manager -func (r *RabbitmqReconciler) SetupWithManager(mgr ctrl.Manager) error { - return ctrl.NewControllerManagedBy(mgr). - For(&infrastructurev1alpha1.Rabbitmq{}). - Owns(&appsv1.Deployment{}). - Owns(&corev1.Service{}). - Owns(&monitoringv1.PodMonitor{}). - Owns(&monitoringv1.PrometheusRule{}). - Complete(r) -} - -// ReconcileService reconciles the service -func (r *RabbitmqReconciler) ReconcileService(ctx context.Context, req ctrl.Request, rabbitmq *infrastructurev1alpha1.Rabbitmq, log logr.Logger, labels map[string]string) (ctrl.Result, error) { - service := &corev1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: req.Namespace, - Name: fmt.Sprintf("rabbitmq-%s", req.Name), - }, - } - op, err := k8sutils.CreateOrUpdate(ctx, r, service, func() error { - return builders.Service(service, rabbitmq, r.Scheme). - Port("rabbitmq", 5672). - Selector(labels). - Build() - }) - if err != nil { - return ctrl.Result{}, err - } - log.WithValues("resource", "Service").WithValues("op", op).Info("Reconciled") - return ctrl.Result{}, nil -} - -// ReconcilePodMonitor reconciles the podMonitor -func (r *RabbitmqReconciler) ReconcilePodMonitor(ctx context.Context, req ctrl.Request, rabbitmq *infrastructurev1alpha1.Rabbitmq, log logr.Logger, labels map[string]string) (ctrl.Result, error) { - podMonitor := &monitoringv1.PodMonitor{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "monitoring.coreos.com/v1", - Kind: "PodMonitor", - }, - ObjectMeta: metav1.ObjectMeta{ - Namespace: req.Namespace, - Name: "rabbitmq-podmonitor", - }, - } - op, err := k8sutils.CreateOrUpdate(ctx, r, podMonitor, func() error { - return builders.PodMonitor(podMonitor, rabbitmq, r.Scheme). - Labels(labels). - Selector(map[string]string{ - "app.kubernetes.io/name": "rabbitmq", - }). - PodMetricsEndpoints( - builders.PodMetricsEndpoint(). - Port("metrics"). - Path("/metrics"). - Interval("15s"), - ).Build() - }) - if err != nil { - return ctrl.Result{}, err - } - log.WithValues("resource", "rabbitmq-podmonitor").WithValues("op", op).Info("Reconciled") - return ctrl.Result{}, nil -} - -// ReconcilePrometheusRule reconciles the prometheusRule -func (r *RabbitmqReconciler) ReconcilePrometheusRule(ctx context.Context, req ctrl.Request, rabbitmq *infrastructurev1alpha1.Rabbitmq, log logr.Logger, labels map[string]string) (ctrl.Result, error) { - alertRule := &monitoringv1.PrometheusRule{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: req.Namespace, - Name: "rabbitmq-alertrule", - }, - } - op, err := k8sutils.CreateOrUpdate(ctx, r, alertRule, func() error { - return builders.PrometheusRule(alertRule, rabbitmq, r.Scheme). - Labels(labels). - RuleGroups(builders.RuleGroup(). - Name("rabbitmq-rule"). - Rules( - builders.Rule(). - Alert("RabbitmqDown"). - Message("Rabbitmq node down."). - Priority(1). - Expr("rabbitmq_up == 0"), - builders.Rule(). - Alert("RabbitmqTooManyConnections"). - Message("RabbitMQ instance has too many connections."). - Priority(1). - Expr("rabbitmq_connectionsTotal > 1000"), - builders.Rule(). - Alert("RabbitmqTooManyMessagesInQueue"). - Message("Queue is filling up."). - Priority(1). - Expr("rabbitmq_queue_messages_ready > 1000"), - builders.Rule(). - Alert("RabbitmqSlowQueueConsuming"). - Message("Queue messages are consumed slowly."). - Priority(1). - Expr("time() - rabbitmq_queue_head_message_timestamp > 60"), - ). - Interval("1m")). - Build() - }) - if err != nil { - return ctrl.Result{}, err - } - log.WithValues("resource", "rabbitmq-alertrule").WithValues("op", op).Info("Reconciled") - return ctrl.Result{}, nil -} - -// ReconcileDeployment reconciles the deployment -func (r *RabbitmqReconciler) ReconcileDeployment(ctx context.Context, req ctrl.Request, rabbitmq *infrastructurev1alpha1.Rabbitmq, log logr.Logger, labels map[string]string) (ctrl.Result, error) { - deployment := &appsv1.Deployment{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: req.Namespace, - Name: fmt.Sprintf("rabbitmq-%s", req.Name), - }, - } - op, err := k8sutils.CreateOrUpdate(ctx, r, deployment, func() error { - return builders.Deployment(deployment, rabbitmq, r.Scheme). - Labels(labels). - Replicas(1). - PodTemplateSpec( - builders.PodTemplateSpec(). - PodSpec( - builders.PodSpec(). - NodeSelector(rabbitmq.Spec.NodeSelector). - Tolerations(rabbitmq.Spec.Tolerations). - Containers( - builders.Container("rabbitmq", "vexxhost/rabbitmq:latest"). - EnvVarFromSecret("RABBITMQ_DEFAULT_USER", rabbitmq.Spec.AuthSecret, _rabbitmqDefaultUsernameCfgKey). - EnvVarFromSecret("RABBITMQ_DEFAULT_PASS", rabbitmq.Spec.AuthSecret, _rabbitmqDefaultPasswordCfgKey). - Port("rabbitmq", _rabbitmqPort). - Port("metrics", _rabbitmqBuiltinMetricPort). - PortProbe("rabbitmq", 15, 30). - Resources(500, 512, 500, 2). - SecurityContext( - builders.SecurityContext(). - RunAsUser(_rabbitmqRunAsUser). - RunAsGroup(_rabbitmqRunAsGroup), - ), - ), - ), - ). - Build() - }) - if err != nil { - return ctrl.Result{}, err - } - log.WithValues("resource", "Deployment").WithValues("op", op).Info("Reconciled") - return ctrl.Result{}, nil -} diff --git a/main.go b/main.go index 68206ac0..9ae4bd84 100755 --- a/main.go +++ b/main.go @@ -26,7 +26,6 @@ import ( dnsv1 "opendev.org/vexxhost/openstack-operator/api/dns/v1" monitoringv1 "opendev.org/vexxhost/openstack-operator/api/monitoring/v1" - infrastructurev1alpha1 "opendev.org/vexxhost/openstack-operator/api/v1alpha1" "opendev.org/vexxhost/openstack-operator/controllers" "opendev.org/vexxhost/openstack-operator/utils/openstackutils" "opendev.org/vexxhost/openstack-operator/version" @@ -40,7 +39,6 @@ var ( func init() { _ = clientgoscheme.AddToScheme(scheme) - _ = infrastructurev1alpha1.AddToScheme(scheme) _ = monitoringv1.AddToScheme(scheme) _ = dnsv1.AddToScheme(scheme) // +kubebuilder:scaffold:scheme @@ -74,7 +72,6 @@ func main() { designateClientBuilder.SetAuthFailed() // Setup controllers with manager - setupRabbitmqReconciler(mgr) setupZoneReconciler(mgr, designateClientBuilder) setupDesignateReconciler(mgr, designateClientBuilder) @@ -111,15 +108,3 @@ func setupDesignateReconciler(mgr ctrl.Manager, designateClientBuilder *openstac os.Exit(1) } } - -// setupRabbitmqReconciler setups the Rabbitmq controller with manager -func setupRabbitmqReconciler(mgr ctrl.Manager) { - if err := (&controllers.RabbitmqReconciler{ - Client: mgr.GetClient(), - Log: ctrl.Log.WithName("controllers").WithName("Rabbitmq"), - Scheme: mgr.GetScheme(), - }).SetupWithManager(mgr); err != nil { - setupLog.Error(err, "unable to create controller", "controller", "Rabbitmq") - os.Exit(1) - } -} diff --git a/openstack_operator/rabbitmq.py b/openstack_operator/rabbitmq.py new file mode 100644 index 00000000..db67ec60 --- /dev/null +++ b/openstack_operator/rabbitmq.py @@ -0,0 +1,54 @@ +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""Rabbitmq Operator + +This module maintains the operator for Rabbitmq, it takes care of creating +the appropriate deployments, Rabbitmq, pod monitors and Prometheus rules. +""" + +import kopf + +from openstack_operator import utils + + +@kopf.on.resume('infrastructure.vexxhost.cloud', 'v1alpha1', 'rabbitmqs') +@kopf.on.create('infrastructure.vexxhost.cloud', 'v1alpha1', 'rabbitmqs') +def create_or_resume(name, spec, **_): + """Create and re-sync any Rabbitmq instances + + This function is called when a new resource is created but also when we + start the service up for the first time. + """ + + utils.create_or_update('rabbitmq/deployment.yml.j2', + name=name, spec=spec) + utils.create_or_update('rabbitmq/service.yml.j2', + name=name, spec=spec) + utils.create_or_update('rabbitmq/podmonitor.yml.j2', + name=name, spec=spec) + utils.create_or_update('rabbitmq/prometheusrule.yml.j2', + name=name, spec=spec) + + +@kopf.on.update('infrastructure.vexxhost.cloud', 'v1alpha1', 'rabbitmqs') +def update(name, spec, **_): + """Update a Rabbitmq + + This function updates the deployment for Rabbitmq if there are any + changes that happen within it. + """ + + utils.create_or_update('rabbitmq/deployment.yml.j2', + name=name, spec=spec) diff --git a/openstack_operator/templates/rabbitmq/deployment.yml.j2 b/openstack_operator/templates/rabbitmq/deployment.yml.j2 new file mode 100644 index 00000000..14a93ea1 --- /dev/null +++ b/openstack_operator/templates/rabbitmq/deployment.yml.j2 @@ -0,0 +1,85 @@ +--- +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: rabbitmq-{{ name }} + labels: + {{ labels("rabbitmq", name) | indent(4) }} +spec: + replicas: 1 + selector: + matchLabels: + {{ labels("rabbitmq", name) | indent(6) }} + template: + metadata: + labels: + {{ labels("rabbitmq", name) | indent(8) }} + spec: + containers: + - name: rabbitmq + env: + - name: RABBITMQ_DEFAULT_USER + valueFrom: + secretKeyRef: + key: username + name: {{ spec.authSecret }} + - name: RABBITMQ_DEFAULT_PASS + valueFrom: + secretKeyRef: + key: password + name: {{ spec.authSecret }} + image: vexxhost/rabbitmq:latest + imagePullPolicy: Always + ports: + - name: rabbitmq + containerPort: 5672 + - name: metrics + containerPort: 15692 + livenessProbe: + tcpSocket: + port: rabbitmq + failureThreshold: 3 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 1 + readinessProbe: + tcpSocket: + port: rabbitmq + failureThreshold: 3 + periodSeconds: 15 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 1000m + ephemeral-storage: 1G + memory: 1G + requests: + cpu: 500m + ephemeral-storage: 500M + memory: 512M + securityContext: + runAsUser: 999 + runAsGroup: 999 +{% if 'nodeSelector' in spec %} + nodeSelector: + {{ spec.nodeSelector | to_yaml | indent(8) }} +{% endif %} +{% if 'tolerations' in spec %} + tolerations: + {{ spec.tolerations | to_yaml | indent(8) }} +{% endif %} \ No newline at end of file diff --git a/openstack_operator/templates/rabbitmq/podmonitor.yml.j2 b/openstack_operator/templates/rabbitmq/podmonitor.yml.j2 new file mode 100644 index 00000000..d47d7e5b --- /dev/null +++ b/openstack_operator/templates/rabbitmq/podmonitor.yml.j2 @@ -0,0 +1,29 @@ +--- +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: rabbitmq-podmonitor + labels: + {{ labels("rabbitmq", name) | indent(4) }} +spec: + podMetricsEndpoints: + - interval: 15s + path: /metrics + port: metrics + selector: + matchLabels: + {{ labels("rabbitmq", name) | indent(6) }} diff --git a/openstack_operator/templates/rabbitmq/prometheusrule.yml.j2 b/openstack_operator/templates/rabbitmq/prometheusrule.yml.j2 new file mode 100644 index 00000000..c5de5f89 --- /dev/null +++ b/openstack_operator/templates/rabbitmq/prometheusrule.yml.j2 @@ -0,0 +1,43 @@ +--- +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: rabbitmq-alertrule + labels: + {{ labels("rabbitmq", name) | indent(4) }} +spec: + groups: + - name: down + rules: + - alert: RabbitmqDown + expr: "rabbitmq_up == 0" + annotations: + priority: P2 + - name: high-load + rules: + - alert: RabbitmqTooManyConnections + expr: "rabbitmq_connectionsTotal > 1000" + annotations: + priority: P2 + - alert: RabbitmqTooManyMessagesInQueue + expr: "rabbitmq_queue_messages_ready > 1000" + annotations: + priority: P3 + - alert: RabbitmqSlowQueueConsuming + expr: "time() - rabbitmq_queue_head_message_timestamp > 60" + annotations: + priority: P3 diff --git a/openstack_operator/templates/rabbitmq/service.yml.j2 b/openstack_operator/templates/rabbitmq/service.yml.j2 new file mode 100644 index 00000000..b9dbde3a --- /dev/null +++ b/openstack_operator/templates/rabbitmq/service.yml.j2 @@ -0,0 +1,28 @@ +--- +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: rabbitmq-{{ name }} +spec: + serviceType: ClusterIP + ports: + - name: rabbitmq + port: 5672 + protocol: TCP + targetPort: rabbitmq + selector: + {{ labels("rabbitmq", name) | indent(4) }}