opensearch-project · swoehrl-mw · Aug 30, 2023 · May 31, 2022 · Jul 24, 2022 · Jun 26, 2023
diff --git a/artifacthub-repo.yml b/artifacthub-repo.yml
@@ -0,0 +1,6 @@
+repositoryID: 4b29d8fe-d914-494f-805e-d5fd0938f9af
+owners:
+  - name: Idan Levi
+    email: [email protected]
+  - name: Prudhvi Godithi
+    email: [email protected]
@@ -295,3 +295,12 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - policy
+  resources:
+  - poddisruptionbudgets
+  verbs:
+  - get
+  - create
+  - update
+  - delete
@@ -1036,6 +1036,40 @@ spec:
   description: Sample tenant
 ```
 
+
+### PodDisruptionBudget
+
+
+The PDB (Pod Disruption Budget) is a Kubernetes resource that helps ensure the high availability of applications by defining the acceptable disruption level during maintenance or unexpected events.
+It specifies the minimum number of pods that must remain available to maintain the desired level of service.
+The PDB definition is unique for every nodePool.
+Please be aware that you must provide `MinAvailable` and `MaxUnavailable` configurations in order to use PDB feature.
+
+
+```yaml
+apiVersion: opensearch.opster.io/v1
+kind: OpenSearchCluster
+...
+spec:
+   nodePools:
+      - component: masters
+        replicas: 3
+        diskSize: "30Gi"
+        pdb:
+          enable: true
+          MinAvailable: 3
+          MaxUnavailable: 0 
+      - component: datas
+        replicas: 7
+        diskSize: "100Gi"
+        pdb:
+          enable: true
+          MinAvailable: 5
+          MaxUnavailable: 2 
+```
+```
+
+
 ### Custom Admin User
 
 In order to create your cluster with an adminuser different from the default `admin:admin` you will have to walk through the following steps:
@@ -1101,7 +1135,7 @@ spec:
       name: dashboards-credentials  # This is the name of your secret that contains the credentials for Dashboards to use
 ```
 
-## Adding Opensearch Monitoring to your cluster
+### Adding Opensearch Monitoring to your cluster
 
 The operator allows you to install and enable the [Aiven monitoring plugin for OpenSearch](https://github.com/aiven/prometheus-exporter-plugin-for-opensearch) on your cluster as a built-in feature. If enabled the operator will install the aiven plugin into the opensearch pods and generate a Prometheus ServiceMonitor object to configure the plugin for scraping.
 This feature needs internet connectivity to download the plugin. if you are working in a restricted environment, please download the plugin zip for your cluster version (example for 2.3.0: `https://github.com/aiven/prometheus-exporter-plugin-for-opensearch/releases/download/2.3.0.0/prometheus-exporter-2.3.0.0.zip`) and provide it at a location the operator can reach. Configure that URL as `pluginURL` in the monitoring config. By default the convention shown below in the example will be used if no `pluginUrl` is specified.

@@ -19,6 +19,7 @@ package v1
 import (
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/util/intstr"
 )
 
 const (
@@ -58,6 +59,13 @@ type GeneralConfig struct {
 	SecurityContext *corev1.SecurityContext `json:"securityContext,omitempty"`
 }
 
+type PdbConfig struct {
+	EnablePDB      bool                 `json:"enablePDB,omitempty"`
+	MinAvailable   *intstr.IntOrString  `json:"minAvailable,omitempty"`
+	MaxUnavailable *intstr.IntOrString  `json:"maxUnavailable,omitempty"`
+	Selector       metav1.LabelSelector `json:"selector,omitempty"`
+}
+
 type InitHelperConfig struct {
 	*ImageSpec `json:",inline,omitempty"`
 	Resources  corev1.ResourceRequirements `json:"resources,omitempty"`
@@ -81,6 +89,7 @@ type NodePool struct {
 	Annotations               map[string]string                 `json:"annotations,omitempty"`
 	Env                       []corev1.EnvVar                   `json:"env,omitempty"`
 	PriorityClassName         string                            `json:"priorityClassName,omitempty"`
+	Pdb                       PdbConfig                         `json:"pdb,omitempty"`
 }
 
 // PersistencConfig defines options for data persistence

@@ -4334,6 +4334,70 @@ spec:
                       additionalProperties:
                         type: string
                       type: object
+                    pdb:
+                      properties:
+                        enablePDB:
+                          type: boolean
+                        maxUnavailable:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                        minAvailable:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                        selector:
+                          description: A label selector is a label query over a set
+                            of resources. The result of matchLabels and matchExpressions
+                            are ANDed. An empty label selector matches all objects.
+                            A null label selector matches no objects.
+                          properties:
+                            matchExpressions:
+                              description: matchExpressions is a list of label selector
+                                requirements. The requirements are ANDed.
+                              items:
+                                description: A label selector requirement is a selector
+                                  that contains values, a key, and an operator that
+                                  relates the key and values.
+                                properties:
+                                  key:
+                                    description: key is the label key that the selector
+                                      applies to.
+                                    type: string
+                                  operator:
+                                    description: operator represents a key's relationship
+                                      to a set of values. Valid operators are In,
+                                      NotIn, Exists and DoesNotExist.
+                                    type: string
+                                  values:
+                                    description: values is an array of string values.
+                                      If the operator is In or NotIn, the values array
+                                      must be non-empty. If the operator is Exists
+                                      or DoesNotExist, the values array must be empty.
+                                      This array is replaced during a strategic merge
+                                      patch.
+                                    items:
+                                      type: string
+                                    type: array
+                                required:
+                                - key
+                                - operator
+                                type: object
+                              type: array
+                            matchLabels:
+                              additionalProperties:
+                                type: string
+                              description: matchLabels is a map of {key,value} pairs.
+                                A single {key,value} in the matchLabels map is equivalent
+                                to an element of matchExpressions, whose key field
+                                is "key", the operator is "In", and the values array
+                                contains only "value". The requirements are ANDed.
+                              type: object
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      type: object
                     persistence:
                       description: PersistencConfig defines options for data persistence
                       properties:

@@ -7,6 +7,7 @@ import (
 	"time"
 
 	monitoring "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
+	v1 "k8s.io/api/policy/v1"
 
 	. "github.com/kralicky/kmatch"
 	. "github.com/onsi/ginkgo/v2"
@@ -490,5 +491,17 @@ var _ = Describe("Cluster Reconciler", func() {
 			}
 			wg.Wait()
 		})
+		When("pdb is enable", func() {
+			It("Create a pdb resource", func() {
+				pdb := v1.PodDisruptionBudget{}
+				Eventually(func() bool {
+					if err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(&pdb), &pdb); err != nil {
+						return false
+					}
+					return true
+				}, timeout, interval)
+			})
+		})
+
 	})
 })
@@ -2,6 +2,7 @@ package controllers
 
 import (
 	"context"
+	"k8s.io/apimachinery/pkg/util/intstr"
 	"strings"
 
 	appsv1 "k8s.io/api/apps/v1"
@@ -175,8 +176,17 @@ func ComposeOpensearchCrd(clusterName string, namespace string) opsterv1.OpenSea
 			},
 			NodePools: []opsterv1.NodePool{{
 				Component: "master",
-				Replicas:  3,
-				DiskSize:  "32Gi",
+				Pdb: opsterv1.PdbConfig{
+					EnablePDB: true,
+					MinAvailable: &intstr.IntOrString{
+						IntVal: 3,
+					},
+					MaxUnavailable: &intstr.IntOrString{
+						IntVal: 3,
+					},
+				},
+				Replicas: 3,
+				DiskSize: "32Gi",
 				Resources: corev1.ResourceRequirements{
 					Limits: corev1.ResourceList{
 						corev1.ResourceCPU:    resource.MustParse("500m"),

diff --git a/opensearch-operator/examples/opensearch-cluster.yaml b/opensearch-operator/examples/opensearch-cluster.yaml
@@ -27,6 +27,9 @@ spec:
     smartScaler: true
   nodePools:
     - component: masters
+      pdb:
+        enablePDB: true
+        minAvailable: 3
       replicas: 3
       diskSize: "30Gi"
       nodeSelector:

@@ -4,8 +4,8 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-
 	batchv1 "k8s.io/api/batch/v1"
+	v1 "k8s.io/api/policy/v1"
 	"opensearch.opster.io/pkg/reconcilers/util"
 
 	"github.com/banzaicloud/k8s-objectmatcher/patch"
@@ -286,6 +286,71 @@ func (r *ClusterReconciler) reconcileNodeStatefulSet(nodePool opsterv1.NodePool,
 		}
 	}
 
+	// Habdle PDB
+	needToUpdate := false
+	// Check if it needed
+	if nodePool.Pdb.EnablePDB {
+
+		pdb := v1.PodDisruptionBudget{}
+		newpdb := v1.PodDisruptionBudget{}
+		// Check if it already exist
+		if err = r.Get(r.ctx, client.ObjectKey{Name: r.instance.Name + "-" + nodePool.Component + "-pdb", Namespace: r.instance.Namespace}, &pdb); err == nil {
+			// IF the resource exist, start to check if there is any changes in the configurations
+			if pdb.Spec.MaxUnavailable != nil {
+				if pdb.Spec.MaxUnavailable.IntVal != nodePool.Pdb.MaxUnavailable.IntVal {
+					pdb.Spec.MaxUnavailable.IntVal = nodePool.Pdb.MaxUnavailable.IntVal
+					needToUpdate = true
+				}
+			}
+			if pdb.Spec.MinAvailable != nil {
+				if pdb.Spec.MinAvailable.IntVal != nodePool.Pdb.MinAvailable.IntVal {
+					pdb.Spec.MinAvailable.IntVal = nodePool.Pdb.MinAvailable.IntVal
+					needToUpdate = true
+				}
+			}
+			// Update configuration and requeue
+			if needToUpdate {
+				r.logger.Info("Updating PDB ")
+				if err = r.Update(r.ctx, &pdb); err != nil {
+					return result, err
+				}
+			}
+		} else {
+
+			// If it not exists , build && create it but before check that all the parameters are provided
+			if (nodePool.Pdb.MinAvailable != nil && nodePool.Pdb.MaxUnavailable != nil) || (nodePool.Pdb.MinAvailable == nil && nodePool.Pdb.MaxUnavailable == nil) {
+				r.logger.Info(" Aborting PodDisruptionBudget creation - Please provided one parameter (MinAvailable OR MaxUnavailable) in order to create PodDisruptionBudget resource")
+
+			} else {
+				// If all details are proveided, build and create PDB
+				matchLabels := map[string]string{
+					helpers.ClusterLabel:  r.instance.Name,
+					helpers.NodePoolLabel: nodePool.Component,
+				}
+				// Build the PDB resource
+				newpdb = v1.PodDisruptionBudget{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      r.instance.Name + "-" + nodePool.Component + "-pdb",
+						Namespace: r.instance.Namespace,
+					},
+					Spec: v1.PodDisruptionBudgetSpec{
+						MinAvailable: nodePool.Pdb.MinAvailable,
+						Selector: &metav1.LabelSelector{
+							MatchLabels: matchLabels,
+						},
+						MaxUnavailable: nodePool.Pdb.MaxUnavailable,
+					},
+				}
+				// Create the PDB resource
+				err = r.Create(r.ctx, &newpdb)
+				if err != nil {
+					return result, err
+				}
+			}
+
+		}
+	}
+
 	// Handle PVC resizing
 
 	//Default is PVC, or explicit check for PersistenceSource as PVC