Merge pull request #17785 from jakesmith/HPCC-30306-plane-validation

HPCC-30306 Allow arbitrary script based plane validation Reviewed-by: Gavin Halliday <[email protected]> Merged-by: Gavin Halliday <[email protected]>
hpcc-systems · Sep 21, 2023 · 83fe505 · 83fe505
2 parents 9487b02 + 8f00aa5
commit 83fe505
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 2 deletions.
diff --git a/helm/hpcc/docs/expert.md b/helm/hpcc/docs/expert.md
@@ -18,6 +18,8 @@ global:
 NB: Some components (e.g. DfuServer and Thor) also have an 'expert' settings area (see values schema) that can be used for relavent settings
 on a per component instance basis, rather than setting them globally.
 
+Planes can also have an expert section (see Plane Expert Settings section)
+
 
 The following options are currently available:
 
@@ -70,3 +72,12 @@ Foreign file reads (~foreign::) are forbidden by default since the official sant
 service via remote file reads with the ~remote:: syntax.
 Setting expert.allowForeign to true, enables foreign access for compatibility with legacy bare-metal environments
 that have their Dali and Dafilesrv's open.
+
+
+# Plane Expert Settings
+
+## validatePlaneScript (list of { string })
+
+Optional list of bash commands to execute within an init container in pods that use this plane.
+This can be used to validate that the plane is healthy, e.g. that it is mounted as expected.
+If the script returns a non-zero result, the init container and therefore the pod will fail.
diff --git a/helm/hpcc/templates/_helpers.tpl b/helm/hpcc/templates/_helpers.tpl
@@ -814,9 +814,9 @@ Specifically for now (but could be extended), this container generates sysctl co
 A kludge to ensure until the mount of a PVC appears (this can happen with some types of host storage)
 */}}
 {{- define "hpcc.waitForMount" -}}
-- name: wait-mount-container
+- name: {{ printf "wait-mount-container-%s" .volumeName }}
   {{- include "hpcc.addImageAttrs" . | nindent 2 }}
-  command: ["/bin/sh"]
+  command: ["/bin/bash"]
   args:
   - "-c"
   - {{ printf "until mountpoint -q %s; do sleep 5; done" .volumePath }}
@@ -825,6 +825,25 @@ A kludge to ensure until the mount of a PVC appears (this can happen with some t
       mountPath: {{ .volumePath | quote }}
 {{- end }}
 
+{{/*
+Inject container to perform any post plane initialization validation
+Pass in dict with volumeName, volumePath and cmds
+*/}}
+{{- define "hpcc.validatePlaneScript" -}}
+- name: {{ printf "validate-plane-script-container-%s" .volumeName }}
+  {{- include "hpcc.addImageAttrs" . | nindent 2 }}
+  command: ["/bin/bash"]
+  args:
+  - -c
+  - |
+{{- range $cmd := .cmds }}
+    {{ $cmd }}
+{{- end }}
+  volumeMounts:
+    - name: {{ .volumeName | quote}}
+      mountPath: {{ .volumePath | quote }}
+{{- end }}
+
 
 {{/*
 A kludge to ensure mounted storage (e.g. for nfs, minikube or docker for desktop) has correct permissions for PV
@@ -888,6 +907,12 @@ NB: uid=10000 and gid=10001 are the uid/gid of the hpcc user, built into platfor
      {{- $volumeName := (printf "%s-pv" $plane.name) -}}
      {{- include "hpcc.waitForMount" (dict "root" $root "me" $component "uid" $uid "gid" $gid "volumeName" $volumeName "volumePath" $plane.prefix) | nindent 0 }}
     {{- end -}}
+    {{- if hasKey $plane "expert" -}}
+     {{- if $plane.expert.validatePlaneScript -}}
+      {{- $volumeName := (printf "%s-pv" $plane.name) -}}
+      {{- include "hpcc.validatePlaneScript" (dict "root" $root "me" $component "uid" $uid "gid" $gid "volumeName" $volumeName "volumePath" $plane.prefix "cmds" $plane.expert.validatePlaneScript) | nindent 0 }}
+     {{- end -}}
+    {{- end -}}
    {{- end -}}
   {{- end -}}
  {{- end -}}

diff --git a/helm/hpcc/values.schema.json b/helm/hpcc/values.schema.json
@@ -544,6 +544,17 @@
             "waitForMount": {
               "type": "boolean"
             },
+            "expert": {
+              "type": "object",
+              "description": "Custom internal options usually reserved for internal testing",
+              "properties": {
+                "validatePlaneScript": {
+                  "description": "a list of bash commands to run to validate the plane is healthy",
+                  "type": "array",
+                  "items": { "type": "string" }
+                }
+              }
+            },
             "blockedFileIOKB": {
               "description": "Optimal block size for efficient reading from this plane. Implementations will use if they can",
               "type": "integer",