From 8f1945ad209831514bf365d4fd2adfe0c165c771 Mon Sep 17 00:00:00 2001
From: idanl21 <88611799+idanl21@users.noreply.github.com>
Date: Fri, 14 Apr 2023 16:12:07 +0530
Subject: [PATCH] Support for Prometheus Monitoring via Aiven exporter plugin
(#475)
---
...ch-operator-leader-election-role-role.yaml | 12 +
.../opensearch-operator-manager-role-cr.yaml | 12 +
docs/designs/crd.md | 45 +-
docs/designs/monitoring.md | 13 +
docs/userguide/main.md | 23 +
go.work.sum | 101 ++-
.../api/v1/opensearch_types.go | 9 +-
.../api/v1/zz_generated.deepcopy.go | 16 +
.../config/crd/bases/crd-servicemonitor.yaml | 632 ++++++++++++++++++
...ensearch.opster.io_opensearchclusters.yaml | 13 +-
.../config/crd/kustomization.yaml | 1 +
.../controllers/cluster_test.go | 40 +-
.../controllers/dashboard_test.go | 9 +-
opensearch-operator/controllers/suite_test.go | 19 +-
.../controllers/suite_test_helpers.go | 5 +-
opensearch-operator/controllers/tls_test.go | 2 +-
.../examples/opensearch-cluster.yaml | 8 +-
opensearch-operator/go.mod | 25 +-
opensearch-operator/go.sum | 55 +-
opensearch-operator/main.go | 7 +-
.../opensearch-gateway/services/os_client.go | 2 +-
opensearch-operator/pkg/builders/cluster.go | 86 ++-
.../pkg/builders/cluster_test.go | 2 +-
.../pkg/reconcilers/cluster.go | 9 +
.../pkg/reconcilers/dashboards_test.go | 2 +-
.../pkg/reconcilers/role_test.go | 10 +-
.../pkg/reconcilers/suite_test.go | 39 ++
27 files changed, 1108 insertions(+), 89 deletions(-)
create mode 100644 opensearch-operator/config/crd/bases/crd-servicemonitor.yaml
diff --git a/charts/opensearch-operator/templates/opensearch-operator-leader-election-role-role.yaml b/charts/opensearch-operator/templates/opensearch-operator-leader-election-role-role.yaml
index 8aa34272..8ab2768d 100755
--- a/charts/opensearch-operator/templates/opensearch-operator-leader-election-role-role.yaml
+++ b/charts/opensearch-operator/templates/opensearch-operator-leader-election-role-role.yaml
@@ -34,3 +34,15 @@ rules:
verbs:
- create
- patch
+- apiGroups:
+ - monitoring.coreos.com
+ resources:
+ - servicemonitors
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
diff --git a/charts/opensearch-operator/templates/opensearch-operator-manager-role-cr.yaml b/charts/opensearch-operator/templates/opensearch-operator-manager-role-cr.yaml
index 98d8304e..d4682c5e 100755
--- a/charts/opensearch-operator/templates/opensearch-operator-manager-role-cr.yaml
+++ b/charts/opensearch-operator/templates/opensearch-operator-manager-role-cr.yaml
@@ -231,3 +231,15 @@ rules:
- patch
- update
- watch
+- apiGroups:
+ - monitoring.coreos.com
+ resources:
+ - servicemonitors
+ verbs:
+ - create
+ - delete
+ - get
+ - list
+ - patch
+ - update
+ - watch
\ No newline at end of file
diff --git a/docs/designs/crd.md b/docs/designs/crd.md
index 140d98c2..815c037b 100644
--- a/docs/designs/crd.md
+++ b/docs/designs/crd.md
@@ -96,6 +96,11 @@ ClusterSpec defines the desired state of OpensearchCluster
| []object |
List of objects that define the different nodePools in an OpensearchCluster. Each nodePool represents a group of nodes with the same opensearch roles and resources. Each nodePool is deployed as a Kubernetes StatefulSet. Together they form the opensearch cluster. |
true |
+
+ | monitoring |
+ object |
+ monitoring configuration in an OpensearchCluster |
+ false |
| initHelper |
object |
@@ -566,10 +571,10 @@ InitHelperConfig defines global Opensearch InitHelper image configuration
- Keystore
+ Monitoring
-Every Keystore Value defines a secret to pull secrets from.
+Monitoring defines Opensearch monitoring configuration
@@ -581,6 +586,41 @@ Every Keystore Value defines a secret to pull secrets from.
| default |
+
+ | enable |
+ bool |
+ Define if to enable monitoring for that cluster |
+ true |
+ - |
+
+ | monitoringUserSecret |
+ []string |
+ Define from which user the monitor will run (Getting Secret name, the secret should contain 'username':'password' fileds). |
+ false |
+ admin |
+
+ | ScrapeInterval |
+ string |
+ Define interval for scraping |
+ false |
+ 30s |
+
+
+ | PluginURL |
+ string |
+ Define offline link to Aiven Plugin |
+ false |
+ https://github.com/aiven/prometheus-exporter-plugin-for-opensearch/releases/download//prometheus-exporter-.zip/ |
+
+
+
+
+
+ Keystore
+
+
+Every Keystore Value defines a secret to pull secrets from.
+
| secret |
@@ -596,4 +636,5 @@ Every Keystore Value defines a secret to pull secrets from.
false |
- |
+
diff --git a/docs/designs/monitoring.md b/docs/designs/monitoring.md
index 70202aba..703f0bde 100644
--- a/docs/designs/monitoring.md
+++ b/docs/designs/monitoring.md
@@ -154,3 +154,16 @@ The [opensearch-prometheus-exporter](https://github.com/aparo/opensearch-prometh
- [ ] Prometheus-operator integration
- [ ] Grafana dashboards development
- [ ] Grafana permissions testing
+
+
+## Progress
+
+I choose to integrate with Aiven prometheus-exporter-plugin-for-opensearch (https://github.com/aiven/prometheus-exporter-plugin-for-opensearch).
+
+For working with that Operator monitoring feature the client must have Prometheus cluster already installed .
+
+I added new boolean filed in general section that called "monitoring", if that filed is set to true the Aiven exporter will be added to PluginList and will be installed on the cluster.
+Besides, a new ServiceMonitor will appear in the OS cluster namespace, that ServiceMonitor is configured to fetch metrics from the OS cluster by his selectors, by port 9200 from "/_prometheus/metrics" path.
+Aivan also added the option to configure that plugin inside "config/opensearch.yml" file, an option to add those configurations with the operator will be added soon.
+
+* Please let me know if you familiar with any OpenSearch Grafana dashboard, Aiven suppose to release a Grafana Dashboard in the future (https://github.com/aiven/prometheus-exporter-plugin-for-opensearch/issues/12).
\ No newline at end of file
diff --git a/docs/userguide/main.md b/docs/userguide/main.md
index e7b9100a..6c607156 100644
--- a/docs/userguide/main.md
+++ b/docs/userguide/main.md
@@ -1022,3 +1022,26 @@ spec:
opensearchCredentialsSecret:
name: dashboards-credentials # This is the name of your secret that contains the credentials for Dashboards to use
```
+
+## Adding Opensearch Monitoring to your cluster
+
+The operator allows you to install and enable the Aiven monitoring plugin for OpenSearch on your cluster as a built-in feature (https://github.com/aiven/prometheus-exporter-plugin-for-opensearch)
+That feature needs internet connectivity to download the plugin. if you are working in a restricted environment, please download the plugin zip for your cluster version (example for 2.3.0: https://github.com/aiven/prometheus-exporter-plugin-for-opensearch/releases/download/2.3.0.0/prometheus-exporter-2.3.0.0.zip) and provide it at a location the operator can reach. Configure that URL as `pluginURL` in the monitoring config.
+By default the Opensearch admin user will be used to access the monitoring API. If you want to use a separate user with limited permissions you need to create that user using either of the following options:
+1) Create new applicative User using OpenSearch API/UI, create new secret with 'username':'password' keys and provide that secret name under monitoringUserSecret.
+2) Use Our OpenSearchUser CRD and provide the secret under monitoringUserSecret.
+```yaml
+apiVersion: opensearch.opster.io/v1
+kind: OpenSearchCluster
+metadata:
+ name: my-first-cluster
+ namespace: default
+spec:
+ general:
+ version:
+ monitoring:
+ enable: true
+ interval: 30s
+ monitoringUserSecret: appUserSecret
+ pluginUrl: https://github.com/aiven/prometheus-exporter-plugin-for-opensearch/releases/download//prometheus-exporter-.zip
+```
diff --git a/go.work.sum b/go.work.sum
index 9f16997c..e761beeb 100644
--- a/go.work.sum
+++ b/go.work.sum
@@ -1,48 +1,115 @@
+github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
+github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20220418222510-f25a4f6275ed/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg=
+github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
+github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
+github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
+github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
+github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
+github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
+github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo=
+github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA=
+github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI=
+github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
+github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/emicklei/go-restful v2.9.5+incompatible h1:spTtZBk5DYEvbxMVutUuTyh1Ao2r4iyvLdACqsl/Ljk=
+github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE=
github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84=
+github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
+github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/form3tech-oss/jwt-go v3.2.3+incompatible h1:7ZaBxOI7TMoYBfyA3cQHErNNyAWIKUMIwqxEtgHOs5c=
-github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
+github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
+github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ=
+github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
+github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA=
+github.com/google/cel-go v0.12.5/go.mod h1:Jk7ljRzLBhkmiAwBoUxB1sZSCVBAzkqPF25olK/iRDw=
github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/googleapis/gnostic v0.5.5 h1:9fHAtK0uDfpveeqqo1hkEZJcFvYXAiCN3UutL8F9xHw=
+github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y=
+github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
+github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
+github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw=
+github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU=
+github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk=
github.com/onsi/ginkgo/v2 v2.3.0/go.mod h1:Eew0uilEqZmIEZr8JrvYlvOM7Rr6xzTmMV8AyFNU9d0=
-github.com/onsi/ginkgo/v2 v2.3.1 h1:8SbseP7qM32WcvE6VaN6vfXxv698izmsJ1UQX9ve7T8=
-github.com/onsi/ginkgo/v2 v2.3.1/go.mod h1:Sv4yQXwG5VmF7tm3Q5Z+RWUpPo24LF1mpnz2crUb8Ys=
github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro=
+github.com/onsi/gomega v1.20.1/go.mod h1:DtrZpjmvpn2mPm4YWQa0/ALMDj9v4YxLgojwPeREyVo=
github.com/onsi/gomega v1.22.0/go.mod h1:iYAIXgPSaDHak0LCMA+AWBpIKBr8WZicMxnE8luStNc=
+github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
+github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
+github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
+github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0=
+github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo=
+github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
+go.etcd.io/etcd/api/v3 v3.5.4/go.mod h1:5GB2vv4A4AOn3yk7MftYGHkUfGtDHnEraIjym4dYz5A=
+go.etcd.io/etcd/client/pkg/v3 v3.5.4/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g=
+go.etcd.io/etcd/client/v2 v2.305.4/go.mod h1:Ud+VUwIi9/uQHOMA+4ekToJ12lTxlv0zB/+DHwTGEbU=
+go.etcd.io/etcd/client/v3 v3.5.4/go.mod h1:ZaRkVgBZC+L+dLCjTcF1hRXpgZXQPOvnA/Ak/gq3kiY=
+go.etcd.io/etcd/pkg/v3 v3.5.4/go.mod h1:OI+TtO+Aa3nhQSppMbwE4ld3uF1/fqqwbpfndbbrEe0=
+go.etcd.io/etcd/raft/v3 v3.5.4/go.mod h1:SCuunjYvZFC0fBX0vxMSPjuZmpcSk+XaAcMrD6Do03w=
+go.etcd.io/etcd/server/v3 v3.5.4/go.mod h1:S5/YTU15KxymM5l3T6b09sNOHPXqGYIZStpuuGbb65c=
+go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4=
+go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo=
+go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM=
+go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU=
+go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw=
+go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc=
+go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE=
+go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE=
+go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw=
+go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
+go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo=
+go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo=
+golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd h1:XcWmESyNjXJMLahc3mqVQJcgSTDxFxhETVlfk9uGc38=
+golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU=
golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI=
+golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.0.0-20220722155237-a158d28d115b h1:PxfKdU9lEEDYjdIzOtC4qFWgkU2rGHdKlKowJSMN9h0=
-golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f h1:v4INt8xihDGvnrfjMDVXGxw9wrfxYyCjk0KbXjhR55s=
-golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
-golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
-golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA=
+google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
+google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
+google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
+google.golang.org/grpc v1.47.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
+k8s.io/api v0.25.0/go.mod h1:ttceV1GyV1i1rnmvzT3BST08N6nGt+dudGrquzVQWPk=
+k8s.io/apiextensions-apiserver v0.25.0/go.mod h1:3pAjZiN4zw7R8aZC5gR0y3/vCkGlAjCazcg1me8iB/E=
+k8s.io/apimachinery v0.25.0/go.mod h1:qMx9eAk0sZQGsXGu86fab8tZdffHbwUfsvzqKn4mfB0=
+k8s.io/apiserver v0.25.4/go.mod h1:rPcm567XxjOnnd7jedDUnGJGmDGAo+cT6H7QHAN+xV0=
+k8s.io/client-go v0.25.0/go.mod h1:lxykvypVfKilxhTklov0wz1FoaUZ8X4EwbhS6rpRfN8=
+k8s.io/code-generator v0.25.4/go.mod h1:9F5fuVZOMWRme7MYj2YT3L9ropPWPokd9VRhVyD3+0w=
+k8s.io/component-base v0.25.0/go.mod h1:F2Sumv9CnbBlqrpdf7rKZTmmd2meJq0HizeyY/yAFxk=
k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
-k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ=
-k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
-k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 h1:MQ8BAZPZlWk3S9K4a9NCkIFQtZShWqoha7snGixVgEA=
-k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU=
-k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4=
-k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
+sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.33/go.mod h1:soWkSNf2tZC7aMibXEqVhCd73GOY5fJikn8qbdzemB0=
diff --git a/opensearch-operator/api/v1/opensearch_types.go b/opensearch-operator/api/v1/opensearch_types.go
index 4c00e401..6d349dd3 100644
--- a/opensearch-operator/api/v1/opensearch_types.go
+++ b/opensearch-operator/api/v1/opensearch_types.go
@@ -48,6 +48,7 @@ type GeneralConfig struct {
Command string `json:"command,omitempty"`
// Additional volumes to mount to all pods in the cluster
AdditionalVolumes []AdditionalVolume `json:"additionalVolumes,omitempty"`
+ Monitoring MonitoringConfig `json:"monitoring,omitempty"`
// Populate opensearch keystore before startup
Keystore []KeystoreValue `json:"keystore,omitempty"`
SnapshotRepositories []SnapshotRepoConfig `json:"snapshotRepositories,omitempty"`
@@ -101,11 +102,17 @@ type PVCSource struct {
// ConfMgmt defines which additional services will be deployed
type ConfMgmt struct {
AutoScaler bool `json:"autoScaler,omitempty"`
- Monitoring bool `json:"monitoring,omitempty"`
VerUpdate bool `json:"VerUpdate,omitempty"`
SmartScaler bool `json:"smartScaler,omitempty"`
}
+type MonitoringConfig struct {
+ Enable bool `json:"enable,omitempty"`
+ MonitoringUserSecret string `json:"monitoringUserSecret,omitempty"`
+ ScrapeInterval string `json:"scrapeInterval,omitempty"`
+ PluginURL string `json:"pluginUrl,omitempty"`
+}
+
type BootstrapConfig struct {
Resources corev1.ResourceRequirements `json:"resources,omitempty"`
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
diff --git a/opensearch-operator/api/v1/zz_generated.deepcopy.go b/opensearch-operator/api/v1/zz_generated.deepcopy.go
index c4dd9f8e..2d025717 100644
--- a/opensearch-operator/api/v1/zz_generated.deepcopy.go
+++ b/opensearch-operator/api/v1/zz_generated.deepcopy.go
@@ -341,6 +341,7 @@ func (in *GeneralConfig) DeepCopyInto(out *GeneralConfig) {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
+ out.Monitoring = in.Monitoring
if in.Keystore != nil {
in, out := &in.Keystore, &out.Keystore
*out = make([]KeystoreValue, len(*in))
@@ -486,6 +487,21 @@ func (in *KeystoreValue) DeepCopy() *KeystoreValue {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *MonitoringConfig) DeepCopyInto(out *MonitoringConfig) {
+ *out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MonitoringConfig.
+func (in *MonitoringConfig) DeepCopy() *MonitoringConfig {
+ if in == nil {
+ return nil
+ }
+ out := new(MonitoringConfig)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *NodePool) DeepCopyInto(out *NodePool) {
*out = *in
diff --git a/opensearch-operator/config/crd/bases/crd-servicemonitor.yaml b/opensearch-operator/config/crd/bases/crd-servicemonitor.yaml
new file mode 100644
index 00000000..18550e80
--- /dev/null
+++ b/opensearch-operator/config/crd/bases/crd-servicemonitor.yaml
@@ -0,0 +1,632 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.6.2
+ name: servicemonitors.monitoring.coreos.com
+spec:
+ conversion:
+ strategy: None
+ group: monitoring.coreos.com
+ names:
+ categories:
+ - prometheus-operator
+ kind: ServiceMonitor
+ listKind: ServiceMonitorList
+ plural: servicemonitors
+ singular: servicemonitor
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ description: ServiceMonitor defines monitoring for a set of services.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: Specification of desired Service selection for target discovery
+ by Prometheus.
+ properties:
+ endpoints:
+ description: A list of endpoints allowed as part of this ServiceMonitor.
+ items:
+ description: Endpoint defines a scrapeable endpoint serving Prometheus
+ metrics.
+ properties:
+ authorization:
+ description: Authorization section for this endpoint
+ properties:
+ credentials:
+ description: The secret's key that contains the credentials
+ of the request
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type:
+ description: Set the authentication type. Defaults to Bearer,
+ Basic will cause an error
+ type: string
+ type: object
+ basicAuth:
+ description: 'BasicAuth allow an endpoint to authenticate over
+ basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
+ properties:
+ password:
+ description: The secret in the service monitor namespace
+ that contains the password for authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ username:
+ description: The secret in the service monitor namespace
+ that contains the username for authentication.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ bearerTokenFile:
+ description: File to read bearer token for scraping targets.
+ type: string
+ bearerTokenSecret:
+ description: Secret to mount to read bearer token for scraping
+ targets. The secret needs to be in the same namespace as the
+ service monitor and accessible by the Prometheus Operator.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ followRedirects:
+ description: FollowRedirects configures whether scrape requests
+ follow HTTP 3xx redirects.
+ type: boolean
+ honorLabels:
+ description: HonorLabels chooses the metric's labels on collisions
+ with target labels.
+ type: boolean
+ honorTimestamps:
+ description: HonorTimestamps controls whether Prometheus respects
+ the timestamps present in scraped data.
+ type: boolean
+ interval:
+ description: Interval at which metrics should be scraped
+ type: string
+ metricRelabelings:
+ description: MetricRelabelConfigs to apply to samples before
+ ingestion.
+ items:
+ description: 'RelabelConfig allows dynamic rewriting of the
+ label set, being applied to samples before ingestion. It
+ defines ``-section of Prometheus
+ configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+ properties:
+ action:
+ default: replace
+ description: Action to perform based on regex matching.
+ Default is 'replace'
+ enum:
+ - replace
+ - keep
+ - drop
+ - hashmod
+ - labelmap
+ - labeldrop
+ - labelkeep
+ type: string
+ modulus:
+ description: Modulus to take of the hash of the source
+ label values.
+ format: int64
+ type: integer
+ regex:
+ description: Regular expression against which the extracted
+ value is matched. Default is '(.*)'
+ type: string
+ replacement:
+ description: Replacement value against which a regex replace
+ is performed if the regular expression matches. Regex
+ capture groups are available. Default is '$1'
+ type: string
+ separator:
+ description: Separator placed between concatenated source
+ label values. default is ';'.
+ type: string
+ sourceLabels:
+ description: The source labels select values from existing
+ labels. Their content is concatenated using the configured
+ separator and matched against the configured regular
+ expression for the replace, keep, and drop actions.
+ items:
+ description: LabelName is a valid Prometheus label name
+ which may only contain ASCII letters, numbers, as
+ well as underscores.
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ description: Label to which the resulting value is written
+ in a replace action. It is mandatory for replace actions.
+ Regex capture groups are available.
+ type: string
+ type: object
+ type: array
+ oauth2:
+ description: OAuth2 for the URL. Only valid in Prometheus versions
+ 2.27.0 and newer.
+ properties:
+ clientId:
+ description: The secret or configmap containing the OAuth2
+ client id
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the
+ targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ clientSecret:
+ description: The secret containing the OAuth2 client secret
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ endpointParams:
+ additionalProperties:
+ type: string
+ description: Parameters to append to the token URL
+ type: object
+ scopes:
+ description: OAuth2 scopes used for the token request
+ items:
+ type: string
+ type: array
+ tokenUrl:
+ description: The URL to fetch the token from
+ minLength: 1
+ type: string
+ required:
+ - clientId
+ - clientSecret
+ - tokenUrl
+ type: object
+ params:
+ additionalProperties:
+ items:
+ type: string
+ type: array
+ description: Optional HTTP URL parameters
+ type: object
+ path:
+ description: HTTP path to scrape for metrics.
+ type: string
+ port:
+ description: Name of the service port this endpoint refers to.
+ Mutually exclusive with targetPort.
+ type: string
+ proxyUrl:
+ description: ProxyURL eg http://proxyserver:2195 Directs scrapes
+ to proxy through this endpoint.
+ type: string
+ relabelings:
+ description: 'RelabelConfigs to apply to samples before scraping.
+ Prometheus Operator automatically adds relabelings for a few
+ standard Kubernetes fields. The original scrape job''s name
+ is available via the `__tmp_prometheus_job_name` label. More
+ info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
+ items:
+ description: 'RelabelConfig allows dynamic rewriting of the
+ label set, being applied to samples before ingestion. It
+ defines ``-section of Prometheus
+ configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
+ properties:
+ action:
+ default: replace
+ description: Action to perform based on regex matching.
+ Default is 'replace'
+ enum:
+ - replace
+ - keep
+ - drop
+ - hashmod
+ - labelmap
+ - labeldrop
+ - labelkeep
+ type: string
+ modulus:
+ description: Modulus to take of the hash of the source
+ label values.
+ format: int64
+ type: integer
+ regex:
+ description: Regular expression against which the extracted
+ value is matched. Default is '(.*)'
+ type: string
+ replacement:
+ description: Replacement value against which a regex replace
+ is performed if the regular expression matches. Regex
+ capture groups are available. Default is '$1'
+ type: string
+ separator:
+ description: Separator placed between concatenated source
+ label values. default is ';'.
+ type: string
+ sourceLabels:
+ description: The source labels select values from existing
+ labels. Their content is concatenated using the configured
+ separator and matched against the configured regular
+ expression for the replace, keep, and drop actions.
+ items:
+ description: LabelName is a valid Prometheus label name
+ which may only contain ASCII letters, numbers, as
+ well as underscores.
+ pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+ type: string
+ type: array
+ targetLabel:
+ description: Label to which the resulting value is written
+ in a replace action. It is mandatory for replace actions.
+ Regex capture groups are available.
+ type: string
+ type: object
+ type: array
+ scheme:
+ description: HTTP scheme to use for scraping.
+ type: string
+ scrapeTimeout:
+ description: Timeout after which the scrape is ended
+ type: string
+ targetPort:
+ anyOf:
+ - type: integer
+ - type: string
+ description: Name or number of the target port of the Pod behind
+ the Service, the port must be specified with container port
+ property. Mutually exclusive with port.
+ x-kubernetes-int-or-string: true
+ tlsConfig:
+ description: TLS configuration to use when scraping the endpoint
+ properties:
+ ca:
+ description: Struct containing the CA cert to use for the
+ targets.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the
+ targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ caFile:
+ description: Path to the CA cert in the Prometheus container
+ to use for the targets.
+ type: string
+ cert:
+ description: Struct containing the client cert file for
+ the targets.
+ properties:
+ configMap:
+ description: ConfigMap containing data to use for the
+ targets.
+ properties:
+ key:
+ description: The key to select.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the ConfigMap or its
+ key must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ secret:
+ description: Secret containing data to use for the targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind,
+ uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key
+ must be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ type: object
+ certFile:
+ description: Path to the client cert file in the Prometheus
+ container for the targets.
+ type: string
+ insecureSkipVerify:
+ description: Disable target certificate validation.
+ type: boolean
+ keyFile:
+ description: Path to the client key file in the Prometheus
+ container for the targets.
+ type: string
+ keySecret:
+ description: Secret containing the client key file for the
+ targets.
+ properties:
+ key:
+ description: The key of the secret to select from. Must
+ be a valid secret key.
+ type: string
+ name:
+ description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+ TODO: Add other useful fields. apiVersion, kind, uid?'
+ type: string
+ optional:
+ description: Specify whether the Secret or its key must
+ be defined
+ type: boolean
+ required:
+ - key
+ type: object
+ serverName:
+ description: Used to verify the hostname for the targets.
+ type: string
+ type: object
+ type: object
+ type: array
+ jobLabel:
+ description: "Chooses the label of the Kubernetes `Endpoints`. Its
+ value will be used for the `job`-label's value of the created metrics.
+ \n Default & fallback value: the name of the respective Kubernetes
+ `Endpoint`."
+ type: string
+ labelLimit:
+ description: Per-scrape limit on number of labels that will be accepted
+ for a sample. Only valid in Prometheus versions 2.27.0 and newer.
+ format: int64
+ type: integer
+ labelNameLengthLimit:
+ description: Per-scrape limit on length of labels name that will be
+ accepted for a sample. Only valid in Prometheus versions 2.27.0
+ and newer.
+ format: int64
+ type: integer
+ labelValueLengthLimit:
+ description: Per-scrape limit on length of labels value that will
+ be accepted for a sample. Only valid in Prometheus versions 2.27.0
+ and newer.
+ format: int64
+ type: integer
+ namespaceSelector:
+ description: Selector to select which namespaces the Kubernetes Endpoints
+ objects are discovered from.
+ properties:
+ any:
+ description: Boolean describing whether all namespaces are selected
+ in contrast to a list restricting them.
+ type: boolean
+ matchNames:
+ description: List of namespace names to select from.
+ items:
+ type: string
+ type: array
+ type: object
+ podTargetLabels:
+ description: PodTargetLabels transfers labels on the Kubernetes `Pod`
+ onto the created metrics.
+ items:
+ type: string
+ type: array
+ sampleLimit:
+ description: SampleLimit defines per-scrape limit on number of scraped
+ samples that will be accepted.
+ format: int64
+ type: integer
+ selector:
+ description: Selector to select Endpoints objects.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: A label selector requirement is a selector that
+ contains values, a key, and an operator that relates the key
+ and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: operator represents a key's relationship to
+ a set of values. Valid operators are In, NotIn, Exists
+ and DoesNotExist.
+ type: string
+ values:
+ description: values is an array of string values. If the
+ operator is In or NotIn, the values array must be non-empty.
+ If the operator is Exists or DoesNotExist, the values
+ array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: matchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
+ type: object
+ targetLabels:
+ description: TargetLabels transfers labels from the Kubernetes `Service`
+ onto the created metrics.
+ items:
+ type: string
+ type: array
+ targetLimit:
+ description: TargetLimit defines a limit on the number of scraped
+ targets that will be accepted.
+ format: int64
+ type: integer
+ required:
+ - endpoints
+ - selector
+ type: object
+ required:
+ - spec
+ type: object
+ served: true
+ storage: true
\ No newline at end of file
diff --git a/opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml b/opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml
index ae8f065e..9dcc8e65 100644
--- a/opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml
+++ b/opensearch-operator/config/crd/bases/opensearch.opster.io_opensearchclusters.yaml
@@ -995,8 +995,6 @@ spec:
type: boolean
autoScaler:
type: boolean
- monitoring:
- type: boolean
smartScaler:
type: boolean
type: object
@@ -2868,6 +2866,17 @@ spec:
x-kubernetes-map-type: atomic
type: object
type: array
+ monitoring:
+ properties:
+ enable:
+ type: boolean
+ monitoringUserSecret:
+ type: string
+ pluginUrl:
+ type: string
+ scrapeInterval:
+ type: string
+ type: object
pluginsList:
items:
type: string
diff --git a/opensearch-operator/config/crd/kustomization.yaml b/opensearch-operator/config/crd/kustomization.yaml
index bf4eddd2..22e4bc97 100644
--- a/opensearch-operator/config/crd/kustomization.yaml
+++ b/opensearch-operator/config/crd/kustomization.yaml
@@ -6,6 +6,7 @@ resources:
- bases/opensearch.opster.io_opensearchusers.yaml
- bases/opensearch.opster.io_opensearchroles.yaml
- bases/opensearch.opster.io_opensearchuserrolebindings.yaml
+- bases/crd-servicemonitor.yaml
#+kubebuilder:scaffold:crdkustomizeresource
patchesStrategicMerge:
diff --git a/opensearch-operator/controllers/cluster_test.go b/opensearch-operator/controllers/cluster_test.go
index c57260af..14b441ce 100644
--- a/opensearch-operator/controllers/cluster_test.go
+++ b/opensearch-operator/controllers/cluster_test.go
@@ -6,6 +6,8 @@ import (
"sync"
"time"
+ monitoring "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
+
. "github.com/kralicky/kmatch"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
@@ -82,8 +84,39 @@ var _ = Describe("Cluster Reconciler", func() {
It("should apply the cluster instance successfully", func() {
Expect(k8sClient.Create(context.Background(), &OpensearchCluster)).Should(Succeed())
+
})
+ It("should create a ServiceMonitor for the cluster", func() {
+ sm := &monitoring.ServiceMonitor{}
+ secret := &corev1.Secret{}
+ Eventually(func() error {
+ // check if the ServiceMonitor created
+ return k8sClient.Get(context.Background(), client.ObjectKey{Name: OpensearchCluster.Name + "-monitor", Namespace: OpensearchCluster.Namespace}, sm)
+ }, timeout, interval).Should(Succeed())
+
+ // check if the Auth secret created
+
+ Eventually(func() error {
+ return k8sClient.Get(context.Background(), client.ObjectKey{Name: OpensearchCluster.Name + "-admin-password", Namespace: OpensearchCluster.Namespace}, secret)
+ }, timeout, interval).Should(Succeed())
+
+ // check if the ServiceMonitor is using the Admin secret for basicAuth
+
+ Expect(sm.Spec.Endpoints[0].BasicAuth).Should(BeEquivalentTo(
+ &monitoring.BasicAuth{Username: corev1.SecretKeySelector{
+ LocalObjectReference: corev1.LocalObjectReference{Name: OpensearchCluster.Name + "-admin-password"},
+ Key: "username"},
+ Password: corev1.SecretKeySelector{
+ LocalObjectReference: corev1.LocalObjectReference{Name: OpensearchCluster.Name + "-admin-password"},
+ Key: "password"},
+ }))
+
+ // check if the ServiceMonitor is using the interval from the CRD declaration
+
+ Expect(sm.Spec.Endpoints[0].Interval).Should(BeEquivalentTo(OpensearchCluster.Spec.General.Monitoring.ScrapeInterval))
+
+ })
})
/// ------- Tests logic Check phase -------
@@ -122,7 +155,7 @@ var _ = Describe("Cluster Reconciler", func() {
},
}, k8sClient), timeout, interval).Should(ExistAnd(
HaveMatchingContainer(And(
- HaveImage("docker.io/opensearchproject/opensearch:1.0.0"),
+ HaveImage("docker.io/opensearchproject/opensearch:2.0.0"),
HaveLimits(corev1.ResourceList{
corev1.ResourceCPU: resource.MustParse("500m"),
corev1.ResourceMemory: resource.MustParse("2Gi"),
@@ -302,7 +335,7 @@ var _ = Describe("Cluster Reconciler", func() {
if err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(&OpensearchCluster), &OpensearchCluster); err != nil {
return false
}
- return OpensearchCluster.Status.Version == "1.0.0"
+ return OpensearchCluster.Status.Version == "2.0.0"
}, timeout, interval).Should(BeTrue())
})
})
@@ -330,7 +363,6 @@ var _ = Describe("Cluster Reconciler", func() {
})
})
It("should update the node pool image version", func() {
-
for _, pool := range OpensearchCluster.Spec.NodePools {
Eventually(func() bool {
sts := &appsv1.StatefulSet{}
@@ -338,12 +370,12 @@ var _ = Describe("Cluster Reconciler", func() {
if err != nil {
return false
}
-
return sts.Spec.Template.Spec.Containers[0].Image == "docker.io/opensearchproject/opensearch:1.1.0"
}).Should(BeTrue())
}
})
})
+
When("A node pool is upgrading", func() {
Specify("updating the status should succeed", func() {
status := opsterv1.ComponentStatus{
diff --git a/opensearch-operator/controllers/dashboard_test.go b/opensearch-operator/controllers/dashboard_test.go
index 11d19d46..09d8497d 100644
--- a/opensearch-operator/controllers/dashboard_test.go
+++ b/opensearch-operator/controllers/dashboard_test.go
@@ -3,16 +3,15 @@ package controllers
import (
"context"
"fmt"
- "time"
-
sts "k8s.io/api/apps/v1"
- metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
- "k8s.io/apimachinery/pkg/types"
+ "k8s.io/utils/pointer"
+ "time"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
corev1 "k8s.io/api/core/v1"
- "k8s.io/utils/pointer"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/controller-runtime/pkg/client"
//+kubebuilder:scaffold:imports
)
diff --git a/opensearch-operator/controllers/suite_test.go b/opensearch-operator/controllers/suite_test.go
index 00800a2a..73833ea5 100644
--- a/opensearch-operator/controllers/suite_test.go
+++ b/opensearch-operator/controllers/suite_test.go
@@ -23,11 +23,12 @@ package controllers
import (
"context"
+ "fmt"
+ monitoring "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
"path/filepath"
"testing"
- "k8s.io/client-go/rest"
- "k8s.io/client-go/tools/record"
+ "github.com/phayes/freeport"
opsterv1 "opensearch.opster.io/api/v1"
ctrl "sigs.k8s.io/controller-runtime"
@@ -35,6 +36,8 @@ import (
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"k8s.io/client-go/kubernetes/scheme"
+ "k8s.io/client-go/rest"
+ "k8s.io/client-go/tools/record"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/envtest"
logf "sigs.k8s.io/controller-runtime/pkg/log"
@@ -66,6 +69,8 @@ func TestAPIs(t *testing.T) {
var _ = BeforeSuite(func() {
logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true)))
+ ports, err := freeport.GetFreePorts(2)
+ Expect(err).NotTo(HaveOccurred())
var ctx context.Context
ctx, cancel = context.WithCancel(context.TODO())
@@ -76,7 +81,6 @@ var _ = BeforeSuite(func() {
ErrorIfCRDPathMissing: true,
}
- var err error
cfg, err = testEnv.Start()
Expect(err).NotTo(HaveOccurred())
Expect(cfg).NotTo(BeNil())
@@ -90,11 +94,16 @@ var _ = BeforeSuite(func() {
Expect(err).NotTo(HaveOccurred())
Expect(k8sClient).NotTo(BeNil())
+ err = monitoring.AddToScheme(scheme.Scheme)
+ Expect(err).NotTo(HaveOccurred())
+
k8sManager, err := ctrl.NewManager(cfg, ctrl.Options{
- Scheme: scheme.Scheme,
+ Scheme: scheme.Scheme,
+ MetricsBindAddress: fmt.Sprintf(":%d", ports[0]),
+ HealthProbeBindAddress: fmt.Sprintf(":%d", ports[1]),
})
Expect(err).ToNot(HaveOccurred())
-
+ //scheme.AddToScheme()
err = (&OpenSearchClusterReconciler{
Client: k8sManager.GetClient(),
Scheme: scheme.Scheme,
diff --git a/opensearch-operator/controllers/suite_test_helpers.go b/opensearch-operator/controllers/suite_test_helpers.go
index f2bb087d..cd67449a 100644
--- a/opensearch-operator/controllers/suite_test_helpers.go
+++ b/opensearch-operator/controllers/suite_test_helpers.go
@@ -105,9 +105,10 @@ func ComposeOpensearchCrd(clusterName string, namespace string) opsterv1.OpenSea
},
Spec: opsterv1.ClusterSpec{
General: opsterv1.GeneralConfig{
+ Monitoring: opsterv1.MonitoringConfig{Enable: true, ScrapeInterval: "35s"},
HttpPort: 9200,
Vendor: "opensearch",
- Version: "1.0.0",
+ Version: "2.0.0",
ServiceName: "es-svc",
PluginsList: []string{"http://foo-plugin-1.0.0"},
AdditionalConfig: map[string]string{
@@ -136,7 +137,6 @@ func ComposeOpensearchCrd(clusterName string, namespace string) opsterv1.OpenSea
},
ConfMgmt: opsterv1.ConfMgmt{
AutoScaler: false,
- Monitoring: false,
VerUpdate: false,
SmartScaler: false,
},
@@ -156,6 +156,7 @@ func ComposeOpensearchCrd(clusterName string, namespace string) opsterv1.OpenSea
Dashboards: opsterv1.DashboardsConfig{
Enable: true,
Replicas: 3,
+ Version: "2.0.0",
Resources: corev1.ResourceRequirements{
Limits: corev1.ResourceList{
corev1.ResourceCPU: resource.MustParse("500m"),
diff --git a/opensearch-operator/controllers/tls_test.go b/opensearch-operator/controllers/tls_test.go
index b681a02b..c6c43737 100644
--- a/opensearch-operator/controllers/tls_test.go
+++ b/opensearch-operator/controllers/tls_test.go
@@ -35,7 +35,7 @@ var _ = Describe("TLS Reconciler", func() {
Spec: opsterv1.ClusterSpec{
General: opsterv1.GeneralConfig{
ServiceName: clusterName,
- Version: "1.0.0",
+ Version: "2.0.0",
},
Security: &opsterv1.Security{Tls: &opsterv1.TlsConfig{
Transport: &opsterv1.TlsConfigTransport{
diff --git a/opensearch-operator/examples/opensearch-cluster.yaml b/opensearch-operator/examples/opensearch-cluster.yaml
index 8abb7552..8aa9f228 100644
--- a/opensearch-operator/examples/opensearch-cluster.yaml
+++ b/opensearch-operator/examples/opensearch-cluster.yaml
@@ -5,13 +5,15 @@ metadata:
namespace: default
spec:
general:
- version: 1.3.0
+ version: "1.3.0"
httpPort: 9200
vendor: opensearch
serviceName: my-cluster
- pluginsList: ["repository-s3","https://github.com/aiven/prometheus-exporter-plugin-for-opensearch/releases/download/1.3.0.0/prometheus-exporter-1.3.0.0.zip"]
+ monitoring:
+ enable: true
+ pluginsList: ["repository-s3"]
dashboards:
- version: 1.3.0
+ version: "1.3.0"
enable: true
replicas: 2
resources:
diff --git a/opensearch-operator/go.mod b/opensearch-operator/go.mod
index a96370a9..8ead8dde 100644
--- a/opensearch-operator/go.mod
+++ b/opensearch-operator/go.mod
@@ -14,12 +14,14 @@ require (
github.com/onsi/gomega v1.22.1
github.com/opensearch-project/opensearch-go v1.1.0
github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5
- k8s.io/api v0.25.3
- k8s.io/apimachinery v0.25.3
- k8s.io/client-go v0.25.3
+ github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.61.1
+ k8s.io/api v0.25.4
+ k8s.io/apiextensions-apiserver v0.25.4
+ k8s.io/apimachinery v0.25.4
+ k8s.io/client-go v0.25.4
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280
- k8s.io/utils v0.0.0-20221012122500-cfd413dd9e85
- sigs.k8s.io/controller-runtime v0.13.0
+ k8s.io/utils v0.0.0-20221108210102-8e77b1f39fe2
+ sigs.k8s.io/controller-runtime v0.13.1
)
require (
@@ -78,20 +80,21 @@ require (
go.uber.org/multierr v1.6.0 // indirect
go.uber.org/zap v1.21.0 // indirect
golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e // indirect
- golang.org/x/net v0.1.0 // indirect
+ golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect
+ golang.org/x/net v0.5.0 // indirect
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
- golang.org/x/sys v0.1.0 // indirect
- golang.org/x/term v0.1.0 // indirect
- golang.org/x/text v0.4.0 // indirect
+ golang.org/x/sys v0.4.0 // indirect
+ golang.org/x/term v0.4.0 // indirect
+ golang.org/x/text v0.6.0 // indirect
golang.org/x/time v0.0.0-20220609170525-579cf78fd858 // indirect
+ golang.org/x/tools v0.5.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.28.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
- k8s.io/apiextensions-apiserver v0.25.0 // indirect
- k8s.io/component-base v0.25.0 // indirect
+ k8s.io/component-base v0.25.4 // indirect
k8s.io/klog/v2 v2.80.1 // indirect
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
diff --git a/opensearch-operator/go.sum b/opensearch-operator/go.sum
index 9d156e44..6f7b0390 100644
--- a/opensearch-operator/go.sum
+++ b/opensearch-operator/go.sum
@@ -477,6 +477,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA=
+github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.61.1 h1:ViIkBYnAUumtx9D7PiVPc1n8kNvwm+WMepDZWTZCBPc=
+github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.61.1/go.mod h1:j51242bf6LQwvJ1JPKWApzTnifmCwcQq0i1p29ylWiM=
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso=
github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
@@ -575,7 +577,7 @@ go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
-go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA=
+go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk=
go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4=
go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
@@ -621,6 +623,7 @@ golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRu
golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
+golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug=
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
@@ -684,8 +687,10 @@ golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qx
golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0=
-golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
+golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU=
+golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
+golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw=
+golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -788,13 +793,17 @@ golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
-golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A=
+golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18=
+golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.1.0 h1:g6Z6vPFA9dYBAF7DWcH6sCcOntplXsDKcliusYijMlw=
-golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.2.0 h1:z85xZCsEl7bi/KwbNADeBYoOP0++7W1ipu+aGnpwzRM=
+golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
+golang.org/x/term v0.4.0 h1:O7UWfv5+A2qiuulQk30kVinPoMtoIPeVaKLEgLpVkvg=
+golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -805,6 +814,8 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.6.0 h1:3XmdazWV+ubf7QgHSTWeykHOci5oeekaGJBLkrkaw4k=
+golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -876,6 +887,8 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/tools v0.5.0 h1:+bSpV5HIeWkuvgaMfI3UmKRThoTA5ODJTUd8T17NO+4=
+golang.org/x/tools v0.5.0/go.mod h1:N+Kgy78s5I24c24dU8OfWNEotWjutIs8SnJvn5IDq+k=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -1059,24 +1072,24 @@ honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
k8s.io/api v0.21.3/go.mod h1:hUgeYHUbBp23Ue4qdX9tR8/ANi/g3ehylAqDn9NWVOg=
k8s.io/api v0.22.0/go.mod h1:0AoXXqst47OI/L0oGKq9DG61dvGRPXs7X4/B7KyjBCU=
-k8s.io/api v0.25.3 h1:Q1v5UFfYe87vi5H7NU0p4RXC26PPMT8KOpr1TLQbCMQ=
-k8s.io/api v0.25.3/go.mod h1:o42gKscFrEVjHdQnyRenACrMtbuJsVdP+WVjqejfzmI=
+k8s.io/api v0.25.4 h1:3YO8J4RtmG7elEgaWMb4HgmpS2CfY1QlaOz9nwB+ZSs=
+k8s.io/api v0.25.4/go.mod h1:IG2+RzyPQLllQxnhzD8KQNEu4c4YvyDTpSMztf4A0OQ=
k8s.io/apiextensions-apiserver v0.21.3/go.mod h1:kl6dap3Gd45+21Jnh6utCx8Z2xxLm8LGDkprcd+KbsE=
-k8s.io/apiextensions-apiserver v0.25.0 h1:CJ9zlyXAbq0FIW8CD7HHyozCMBpDSiH7EdrSTCZcZFY=
-k8s.io/apiextensions-apiserver v0.25.0/go.mod h1:3pAjZiN4zw7R8aZC5gR0y3/vCkGlAjCazcg1me8iB/E=
+k8s.io/apiextensions-apiserver v0.25.4 h1:7hu9pF+xikxQuQZ7/30z/qxIPZc2J1lFElPtr7f+B6U=
+k8s.io/apiextensions-apiserver v0.25.4/go.mod h1:bkSGki5YBoZWdn5pWtNIdGvDrrsRWlmnvl9a+tAw5vQ=
k8s.io/apimachinery v0.19.2/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA=
k8s.io/apimachinery v0.21.3/go.mod h1:H/IM+5vH9kZRNJ4l3x/fXP/5bOPJaVP/guptnZPeCFI=
k8s.io/apimachinery v0.22.0/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0=
-k8s.io/apimachinery v0.25.3 h1:7o9ium4uyUOM76t6aunP0nZuex7gDf8VGwkR5RcJnQc=
-k8s.io/apimachinery v0.25.3/go.mod h1:jaF9C/iPNM1FuLl7Zuy5b9v+n35HGSh6AQ4HYRkCqwo=
+k8s.io/apimachinery v0.25.4 h1:CtXsuaitMESSu339tfhVXhQrPET+EiWnIY1rcurKnAc=
+k8s.io/apimachinery v0.25.4/go.mod h1:jaF9C/iPNM1FuLl7Zuy5b9v+n35HGSh6AQ4HYRkCqwo=
k8s.io/apiserver v0.21.3/go.mod h1:eDPWlZG6/cCCMj/JBcEpDoK+I+6i3r9GsChYBHSbAzU=
k8s.io/client-go v0.21.3/go.mod h1:+VPhCgTsaFmGILxR/7E1N0S+ryO010QBeNCv5JwRGYU=
-k8s.io/client-go v0.25.3 h1:oB4Dyl8d6UbfDHD8Bv8evKylzs3BXzzufLiO27xuPs0=
-k8s.io/client-go v0.25.3/go.mod h1:t39LPczAIMwycjcXkVc+CB+PZV69jQuNx4um5ORDjQA=
+k8s.io/client-go v0.25.4 h1:3RNRDffAkNU56M/a7gUfXaEzdhZlYhoW8dgViGy5fn8=
+k8s.io/client-go v0.25.4/go.mod h1:8trHCAC83XKY0wsBIpbirZU4NTUpbuhc2JnI7OruGZw=
k8s.io/code-generator v0.21.3/go.mod h1:K3y0Bv9Cz2cOW2vXUrNZlFbflhuPvuadW6JdnN6gGKo=
k8s.io/component-base v0.21.3/go.mod h1:kkuhtfEHeZM6LkX0saqSK8PbdO7A0HigUngmhhrwfGQ=
-k8s.io/component-base v0.25.0 h1:haVKlLkPCFZhkcqB6WCvpVxftrg6+FK5x1ZuaIDaQ5Y=
-k8s.io/component-base v0.25.0/go.mod h1:F2Sumv9CnbBlqrpdf7rKZTmmd2meJq0HizeyY/yAFxk=
+k8s.io/component-base v0.25.4 h1:n1bjg9Yt+G1C0WnIDJmg2fo6wbEU1UGMRiQSjmj7hNQ=
+k8s.io/component-base v0.25.4/go.mod h1:nnZJU8OP13PJEm6/p5V2ztgX2oyteIaAGKGMYb2L2cY=
k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
@@ -1093,15 +1106,15 @@ k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhkl
k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
k8s.io/utils v0.0.0-20210722164352-7f3ee0f31471/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
-k8s.io/utils v0.0.0-20221012122500-cfd413dd9e85 h1:cTdVh7LYu82xeClmfzGtgyspNh6UxpwLWGi8R4sspNo=
-k8s.io/utils v0.0.0-20221012122500-cfd413dd9e85/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
+k8s.io/utils v0.0.0-20221108210102-8e77b1f39fe2 h1:GfD9OzL11kvZN5iArC6oTS7RTj7oJOIfnislxYlqTj8=
+k8s.io/utils v0.0.0-20221108210102-8e77b1f39fe2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.19/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg=
sigs.k8s.io/controller-runtime v0.9.6/go.mod h1:q6PpkM5vqQubEKUKOM6qr06oXGzOBcCby1DA9FbyZeA=
-sigs.k8s.io/controller-runtime v0.13.0 h1:iqa5RNciy7ADWnIc8QxCbOX5FEKVR3uxVxKHRMc2WIQ=
-sigs.k8s.io/controller-runtime v0.13.0/go.mod h1:Zbz+el8Yg31jubvAEyglRZGdLAjplZl+PgtYNI6WNTI=
+sigs.k8s.io/controller-runtime v0.13.1 h1:tUsRCSJVM1QQOOeViGeX3GMT3dQF1eePPw6sEE3xSlg=
+sigs.k8s.io/controller-runtime v0.13.1/go.mod h1:Zbz+el8Yg31jubvAEyglRZGdLAjplZl+PgtYNI6WNTI=
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k=
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
diff --git a/opensearch-operator/main.go b/opensearch-operator/main.go
index 6c7b3867..a30beac5 100644
--- a/opensearch-operator/main.go
+++ b/opensearch-operator/main.go
@@ -26,15 +26,14 @@ import (
// to ensure that exec-entrypoint and run can make use of them.
_ "k8s.io/client-go/plugin/pkg/client/auth"
+ monitoring "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
"k8s.io/apimachinery/pkg/runtime"
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
clientgoscheme "k8s.io/client-go/kubernetes/scheme"
+ opsterv1 "opensearch.opster.io/api/v1"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/healthz"
"sigs.k8s.io/controller-runtime/pkg/log/zap"
-
- opsterv1 "opensearch.opster.io/api/v1"
- //+kubebuilder:scaffold:imports
)
var (
@@ -44,8 +43,8 @@ var (
func init() {
utilruntime.Must(clientgoscheme.AddToScheme(scheme))
-
utilruntime.Must(opsterv1.AddToScheme(scheme))
+ utilruntime.Must(monitoring.AddToScheme(scheme))
//+kubebuilder:scaffold:scheme
}
diff --git a/opensearch-operator/opensearch-gateway/services/os_client.go b/opensearch-operator/opensearch-gateway/services/os_client.go
index 7a8c83e7..1bfe8c48 100644
--- a/opensearch-operator/opensearch-gateway/services/os_client.go
+++ b/opensearch-operator/opensearch-gateway/services/os_client.go
@@ -205,7 +205,7 @@ func (client *OsClusterClient) GetClusterSettings() (responses.ClusterSettingsRe
func (client *OsClusterClient) GetFlatClusterSettings() (responses.FlatClusterSettingsResponse, error) {
req := opensearchapi.ClusterGetSettingsRequest{
- FlatSettings: pointer.BoolPtr(true),
+ FlatSettings: pointer.Bool(true),
}
settingsRes, err := req.Do(context.Background(), client.client)
var response responses.FlatClusterSettingsResponse
diff --git a/opensearch-operator/pkg/builders/cluster.go b/opensearch-operator/pkg/builders/cluster.go
index 9f4c998f..d155a079 100644
--- a/opensearch-operator/pkg/builders/cluster.go
+++ b/opensearch-operator/pkg/builders/cluster.go
@@ -6,6 +6,8 @@ import (
"sort"
"strings"
+ monitoring "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
+
appsv1 "k8s.io/api/apps/v1"
batchv1 "k8s.io/api/batch/v1"
corev1 "k8s.io/api/core/v1"
@@ -322,7 +324,6 @@ func NewSTSForNodePool(
set -euo pipefail
/usr/share/opensearch/bin/opensearch-keystore create
-
for i in /tmp/keystoreSecrets/*/*; do
key=$(basename $i)
echo "Adding file $i to keystore key $key"
@@ -525,6 +526,7 @@ func NewHeadlessServiceForNodePool(cr *opsterv1.OpenSearchCluster, nodePool *ops
}
func NewServiceForCR(cr *opsterv1.OpenSearchCluster) *corev1.Service {
+
labels := map[string]string{
helpers.ClusterLabel: cr.Name,
}
@@ -897,8 +899,16 @@ func NewSnapshotRepoconfigUpdateJob(
var snapshotCmd string
for _, repository := range instance.Spec.General.SnapshotRepositories {
var snapshotSettings string
- for settingsKey, settingsValue := range repository.Settings {
- snapshotSettings += fmt.Sprintf("\"%s\": \"%s\" , ", settingsKey, settingsValue)
+
+ // Sort keys to have a stable order
+ keys := make([]string, 0, len(repository.Settings))
+ for key := range repository.Settings {
+ keys = append(keys, key)
+ }
+ sort.Strings(keys)
+
+ for _, settingsKey := range keys {
+ snapshotSettings += fmt.Sprintf("\"%s\": \"%s\" , ", settingsKey, repository.Settings[settingsKey])
}
snapshotSettings = strings.TrimRight(snapshotSettings, " ,")
snapshotCmd += fmt.Sprintf("curl --fail-with-body -s -k -u \"$(cat /mnt/admin-credentials/username):$(cat /mnt/admin-credentials/password)\" -X PUT https://%s.svc.cluster.local:%v/_snapshot/%s?pretty -H \"Content-Type: application/json\" -d %c{\"type\": \"%s\", \"settings\": {%s}}%c; ", dns, fmt.Sprint(httpPort), repository.Name, '\'', repository.Type, snapshotSettings, '\'')
@@ -1055,3 +1065,73 @@ func DataNodesCount(ctx context.Context, k8sClient client.Client, cr *opsterv1.O
}
return count
}
+
+func NewServiceMonitor(cr *opsterv1.OpenSearchCluster) *monitoring.ServiceMonitor {
+
+ labels := map[string]string{
+ helpers.ClusterLabel: cr.Name,
+ }
+ selector := metav1.LabelSelector{
+ MatchLabels: labels,
+ }
+
+ namespaceSelector := monitoring.NamespaceSelector{
+ Any: false,
+ MatchNames: []string{cr.Namespace},
+ }
+
+ if cr.Spec.General.Monitoring.ScrapeInterval == "" {
+ cr.Spec.General.Monitoring.ScrapeInterval = "30s"
+ }
+ user := monitoring.BasicAuth{}
+
+ monitorUser := cr.Spec.General.Monitoring.MonitoringUserSecret
+ var basicAuthSecret string
+ if monitorUser == "" {
+ basicAuthSecret = cr.Name + "-admin-password"
+ // Use admin credentials if no separate monitoring user was defined
+ } else {
+ basicAuthSecret = cr.Spec.General.Monitoring.MonitoringUserSecret
+ }
+
+ user = monitoring.BasicAuth{
+ Username: corev1.SecretKeySelector{
+ LocalObjectReference: corev1.LocalObjectReference{Name: basicAuthSecret},
+ Key: "username",
+ },
+ Password: corev1.SecretKeySelector{
+ LocalObjectReference: corev1.LocalObjectReference{Name: basicAuthSecret},
+ Key: "password",
+ },
+ }
+
+ return &monitoring.ServiceMonitor{
+ ObjectMeta: metav1.ObjectMeta{
+ Name: cr.Name + "-monitor",
+ Namespace: cr.Namespace,
+ Labels: labels,
+ },
+ Spec: monitoring.ServiceMonitorSpec{
+ JobLabel: cr.Name + "-monitor",
+ TargetLabels: []string{
+ helpers.ClusterLabel,
+ },
+ PodTargetLabels: []string{
+ helpers.ClusterLabel,
+ },
+ Endpoints: []monitoring.Endpoint{
+ {Port: string(cr.Spec.General.HttpPort),
+ TargetPort: nil,
+ Path: "/_prometheus/metrics",
+ Interval: monitoring.Duration(cr.Spec.General.Monitoring.ScrapeInterval),
+ TLSConfig: nil,
+ BearerTokenFile: "",
+ HonorLabels: false,
+ BasicAuth: &user,
+ },
+ },
+ Selector: selector,
+ NamespaceSelector: namespaceSelector,
+ },
+ }
+}
diff --git a/opensearch-operator/pkg/builders/cluster_test.go b/opensearch-operator/pkg/builders/cluster_test.go
index 885111e3..3d249936 100644
--- a/opensearch-operator/pkg/builders/cluster_test.go
+++ b/opensearch-operator/pkg/builders/cluster_test.go
@@ -284,7 +284,7 @@ var _ = Describe("Builders", func() {
clusterObject.Spec.General.SnapshotRepositories = []opsterv1.SnapshotRepoConfig{snapshotConfig}
result := NewSnapshotRepoconfigUpdateJob(&clusterObject, "snapshotrepoconfig", "foobar", "snapshotrepoconfig/checksum", nil, nil)
Expect(result.Spec.Template.Spec.Containers[0].Name).To(Equal("snapshotrepoconfig"))
- snapshotCmd := "curl --fail-with-body -s -k -u \"$(cat /mnt/admin-credentials/username):$(cat /mnt/admin-credentials/password)\" -X PUT https://snapshotservice.snapshot.svc.cluster.local:9200/_snapshot/os-snap?pretty -H \"Content-Type: application/json\" -d '{\"type\": \"s3\", \"settings\": {\"bucket\": \"opensearch-s3-snapshot\" , \"region\": \"us-east-1\" , \"base_path\": \"os-snapshot\"}}'; "
+ snapshotCmd := "curl --fail-with-body -s -k -u \"$(cat /mnt/admin-credentials/username):$(cat /mnt/admin-credentials/password)\" -X PUT https://snapshotservice.snapshot.svc.cluster.local:9200/_snapshot/os-snap?pretty -H \"Content-Type: application/json\" -d '{\"type\": \"s3\", \"settings\": {\"base_path\": \"os-snapshot\" , \"bucket\": \"opensearch-s3-snapshot\" , \"region\": \"us-east-1\"}}'; "
Expect(result.Spec.Template.Spec.Containers[0].Args).To(ContainElement(snapshotCmd))
})
})
diff --git a/opensearch-operator/pkg/reconcilers/cluster.go b/opensearch-operator/pkg/reconcilers/cluster.go
index 916e0230..fd52b0ba 100644
--- a/opensearch-operator/pkg/reconcilers/cluster.go
+++ b/opensearch-operator/pkg/reconcilers/cluster.go
@@ -72,6 +72,15 @@ func (r *ClusterReconciler) Reconcile() (ctrl.Result, error) {
return ctrl.Result{}, err
}
+ if r.instance.Spec.General.Monitoring.Enable {
+ serviceMonitor := builders.NewServiceMonitor(r.instance)
+ result.CombineErr(ctrl.SetControllerReference(r.instance, serviceMonitor, r.Client.Scheme()))
+ result.Combine(r.ReconcileResource(serviceMonitor, reconciler.StatePresent))
+
+ } else {
+ serviceMonitor := builders.NewServiceMonitor(r.instance)
+ result.Combine(r.ReconcileResource(serviceMonitor, reconciler.StateAbsent))
+ }
clusterService := builders.NewServiceForCR(r.instance)
result.CombineErr(ctrl.SetControllerReference(r.instance, clusterService, r.Client.Scheme()))
result.Combine(r.ReconcileResource(clusterService, reconciler.StatePresent))
diff --git a/opensearch-operator/pkg/reconcilers/dashboards_test.go b/opensearch-operator/pkg/reconcilers/dashboards_test.go
index 738f1420..a7fcc698 100644
--- a/opensearch-operator/pkg/reconcilers/dashboards_test.go
+++ b/opensearch-operator/pkg/reconcilers/dashboards_test.go
@@ -20,7 +20,7 @@ import (
)
// These tests use Ginkgo (BDD-style Go testing framework). Refer to
-// http://onsi.github.io/ginkgo/ to learn more about Ginkgo.
+// http://onsi.github.io/ginkgo/ to learn more about Ginkgo..
func newDashboardsReconciler(spec *opsterv1.OpenSearchCluster) (ReconcilerContext, *DashboardsReconciler) {
reconcilerContext := NewReconcilerContext(spec.Spec.NodePools)
diff --git a/opensearch-operator/pkg/reconcilers/role_test.go b/opensearch-operator/pkg/reconcilers/role_test.go
index 05e5edcf..2d50c274 100644
--- a/opensearch-operator/pkg/reconcilers/role_test.go
+++ b/opensearch-operator/pkg/reconcilers/role_test.go
@@ -226,7 +226,7 @@ var _ = Describe("roles reconciler", func() {
When("existing status is true", func() {
BeforeEach(func() {
- instance.Status.ExistingRole = pointer.BoolPtr(true)
+ instance.Status.ExistingRole = pointer.Bool(true)
})
It("should do nothing", func() {
@@ -314,7 +314,7 @@ var _ = Describe("roles reconciler", func() {
When("existing status is true", func() {
BeforeEach(func() {
- instance.Status.ExistingRole = pointer.BoolPtr(true)
+ instance.Status.ExistingRole = pointer.Bool(true)
})
It("should do nothing", func() {
_, err := reconciler.Reconcile()
@@ -324,7 +324,7 @@ var _ = Describe("roles reconciler", func() {
When("existing status is false", func() {
BeforeEach(func() {
- instance.Status.ExistingRole = pointer.BoolPtr(false)
+ instance.Status.ExistingRole = pointer.Bool(false)
})
When("role exists in opensearch and is the same", func() {
@@ -476,7 +476,7 @@ var _ = Describe("roles reconciler", func() {
When("existing status is true", func() {
BeforeEach(func() {
- instance.Status.ExistingRole = pointer.BoolPtr(true)
+ instance.Status.ExistingRole = pointer.Bool(true)
})
It("should do nothing and exit", func() {
Expect(reconciler.Delete()).To(Succeed())
@@ -485,7 +485,7 @@ var _ = Describe("roles reconciler", func() {
Context("existing status is false", func() {
BeforeEach(func() {
- instance.Status.ExistingRole = pointer.BoolPtr(false)
+ instance.Status.ExistingRole = pointer.Bool(false)
})
When("cluster does not exist", func() {
diff --git a/opensearch-operator/pkg/reconcilers/suite_test.go b/opensearch-operator/pkg/reconcilers/suite_test.go
index b25eca20..050a676e 100644
--- a/opensearch-operator/pkg/reconcilers/suite_test.go
+++ b/opensearch-operator/pkg/reconcilers/suite_test.go
@@ -24,6 +24,7 @@ package reconcilers
import (
"context"
"fmt"
+ monitoring "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
"path/filepath"
"testing"
@@ -32,12 +33,15 @@ import (
ctrl "sigs.k8s.io/controller-runtime"
+ "github.com/banzaicloud/operator-tools/pkg/prometheus"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
corev1 "k8s.io/api/core/v1"
+ apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes/scheme"
"k8s.io/client-go/rest"
+ "k8s.io/utils/pointer"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/envtest"
logf "sigs.k8s.io/controller-runtime/pkg/log"
@@ -70,11 +74,41 @@ var _ = BeforeSuite(func() {
ports, err := freeport.GetFreePorts(2)
Expect(err).NotTo(HaveOccurred())
+ serviceMonitorCRD := apiextensionsv1.CustomResourceDefinition{
+ ObjectMeta: metav1.ObjectMeta{
+ Name: prometheus.ServiceMonitorName + "." + prometheus.GroupVersion.Group,
+ },
+ Spec: apiextensionsv1.CustomResourceDefinitionSpec{
+ Group: prometheus.GroupVersion.Group,
+ Scope: apiextensionsv1.NamespaceScoped,
+ Names: apiextensionsv1.CustomResourceDefinitionNames{
+ Plural: prometheus.ServiceMonitorName,
+ Singular: prometheus.ServiceMonitorKindKey,
+ Kind: prometheus.ServiceMonitorsKind,
+ },
+ Versions: []apiextensionsv1.CustomResourceDefinitionVersion{
+ {
+ Name: prometheus.GroupVersion.Version,
+ Storage: true,
+ Served: true,
+ Schema: &apiextensionsv1.CustomResourceValidation{
+ OpenAPIV3Schema: &apiextensionsv1.JSONSchemaProps{
+ Properties: map[string]apiextensionsv1.JSONSchemaProps{},
+ XPreserveUnknownFields: pointer.Bool(true),
+ Type: "object",
+ },
+ },
+ },
+ },
+ },
+ }
+
var ctx context.Context
ctx, cancel = context.WithCancel(context.TODO())
By("bootstrapping test environment")
testEnv = &envtest.Environment{
+ CRDs: []*apiextensionsv1.CustomResourceDefinition{&serviceMonitorCRD},
CRDDirectoryPaths: []string{filepath.Join("..", "..", "config", "crd", "bases")},
ErrorIfCRDPathMissing: true,
}
@@ -87,6 +121,11 @@ var _ = BeforeSuite(func() {
Expect(err).NotTo(HaveOccurred())
err = opsterv1.AddToScheme(scheme.Scheme)
Expect(err).NotTo(HaveOccurred())
+ //err = prometheus.AddToScheme(scheme.Scheme)
+ //Expect(err).NotTo(HaveOccurred())
+
+ err = monitoring.AddToScheme(scheme.Scheme)
+ Expect(err).NotTo(HaveOccurred())
k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme})
Expect(err).NotTo(HaveOccurred())