From f0492d3fda079beef58474f52e0058b1d0b43885 Mon Sep 17 00:00:00 2001 From: Slach Date: Tue, 26 Nov 2024 22:57:21 +0400 Subject: [PATCH 1/2] partial fix remove unnecessary openSSL section from keeper configuration --- .gitignore | 1 + .../keeper_config.d/01-keeper-01-default-config.xml | 12 ------------ .../keeper_config.d/01-keeper-01-default-config.xml | 12 ------------ .../clickhouse-operator-install-ansible.yaml | 12 ------------ .../clickhouse-operator-install-bundle-v1beta1.yaml | 13 ------------- .../clickhouse-operator-install-bundle.yaml | 12 ------------ ...lickhouse-operator-install-template-v1beta1.yaml | 13 ------------- .../clickhouse-operator-install-template.yaml | 12 ------------ deploy/operator/clickhouse-operator-install-tf.yaml | 12 ------------ 9 files changed, 1 insertion(+), 98 deletions(-) diff --git a/.gitignore b/.gitignore index 3e2b68c7a..e34b21b43 100644 --- a/.gitignore +++ b/.gitignore @@ -20,6 +20,7 @@ log *.log *.log.txt +tests/report_*.html __pycache__ # Skip dev runtime-produced diff --git a/config/chk/keeper_config.d/01-keeper-01-default-config.xml b/config/chk/keeper_config.d/01-keeper-01-default-config.xml index 9c86b7cea..9354c02a8 100644 --- a/config/chk/keeper_config.d/01-keeper-01-default-config.xml +++ b/config/chk/keeper_config.d/01-keeper-01-default-config.xml @@ -26,16 +26,4 @@ information 4096 - - - true - /etc/clickhouse-keeper/server.crt - /etc/clickhouse-keeper/dhparam.pem - sslv2,sslv3 - true - true - /etc/clickhouse-keeper/server.key - none - - diff --git a/deploy/builder/templates-config/chk/keeper_config.d/01-keeper-01-default-config.xml b/deploy/builder/templates-config/chk/keeper_config.d/01-keeper-01-default-config.xml index e22385d46..ec51874c2 100644 --- a/deploy/builder/templates-config/chk/keeper_config.d/01-keeper-01-default-config.xml +++ b/deploy/builder/templates-config/chk/keeper_config.d/01-keeper-01-default-config.xml @@ -20,16 +20,4 @@ information 4096 - - - true - /etc/clickhouse-keeper/server.crt - /etc/clickhouse-keeper/dhparam.pem - sslv2,sslv3 - true - true - /etc/clickhouse-keeper/server.key - none - - diff --git a/deploy/operator/clickhouse-operator-install-ansible.yaml b/deploy/operator/clickhouse-operator-install-ansible.yaml index 34db98648..09abb5db7 100644 --- a/deploy/operator/clickhouse-operator-install-ansible.yaml +++ b/deploy/operator/clickhouse-operator-install-ansible.yaml @@ -4890,18 +4890,6 @@ data: information 4096 - - - true - /etc/clickhouse-keeper/server.crt - /etc/clickhouse-keeper/dhparam.pem - sslv2,sslv3 - true - true - /etc/clickhouse-keeper/server.key - none - - 01-keeper-02-readiness.xml: | diff --git a/deploy/operator/clickhouse-operator-install-bundle-v1beta1.yaml b/deploy/operator/clickhouse-operator-install-bundle-v1beta1.yaml index 685c20712..7eaca69c6 100644 --- a/deploy/operator/clickhouse-operator-install-bundle-v1beta1.yaml +++ b/deploy/operator/clickhouse-operator-install-bundle-v1beta1.yaml @@ -3835,7 +3835,6 @@ metadata: namespace: kube-system labels: clickhouse.altinity.com/chop: 0.24.1 - # Template Parameters: # # NAMESPACE=kube-system @@ -4830,18 +4829,6 @@ data: information 4096 - - - true - /etc/clickhouse-keeper/server.crt - /etc/clickhouse-keeper/dhparam.pem - sslv2,sslv3 - true - true - /etc/clickhouse-keeper/server.key - none - - 01-keeper-02-readiness.xml: | diff --git a/deploy/operator/clickhouse-operator-install-bundle.yaml b/deploy/operator/clickhouse-operator-install-bundle.yaml index 5180e0606..11edf2cd9 100644 --- a/deploy/operator/clickhouse-operator-install-bundle.yaml +++ b/deploy/operator/clickhouse-operator-install-bundle.yaml @@ -4883,18 +4883,6 @@ data: information 4096 - - - true - /etc/clickhouse-keeper/server.crt - /etc/clickhouse-keeper/dhparam.pem - sslv2,sslv3 - true - true - /etc/clickhouse-keeper/server.key - none - - 01-keeper-02-readiness.xml: | diff --git a/deploy/operator/clickhouse-operator-install-template-v1beta1.yaml b/deploy/operator/clickhouse-operator-install-template-v1beta1.yaml index 3ba53a09b..1b2a1ac47 100644 --- a/deploy/operator/clickhouse-operator-install-template-v1beta1.yaml +++ b/deploy/operator/clickhouse-operator-install-template-v1beta1.yaml @@ -3835,7 +3835,6 @@ metadata: namespace: ${OPERATOR_NAMESPACE} labels: clickhouse.altinity.com/chop: 0.24.1 - # Template Parameters: # # NAMESPACE=${OPERATOR_NAMESPACE} @@ -4830,18 +4829,6 @@ data: information 4096 - - - true - /etc/clickhouse-keeper/server.crt - /etc/clickhouse-keeper/dhparam.pem - sslv2,sslv3 - true - true - /etc/clickhouse-keeper/server.key - none - - 01-keeper-02-readiness.xml: | diff --git a/deploy/operator/clickhouse-operator-install-template.yaml b/deploy/operator/clickhouse-operator-install-template.yaml index 16c0727dc..37fbf6969 100644 --- a/deploy/operator/clickhouse-operator-install-template.yaml +++ b/deploy/operator/clickhouse-operator-install-template.yaml @@ -4883,18 +4883,6 @@ data: information 4096 - - - true - /etc/clickhouse-keeper/server.crt - /etc/clickhouse-keeper/dhparam.pem - sslv2,sslv3 - true - true - /etc/clickhouse-keeper/server.key - none - - 01-keeper-02-readiness.xml: | diff --git a/deploy/operator/clickhouse-operator-install-tf.yaml b/deploy/operator/clickhouse-operator-install-tf.yaml index 4795ecee3..abf14c5d9 100644 --- a/deploy/operator/clickhouse-operator-install-tf.yaml +++ b/deploy/operator/clickhouse-operator-install-tf.yaml @@ -4890,18 +4890,6 @@ data: information 4096 - - - true - /etc/clickhouse-keeper/server.crt - /etc/clickhouse-keeper/dhparam.pem - sslv2,sslv3 - true - true - /etc/clickhouse-keeper/server.key - none - - 01-keeper-02-readiness.xml: | From 0a4ebb1b183eb89e79a3c30e80c1b7d81e003f13 Mon Sep 17 00:00:00 2001 From: Slach Date: Tue, 26 Nov 2024 23:05:52 +0400 Subject: [PATCH 2/2] podAntiAffinity is set up with app label, but the pod template doesn't include such a label (doesn't prevent the keeper from working, but it's incorrect), look https://github.com/Altinity/clickhouse-operator/issues/1564 --- docs/chk-examples/02-extended-1-node.yaml | 16 +++++++++++++++- docs/chk-examples/02-extended-3-nodes.yaml | 7 +++++-- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/docs/chk-examples/02-extended-1-node.yaml b/docs/chk-examples/02-extended-1-node.yaml index 8a0b5bfae..ba97f3229 100644 --- a/docs/chk-examples/02-extended-1-node.yaml +++ b/docs/chk-examples/02-extended-1-node.yaml @@ -1,7 +1,7 @@ apiVersion: "clickhouse-keeper.altinity.com/v1" kind: "ClickHouseKeeperInstallation" metadata: - name: extended-1 + name: extended spec: configuration: clusters: @@ -30,7 +30,21 @@ spec: templates: podTemplates: - name: default + metadata: + labels: + app: clickhouse-keeper spec: + # affinity, remove it to allow use in single node test environment + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: "app" + operator: In + values: + - clickhouse-keeper + topologyKey: "kubernetes.io/hostname" containers: - name: clickhouse-keeper imagePullPolicy: IfNotPresent diff --git a/docs/chk-examples/02-extended-3-nodes.yaml b/docs/chk-examples/02-extended-3-nodes.yaml index e38389ade..7f136fd71 100644 --- a/docs/chk-examples/02-extended-3-nodes.yaml +++ b/docs/chk-examples/02-extended-3-nodes.yaml @@ -1,7 +1,7 @@ apiVersion: "clickhouse-keeper.altinity.com/v1" kind: "ClickHouseKeeperInstallation" metadata: - name: extended-3 + name: extended spec: configuration: clusters: @@ -30,8 +30,11 @@ spec: templates: podTemplates: - name: default + metadata: + labels: + app: clickhouse-keeper spec: - # affinity removed to allow use in single node test environment + # affinity, remove it to allow use in single node test environment affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: