feat(deploy): separate -storage and -db pods

api/v1beta2/cryostat_types.go

@@ -325,10 +325,10 @@ type ReportsServiceConfig struct {
 // DatabaseServiceConfig provides customization for the service handling
 // traffic for the cryostat application's database.
 type DatabaseServiceConfig struct {
-	// HTTP port number for the cryostat application's database.
+	// Port number for the cryostat application's database.
 	// Defaults to 5432.
 	// +optional
-	HTTPPort      *int32 `json:"httpPort,omitempty"`
+	Port          *int32 `json:"httpPort,omitempty"`
 	ServiceConfig `json:",inline"`
 }
 

bundle/manifests/cryostat-operator.clusterserviceversion.yaml

@@ -30,7 +30,7 @@ metadata:
     capabilities: Seamless Upgrades
     categories: Monitoring, Developer Tools
     containerImage: quay.io/cryostat/cryostat-operator:4.0.0-dev
-    createdAt: "2024-11-05T19:41:16Z"
+    createdAt: "2025-01-13T15:32:07Z"
     description: JVM monitoring and profiling tool
     operatorframework.io/initialization-resource: |-
       {
@@ -1024,10 +1024,6 @@ spec:
                         valueFrom:
                           fieldRef:
                             fieldPath: metadata.annotations['olm.targetNamespaces']
-                      - name: OPERATOR_NAMESPACE
-                        valueFrom:
-                          fieldRef:
-                            fieldPath: metadata.namespace
                     image: quay.io/cryostat/cryostat-operator:4.0.0-dev
                     imagePullPolicy: Always
                     livenessProbe:

bundle/manifests/operator.cryostat.io_cryostats.yaml

@@ -9197,7 +9197,7 @@ spec:
                         type: object
                       httpPort:
                         description: |-
-                          HTTP port number for the cryostat application's database.
+                          Port number for the cryostat application's database.
                           Defaults to 5432.
                         format: int32
                         type: integer

config/crd/bases/operator.cryostat.io_cryostats.yaml

@@ -9184,7 +9184,7 @@ spec:
                         type: object
                       httpPort:
                         description: |-
-                          HTTP port number for the cryostat application's database.
+                          Port number for the cryostat application's database.
                           Defaults to 5432.
                         format: int32
                         type: integer

config/manager/kustomization.yaml

@@ -21,5 +21,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 images:
 - name: controller
-  newName: quay.io/miwan/cryostat-operator
+  newName: quay.io/cryostat/cryostat-operator
   newTag: 4.0.0-dev

internal/controllers/common/resource_definitions/resource_definitions.go

@@ -93,6 +93,7 @@ const (
 	defaultAgentProxyMemoryRequest    string = "64Mi"
 	OAuth2ConfigFileName              string = "alpha_config.json"
 	OAuth2ConfigFilePath              string = "/etc/oauth2_proxy/alpha_config"
+	DatabaseName                      string = "cryostat"
 )
 
 func NewDeploymentForCR(cr *model.CryostatInstance, specs *ServiceSpecs, imageTags *ImageTags,
@@ -181,6 +182,24 @@ func NewDeploymentForCR(cr *model.CryostatInstance, specs *ServiceSpecs, imageTa
 	}, nil
 }
 
+func createMapCopy(in map[string]string) map[string]string {
+	copy := make(map[string]string)
+	for k, v := range in {
+		copy[k] = v
+	}
+	return copy
+}
+
+func createMetadataCopy(in *operatorv1beta2.ResourceMetadata) operatorv1beta2.ResourceMetadata {
+	if in == nil {
+		return operatorv1beta2.ResourceMetadata{}
+	}
+	return operatorv1beta2.ResourceMetadata{
+		Labels:      createMapCopy(in.Labels),
+		Annotations: createMapCopy(in.Annotations),
+	}
+}
+
 func NewDeploymentForDatabase(cr *model.CryostatInstance, imageTags *ImageTags, tls *TLSConfig,
 	openshift bool, fsGroup int64) *appsv1.Deployment {
 	replicas := int32(1)
@@ -199,43 +218,28 @@ func NewDeploymentForDatabase(cr *model.CryostatInstance, imageTags *ImageTags,
 		"kind":      "cryostat",
 		"component": "database",
 	}
-	userDefinedDeploymentLabels := make(map[string]string)
-	userDefinedDeploymentAnnotations := make(map[string]string)
-	userDefinedPodTemplateLabels := make(map[string]string)
-	userDefinedPodTemplateAnnotations := make(map[string]string)
+	operandMeta := operatorv1beta2.OperandMetadata{}
 	if cr.Spec.OperandMetadata != nil {
-		if cr.Spec.OperandMetadata.DeploymentMetadata != nil {
-			for k, v := range cr.Spec.OperandMetadata.DeploymentMetadata.Labels {
-				userDefinedDeploymentLabels[k] = v
-			}
-			for k, v := range cr.Spec.OperandMetadata.DeploymentMetadata.Annotations {
-				userDefinedDeploymentAnnotations[k] = v
-			}
-		}
-		if cr.Spec.OperandMetadata.PodMetadata != nil {
-			for k, v := range cr.Spec.OperandMetadata.PodMetadata.Labels {
-				userDefinedPodTemplateLabels[k] = v
-			}
-			for k, v := range cr.Spec.OperandMetadata.PodMetadata.Annotations {
-				userDefinedPodTemplateAnnotations[k] = v
-			}
-		}
+		deploymentCopy := createMetadataCopy(cr.Spec.OperandMetadata.DeploymentMetadata)
+		operandMeta.DeploymentMetadata = &deploymentCopy
+		podCopy := createMetadataCopy(cr.Spec.OperandMetadata.PodMetadata)
+		operandMeta.PodMetadata = &podCopy
 	}
 
 	// First set the user defined labels and annotation in the meta, so that the default ones can override them
 	deploymentMeta := metav1.ObjectMeta{
 		Name:        cr.Name + "-database",
 		Namespace:   cr.InstallNamespace,
-		Labels:      userDefinedDeploymentLabels,
-		Annotations: userDefinedDeploymentAnnotations,
+		Labels:      operandMeta.DeploymentMetadata.Labels,
+		Annotations: operandMeta.DeploymentMetadata.Annotations,
 	}
 	common.MergeLabelsAndAnnotations(&deploymentMeta, defaultDeploymentLabels, defaultDeploymentAnnotations)
 
 	podTemplateMeta := metav1.ObjectMeta{
 		Name:        cr.Name + "-database",
 		Namespace:   cr.InstallNamespace,
-		Labels:      userDefinedPodTemplateLabels,
-		Annotations: userDefinedPodTemplateAnnotations,
+		Labels:      operandMeta.PodMetadata.Labels,
+		Annotations: operandMeta.PodMetadata.Annotations,
 	}
 	common.MergeLabelsAndAnnotations(&podTemplateMeta, defaultPodLabels, nil)
 
@@ -959,7 +963,6 @@ func NewOpenShiftAuthProxyContainer(cr *model.CryostatInstance, specs *ServiceSp
 		"--pass-basic-auth=false",
 		fmt.Sprintf("--upstream=http://localhost:%d/", constants.CryostatHTTPContainerPort),
 		fmt.Sprintf("--upstream=http://localhost:%d/grafana/", constants.GrafanaContainerPort),
-		// fmt.Sprintf("--upstream=http://localhost:%d/storage/", constants.StoragePort),
 		fmt.Sprintf("--openshift-service-account=%s", cr.Name),
 		"--proxy-websockets=true",
 		"--proxy-prefix=/oauth2",
@@ -1213,7 +1216,7 @@ func NewCoreContainer(cr *model.CryostatInstance, specs *ServiceSpecs, imageTag
 	storageProtocol := "http"
 	// TODO
 	// if tls != nil {
-	// 	storageProtocol = "https"
+	//	storageProtocol = "https"
 	// }
 	envs := []corev1.EnvVar{
 		{

internal/controllers/pvc.go

@@ -31,17 +31,23 @@ import (
 // Event type to inform users of invalid PVC specs
 const eventPersistentVolumeClaimInvalidType = "PersistentVolumeClaimInvalid"
 
-func (r *Reconciler) reconcileCorePVC(ctx context.Context, cr *model.CryostatInstance) error {
+func (r *Reconciler) reconcilePVC(ctx context.Context, cr *model.CryostatInstance, nameSuffix *string) error {
 	emptyDir := cr.Spec.StorageOptions != nil && cr.Spec.StorageOptions.EmptyDir != nil && cr.Spec.StorageOptions.EmptyDir.Enabled
 	if emptyDir {
 		// If user requested an emptyDir volume, then do nothing.
 		// Don't delete the PVC to prevent accidental data loss
 		// depending on the reclaim policy.
 		return nil
 	}
+	var name string
+	if nameSuffix == nil {
+		name = cr.Name
+	} else {
+		name = fmt.Sprintf("%s-%s", cr.Name, *nameSuffix)
+	}
 	pvc := &corev1.PersistentVolumeClaim{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      cr.Name,
+			Name:      name,
 			Namespace: cr.InstallNamespace,
 		},
 	}
@@ -61,64 +67,18 @@ func (r *Reconciler) reconcileCorePVC(ctx context.Context, cr *model.CryostatIns
 	return nil
 }
 
-func (r *Reconciler) reconcileDatabasePVC(ctx context.Context, cr *model.CryostatInstance) error {
-	emptyDir := cr.Spec.StorageOptions != nil && cr.Spec.StorageOptions.EmptyDir != nil && cr.Spec.StorageOptions.EmptyDir.Enabled
-	if emptyDir {
-		// If user requested an emptyDir volume, then do nothing.
-		// Don't delete the PVC to prevent accidental data loss
-		// depending on the reclaim policy.
-		return nil
-	}
-	pvc := &corev1.PersistentVolumeClaim{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      cr.Name + "-database",
-			Namespace: cr.InstallNamespace,
-		},
-	}
-
-	// Look up PVC configuration, applying defaults where needed
-	config := configurePVC(cr)
+func (r *Reconciler) reconcileCorePVC(ctx context.Context, cr *model.CryostatInstance) error {
+	return r.reconcilePVC(ctx, cr, nil)
+}
 
-	err := r.createOrUpdatePVC(ctx, pvc, cr.Object, config)
-	if err != nil {
-		// If the API server says the PVC is invalid, emit a warning event
-		// to inform the user.
-		if kerrors.IsInvalid(err) {
-			r.EventRecorder.Event(cr.Object, corev1.EventTypeWarning, eventPersistentVolumeClaimInvalidType, err.Error())
-		}
-		return err
-	}
-	return nil
+func (r *Reconciler) reconcileDatabasePVC(ctx context.Context, cr *model.CryostatInstance) error {
+	name := "database"
+	return r.reconcilePVC(ctx, cr, &name)
 }
 
 func (r *Reconciler) reconcileStoragePVC(ctx context.Context, cr *model.CryostatInstance) error {
-	emptyDir := cr.Spec.StorageOptions != nil && cr.Spec.StorageOptions.EmptyDir != nil && cr.Spec.StorageOptions.EmptyDir.Enabled
-	if emptyDir {
-		// If user requested an emptyDir volume, then do nothing.
-		// Don't delete the PVC to prevent accidental data loss
-		// depending on the reclaim policy.
-		return nil
-	}
-	pvc := &corev1.PersistentVolumeClaim{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      cr.Name + "-storage",
-			Namespace: cr.InstallNamespace,
-		},
-	}
-
-	// Look up PVC configuration, applying defaults where needed
-	config := configurePVC(cr)
-
-	err := r.createOrUpdatePVC(ctx, pvc, cr.Object, config)
-	if err != nil {
-		// If the API server says the PVC is invalid, emit a warning event
-		// to inform the user.
-		if kerrors.IsInvalid(err) {
-			r.EventRecorder.Event(cr.Object, corev1.EventTypeWarning, eventPersistentVolumeClaimInvalidType, err.Error())
-		}
-		return err
-	}
-	return nil
+	name := "storage"
+	return r.reconcilePVC(ctx, cr, &name)
 }
 
 func (r *Reconciler) createOrUpdatePVC(ctx context.Context, pvc *corev1.PersistentVolumeClaim,

internal/controllers/services.go

@@ -148,16 +148,16 @@ func (r *Reconciler) reconcileDatabaseService(ctx context.Context, cr *model.Cry
 		},
 	}
 
+	port := *config.Port
 	err := r.createOrUpdateService(ctx, svc, cr.Object, &config.ServiceConfig, func() error {
 		svc.Spec.Selector = map[string]string{
 			"app":       cr.Name,
 			"component": "database",
 		}
 		svc.Spec.Ports = []corev1.ServicePort{
 			{
-				// TODO rename, this is JDBC not HTTP
-				Name:       "http",
-				Port:       *config.HTTPPort,
+				Name:       "jdbc",
+				Port:       port,
 				TargetPort: intstr.IntOrString{IntVal: constants.DatabasePort},
 			},
 		}
@@ -168,13 +168,11 @@ func (r *Reconciler) reconcileDatabaseService(ctx context.Context, cr *model.Cry
 	}
 
 	// Set database URL for deployment to use
-	scheme := "https"
-	if tls == nil {
-		scheme = "http"
-	}
+	scheme := "jdbc:posgtresql"
 	specs.DatabaseURL = &url.URL{
 		Scheme: scheme,
-		Host:   svc.Name + ":" + strconv.Itoa(int(svc.Spec.Ports[0].Port)), // TODO use getHTTPPort?
+		Host:   fmt.Sprintf("%s:%d", svc.Name, port),
+		Path:   resource_definitions.DatabaseName,
 	}
 	return nil
 }
@@ -274,9 +272,9 @@ func configureDatabaseService(cr *model.CryostatInstance) *operatorv1beta2.Datab
 	configureService(&config.ServiceConfig, cr.Name, "database")
 
 	// Apply default HTTP port if not provided
-	if config.HTTPPort == nil {
+	if config.Port == nil {
 		httpPort := constants.DatabasePort
-		config.HTTPPort = &httpPort
+		config.Port = &httpPort
 	}
 
 	return config