CLOUDP-347497: Single cluster Replica Set Controller Refactoring #486
Conversation
MCK 1.6.0 Release NotesNew Features
Bug Fixes
|
This reverts commit 073032b.
Julien-Ben
added
the
skip-changelog
Builder functions Test works
| } | ||
| } | ||
|
|
||
| publishAutomationConfigFirst, err := r.publishAutomationConfigFirstMultiCluster(ctx, &mrs, log) |
There was a problem hiding this comment.
Brought it closer to where it's actually used
| log.Debugw("Marked replica set members as non-voting", "replica set with members", rsMembers) | ||
| } | ||
|
|
||
| // TODO practice shows that automation agents can get stuck on setting db to "disabled" also it seems that this process |
There was a problem hiding this comment.
This comment was old (<2022)
| // Reconcile reads that state of the cluster for a MongoDbReplicaSet object and makes changes based on the state read | ||
| // and what is in the MongoDbReplicaSet.Spec | ||
| func (r *ReconcileMongoDbReplicaSet) Reconcile(ctx context.Context, request reconcile.Request) (res reconcile.Result, e error) { | ||
| // === 1. Initial Checks and setup |
There was a problem hiding this comment.
I added these as helpers for myself at the beginning of the refactoring, to keep track of where I was in the hundreds of lines of the reconcile loop
I'm okay to remove them now if they feel like noise more than useful comments
Julien-Ben
changed the title
| agentCertPath: agentCertPath, | ||
| agentCertHash: agentCertHash, | ||
| currentAgentAuthMode: currentAgentAuthMode, | ||
| } |
There was a problem hiding this comment.
Nit: I think a long list of arguments is better than a struct. It is easier to pass a struct around, but arguments are more explicit: you only pass what you need in a given function. With plain arguments it is easier to spot unused arguments as well.
There is also no question like - why some cert related stuff is in the struct, but tlsCertPath and internalClusterCertPath is not?
I would leave arguments as is.
There was a problem hiding this comment.
I agree with Mikalai here, it is a bit confusing
There was a problem hiding this comment.
That's a valid concern, I hesitated and did it mostly to match what we do in the sharded cluster controller:
type deploymentOptions struct {
podEnvVars *env.PodEnvVars
currentAgentAuthMode string
caFilePath string
agentCertPath string
agentCertHash string
certTLSType map[string]bool
finalizing bool
processNames []string
prometheusCertHash string
}
If we decide to keep the struct, I will put more variables into it for sure while working on the unification, for more consistency.
I'm happy to hear the team's opinion about this
| agentCertPath: agentCertPath, | ||
| agentCertHash: agentCertHash, | ||
| currentAgentAuthMode: currentAgentAuthMode, | ||
| } |
There was a problem hiding this comment.
I agree with Mikalai here, it is a bit confusing
| prometheusCertHash, err := certs.EnsureTLSCertsForPrometheus(ctx, r.SecretClient, rs.GetNamespace(), rs.GetPrometheus(), certs.Database, log) | ||
| if err != nil { | ||
| log.Infof("Could not generate certificates for Prometheus: %s", err) | ||
| return r.updateStatus(ctx, rs, workflow.Failed(err), log) |
There was a problem hiding this comment.
| return r.updateStatus(ctx, rs, workflow.Failed(err), log) | |
| return r.updateStatus(ctx, rs, workflow.Failed(xerrors.Errorf("could not generate certificates for Prometheus: %w", err)), log) |
other errors are more descriptive, is it better to clarify this one too?
There was a problem hiding this comment.
good catch, done
| databaseContainer := container.GetByName(util.DatabaseContainerName, currentSts.Spec.Template.Spec.Containers) | ||
| volumeMounts := databaseContainer.VolumeMounts | ||
|
|
||
| if !mdb.Spec.Security.IsTLSEnabled() && wasTLSSecretMounted(ctx, getter, currentSts, mdb, log) { |
There was a problem hiding this comment.
We probably need a nil check on .Security
There was a problem hiding this comment.
I took it from the common controller, I haven't written it myself, so I will mark it as follow up, but I think we have guardrails against nil Security at initialization, otherwise we would have observed panics already 😅
There was a problem hiding this comment.
I don't find any initialisation. Most of the time we do mdb.GetSecurity() which returns an empty Security value if mdb.Spec.Security is nil.
| // updateOmDeploymentRs performs OM registration operation for the replicaset. So the changes will be finally propagated | ||
| // to automation agents in containers | ||
| func (r *ReconcileMongoDbReplicaSet) updateOmDeploymentRs(ctx context.Context, conn om.Connection, membersNumberBefore int, rs *mdbv1.MongoDB, set appsv1.StatefulSet, log *zap.SugaredLogger, agentCertPath, caFilePath, tlsCertPath, internalClusterCertPath string, prometheusCertHash string, isRecovering bool, shouldMirrorKeyfileForMongot bool) workflow.Status { | ||
| func (r *ReconcileMongoDbReplicaSet) updateOmDeploymentRs(ctx context.Context, conn om.Connection, membersNumberBefore int, rs *mdbv1.MongoDB, log *zap.SugaredLogger, tlsCertPath, internalClusterCertPath string, deploymentOptionsRS deploymentOptionsRS, shouldMirrorKeyfile bool, isRecovering bool) workflow.Status { |
There was a problem hiding this comment.
updateOmDeploymentRs is carrying a lot of responsibilities: waiting for agents, TLS disable coordination, replica-set building, authentication sync, automation-config reconciliation, and cleanup.
func (r *ReconcileMongoDbReplicaSet) updateOmDeploymentRs(
ctx context.Context,
conn om.Connection,
membersBefore int,
rs *mdbv1.MongoDB,
log *zap.SugaredLogger,
tlsCertPath, internalClusterCertPath string,
opts deploymentOptionsRS,
shouldMirrorKeyfile, isRecovering bool,
) workflow.Status {
inputs, status := r.prepareOmDeploymentInputs(ctx, conn, membersBefore, rs, tlsCertPath, opts, shouldMirrorKeyfile, isRecovering, log)
if !status.IsOK() {
return status
}
if status := r.applyReplicaSetAutomation(ctx, conn, rs, inputs, internalClusterCertPath, log); !status.IsOK() {
return status
}
return r.finalizeOmDeployment(ctx, conn, rs, membersBefore, inputs, internalClusterCertPath, isRecovering, log)
}
Each helper focuses on one concern:
type omDeploymentInputs struct {
replicasTarget int
replicaSet replicaset.ReplicaSet
processNames []string
prometheusConfiguration PrometheusConfiguration
additionalReconcileNeeded bool
}
func (r *ReconcileMongoDbReplicaSet) prepareOmDeploymentInputs(...) (omDeploymentInputs, workflow.Status) { /* wait for agents, handle TLS disable, build replicaSet */ }
func (r *ReconcileMongoDbReplicaSet) applyReplicaSetAutomation(...) workflow.Status { /* auth reconciliation + ReadUpdateDeployment */ }
func (r *ReconcileMongoDbReplicaSet) finalizeOmDeployment(...) workflow.Status { /* wait for ready, log rotate, host diff, backup */ }There was a problem hiding this comment.
You can also use parameters instead of omDeploymentInputs
There was a problem hiding this comment.
Same remark as in the other comment, I'll mark it as follow up to not increase the size of the PR, since I just slightly modified the method here.
But if I have time during the unification implementation, I'll make sure to do it ! Thanks for the suggestion
| databaseContainer := container.GetByName(util.DatabaseContainerName, currentSts.Spec.Template.Spec.Containers) | ||
| volumeMounts := databaseContainer.VolumeMounts | ||
|
|
||
| if !mdb.Spec.Security.IsTLSEnabled() && wasTLSSecretMounted(ctx, getter, currentSts, mdb, log) { |
There was a problem hiding this comment.
I don't find any initialisation. Most of the time we do mdb.GetSecurity() which returns an empty Security value if mdb.Spec.Security is nil.
4 participants
CLOUDP-347497 - Single cluster Replica Set Controller Refactoring
Why this refactoring
The single-cluster RS controller was mixing two concerns:
This worked fine for single-cluster, but it's a problem when you think about multi-cluster:
So we need to separate these layers properly.
Main changes
1. Broke down the huge Reconcile() method
Before: ~300 lines of inline logic in Reconcile()
Now:
This makes it way easier to understand what's happening and matches the multi-cluster controller structure.
2. Removed StatefulSet dependency from OM operations
Created new helper functions that work directly with MongoDB resources instead of StatefulSets:
CreateMongodProcessesFromMongoDB()- was using StatefulSet beforeBuildFromMongoDBWithReplicas()- sameWaitForRsAgentsToRegisterByResource()- sameThese mirror the existing
...FromStatefulSetfunctions but take MongoDB resources instead.Why it matters: The OM layer now only cares about the MongoDB resource definition, not how it's deployed in K8s. This makes the code work the same way for both single-cluster and multi-cluster.
3. Added publishAutomationConfigFirstRS checks
Dedicated function for RS instead of using the shared one. Does not rely on a statefulset object.
Important for review
The ideal way to review this PR is to compare the new structure to the
mongodbmultireplicaset_controller.go. The aim of the refactoring is to get the single cluster controller closer to it.Look at:
reconcileMemberResources()in both controllers - similar structure nowupdateOmDeploymentRs()- no more StatefulSet dependencyom/processandom/replicaset- mirror existing patternsBug found along the way
The logic to handle scale up + disable TLS at the same time doesn't actually work properly and should be blocked by validation (see draft PR #490 for more details).
Tests added
Added tests for the new helper functions:
TestCreateMongodProcessesFromMongoDB- basic scenarios, scaling, custom domains, TLS, additional configTestBuildFromMongoDBWithReplicas- integration test checking ReplicaSet structure and member options propagationTestPublishAutomationConfigFirstRS- automation config publish logic with various TLS/auth scenarios