Monitoring refactor (#149)

Author: nikitka

.dockerignore

@@ -0,0 +1,2 @@
+bin/
+config/

.golangci.yml

@@ -241,4 +241,5 @@ issues:
       linters:
         - unused
         - unparam
-
+    - text: 'shadow: declaration of "err" shadows declaration at'
+      linters: [ govet ]

Makefile

@@ -49,6 +49,8 @@ manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and Cust
 	$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
 	cp config/crd/bases/ydb.tech_storages.yaml deploy/ydb-operator/crds/storage.yaml
 	cp config/crd/bases/ydb.tech_databases.yaml deploy/ydb-operator/crds/database.yaml
+	cp config/crd/bases/ydb.tech_databasemonitorings.yaml deploy/ydb-operator/crds/databasemonitoring.yaml
+	cp config/crd/bases/ydb.tech_storagemonitorings.yaml deploy/ydb-operator/crds/storagemonitoring.yaml
 
 generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.
 	$(CONTROLLER_GEN) object:headerFile="build/hack/boilerplate.go.txt" paths="./..."

PROJECT

@@ -1,3 +1,7 @@
+# Code generated by tool. DO NOT EDIT.
+# This file is used to track the info used to scaffold your project
+# and allow the plugins properly work.
+# More info: https://book.kubebuilder.io/reference/project-config.html
 domain: ydb.tech
 layout:
 - go.kubebuilder.io/v3
@@ -25,4 +29,28 @@ resources:
   kind: Storage
   path: github.com/ydb-platform/ydb-operator/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: ydb.tech
+  group: ydb
+  kind: DatabaseMonitoring
+  path: github.com/ydb-platform/ydb-operator/api/v1alpha1
+  version: v1alpha1
+  webhooks:
+    validation: true
+    webhookVersion: v1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: ydb.tech
+  group: ydb
+  kind: StorageMonitoring
+  path: github.com/ydb-platform/ydb-operator/api/v1alpha1
+  version: v1alpha1
+  webhooks:
+    validation: true
+    webhookVersion: v1
 version: "3"

api/v1alpha1/common_types.go

@@ -0,0 +1,14 @@
+package v1alpha1
+
+// NamespacedRef TODO: replace StorageRef
+type NamespacedRef struct {
+	// +kubebuilder:validation:Pattern:=[a-z0-9]([-a-z0-9]*[a-z0-9])?
+	// +kubebuilder:validation:MaxLength:=63
+	// +required
+	Name string `json:"name"`
+
+	// +kubebuilder:validation:Pattern:=[a-z0-9]([-a-z0-9]*[a-z0-9])?
+	// +kubebuilder:validation:MaxLength:=63
+	// +optional
+	Namespace string `json:"namespace"`
+}

api/v1alpha1/databasemonitoring_types.go

@@ -0,0 +1,47 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// DatabaseMonitoringSpec defines the desired state of DatabaseMonitoring
+type DatabaseMonitoringSpec struct {
+	DatabaseClusterRef NamespacedRef `json:"databaseRef"`
+
+	// (Optional) Additional labels that will be added to the ServiceMonitor
+	// +optional
+	AdditionalLabels map[string]string `json:"additionalLabels,omitempty"`
+}
+
+// DatabaseMonitoringStatus defines the observed state of DatabaseMonitoring
+type DatabaseMonitoringStatus struct {
+	State      string             `json:"state"`
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+//+kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.state",description="Monitoring status"
+//+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
+
+// DatabaseMonitoring is the Schema for the databasemonitorings API
+type DatabaseMonitoring struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   DatabaseMonitoringSpec   `json:"spec,omitempty"`
+	Status DatabaseMonitoringStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// DatabaseMonitoringList contains a list of DatabaseMonitoring
+type DatabaseMonitoringList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []DatabaseMonitoring `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&DatabaseMonitoring{}, &DatabaseMonitoringList{})
+}

api/v1alpha1/monitoring_webhook.go

@@ -0,0 +1,117 @@
+package v1alpha1
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	"github.com/go-logr/logr"
+	v1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/types"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/client/apiutil"
+	logf "sigs.k8s.io/controller-runtime/pkg/log"
+	"sigs.k8s.io/controller-runtime/pkg/runtime/inject"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
+	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
+)
+
+// generateValidatePath is a copy from controller-runtime
+func generateValidatePath(gvk schema.GroupVersionKind) string {
+	return "/validate-" + strings.ReplaceAll(gvk.Group, ".", "-") + "-" +
+		gvk.Version + "-" + strings.ToLower(gvk.Kind)
+}
+
+//+kubebuilder:webhook:path=/validate-ydb-tech-v1alpha1-databasemonitoring,mutating=false,failurePolicy=fail,sideEffects=None,groups=ydb.tech,resources=databasemonitorings,verbs=create,versions=v1alpha1,name=vdatabasemonitoring.kb.io,admissionReviewVersions=v1
+//+kubebuilder:webhook:path=/validate-ydb-tech-v1alpha1-storagemonitoring,mutating=false,failurePolicy=fail,sideEffects=None,groups=ydb.tech,resources=storagemonitorings,verbs=create,versions=v1alpha1,name=vstoragemonitoring.kb.io,admissionReviewVersions=v1
+
+func RegisterMonitoringValidatingWebhook(mgr ctrl.Manager, enableServiceMonitoring bool) error {
+	// We are using low-level api here because we need pass client to handler
+
+	srv := mgr.GetWebhookServer()
+
+	registerWebHook := func(typ runtime.Object, logName string) error {
+		gvk, err := apiutil.GVKForObject(typ, mgr.GetScheme())
+		if err != nil {
+			return err
+		}
+
+		path := generateValidatePath(gvk)
+		logf.Log.WithName("monitoring-webhooks").Info("Registering a validating webhook", "GVK", gvk, "path", path)
+		srv.Register(path, &webhook.Admission{
+			Handler: &monitoringValidationHandler{
+				logger:                  logf.Log.WithName(logName),
+				enableServiceMonitoring: enableServiceMonitoring,
+				mgr:                     mgr,
+			},
+		})
+		return nil
+	}
+
+	if err := registerWebHook(&DatabaseMonitoring{}, "databasemonitoring-resource"); err != nil {
+		return err
+	}
+
+	return registerWebHook(&StorageMonitoring{}, "storagemonitoring-resource")
+}
+
+func ensureNoServiceMonitor(ctx context.Context, client client.Client, namespace string, name string) error {
+	found := &v1.ServiceMonitor{}
+	err := client.Get(ctx, types.NamespacedName{Namespace: namespace, Name: name}, found)
+	fmt.Printf("err = %v, namespace=%s, name=%s\n", err, namespace, name)
+	if err == nil {
+		return fmt.Errorf("service monitor with name %s already exists", name)
+	}
+
+	if errors.IsNotFound(err) {
+		return nil
+	}
+
+	return err
+}
+
+type monitoringValidationHandler struct {
+	enableServiceMonitoring bool
+	logger                  logr.Logger
+	client                  client.Client
+	mgr                     ctrl.Manager
+	decoder                 *admission.Decoder
+}
+
+var (
+	_ inject.Client     = &monitoringValidationHandler{}
+	_ admission.Handler = &monitoringValidationHandler{}
+)
+
+func (v *monitoringValidationHandler) Handle(ctx context.Context, req admission.Request) admission.Response {
+	if !v.enableServiceMonitoring {
+		return webhook.Denied("the ydb-operator is running without a service monitoring feature.")
+	}
+
+	err := checkMonitoringCRD(v.mgr, v.logger, false)
+	if err != nil {
+		return webhook.Denied(err.Error())
+	}
+
+	// Name can't be an empty string here because it's required in the schema
+	err = ensureNoServiceMonitor(ctx, v.client, req.Namespace, req.Name)
+	if err != nil {
+		return webhook.Denied(err.Error())
+	}
+
+	return admission.Allowed("")
+}
+
+func (v *monitoringValidationHandler) InjectClient(c client.Client) error {
+	v.client = c
+	return nil
+}
+
+func (v *monitoringValidationHandler) InjectDecoder(d *admission.Decoder) error {
+	v.decoder = d
+	return nil
+}

api/v1alpha1/storagemonitoring_types.go

@@ -0,0 +1,47 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// StorageMonitoringSpec defines the desired state of StorageMonitoring
+type StorageMonitoringSpec struct {
+	StorageRef NamespacedRef `json:"storageRef"`
+
+	// (Optional) Additional labels that will be added to the ServiceMonitor
+	// +optional
+	AdditionalLabels map[string]string `json:"additionalLabels,omitempty"`
+}
+
+// StorageMonitoringStatus defines the observed state of StorageMonitoring
+type StorageMonitoringStatus struct {
+	State      string             `json:"state"`
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+//+kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.state",description="Monitoring status"
+//+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
+
+// StorageMonitoring is the Schema for the storagemonitorings API
+type StorageMonitoring struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   StorageMonitoringSpec   `json:"spec,omitempty"`
+	Status StorageMonitoringStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// StorageMonitoringList contains a list of StorageMonitoring
+type StorageMonitoringList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []StorageMonitoring `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&StorageMonitoring{}, &StorageMonitoringList{})
+}