diff --git a/deploy/crds/noobaa.io_noobaas.yaml b/deploy/crds/noobaa.io_noobaas.yaml index 6eb1b66ab..414470207 100644 --- a/deploy/crds/noobaa.io_noobaas.yaml +++ b/deploy/crds/noobaa.io_noobaas.yaml @@ -1028,6 +1028,9 @@ spec: - guaranteed - much more reliable but need to provide a storage class that supports RWX PVs type: string type: object + notificationsPVC: + description: Name of PVC used for notification persistent files. + type: string cleanupPolicy: description: CleanupPolicy (optional) Indicates user's policy for deletion diff --git a/pkg/apis/noobaa/v1alpha1/noobaa_types.go b/pkg/apis/noobaa/v1alpha1/noobaa_types.go index 0d7f4ac79..d2fab583d 100644 --- a/pkg/apis/noobaa/v1alpha1/noobaa_types.go +++ b/pkg/apis/noobaa/v1alpha1/noobaa_types.go @@ -227,6 +227,11 @@ type NooBaaSpec struct { // BucketLogging sets the configuration for bucket logging // +optional BucketLogging BucketLoggingSpec `json:"bucketLogging,omitempty"` + + // NotificationsPVC (optional) specifies the name of the Persistent Volume Claim (PVC) to be used + // for notifications persistent files. + // +optional + NotificationsPVC *string `json:"notificationsPVC,omitempty"` } // AutoscalerSpec defines different actoscaling spec such as autoscaler type and prometheus namespace diff --git a/pkg/bundle/deploy.go b/pkg/bundle/deploy.go index 03b2b6803..ff28d4a53 100644 --- a/pkg/bundle/deploy.go +++ b/pkg/bundle/deploy.go @@ -2447,6 +2447,9 @@ spec: - guaranteed - much more reliable but need to provide a storage class that supports RWX PVs type: string type: object + notificationsPVC: + description: Name of PVC used for notification persistent files. + type: string cleanupPolicy: description: CleanupPolicy (optional) Indicates user's policy for deletion diff --git a/pkg/system/phase2_creating.go b/pkg/system/phase2_creating.go index b94f0626c..2f1c5d584 100644 --- a/pkg/system/phase2_creating.go +++ b/pkg/system/phase2_creating.go @@ -450,6 +450,16 @@ func (r *Reconciler) setDesiredCoreEnv(c *corev1.Container) { } } } + + if r.NooBaa.Spec.NotificationsPVC != nil { + envVar := corev1.EnvVar{ + Name: "NOTIFICATION_LOG_DIR", + Value: "/var/logs/notifications", + } + + util.MergeEnvArrays(&c.Env, &[]corev1.EnvVar{envVar}); + } + } // SetDesiredCoreApp updates the CoreApp as desired for reconciling @@ -519,6 +529,51 @@ func (r *Reconciler) SetDesiredCoreApp() error { }} util.MergeVolumeMountList(&c.VolumeMounts, &bucketLogVolumeMounts) } + + if r.NooBaa.Spec.NotificationsPVC != nil { + notificationVolumeMounts := []corev1.VolumeMount{{ + Name: "notif-vol", + MountPath: "/var/logs/notifications", + }} + util.MergeVolumeMountList(&c.VolumeMounts, ¬ificationVolumeMounts) + + notificationVolumes := []corev1.Volume {{ + Name: "notif-vol", + VolumeSource: corev1.VolumeSource { + PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource { + ClaimName: *r.NooBaa.Spec.NotificationsPVC, + }, + }, + }} + util.MergeVolumeList(&podSpec.Volumes, ¬ificationVolumes) + + //find secrets that tell us how to connect to remote notifications servers, + //mount them so core can read them + notificatoinSecrets := &corev1.SecretList{} + noobaaNotifSelector, _ := labels.Parse("app=noobaa,noobaa=notifications") + util.KubeList(notificatoinSecrets, &client.ListOptions{Namespace: options.Namespace, LabelSelector: noobaaNotifSelector}) + + for _, notificationSecret := range notificatoinSecrets.Items { + + secretVolumeMounts := []corev1.VolumeMount{{ + Name: notificationSecret.Name, + MountPath: "/etc/notif_connect/" + notificationSecret.Name, + ReadOnly: true, + }} + util.MergeVolumeMountList(&c.VolumeMounts, &secretVolumeMounts) + + secretVolumes := []corev1.Volume{{ + Name: notificationSecret.Name, + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + SecretName: notificationSecret.Name, + }, + }, + }} + util.MergeVolumeList(&podSpec.Volumes, &secretVolumes) + } + } + case "noobaa-log-processor": if c.Image != r.NooBaa.Status.ActualImage { coreImageChanged = true @@ -624,6 +679,7 @@ func (r *Reconciler) SetDesiredCoreApp() error { }} util.MergeVolumeList(&podSpec.Volumes, &bucketLogVolumes) } + return nil } diff --git a/pkg/system/phase4_configuring.go b/pkg/system/phase4_configuring.go index e6f839869..14f81b430 100644 --- a/pkg/system/phase4_configuring.go +++ b/pkg/system/phase4_configuring.go @@ -415,6 +415,15 @@ func (r *Reconciler) SetDesiredDeploymentEndpoint() error { } } + if r.NooBaa.Spec.NotificationsPVC != nil { + envVar := corev1.EnvVar{ + Name: "NOTIFICATION_LOG_DIR", + Value: "/var/logs/notifications", + } + + util.MergeEnvArrays(&c.Env, &[]corev1.EnvVar{envVar}); + } + c.SecurityContext = &corev1.SecurityContext{ Capabilities: &corev1.Capabilities{ Add: []corev1.Capability{"SETUID", "SETGID"}, @@ -533,6 +542,24 @@ func (r *Reconciler) setDesiredEndpointMounts(podSpec *corev1.PodSpec, container util.MergeVolumeMountList(&container.VolumeMounts, &bucketLogVolumeMounts) } + if r.NooBaa.Spec.NotificationsPVC != nil { + notificationVolumes := []corev1.Volume{{ + Name: "notif-vol", + VolumeSource: corev1.VolumeSource{ + PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ + ClaimName: *r.NooBaa.Spec.NotificationsPVC, + }, + }, + }} + util.MergeVolumeList(&podSpec.Volumes, ¬ificationVolumes) + + notificationVolumeMounts := []corev1.VolumeMount{{ + Name: "notif-vol", + MountPath: "/var/logs/notifications", + }} + util.MergeVolumeMountList(&container.VolumeMounts, ¬ificationVolumeMounts) + } + r.setDesiredRootMasterKeyMounts(podSpec, container) for _, nsStore := range namespaceStoreList.Items {