[scalardb-cluster] Make Envoy optional

[kota2and3kan]

Description

This PR add a new service resource scalardb-cluster-endpoint to access ScalarDB Cluster directly from clients without Envoy.

Previously, the Envoy proxy is mandatory if users access ScalarDB Cluster from the outside of Kubernetes by using indirect mode.

However, the additional 1 hop (i.e., Envoy proxy) from the network perspective, it might have a performance impact.

Therefore, we decided to make the Envoy proxy optional even if users use the indirect mode of ScalarDB Cluster.

In such a case, we need to add a new service to access ScalarDB Cluster directly from clients without Envoy.

Please take a look!

Related issues and/or PRs

N/A

Changes made

• Add a new Service scalardb-cluster-endpoint to access ScalarDB Cluster directly without Envoy.
• Minor improvement for the existing Headless Service.

Checklist

• I have commented my code, particularly in hard-to-understand areas.
• I have updated the documentation to reflect the changes.
• Any remaining open issues linked to this PR are documented and up-to-date (Jira, GitHub, etc.).
• Tests (unit, integration, etc.) have been added for the changes.
• My changes generate no new warnings.
• Any dependent changes in other PRs have been merged and published.

Additional notes (optional)

If you set envoy.enabled to true in the values file, you can see the Envoy pod and Envoy service as follows. This is the same behavior as the previous one. In other words, this is a backward-compatible behavior.

• Pods (envoy.enabled=true)

  $ kubectl get pod
  NAME                                      READY   STATUS    RESTARTS   AGE
  postgresql-scalardb-0                     1/1     Running   0          13m
  scalardb-cluster-envoy-7758594866-55vdj   1/1     Running   0          4m13s
  scalardb-cluster-node-584c58b899-dlxwz    1/1     Running   0          4m13s
  scalardb-cluster-node-584c58b899-ftf7c    1/1     Running   0          4m13s
  scalardb-cluster-node-584c58b899-knmqw    1/1     Running   0          4m13s

• Services (envoy.enabled=true)

  $ kubectl get svc
  NAME                             TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)           AGE
  kubernetes                       ClusterIP      10.96.0.1        <none>        443/TCP           37m
  postgresql-scalardb              ClusterIP      10.103.205.164   <none>        5432/TCP          13m
  postgresql-scalardb-hl           ClusterIP      None             <none>        5432/TCP          13m
  scalardb-cluster-envoy           LoadBalancer   10.108.13.169    127.0.0.1     60053:30834/TCP   4m15s
  scalardb-cluster-envoy-metrics   ClusterIP      10.100.98.39     <none>        9001/TCP          4m15s
  scalardb-cluster-headless        ClusterIP      None             <none>        60053/TCP         4m15s
  scalardb-cluster-metrics         ClusterIP      10.101.6.216     <none>        9080/TCP          4m15s

If you set envoy.enabled to false in the values file (this is a default behavior), you can see the new service scalardb-cluster-endpoint, and the Envoy pods and services disappear as follows. This is a new behavior that has been added in this PR.

• Pods (envoy.enabled=false)

  $ kubectl get pod
  NAME                                     READY   STATUS    RESTARTS   AGE
  postgresql-scalardb-0                    1/1     Running   0          60m
  scalardb-cluster-node-584c58b899-4h9fd   1/1     Running   0          42m
  scalardb-cluster-node-584c58b899-8g2kf   1/1     Running   0          42m
  scalardb-cluster-node-584c58b899-lt4dg   1/1     Running   0          42m

• Services (envoy.enabled=false)

  $ kubectl get svc
  NAME                        TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)           AGE
  kubernetes                  ClusterIP      10.96.0.1        <none>        443/TCP           84m
  postgresql-scalardb         ClusterIP      10.103.205.164   <none>        5432/TCP          60m
  postgresql-scalardb-hl      ClusterIP      None             <none>        5432/TCP          60m
  scalardb-cluster-endpoint   LoadBalancer   10.106.39.116    127.0.0.1     60053:32311/TCP   42m
  scalardb-cluster-headless   ClusterIP      None             <none>        60053/TCP         42m
  scalardb-cluster-metrics    ClusterIP      10.111.170.9     <none>        9080/TCP          42m

Also, I checked whether we can execute queries via this scalardb-cluster-endpoint from the client (SQL CLI) as follows, just in case.

0: scalardb> drop table foo;
No rows affected (0.067 seconds)
0: scalardb>
0: scalardb> drop namespace ns;
No rows affected (0.042 seconds)
0: scalardb>
0: scalardb>
0: scalardb> create namespace ns;
No rows affected (0.021 seconds)
0: scalardb>
0: scalardb> create table ns.foo (a int, b int, c int, primary key(a,b));
No rows affected (0.221 seconds)
0: scalardb>
0: scalardb> insert into ns.foo values (1,2,3);
1 row affected (0.037 seconds)
0: scalardb>
0: scalardb> select * from ns.foo;
+---+---+---+
| a | b | c |
+---+---+---+
| 1 | 2 | 3 |
+---+---+---+
1 row selected (0.026 seconds)
0: scalardb>

Release notes

Added a new service. Now, you can access ScalarDB Cluster directly without Envoy.

[gemini-code-assist]

Summary of Changes

Hello @kota2and3kan, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces the capability to deploy ScalarDB Cluster without requiring Envoy as a mandatory component. It achieves this by making the underlying Kubernetes service configurations conditional based on an envoy.enabled flag, allowing the cluster to be exposed via a standard service instead of a headless service when Envoy is not in use. This change provides greater flexibility for users who do not need Envoy's features in their ScalarDB Cluster deployments.

Highlights

• Conditional Service Deployment: The Kubernetes Service definition for ScalarDB Cluster is now conditional. If .Values.envoy.enabled is true, a headless service (clusterIP: None) is deployed. Otherwise, a standard Kubernetes Service (ClusterIP type, or whatever is specified by .Values.scalardbCluster.service.type) is deployed.
• Dynamic Endpoint Configuration: The SCALAR_DB_CLUSTER_MEMBERSHIP_KUBERNETES_ENDPOINT_NAME environment variable within the deployment is now dynamically set. It will point to the headless service name when Envoy is enabled, and to the standard service name when Envoy is disabled, ensuring correct cluster membership discovery.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request makes Envoy optional in the scalardb-cluster Helm chart. The service created for a non-Envoy setup is not headless, which is a requirement for Kubernetes-based cluster membership discovery. The deployment.yaml is configured to use this service for cluster membership discovery. ScalarDB's Kubernetes discovery mechanism requires a headless service to get the individual pod IPs. A regular service with a cluster IP will not work for discovery, causing the cluster formation to fail.

[kota2and3kan]

/gemini review

[gemini-code-assist]

Code Review

This pull request aims to make Envoy optional in the scalardb-cluster Helm chart. The changes introduce a new Kubernetes Service named ...-endpoint that is created when Envoy is disabled, serving as the main entry point to the cluster. This is a logical approach. Additionally, the existing headless service is correctly modified to have a hardcoded type: ClusterIP, which improves the chart's robustness. My review identified a minor formatting issue in the service definitions where the use of nindent for port specifications will introduce unwanted newlines into the generated YAML. I've provided suggestions to correct this.

[kota2and3kan]

This headless service is used not only for the service discovery of Envoy but also for pod detection of Scalar Admin for Kubernetes. Therefore, we need to deploy this headless service always, even if we don't deploy Envoy.

[kota2and3kan]

This is just a minor refactoring. This does not change any behaviors.

[kota2and3kan]

This is a newly added service resource to provide the endpoint to access ScalarDB Cluster directly without Envoy.

[brfrn169]

LGTM! Thank you!

[komamitsu]

LGTM! 👍