Remove "slave" haproxy resources (#50)

This PR removes the redis-slave-HAProxy, deeming it unnecessary and
potentially dangerous .
Originally, this resource was designed as an endpoint for Redis
replication nodes to connect to slave nodes of source cluster.
However, when replicated redis uses this resource, the sentinels on
source side detect it as a potential slave for failover scenario. In
failover, sentinels mistakenly treat the HAProxy pods as legitimate
redis slaves and attempt to promote the HAProxy pod as the next master,
as it is impossible to do, sentinels get stuck in a promotion loop.
Workaround is to use redis-slave-service as endpoint on source cluster.
This way, when sentinels detect replicated redis as potential master in
failover scenario, they will not be able to promote it, because
replicated redis node is unreachable for connection and sentinels will
`forget` this node.

---------

Co-authored-by: Aaron Kuehler <[email protected]>

CHANGELOG.md

@@ -9,6 +9,16 @@ Also check this project's [releases](https://github.com/powerhome/redis-operator
 
 ## Unreleased
 
+## [v3.0.0] - 2024-02-26
+
+### Removed
+
+- [Remove HAProxy for redis with role:slave as unnecessary and potentially dangerous](https://github.com/powerhome/redis-operator/pull/50)
+
+Action required:
+
+If your application is using the `rfrs-haproxy-[redisfailvover-name]` service you'll need to use the `rfrs-[redis-failover-name]` service which bypassess HAProxy altogether.
+
 ## [v2.1.0] - 2024-02-26
 
 ### Fixed

Makefile

@@ -1,4 +1,4 @@
-VERSION := v2.1.0
+VERSION := v3.0.0
 
 # Name of this service/application
 SERVICE_NAME := redis-operator

operator/redisfailover/ensurer.go

@@ -46,18 +46,9 @@ func (w *RedisFailoverHandler) Ensure(rf *redisfailoverv1.RedisFailover, labels
 			return err
 		}
 
-		if err := w.rfService.EnsureHAProxyRedisSlaveService(rf, labels, or); err != nil {
+		if err := w.rfService.DestroyOrphanedRedisSlaveHaProxy(rf); err != nil {
 			return err
 		}
-
-		if err := w.rfService.EnsureHAProxyRedisSlaveConfigmap(rf, labels, or); err != nil {
-			return err
-		}
-
-		if err := w.rfService.EnsureHAProxyRedisSlaveDeployment(rf, labels, or); err != nil {
-			return err
-		}
-
 	}
 
 	if err := w.rfService.EnsureRedisMasterService(rf, labels, or); err != nil {

operator/redisfailover/ensurer_test.go

@@ -139,9 +139,7 @@ func TestEnsure(t *testing.T) {
 				mrfs.On("EnsureHAProxyRedisMasterConfigmap", rf, mock.Anything, mock.Anything).Once().Return(nil)
 				mrfs.On("EnsureHAProxyRedisMasterDeployment", rf, mock.Anything, mock.Anything).Once().Return(nil)
 
-				mrfs.On("EnsureHAProxyRedisSlaveService", rf, mock.Anything, mock.Anything).Once().Return(nil)
-				mrfs.On("EnsureHAProxyRedisSlaveConfigmap", rf, mock.Anything, mock.Anything).Once().Return(nil)
-				mrfs.On("EnsureHAProxyRedisSlaveDeployment", rf, mock.Anything, mock.Anything).Once().Return(nil)
+				mrfs.On("DestroyOrphanedRedisSlaveHaProxy", rf, mock.Anything, mock.Anything).Once().Return(nil)
 			}
 
 			mrfs.On("EnsureRedisMasterService", rf, mock.Anything, mock.Anything).Once().Return(nil)

operator/redisfailover/service/client.go

@@ -32,14 +32,11 @@ type RedisFailoverClient interface {
 	EnsureRedisConfigMap(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error
 	EnsureNotPresentRedisService(rFailover *redisfailoverv1.RedisFailover) error
 
-	EnsureHAProxyRedisSlaveService(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error
-	EnsureHAProxyRedisSlaveConfigmap(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error
-	EnsureHAProxyRedisSlaveDeployment(rFailover *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error
-
 	DestroySentinelResources(rFailover *redisfailoverv1.RedisFailover) error
 	UpdateStatus(rFailover *redisfailoverv1.RedisFailover) (*redisfailoverv1.RedisFailover, error)
 
 	DestroydOrphanedRedisNetworkPolicy(rFailover *redisfailoverv1.RedisFailover) error
+	DestroyOrphanedRedisSlaveHaProxy(rFailover *redisfailoverv1.RedisFailover) error
 }
 
 // RedisFailoverKubeClient implements the required methods to talk with kubernetes
@@ -129,31 +126,6 @@ func (r *RedisFailoverKubeClient) EnsureHAProxyRedisMasterDeployment(rf *redisfa
 	return err
 }
 
-// EnsureHAProxyRedisSlaveService makes sure the HAProxy service exists
-func (r *RedisFailoverKubeClient) EnsureHAProxyRedisSlaveService(rf *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error {
-	svc := generateHAProxyRedisSlaveService(rf, labels, ownerRefs)
-	err := r.K8SService.CreateOrUpdateService(rf.Namespace, svc)
-	r.setEnsureOperationMetrics(svc.Namespace, svc.Name, "EnsureHAProxyRedisMasterService", rf.Name, err)
-	return err
-}
-
-// EnsureHAProxyRedisSlaveConfigmap makes sure the HAProxy configmap exists
-func (r *RedisFailoverKubeClient) EnsureHAProxyRedisSlaveConfigmap(rf *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error {
-	svc := generateHAProxyRedisSlaveConfigmap(rf, labels, ownerRefs)
-	err := r.K8SService.CreateOrUpdateConfigMap(rf.Namespace, svc)
-	r.setEnsureOperationMetrics(svc.Namespace, svc.Name, "EnsureHAProxyRedisMasterConfigmap", rf.Name, err)
-	return err
-}
-
-// EnsureHAProxyRedisSlaveDeployment makes sure the deployment exists in the desired state
-func (r *RedisFailoverKubeClient) EnsureHAProxyRedisSlaveDeployment(rf *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error {
-	d := generateHAProxyRedisSlaveDeployment(rf, labels, ownerRefs)
-	err := r.K8SService.CreateOrUpdateDeployment(rf.Namespace, d)
-
-	r.setEnsureOperationMetrics(d.Namespace, d.Name, "EnsureHAProxyRedisMasterDeployment", rf.Name, err)
-	return err
-}
-
 // EnsureSentinelService makes sure the sentinel service exists
 func (r *RedisFailoverKubeClient) EnsureSentinelService(rf *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error {
 	svc := generateSentinelService(rf, labels, ownerRefs)
@@ -230,6 +202,50 @@ func (r *RedisFailoverKubeClient) DestroydOrphanedRedisNetworkPolicy(rf *redisfa
 	return err
 }
 
+func (r *RedisFailoverKubeClient) DestroyOrphanedRedisSlaveHaProxy(rf *redisfailoverv1.RedisFailover) error {
+
+	// Helper function to handle the deletion of resources
+	deleteResource := func(namespace, name string, getter func(namespace, name string) (interface{}, error), deleter func(namespace, name string) error) error {
+		_, err := getter(namespace, name)
+		if err != nil {
+			if errors.IsNotFound(err) {
+				return nil
+			}
+			return err
+		}
+		return deleter(namespace, name)
+	}
+
+	resourceTypes := map[string]struct {
+		getter  func(namespace, name string) (interface{}, error)
+		deleter func(namespace, name string) error
+	}{
+		"service": {
+			getter:  func(namespace, name string) (interface{}, error) { return r.K8SService.GetService(namespace, name) },
+			deleter: r.K8SService.DeleteService,
+		},
+		"configmap": {
+			getter:  func(namespace, name string) (interface{}, error) { return r.K8SService.GetConfigMap(namespace, name) },
+			deleter: r.K8SService.DeleteConfigMap,
+		},
+		"deployment": {
+			getter:  func(namespace, name string) (interface{}, error) { return r.K8SService.GetDeployment(namespace, name) },
+			deleter: r.K8SService.DeleteDeployment,
+		},
+	}
+
+	name := GetHaproxySlaveName(rf)
+
+	for _, resType := range []string{"service", "configmap", "deployment"} {
+		resource := resourceTypes[resType]
+		if err := deleteResource(rf.Namespace, name, resource.getter, resource.deleter); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 // EnsureRedisStatefulset makes sure the redis statefulset exists in the desired state
 func (r *RedisFailoverKubeClient) EnsureRedisStatefulset(rf *redisfailoverv1.RedisFailover, labels map[string]string, ownerRefs []metav1.OwnerReference) error {
 	if !rf.Spec.Redis.DisablePodDisruptionBudget {