New parameters layout

api/v1alpha1/webserver_types.go

@@ -24,30 +24,18 @@ type WebServerSpec struct {
 	EnvironmentVariables []corev1.EnvVar `json:"environmentVariables,omitempty"`
 	// Use Session Clustering
 	UseSessionClustering bool `json:"useSessionClustering,omitempty"`
-	// Route behaviour:[tls]hostname/NONE or empty.
-	RouteHostname string `json:"routeHostname,omitempty"`
-	// certificateVerification for tomcat configuration: required/optional or empty.
-	CertificateVerification string `json:"certificateVerification,omitempty"`
-	// TLSSecret secret containing server.cert the server certificate, server.key the server key and optional ca.cert the CA cert of the client certificates
-	TLSSecret string `json:"tlsSecret,omitempty"`
-	// TLSPassword passphrase for the key in the client.key
-	TLSPassword string `json:"tlsPassword,omitempty"`
+	// TLS configuration
+	TLSConfig TLSConfig `json:"tlsConfig,omitempty"`
+	// Persistent logs configuration
+	PersistentLogsConfig PersistentLogs `json:"persistentLogs,omitempty"`
 	// (Deployment method 1) Application image
 	WebImage *WebImageSpec `json:"webImage,omitempty"`
 	// (Deployment method 2) Imagestream
 	WebImageStream *WebImageStreamSpec `json:"webImageStream,omitempty"`
 	// Configuration of the resources used by the WebServer, ie CPU and memory, use limits and requests
 	PodResources corev1.ResourceRequirements `json:"podResources,omitempty"`
-	//If true operator will create a PVC to save the logs.
-	PersistentLogs bool `json:"persistentLogs,omitempty"`
-	//If true operator will log tomcat's access logs
-	EnableAccessLogs bool `json:"enableAccessLogs,omitempty"`
 	// IsNotJWS boolean that specifies if the image is JWS or not.
 	IsNotJWS bool `json:"isNotJWS,omitempty"`
-	// VolumeName is the name of pv we eant to bound
-	VolumeName string `json:"volumeName,omitempty"`
-	// StorageClass name of the storage class we want to use for the bound
-	StorageClass string `json:"storageClass,omitempty"`
 	// SecurityContext defines the security capabilities required to run the application.
 	SecurityContext *corev1.SecurityContext `json:"securityContext,omitempty"`
 }
@@ -102,6 +90,29 @@ type WebImageStreamSpec struct {
 	WebServerHealthCheck *WebServerHealthCheckSpec `json:"webServerHealthCheck,omitempty"`
 }
 
+// TLS settings
+type TLSConfig struct {
+	// TLSSecret secret containing server.cert the server certificate, server.key the server key and optional ca.cert the CA cert of the client certificates
+	TLSSecret string `json:"tlsSecret,omitempty"`
+	// TLSPassword passphrase for the key in the client.key
+	TLSPassword string `json:"tlsPassword,omitempty"`
+	// certificateVerification for tomcat configuration: required/optional or empty.
+	CertificateVerification string `json:"certificateVerification,omitempty"`
+	// Route behaviour:[tls]hostname/NONE or empty.
+	RouteHostname string `json:"routeHostname,omitempty"`
+}
+
+type PersistentLogs struct {
+	//If true operator will log tomcat's catalina logs
+	CatalinaLogs bool `json:"catalinaLogs,omitempty"`
+	//If true operator will log tomcat's access logs
+	AccessLogs bool `json:"enableAccessLogs,omitempty"`
+	// VolumeName is the name of pv we eant to bound
+	VolumeName string `json:"volumeName,omitempty"`
+	// StorageClass name of the storage class we want to use for the bound
+	StorageClass string `json:"storageClass,omitempty"`
+}
+
 // (Optional) Source code information
 type WebSourcesSpec struct {
 	// URL for the repository of the application sources

config/crd/bases/web.servers.org_webservers.yaml

@@ -40,13 +40,6 @@ spec:
                 description: The base for the names of the deployed application resources
                 pattern: ^[a-z]([-a-z0-9]*[a-z0-9])?$
                 type: string
-              certificateVerification:
-                description: 'certificateVerification for tomcat configuration: required/optional
-                  or empty.'
-                type: string
-              enableAccessLogs:
-                description: If true operator will log tomcat's access logs
-                type: boolean
               environmentVariables:
                 description: Environment Variables for deployment
                 items:
@@ -157,8 +150,22 @@ spec:
                   not.
                 type: boolean
               persistentLogs:
-                description: If true operator will create a PVC to save the logs.
-                type: boolean
+                description: Persistent logs configuration
+                properties:
+                  catalinaLogs:
+                    description: If true operator will log tomcat's catalina logs
+                    type: boolean
+                  enableAccessLogs:
+                    description: If true operator will log tomcat's access logs
+                    type: boolean
+                  storageClass:
+                    description: StorageClass name of the storage class we want to
+                      use for the bound
+                    type: string
+                  volumeName:
+                    description: VolumeName is the name of pv we eant to bound
+                    type: string
+                type: object
               podResources:
                 description: Configuration of the resources used by the WebServer,
                   ie CPU and memory, use limits and requests
@@ -191,9 +198,6 @@ spec:
                 format: int32
                 minimum: 0
                 type: integer
-              routeHostname:
-                description: Route behaviour:[tls]hostname/NONE or empty.
-                type: string
               securityContext:
                 description: SecurityContext defines the security capabilities required
                   to run the application.
@@ -354,24 +358,28 @@ spec:
                         type: string
                     type: object
                 type: object
-              storageClass:
-                description: StorageClass name of the storage class we want to use
-                  for the bound
-                type: string
-              tlsPassword:
-                description: TLSPassword passphrase for the key in the client.key
-                type: string
-              tlsSecret:
-                description: TLSSecret secret containing server.cert the server certificate,
-                  server.key the server key and optional ca.cert the CA cert of the
-                  client certificates
-                type: string
+              tlsConfig:
+                description: TLS configuration
+                properties:
+                  certificateVerification:
+                    description: 'certificateVerification for tomcat configuration:
+                      required/optional or empty.'
+                    type: string
+                  routeHostname:
+                    description: Route behaviour:[tls]hostname/NONE or empty.
+                    type: string
+                  tlsPassword:
+                    description: TLSPassword passphrase for the key in the client.key
+                    type: string
+                  tlsSecret:
+                    description: TLSSecret secret containing server.cert the server
+                      certificate, server.key the server key and optional ca.cert
+                      the CA cert of the client certificates
+                    type: string
+                type: object
               useSessionClustering:
                 description: Use Session Clustering
                 type: boolean
-              volumeName:
-                description: VolumeName is the name of pv we eant to bound
-                type: string
               webImage:
                 description: (Deployment method 1) Application image
                 properties:

controllers/templates.go

@@ -208,12 +208,12 @@ func (r *WebServerReconciler) generatePersistentVolumeClaimForLogging(webServer
 		},
 	}
 
-	if webServer.Spec.VolumeName != "" {
-		pvc.Spec.VolumeName = webServer.Spec.VolumeName
+	if webServer.Spec.PersistentLogsConfig.VolumeName != "" {
+		pvc.Spec.VolumeName = webServer.Spec.PersistentLogsConfig.VolumeName
 	}
 
-	if webServer.Spec.StorageClass != "" {
-		pvc.Spec.StorageClassName = &webServer.Spec.StorageClass
+	if webServer.Spec.PersistentLogsConfig.StorageClass != "" {
+		pvc.Spec.StorageClassName = &webServer.Spec.PersistentLogsConfig.StorageClass
 	}
 
 	controllerutil.SetControllerReference(webServer, pvc, r.Scheme)
@@ -631,7 +631,7 @@ func (r *WebServerReconciler) generateRoute(webServer *webserversv1alpha1.WebSer
 		"description": "Route for application's http service.",
 	}
 	route := &routev1.Route{}
-	if webServer.Spec.RouteHostname == "" {
+	if webServer.Spec.TLSConfig.RouteHostname == "" {
 		route = &routev1.Route{
 			ObjectMeta: objectMeta,
 			Spec: routev1.RouteSpec{
@@ -644,7 +644,7 @@ func (r *WebServerReconciler) generateRoute(webServer *webserversv1alpha1.WebSer
 		route = &routev1.Route{
 			ObjectMeta: objectMeta,
 			Spec: routev1.RouteSpec{
-				Host: webServer.Spec.RouteHostname,
+				Host: webServer.Spec.TLSConfig.RouteHostname,
 				To: routev1.RouteTargetReference{
 					Name: webServer.Spec.ApplicationName,
 				},
@@ -662,7 +662,7 @@ func (r *WebServerReconciler) generateSecureRoute(webServer *webserversv1alpha1.
 		"description": "Route for application's https service.",
 	}
 	route := &routev1.Route{}
-	if len(webServer.Spec.RouteHostname) <= 3 {
+	if len(webServer.Spec.TLSConfig.RouteHostname) <= 3 {
 		route = &routev1.Route{
 			ObjectMeta: objectMeta,
 			Spec: routev1.RouteSpec{
@@ -678,7 +678,7 @@ func (r *WebServerReconciler) generateSecureRoute(webServer *webserversv1alpha1.
 		route = &routev1.Route{
 			ObjectMeta: objectMeta,
 			Spec: routev1.RouteSpec{
-				Host: webServer.Spec.RouteHostname[4:],
+				Host: webServer.Spec.TLSConfig.RouteHostname[4:],
 				To: routev1.RouteTargetReference{
 					Name: webServer.Spec.ApplicationName,
 				},
@@ -872,20 +872,19 @@ func (r *WebServerReconciler) generateEnvVars(webServer *webserversv1alpha1.WebS
 			Value: value,
 		},
 	}
-	if webServer.Spec.EnableAccessLogs {
+	if webServer.Spec.PersistentLogsConfig.AccessLogs {
 		env = append(env, corev1.EnvVar{
 			Name:  "ENABLE_ACCESS_LOG",
 			Value: "true",
 		})
 	}
-	if strings.HasPrefix(webServer.Spec.RouteHostname, "tls") || webServer.Spec.UseSessionClustering || webServer.Spec.EnableAccessLogs {
-		// Add parameter USE_SESSION_CLUSTERING
+	if strings.HasPrefix(webServer.Spec.TLSConfig.RouteHostname, "tls") || webServer.Spec.UseSessionClustering || webServer.Spec.PersistentLogsConfig.AccessLogs {
 		env = append(env, corev1.EnvVar{
 			Name:  "ENV_FILES",
 			Value: "/env/my-files/test.sh",
 		})
 	}
-	if webServer.Spec.PersistentLogs {
+	if webServer.Spec.PersistentLogsConfig.CatalinaLogs {
 		//custum logging.properties path
 		env = append(env, corev1.EnvVar{
 			Name:  "CATALINA_LOGGING_CONFIG",
@@ -902,7 +901,7 @@ func (r *WebServerReconciler) generateEnvVars(webServer *webserversv1alpha1.WebS
 func (r *WebServerReconciler) generateVolumeMounts(webServer *webserversv1alpha1.WebServer) []corev1.VolumeMount {
 	var volm []corev1.VolumeMount
 
-	if webServer.Spec.PersistentLogs {
+	if webServer.Spec.PersistentLogsConfig.CatalinaLogs || webServer.Spec.PersistentLogsConfig.AccessLogs {
 		volm = append(volm, corev1.VolumeMount{
 			Name:      "config-volume",
 			MountPath: "/opt/operator_conf/logging.properties",
@@ -914,7 +913,7 @@ func (r *WebServerReconciler) generateVolumeMounts(webServer *webserversv1alpha1
 		})
 	}
 
-	if strings.HasPrefix(webServer.Spec.RouteHostname, "tls") || webServer.Spec.UseSessionClustering || webServer.Spec.EnableAccessLogs {
+	if strings.HasPrefix(webServer.Spec.TLSConfig.RouteHostname, "tls") || webServer.Spec.UseSessionClustering || webServer.Spec.PersistentLogsConfig.AccessLogs {
 		volm = append(volm, corev1.VolumeMount{
 			Name:      "webserver-" + webServer.Name,
 			MountPath: "/env/my-files",
@@ -951,7 +950,7 @@ func (r *WebServerReconciler) generateVolumeMounts(webServer *webserversv1alpha1
 		}
 	}
 
-	if webServer.Spec.TLSSecret != "" {
+	if webServer.Spec.TLSConfig.TLSSecret != "" {
 		volm = append(volm, corev1.VolumeMount{
 			Name:      "webserver-tls" + webServer.Name,
 			MountPath: "/tls",
@@ -965,7 +964,7 @@ func (r *WebServerReconciler) generateVolumeMounts(webServer *webserversv1alpha1
 // Create the Volumes
 func (r *WebServerReconciler) generateVolumes(webServer *webserversv1alpha1.WebServer) []corev1.Volume {
 	var vol []corev1.Volume
-	if webServer.Spec.PersistentLogs {
+	if webServer.Spec.PersistentLogsConfig.CatalinaLogs || webServer.Spec.PersistentLogsConfig.AccessLogs {
 		vol = append(vol, corev1.Volume{
 			Name: "config-volume",
 			VolumeSource: corev1.VolumeSource{
@@ -987,7 +986,7 @@ func (r *WebServerReconciler) generateVolumes(webServer *webserversv1alpha1.WebS
 		})
 	}
 
-	if strings.HasPrefix(webServer.Spec.RouteHostname, "tls") || webServer.Spec.UseSessionClustering || webServer.Spec.EnableAccessLogs {
+	if strings.HasPrefix(webServer.Spec.TLSConfig.RouteHostname, "tls") || webServer.Spec.UseSessionClustering || webServer.Spec.PersistentLogsConfig.AccessLogs {
 		vol = append(vol, corev1.Volume{
 			Name: "webserver-" + webServer.Name,
 			VolumeSource: corev1.VolumeSource{
@@ -1053,12 +1052,12 @@ func (r *WebServerReconciler) generateVolumes(webServer *webserversv1alpha1.WebS
 		}
 	}
 
-	if webServer.Spec.TLSSecret != "" {
+	if webServer.Spec.TLSConfig.TLSSecret != "" {
 		vol = append(vol, corev1.Volume{
 			Name: "webserver-tls" + webServer.Name,
 			VolumeSource: corev1.VolumeSource{
 				Secret: &corev1.SecretVolumeSource{
-					SecretName: webServer.Spec.TLSSecret,
+					SecretName: webServer.Spec.TLSConfig.TLSSecret,
 				},
 			},
 		})
@@ -1137,7 +1136,7 @@ func (r *WebServerReconciler) generateCommandForASFStart(webServer *webserversv1
 
 		"# Copy the war in webapps (probably we can use a ENV_FILES for that)\n" +
 		"cp /deployments/*.war /deployments/webapps/ || true\n"
-	if webServer.Spec.PersistentLogs {
+	if webServer.Spec.PersistentLogsConfig.CatalinaLogs || webServer.Spec.PersistentLogsConfig.AccessLogs {
 		cmd["start.sh"] = cmd["start.sh"] + "#operator's configuration for logging\n" +
 			"export JAVA_OPTS=\"-Dcatalina.base=. -Djava.security.egd=file:/dev/urandom -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.util.logging.config.file=/opt/operator_conf/logging.properties -Dpod_name=\"$HOSTNAME\"\"\n"
 	}
@@ -1176,7 +1175,7 @@ func (r *WebServerReconciler) generateLivenessProbeScript(webServer *webserversv
 func (r *WebServerReconciler) generateCommandForServerXml(webServer *webserversv1alpha1.WebServer) map[string]string {
 	cmd := make(map[string]string)
 	connector := ""
-	if strings.HasPrefix(webServer.Spec.RouteHostname, "tls") {
+	if strings.HasPrefix(webServer.Spec.TLSConfig.RouteHostname, "tls") {
 		// "/tls" is the dir in which the secret's contents are mounted to the pod
 		connector +=
 			"https=\"<!-- No HTTPS configuration discovered -->\"\n" +
@@ -1185,8 +1184,8 @@ func (r *WebServerReconciler) generateCommandForServerXml(webServer *webserversv
 				"https=\"" +
 				"<Connector port=\\\"8443\\\" protocol=\\\"HTTP/1.1\\\" " +
 				"maxThreads=\\\"200\\\" SSLEnabled=\\\"true\\\"> "
-		if webServer.Spec.CertificateVerification == "required" || webServer.Spec.CertificateVerification == "optional" {
-			connector += "<SSLHostConfig caCertificateFile=\\\"/tls/ca.crt\\\" certificateVerification=\\\"" + webServer.Spec.CertificateVerification + "\\\"> "
+		if webServer.Spec.TLSConfig.CertificateVerification == "required" || webServer.Spec.TLSConfig.CertificateVerification == "optional" {
+			connector += "<SSLHostConfig caCertificateFile=\\\"/tls/ca.crt\\\" certificateVerification=\\\"" + webServer.Spec.TLSConfig.CertificateVerification + "\\\"> "
 		} else {
 			connector += "<SSLHostConfig caCertificateFile=\\\"/tls/ca.crt\\\"> "
 		}
@@ -1198,8 +1197,8 @@ func (r *WebServerReconciler) generateCommandForServerXml(webServer *webserversv
 			"https=\"" +
 			"<Connector port=\\\"8443\\\" protocol=\\\"HTTP/1.1\\\" " +
 			"maxThreads=\\\"200\\\" SSLEnabled=\\\"true\\\"> "
-		if webServer.Spec.CertificateVerification == "required" || webServer.Spec.CertificateVerification == "optional" {
-			connector += "<SSLHostConfig " + "certificateVerification=\\\"" + webServer.Spec.CertificateVerification + "\\\"> "
+		if webServer.Spec.TLSConfig.CertificateVerification == "required" || webServer.Spec.TLSConfig.CertificateVerification == "optional" {
+			connector += "<SSLHostConfig " + "certificateVerification=\\\"" + webServer.Spec.TLSConfig.CertificateVerification + "\\\"> "
 		} else {
 			connector += "<SSLHostConfig> "
 		}
@@ -1233,7 +1232,7 @@ func (r *WebServerReconciler) generateCommandForServerXml(webServer *webserversv
 	} else {
 		cmd["test.sh"] = cmd["test.sh"] + connector
 	}
-	if webServer.Spec.EnableAccessLogs {
+	if webServer.Spec.PersistentLogsConfig.AccessLogs {
 		cmd["test.sh"] = cmd["test.sh"] + "grep -q directory='\"/proc/self/fd\"' ${FILE}\n" +
 			"if [ $? -eq 0 ]; then\n" +
 			"sed -i 's|directory=\"/proc/self/fd\"|directory=\"/opt/tomcat_logs\"|g' ${FILE}\n" +