Skip to content

Commit

Permalink
[Fix] : redis exporter mismatch environment (#670)
Browse files Browse the repository at this point in the history
Signed-off-by: drivebyer <yang.wu@daocloud.io>
  • Loading branch information
drivebyer authored Oct 16, 2023
1 parent 861b8f3 commit 91feb40
Show file tree
Hide file tree
Showing 2 changed files with 77 additions and 71 deletions.
69 changes: 30 additions & 39 deletions k8sutils/statefulset.go
Original file line number Diff line number Diff line change
Expand Up @@ -344,12 +344,10 @@ func generateContainerDef(name string, containerParams containerParameters, clus
SecurityContext: containerParams.SecurityContext,
Env: getEnvironmentVariables(
containerParams.Role,
false,
containerParams.EnabledPassword,
containerParams.SecretName,
containerParams.SecretKey,
containerParams.PersistenceEnabled,
containerParams.RedisExporterEnv,
containerParams.TLSConfig,
containerParams.ACLConfig,
containerParams.EnvVars,
Expand Down Expand Up @@ -464,19 +462,8 @@ func enableRedisMonitoring(params containerParameters) corev1.Container {
Name: redisExporterContainer,
Image: params.RedisExporterImage,
ImagePullPolicy: params.RedisExporterImagePullPolicy,
Env: getEnvironmentVariables(
params.Role,
true,
params.EnabledPassword,
params.SecretName,
params.SecretKey,
params.PersistenceEnabled,
params.RedisExporterEnv,
params.TLSConfig,
params.ACLConfig,
params.EnvVars,
),
VolumeMounts: getVolumeMount("", nil, false, false, nil, params.AdditionalMountPath, params.TLSConfig, params.ACLConfig), // We need/want the tls-certs but we DON'T need the PVC (if one is available)
Env: getExporterEnvironmentVariables(params.TLSConfig, params.RedisExporterEnv),
VolumeMounts: getVolumeMount("", nil, false, false, nil, params.AdditionalMountPath, params.TLSConfig, params.ACLConfig), // We need/want the tls-certs but we DON'T need the PVC (if one is available)
Ports: []corev1.ContainerPort{
{
Name: redisExporterPortName,
Expand All @@ -491,6 +478,32 @@ func enableRedisMonitoring(params containerParameters) corev1.Container {
return exporterDefinition
}

func getExporterEnvironmentVariables(tlsConfig *redisv1beta2.TLSConfig, env *[]corev1.EnvVar) []corev1.EnvVar {
var envVars []corev1.EnvVar
if tlsConfig != nil {
envVars = append(envVars, corev1.EnvVar{
Name: "REDIS_EXPORTER_TLS_CLIENT_KEY_FILE",
Value: "/tls/tls.key",
})
envVars = append(envVars, corev1.EnvVar{
Name: "REDIS_EXPORTER_TLS_CLIENT_CERT_FILE",
Value: "/tls/tls.crt",
})
envVars = append(envVars, corev1.EnvVar{
Name: "REDIS_EXPORTER_TLS_CA_CERT_FILE",
Value: "/tls/ca.crt",
})
envVars = append(envVars, corev1.EnvVar{
Name: "REDIS_EXPORTER_SKIP_TLS_VERIFICATION",
Value: "true",
})
}
if env != nil {
envVars = append(envVars, *env...)
}
return envVars
}

// getVolumeMount gives information about persistence mount
func getVolumeMount(name string, persistenceEnabled *bool, clusterMode bool, nodeConfVolume bool, externalConfig *string, mountpath []corev1.VolumeMount, tlsConfig *redisv1beta2.TLSConfig, aclConfig *redisv1beta2.ACLConfig) []corev1.VolumeMount {
var VolumeMounts []corev1.VolumeMount
Expand Down Expand Up @@ -557,8 +570,8 @@ func getProbeInfo(probe *commonapi.Probe) *corev1.Probe {
}

// getEnvironmentVariables returns all the required Environment Variables
func getEnvironmentVariables(role string, enabledMetric bool, enabledPassword *bool, secretName *string,
secretKey *string, persistenceEnabled *bool, exporterEnvVar *[]corev1.EnvVar, tlsConfig *redisv1beta2.TLSConfig,
func getEnvironmentVariables(role string, enabledPassword *bool, secretName *string,
secretKey *string, persistenceEnabled *bool, tlsConfig *redisv1beta2.TLSConfig,
aclConfig *redisv1beta2.ACLConfig, envVar *[]corev1.EnvVar) []corev1.EnvVar {
envVars := []corev1.EnvVar{
{Name: "SERVER_MODE", Value: role},
Expand All @@ -574,24 +587,6 @@ func getEnvironmentVariables(role string, enabledMetric bool, enabledPassword *b

if tlsConfig != nil {
envVars = append(envVars, GenerateTLSEnvironmentVariables(tlsConfig)...)
if enabledMetric {
envVars = append(envVars, corev1.EnvVar{
Name: "REDIS_EXPORTER_TLS_CLIENT_KEY_FILE",
Value: "/tls/tls.key",
})
envVars = append(envVars, corev1.EnvVar{
Name: "REDIS_EXPORTER_TLS_CLIENT_CERT_FILE",
Value: "/tls/tls.crt",
})
envVars = append(envVars, corev1.EnvVar{
Name: "REDIS_EXPORTER_TLS_CA_CERT_FILE",
Value: "/tls/ca.crt",
})
envVars = append(envVars, corev1.EnvVar{
Name: "REDIS_EXPORTER_SKIP_TLS_VERIFICATION",
Value: "true",
})
}
}

if aclConfig != nil {
Expand Down Expand Up @@ -623,10 +618,6 @@ func getEnvironmentVariables(role string, enabledMetric bool, enabledPassword *b
envVars = append(envVars, corev1.EnvVar{Name: "PERSISTENCE_ENABLED", Value: "true"})
}

if exporterEnvVar != nil {
envVars = append(envVars, *exporterEnvVar...)
}

if envVar != nil {
envVars = append(envVars, *envVar...)
}
Expand Down
79 changes: 47 additions & 32 deletions k8sutils/statefulset_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -222,12 +222,10 @@ func TestGetEnvironmentVariables(t *testing.T) {
tests := []struct {
name string
role string
enabledMetric bool
enabledPassword *bool
secretName *string
secretKey *string
persistenceEnabled *bool
exporterEnvVar *[]corev1.EnvVar
tlsConfig *redisv1beta2.TLSConfig
aclConfig *redisv1beta2.ACLConfig
envVar *[]corev1.EnvVar
Expand All @@ -236,14 +234,10 @@ func TestGetEnvironmentVariables(t *testing.T) {
{
name: "Test with role sentinel, metrics true, password true, persistence true, exporter env, tls enabled, acl enabled and env var",
role: "sentinel",
enabledMetric: true,
enabledPassword: pointer.Bool(true),
secretName: pointer.String("test-secret"),
secretKey: pointer.String("test-key"),
persistenceEnabled: pointer.Bool(true),
exporterEnvVar: &[]corev1.EnvVar{
{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
},
tlsConfig: &redisv1beta2.TLSConfig{
TLSConfig: common.TLSConfig{
CaKeyFile: "test_ca.crt",
Expand All @@ -266,10 +260,6 @@ func TestGetEnvironmentVariables(t *testing.T) {
{Name: "ACL_MODE", Value: "true"},
{Name: "PERSISTENCE_ENABLED", Value: "true"},
{Name: "REDIS_ADDR", Value: "redis://localhost:26379"},
{Name: "REDIS_EXPORTER_SKIP_TLS_VERIFICATION", Value: "true"},
{Name: "REDIS_EXPORTER_TLS_CA_CERT_FILE", Value: "/tls/ca.crt"},
{Name: "REDIS_EXPORTER_TLS_CLIENT_CERT_FILE", Value: "/tls/tls.crt"},
{Name: "REDIS_EXPORTER_TLS_CLIENT_KEY_FILE", Value: "/tls/tls.key"},
{Name: "TLS_MODE", Value: "true"},
{Name: "REDIS_TLS_CA_KEY", Value: path.Join("/tls/", "test_ca.crt")},
{Name: "REDIS_TLS_CERT", Value: path.Join("/tls/", "test_tls.crt")},
Expand All @@ -285,18 +275,15 @@ func TestGetEnvironmentVariables(t *testing.T) {
{Name: "SERVER_MODE", Value: "sentinel"},
{Name: "SETUP_MODE", Value: "sentinel"},
{Name: "TEST_ENV", Value: "test-value"},
{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
},
},
{
name: "Test with role redis, metrics false, password nil, persistence nil, exporter nil, tls nil, acl nil and nil env var",
role: "redis",
enabledMetric: false,
enabledPassword: nil,
secretName: nil,
secretKey: nil,
persistenceEnabled: nil,
exporterEnvVar: nil,
tlsConfig: nil,
aclConfig: nil,
envVar: nil,
Expand All @@ -309,12 +296,10 @@ func TestGetEnvironmentVariables(t *testing.T) {
{
name: "Test with role redis, metrics false, password nil, persistence false, exporter nil, tls nil, acl nil and nil env var",
role: "sentinel",
enabledMetric: false,
enabledPassword: nil,
secretName: nil,
secretKey: nil,
persistenceEnabled: pointer.Bool(false),
exporterEnvVar: nil,
tlsConfig: nil,
aclConfig: nil,
envVar: nil,
Expand All @@ -327,16 +312,12 @@ func TestGetEnvironmentVariables(t *testing.T) {
{
name: "Test with role cluster, metrics true, password true, persistence true, exporter env, tls nil, acl enabled and env var",
role: "cluster",
enabledMetric: true,
enabledPassword: pointer.Bool(true),
secretName: pointer.String("test-secret"),
secretKey: pointer.String("test-key"),
persistenceEnabled: pointer.Bool(true),
exporterEnvVar: &[]corev1.EnvVar{
{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
},
tlsConfig: nil,
aclConfig: &redisv1beta2.ACLConfig{},
tlsConfig: nil,
aclConfig: &redisv1beta2.ACLConfig{},
envVar: &[]corev1.EnvVar{
{Name: "TEST_ENV", Value: "test-value"},
},
Expand All @@ -355,36 +336,70 @@ func TestGetEnvironmentVariables(t *testing.T) {
{Name: "SERVER_MODE", Value: "cluster"},
{Name: "SETUP_MODE", Value: "cluster"},
{Name: "TEST_ENV", Value: "test-value"},
{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
},
},
{
name: "Test with cluster role and only metrics enabled",
role: "cluster",
enabledMetric: true,
enabledPassword: nil,
secretName: nil,
secretKey: nil,
persistenceEnabled: nil,
exporterEnvVar: &[]corev1.EnvVar{
{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
},
tlsConfig: nil,
aclConfig: nil,
envVar: nil,
tlsConfig: nil,
aclConfig: nil,
envVar: nil,
expectedEnvironment: []corev1.EnvVar{
{Name: "REDIS_ADDR", Value: "redis://localhost:6379"},
{Name: "SERVER_MODE", Value: "cluster"},
{Name: "SETUP_MODE", Value: "cluster"},
{Name: "TEST_EXPORTER_ENV", Value: "exporter-value"},
},
},
}

for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
actualEnvironment := getEnvironmentVariables(tt.role, tt.enabledMetric, tt.enabledPassword, tt.secretName,
tt.secretKey, tt.persistenceEnabled, tt.exporterEnvVar, tt.tlsConfig, tt.aclConfig, tt.envVar)
actualEnvironment := getEnvironmentVariables(tt.role, tt.enabledPassword, tt.secretName,
tt.secretKey, tt.persistenceEnabled, tt.tlsConfig, tt.aclConfig, tt.envVar)

assert.ElementsMatch(t, tt.expectedEnvironment, actualEnvironment)
})
}
}

func Test_getExporterEnvironmentVariables(t *testing.T) {
tests := []struct {
name string
tlsConfig *redisv1beta2.TLSConfig
envVar *[]corev1.EnvVar
expectedEnvironment []corev1.EnvVar
}{
{
name: "Test with tls enabled and env var",
tlsConfig: &redisv1beta2.TLSConfig{
TLSConfig: common.TLSConfig{
CaKeyFile: "test_ca.crt",
CertKeyFile: "test_tls.crt",
KeyFile: "test_tls.key",
Secret: corev1.SecretVolumeSource{
SecretName: "tls-secret",
},
},
},
envVar: &[]corev1.EnvVar{
{Name: "TEST_ENV", Value: "test-value"},
},
expectedEnvironment: []corev1.EnvVar{
{Name: "REDIS_EXPORTER_TLS_CLIENT_KEY_FILE", Value: "/tls/tls.key"},
{Name: "REDIS_EXPORTER_TLS_CLIENT_CERT_FILE", Value: "/tls/tls.crt"},
{Name: "REDIS_EXPORTER_TLS_CA_CERT_FILE", Value: "/tls/ca.crt"},
{Name: "REDIS_EXPORTER_SKIP_TLS_VERIFICATION", Value: "true"},
{Name: "TEST_ENV", Value: "test-value"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
actualEnvironment := getExporterEnvironmentVariables(tt.tlsConfig, tt.envVar)

assert.ElementsMatch(t, tt.expectedEnvironment, actualEnvironment)
})
Expand Down

0 comments on commit 91feb40

Please sign in to comment.