diff --git a/cmd/main.go b/cmd/main.go index 97228a5e..c05b6f73 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -19,7 +19,9 @@ package main import ( "crypto/tls" "flag" + "fmt" "os" + "strings" // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) // to ensure that exec-entrypoint and run can make use of them. @@ -29,6 +31,7 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/cache" "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" @@ -94,7 +97,12 @@ func main() { TLSOpts: tlsOpts, }) - mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{ + watchNamespace, err := getWatchNamespace() + if err != nil { + setupLog.Error(err, "manager requires namespace to be registered for caching resources") + os.Exit(1) + } + options := ctrl.Options{ Scheme: scheme, Metrics: metricsserver.Options{ BindAddress: metricsAddr, @@ -116,7 +124,17 @@ func main() { // if you are doing or is intended to do any operation such as perform cleanups // after the manager stops then its usage might be unsafe. // LeaderElectionReleaseOnCancel: true, - }) + Cache: cache.Options{ + DefaultNamespaces: map[string]cache.Config{watchNamespace: {}}, + }, + } + if strings.Contains(watchNamespace, ",") { + setupLog.Info("manager set up with multiple namespaces", "namespaces", watchNamespace) + options.Namespace = "" + options.NewCache = cache.MultiNamespacedCacheBuilder(strings.Split(watchNamespace, ",")) + } + + mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), options) if err != nil { setupLog.Error(err, "unable to start manager") os.Exit(1) @@ -160,3 +178,14 @@ func main() { os.Exit(1) } } + +// getWatchNamespace returns the Namespace the operator should be watching for changes +func getWatchNamespace() (string, error) { + var watchNamespaceEnvVar = "WATCH_NAMESPACE" + + ns := os.Getenv(watchNamespaceEnvVar) + if ns == "" { + return "", fmt.Errorf("%s must be set", watchNamespaceEnvVar) + } + return ns, nil +} diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 82ef1957..764d99fa 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -87,6 +87,10 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace resources: limits: cpu: 500m diff --git a/deploy/all-in-one/install.yaml b/deploy/all-in-one/install.yaml index 07e8a387..f8019f0b 100644 --- a/deploy/all-in-one/install.yaml +++ b/deploy/all-in-one/install.yaml @@ -15494,6 +15494,10 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace - name: CSI_SERVICE_ACCOUNT_PREFIX value: ceph-csi-operator- image: quay.io/cephcsi/ceph-csi-operator:latest diff --git a/deploy/multifile/operator.yaml b/deploy/multifile/operator.yaml index d9da73c0..916837de 100644 --- a/deploy/multifile/operator.yaml +++ b/deploy/multifile/operator.yaml @@ -626,6 +626,10 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace - name: CSI_SERVICE_ACCOUNT_PREFIX value: ceph-csi-operator- image: quay.io/cephcsi/ceph-csi-operator:latest