This is an automated email from the ASF dual-hosted git repository.
gerlowskija pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr-operator.git
The following commit(s) were added to refs/heads/main by this push:
new 77d27a0 Add shareProcessNamespace flag to podOptions (#735)
77d27a0 is described below
commit 77d27a049b2558e25280d46646e73424ab5b953c
Author: Jason Gerlowski <[email protected]>
AuthorDate: Wed Jan 8 06:35:50 2025 -0500
Add shareProcessNamespace flag to podOptions (#735)
Boolean flag defaults to false, and is available in the CRD at
`.spec.customSolrKubeOptions.podOptions.shareProcessNamespace`.
The 'solr' helm chart exposes this with the variable:
`podOptions.shareProcessNamespace`.
Closes #716
---------
Co-authored-by: Houston Putman <[email protected]>
---
api/v1beta1/common_types.go | 4 ++++
config/crd/bases/solr.apache.org_solrclouds.yaml | 4 ++++
config/crd/bases/solr.apache.org_solrprometheusexporters.yaml | 4 ++++
controllers/solrcloud_controller_test.go | 5 +++++
controllers/util/solr_util.go | 3 +++
helm/solr-operator/Chart.yaml | 7 +++++++
helm/solr-operator/crds/crds.yaml | 8 ++++++++
helm/solr/README.md | 1 +
helm/solr/templates/_custom_option_helpers.tpl | 3 +++
helm/solr/values.yaml | 2 ++
10 files changed, 41 insertions(+)
diff --git a/api/v1beta1/common_types.go b/api/v1beta1/common_types.go
index b440b90..6f921a4 100644
--- a/api/v1beta1/common_types.go
+++ b/api/v1beta1/common_types.go
@@ -137,6 +137,10 @@ type PodOptions struct {
// +optional
ServiceAccountName string `json:"serviceAccountName,omitempty"`
+ // Should process namespace sharing be enabled on created pods
+ // +optional
+ ShareProcessNamespace bool `json:"shareProcessNamespace,omitempty"`
+
// Optional PodSpreadTopologyConstraints to use when scheduling pods.
// More information here:
https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
//
diff --git a/config/crd/bases/solr.apache.org_solrclouds.yaml
b/config/crd/bases/solr.apache.org_solrclouds.yaml
index 3173322..17feeab 100644
--- a/config/crd/bases/solr.apache.org_solrclouds.yaml
+++ b/config/crd/bases/solr.apache.org_solrclouds.yaml
@@ -5082,6 +5082,10 @@ spec:
serviceAccountName:
description: Optional Service Account to run the pod
under.
type: string
+ shareProcessNamespace:
+ description: Should process namespace sharing be
enabled on
+ created pods
+ type: boolean
sidecarContainers:
description: Sidecar containers to run in the pod.
These are
in addition to the Solr Container
diff --git a/config/crd/bases/solr.apache.org_solrprometheusexporters.yaml
b/config/crd/bases/solr.apache.org_solrprometheusexporters.yaml
index e53c87b..808140d 100644
--- a/config/crd/bases/solr.apache.org_solrprometheusexporters.yaml
+++ b/config/crd/bases/solr.apache.org_solrprometheusexporters.yaml
@@ -3173,6 +3173,10 @@ spec:
serviceAccountName:
description: Optional Service Account to run the pod
under.
type: string
+ shareProcessNamespace:
+ description: Should process namespace sharing be
enabled on
+ created pods
+ type: boolean
sidecarContainers:
description: Sidecar containers to run in the pod.
These are
in addition to the Solr Container
diff --git a/controllers/solrcloud_controller_test.go
b/controllers/solrcloud_controller_test.go
index de590e1..c1dbc11 100644
--- a/controllers/solrcloud_controller_test.go
+++ b/controllers/solrcloud_controller_test.go
@@ -25,6 +25,7 @@ import (
"github.com/apache/solr-operator/controllers/util"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
+ . "github.com/onsi/gomega/gstruct"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -146,6 +147,7 @@ var _ = FDescribe("SolrCloud controller - General", func() {
Expect(statefulSet.Spec.Template.Spec.Volumes).To(HaveLen(len(extraVolumes)+3),
"Pod has wrong number of volumes")
Expect(statefulSet.Spec.Template.Spec.Volumes[3].Name).To(Equal(extraVolumes[0].Name),
"Additional Volume from podOptions not loaded into pod properly.")
Expect(statefulSet.Spec.Template.Spec.Volumes[3].VolumeSource).To(Equal(extraVolumes[0].Source),
"Additional Volume from podOptions not loaded into pod properly.")
+
Expect(statefulSet.Spec.Template.Spec.ShareProcessNamespace).Should(PointTo(BeFalse()))
Expect(statefulSet.Spec.Template.Spec.ReadinessGates).To(ContainElement(corev1.PodReadinessGate{ConditionType:
util.SolrIsNotStoppedReadinessCondition}), "All pods should contain the
isNotStopped readinessGate.")
By("testing the Solr Common Service")
@@ -169,6 +171,7 @@ var _ = FDescribe("SolrCloud controller - General", func() {
FContext("Solr Cloud with Custom Kube Options", func() {
three := intstr.FromInt(3)
+ testShareProcessNamespace := true
BeforeEach(func() {
replicas := int32(4)
solrCloud.Spec = solrv1beta1.SolrCloudSpec{
@@ -213,6 +216,7 @@ var _ = FDescribe("SolrCloud controller - General", func() {
TopologySpreadConstraints:
testTopologySpreadConstraints,
DefaultInitContainerResources:
testResources2,
InitContainers:
extraContainers1,
+ ShareProcessNamespace:
testShareProcessNamespace,
},
StatefulSetOptions:
&solrv1beta1.StatefulSetOptions{
Annotations:
testSSAnnotations,
@@ -284,6 +288,7 @@ var _ = FDescribe("SolrCloud controller - General", func() {
Expect(statefulSet.Spec.Template.Spec.ServiceAccountName).To(Equal(testServiceAccountName),
"Incorrect serviceAccountName")
Expect(statefulSet.Spec.Template.Spec.TopologySpreadConstraints).To(HaveLen(len(testTopologySpreadConstraints)),
"Wrong number of topologySpreadConstraints")
Expect(statefulSet.Spec.Template.Spec.TopologySpreadConstraints[0]).To(Equal(testTopologySpreadConstraints[0]),
"Wrong first topologySpreadConstraint")
+
Expect(statefulSet.Spec.Template.Spec.ShareProcessNamespace).To(Equal(&testShareProcessNamespace),
"Wrong shareProcessNamespace value")
expectedSecondTopologyConstraint :=
testTopologySpreadConstraints[1].DeepCopy()
expectedSecondTopologyConstraint.LabelSelector =
statefulSet.Spec.Selector
Expect(statefulSet.Spec.Template.Spec.TopologySpreadConstraints[1]).To(Equal(*expectedSecondTopologyConstraint),
"Wrong second topologySpreadConstraint")
diff --git a/controllers/util/solr_util.go b/controllers/util/solr_util.go
index de44d7c..64b9ba1 100644
--- a/controllers/util/solr_util.go
+++ b/controllers/util/solr_util.go
@@ -82,6 +82,7 @@ var (
// zkConnectionString: the connectionString of the ZK instance to connect to
func GenerateStatefulSet(solrCloud *solr.SolrCloud, solrCloudStatus
*solr.SolrCloudStatus, hostNameIPs map[string]string, reconcileConfigInfo
map[string]string, tls *TLSCerts, security *SecurityConfig) *appsv1.StatefulSet
{
terminationGracePeriod := int64(60)
+ shareProcessNamespace := false
solrPodPort := solrCloud.Spec.SolrAddressability.PodPort
defaultFSGroup := int64(DefaultSolrGroup)
@@ -122,6 +123,7 @@ func GenerateStatefulSet(solrCloud *solr.SolrCloud,
solrCloudStatus *solr.SolrCl
if customPodOptions.TerminationGracePeriodSeconds != nil {
terminationGracePeriod =
*customPodOptions.TerminationGracePeriodSeconds
}
+ shareProcessNamespace = customPodOptions.ShareProcessNamespace
}
// The isNotStopped readiness gate will always be used for
managedUpdates
@@ -543,6 +545,7 @@ func GenerateStatefulSet(solrCloud *solr.SolrCloud,
solrCloudStatus *solr.SolrCl
Spec: corev1.PodSpec{
TerminationGracePeriodSeconds:
&terminationGracePeriod,
+ ShareProcessNamespace:
&shareProcessNamespace,
SecurityContext:
&corev1.PodSecurityContext{
FSGroup: &defaultFSGroup,
},
diff --git a/helm/solr-operator/Chart.yaml b/helm/solr-operator/Chart.yaml
index 891e494..060ae16 100644
--- a/helm/solr-operator/Chart.yaml
+++ b/helm/solr-operator/Chart.yaml
@@ -62,6 +62,13 @@ annotations:
url: https://github.com/apache/solr-operator/issues/684
- name: Github PR
url: https://github.com/apache/solr-operator/pull/685
+ - kind: added
+ description: SolrClouds now support namespace sharing among pod
containers in a pod.
+ links:
+ - name: Github Issue
+ url: https://github.com/apache/solr-operator/issues/716
+ - name: Github PR
+ url: https://github.com/apache/solr-operator/pull/735
- kind: changed
description: SolrClouds now support auto-readOnlyRootFilesystem setting.
links:
diff --git a/helm/solr-operator/crds/crds.yaml
b/helm/solr-operator/crds/crds.yaml
index 14f285c..0f807e3 100644
--- a/helm/solr-operator/crds/crds.yaml
+++ b/helm/solr-operator/crds/crds.yaml
@@ -5343,6 +5343,10 @@ spec:
serviceAccountName:
description: Optional Service Account to run the pod
under.
type: string
+ shareProcessNamespace:
+ description: Should process namespace sharing be
enabled on
+ created pods
+ type: boolean
sidecarContainers:
description: Sidecar containers to run in the pod.
These are
in addition to the Solr Container
@@ -19456,6 +19460,10 @@ spec:
serviceAccountName:
description: Optional Service Account to run the pod
under.
type: string
+ shareProcessNamespace:
+ description: Should process namespace sharing be
enabled on
+ created pods
+ type: boolean
sidecarContainers:
description: Sidecar containers to run in the pod.
These are
in addition to the Solr Container
diff --git a/helm/solr/README.md b/helm/solr/README.md
index 5aa45a9..bbd0075 100644
--- a/helm/solr/README.md
+++ b/helm/solr/README.md
@@ -285,6 +285,7 @@ When using the helm chart, omit `customSolrKubeOptions.`
| podOptions.tolerations | []object | | Specify a list of Kubernetes
tolerations for the Solr pod |
| podOptions.topologySpreadConstraints | []object | | Specify a list of
Kubernetes topologySpreadConstraints for the Solr pod. No need to provide a
`labelSelector`, as the Solr Operator will default that for you. More
information can be found in [the
documentation](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/).
|
| podOptions.serviceAccountName | string | | Optional serviceAccount to run
the Solr pods under |
+| podOptions.shareProcessNamespace | boolean | false | Whether containers in a
pod should share the same process namespace. |
| podOptions.priorityClassName | string | | Optional priorityClassName for the
Solr pod |
| podOptions.sidecarContainers | []object | | An optional list of additional
containers to run along side the Solr in its pod |
| podOptions.initContainers | []object | | An optional list of additional
initContainers to run before the Solr container starts |
diff --git a/helm/solr/templates/_custom_option_helpers.tpl
b/helm/solr/templates/_custom_option_helpers.tpl
index d2b9b58..f0b4aba 100644
--- a/helm/solr/templates/_custom_option_helpers.tpl
+++ b/helm/solr/templates/_custom_option_helpers.tpl
@@ -36,6 +36,9 @@ resources:
{{- if (include "solr.serviceAccountName.solr" .) -}}
serviceAccountName: {{ include "solr.serviceAccountName.solr" . }}
{{ end }}
+{{- if .Values.podOptions.shareProcessNamespace -}}
+shareProcessNamespace: {{ .Values.podOptions.shareProcessNamespace }}
+{{ end }}
{{- if .Values.podOptions.priorityClassName -}}
priorityClassName: {{ .Values.podOptions.priorityClassName }}
{{ end }}
diff --git a/helm/solr/values.yaml b/helm/solr/values.yaml
index 216944d..15171f1 100644
--- a/helm/solr/values.yaml
+++ b/helm/solr/values.yaml
@@ -300,6 +300,8 @@ podOptions:
# Set Solr service account individually instead of the global
"serviceAccount.name"
serviceAccountName: ""
+ shareProcessNamespace: false
+
# Manage where the Solr pods are scheduled
affinity: {}
tolerations: []
