Support specifying Service type

CHANGELOG.md

@@ -12,8 +12,13 @@ All notable changes to this project will be documented in this file.
 
 ### Changed
 
-- `operator-rs` `0.36.0` -> `0.39.0` ([#326], [#337]).
 - [Breaking] Moved top level config option to `clusterConfig` ([#326]).
+- [BREAKING] Support specifying Service type.
+ This enables us to later switch non-breaking to using `ListenerClasses` for the exposure of Services.
+ This change is breaking, because - for security reasons - we default to the `cluster-internal` `ListenerClass`.
+ If you need you cluster to be accessible from outside of Kubernetes you need to set `clusterConfig.listenerClass`
+ to `external-unstable` ([#XXX]).
+ - `operator-rs` `0.36.0` -> `0.39.0` ([#326], [#337]).
 
 ### Removed
 

rust/crd/src/lib.rs

@@ -90,6 +90,39 @@ pub struct HdfsClusterConfig {
  pub vector_aggregator_config_map_name: Option<String>,
  /// Name of the ZooKeeper discovery config map.
  pub zookeeper_config_map_name: String,
+ /// In the future this setting will control, which ListenerClass <https://docs.stackable.tech/home/stable/listener-operator/listenerclass.html>
+ /// will be used to expose the service.
+ /// Currently only a subset of the ListenerClasses are supported by choosing the type of the created Services
+ /// by looking at the ListenerClass name specified,
+ /// In a future release support for custom ListenerClasses will be introduced without a breaking change:
+ ///
+ /// * cluster-internal: Use a ClusterIP service
+ ///
+ /// * external-unstable: Use a NodePort service
+ #[serde(default)]
+ pub listener_class: CurrentlySupportedListenerClasses,
+}
+
+// TODO: Temporary solution until listener-operator is finished
+#[derive(
+ Clone, Debug, Default, Display, Deserialize, Eq, Hash, JsonSchema, PartialEq, Serialize,
+)]
+#[serde(rename_all = "PascalCase")]
+pub enum CurrentlySupportedListenerClasses {
+ #[default]
+ #[serde(rename = "cluster-internal")]
+ ClusterInternal,
+ #[serde(rename = "external-unstable")]
+ ExternalUnstable,
+}
+
+impl CurrentlySupportedListenerClasses {
+ pub fn k8s_service_type(&self) -> String {
+ match self {
+ CurrentlySupportedListenerClasses::ClusterInternal => "ClusterIP".to_string(),
+ CurrentlySupportedListenerClasses::ExternalUnstable => "NodePort".to_string(),
+ }
+ }
 }
 
 /// This is a shared trait for all role/role-group config structs to avoid duplication
@@ -433,9 +466,15 @@ impl HdfsCluster {
  );
  group_labels.insert(String::from("role"), rolegroup_ref.role.clone());
  group_labels.insert(String::from("group"), rolegroup_ref.role_group.clone());
- // TODO: in a production environment, probably not all roles need to be exposed with one NodePort per Pod but it's
- // useful for development purposes.
- group_labels.insert(LABEL_ENABLE.to_string(), "true".to_string());
+
+ if self.spec.cluster_config.listener_class
+ == CurrentlySupportedListenerClasses::ExternalUnstable
+ {
+ // TODO: in a production environment, probably not all roles need to be exposed with one NodePort per Pod but it's
+ // useful for development purposes.
+
+ group_labels.insert(LABEL_ENABLE.to_string(), "true".to_string());
+ }
 
  group_labels
  }

rust/operator/src/hdfs_controller.rs

@@ -338,6 +338,8 @@ fn rolegroup_service(
  .with_label("prometheus.io/scrape", "true")
  .build(),
  spec: Some(ServiceSpec {
+ // Internal communication does not need to be exposed
+ type_: Some("ClusterIP".to_string()),
  cluster_ip: Some("None".to_string()),
  ports: Some(
  role.ports()

tests/templates/kuttl/smoke/01-install-zk.yaml.j2

@@ -7,8 +7,9 @@ spec:
  image:
  productVersion: "{{ test_scenario['values']['zookeeper'].split('-stackable')[0] }}"
  stackableVersion: "{{ test_scenario['values']['zookeeper'].split('-stackable')[1] }}"
-{% if lookup('env', 'VECTOR_AGGREGATOR') %}
  clusterConfig:
+ listenerClass: {{ test_scenario['values']['listener-class'] }}
+{% if lookup('env', 'VECTOR_AGGREGATOR') %}
  logging:
  vectorAggregatorConfigMapName: vector-aggregator-discovery
 {% endif %}

tests/templates/kuttl/smoke/02-install-hdfs.yaml.j2

@@ -16,6 +16,7 @@ spec:
  clusterConfig:
  dfsReplication: 1
  zookeeperConfigMapName: hdfs-zk
+ listenerClass: {{ test_scenario['values']['listener-class'] }}
 {% if lookup('env', 'VECTOR_AGGREGATOR') %}
  vectorAggregatorConfigMapName: vector-aggregator-discovery
 {% endif %}

tests/templates/kuttl/smoke/04-assert.yaml

@@ -2,4 +2,4 @@
 apiVersion: kuttl.dev/v1beta1
 kind: TestAssert
 commands:
- - script: kubectl exec -n $NAMESPACE webhdfs-0 -- python /tmp/webhdfs.py ls
+ - script: kubectl exec -n $NAMESPACE webhdfs-0 -- python /tmp/webhdfs.py $NAMESPACE ls

tests/templates/kuttl/smoke/04-create-file.yaml

@@ -4,4 +4,4 @@ kind: TestStep
 commands:
  - script: kubectl cp -n $NAMESPACE ./webhdfs.py webhdfs-0:/tmp
  - script: kubectl cp -n $NAMESPACE ./testdata.txt webhdfs-0:/tmp
- - script: kubectl exec -n $NAMESPACE webhdfs-0 -- python /tmp/webhdfs.py create
+ - script: kubectl exec -n $NAMESPACE webhdfs-0 -- python /tmp/webhdfs.py $NAMESPACE create

tests/templates/kuttl/smoke/webhdfs.py

@@ -5,7 +5,8 @@
 
 def main() -> int:
  result = 0
- command = sys.argv[1]
+ namespace = sys.argv[1]
+ command = sys.argv[2]
 
  log_level = "DEBUG"
  logging.basicConfig(
@@ -16,7 +17,7 @@ def main() -> int:
 
  if command == "ls":
  http_code = requests.get(
- "http://hdfs-namenode-default-0:9870/webhdfs/v1/testdata.txt?user.name=stackable&op=LISTSTATUS"
+ f"http://hdfs-namenode-default-0.hdfs-namenode-default.{namespace}.svc.cluster.local:9870/webhdfs/v1/testdata.txt?user.name=stackable&op=LISTSTATUS"
  ).status_code
  if http_code != 200:
  result = 1
@@ -30,7 +31,7 @@ def main() -> int:
  )
  }
  http_code = requests.put(
- "http://hdfs-namenode-default-0:9870/webhdfs/v1/testdata.txt?user.name=stackable&op=CREATE",
+ f"http://hdfs-namenode-default-0.hdfs-namenode-default.{namespace}.svc.cluster.local:9870/webhdfs/v1/testdata.txt?user.name=stackable&op=CREATE",
  files=files,
  allow_redirects=True,
  ).status_code

tests/test-definition.yaml

@@ -22,13 +22,19 @@ dimensions:
  values:
  - "default"
  - "2hdd-1ssd"
+ # Used for both, zookeeper and hdfs
+ - name: listener-class
+ values:
+ - "cluster-internal"
+ - "external-unstable"
 tests:
  - name: smoke
  dimensions:
  - hadoop
  - zookeeper
  - number-of-datanodes
  - datanode-pvcs
+ - listener-class
  - name: orphaned-resources
  dimensions:
  - hadoop-latest