Merge "zookeeper - update liveness and readyness probes to only check…

… SSL access"
softwarefactory-project · Mar 15, 2024 · eaaefce · eaaefce
2 parents b7330e6 + cb6364e
commit eaaefce
Show file tree

Hide file tree

Showing 6 changed files with 19 additions and 37 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,10 @@ All notable changes to this project will be documented in this file.
 - "Debug" toggle for fluent bit sidecars
 
 ### Changed
+
+- zookeeper - update liveness and readyness probes to only check SSL access and remove superfluous Service resource called
+  zookeeper-headless.
+
 ### Deprecated
 ### Removed
 ### Fixed

diff --git a/controllers/softwarefactory_controller.go b/controllers/softwarefactory_controller.go
@@ -164,6 +164,11 @@ func (r *SFController) cleanup() {
 			Name:      r.cr.Spec.FQDN + "-zuul-red",
 		},
 	})
+	// Remove unneeded extra Service resource for Zookeeper
+	currentZKHeadlessSVC := corev1.Service{}
+	if r.GetM("zookeeper-headless", &currentZKHeadlessSVC) {
+		r.DeleteR(&currentZKHeadlessSVC)
+	}
 }
 
 func (r *SFController) validate() error {

diff --git a/controllers/static/zookeeper/ok.sh b/controllers/static/zookeeper/ok.sh
diff --git a/controllers/static/zookeeper/probe.sh b/controllers/static/zookeeper/probe.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+echo "ruok" | openssl s_client -CAfile /tls/client/ca.crt -cert /tls/client/tls.crt -key /tls/client/tls.key \
+  -connect 127.0.0.1:2281 -quiet 2>/dev/null | grep "imok"
diff --git a/controllers/static/zookeeper/ready.sh b/controllers/static/zookeeper/ready.sh
diff --git a/controllers/zookeeper.go b/controllers/zookeeper.go
@@ -17,11 +17,8 @@ import (
 	apiv1 "k8s.io/api/core/v1"
 )
 
-//go:embed static/zookeeper/ok.sh
-var zookeeperOk string
-
-//go:embed static/zookeeper/ready.sh
-var zookeeperReady string
+//go:embed static/zookeeper/probe.sh
+var zookeeperProbe string
 
 //go:embed static/zookeeper/run.sh
 var zookeeperRun string
@@ -32,18 +29,9 @@ var zkFluentBitForwarderConfig string
 //go:embed static/zookeeper/logback.xml
 var zkLogbackConfig string
 
-const zkPortName = "zk"
-const zkPort = 2181
-
 const zkSSLPortName = "zkssl"
 const zkSSLPort = 2281
 
-const zkElectionPortName = "zkelection"
-const zkElectionPort = 3888
-
-const zkServerPortName = "zkserver"
-const zkServerPort = 2888
-
 const ZookeeperIdent = "zookeeper"
 const zkPIMountPath = "/config-scripts"
 
@@ -103,13 +91,12 @@ func (r *SFController) DeployZookeeper() bool {
 	}
 
 	cmData := make(map[string]string)
-	cmData["ok.sh"] = zookeeperOk
-	cmData["ready.sh"] = zookeeperReady
+	cmData["probe.sh"] = zookeeperProbe
 	cmData["run.sh"] = zookeeperRun
 	cmData["logback.xml"] = zkLogbackConfig
 	r.EnsureConfigMap(ZookeeperIdent+"-pi", cmData)
 
-	configChecksumable := zookeeperOk + "\n" + zookeeperReady + "\n" + zookeeperRun + "\n" + zkLogbackConfig
+	configChecksumable := zookeeperProbe + "\n" + zookeeperRun + "\n" + zkLogbackConfig
 
 	annotations := map[string]string{
 		"configuration": utils.Checksum([]byte(configChecksumable)),
@@ -153,9 +140,6 @@ func (r *SFController) DeployZookeeper() bool {
 	srv := base.MkServicePod(ZookeeperIdent, r.ns, ZookeeperIdent+"-0", []int32{zkSSLPort}, ZookeeperIdent)
 	r.EnsureService(&srv)
 
-	srvZK := base.MkHeadlessServicePod(ZookeeperIdent, r.ns, ZookeeperIdent+"-0", []int32{zkSSLPort, zkElectionPort, zkServerPort}, ZookeeperIdent)
-	r.EnsureService(&srvZK)
-
 	storageConfig := r.getStorageConfOrDefault(r.cr.Spec.Zookeeper.Storage)
 	logStorageConfig := base.StorageConfig{
 		Size:             utils.Qty1Gi(),
@@ -179,13 +163,10 @@ func (r *SFController) DeployZookeeper() bool {
 		base.MkVolumeSecret("zookeeper-server-tls"),
 		base.MkEmptyDirVolume(ZookeeperIdent + "-conf"),
 	}
-	zk.Spec.Template.Spec.Containers[0].ReadinessProbe = base.MkReadinessCMDProbe([]string{"/bin/bash", "/config-scripts/ready.sh"})
-	zk.Spec.Template.Spec.Containers[0].LivenessProbe = base.MkReadinessCMDProbe([]string{"/bin/bash", "/config-scripts/ok.sh"})
+	zk.Spec.Template.Spec.Containers[0].ReadinessProbe = base.MkReadinessCMDProbe([]string{"/bin/bash", "/config-scripts/probe.sh"})
+	zk.Spec.Template.Spec.Containers[0].LivenessProbe = base.MkLivenessCMDProbe([]string{"/bin/bash", "/config-scripts/probe.sh"})
 	zk.Spec.Template.Spec.Containers[0].Ports = []apiv1.ContainerPort{
-		base.MkContainerPort(zkPort, zkPortName),
 		base.MkContainerPort(zkSSLPort, zkSSLPortName),
-		base.MkContainerPort(zkElectionPort, zkElectionPortName),
-		base.MkContainerPort(zkServerPort, zkServerPortName),
 	}
 
 	if r.cr.Spec.FluentBitLogForwarding != nil {