diff --git a/build/crd/percona/generated/pgv2.percona.com_perconapgclusters.yaml b/build/crd/percona/generated/pgv2.percona.com_perconapgclusters.yaml index fd4317efe5..91966db202 100644 --- a/build/crd/percona/generated/pgv2.percona.com_perconapgclusters.yaml +++ b/build/crd/percona/generated/pgv2.percona.com_perconapgclusters.yaml @@ -8340,8 +8340,12 @@ spec: properties: bucket: type: string + disableSSL: + type: string endpoint: type: string + forcePathStyle: + type: string region: type: string secret: diff --git a/build/postgres-operator/install-extensions.sh b/build/postgres-operator/install-extensions.sh index 6a8555bd78..ca09efe7cd 100755 --- a/build/postgres-operator/install-extensions.sh +++ b/build/postgres-operator/install-extensions.sh @@ -16,6 +16,14 @@ if [[ -n $STORAGE_ENDPOINT ]]; then args+=(-endpoint "$STORAGE_ENDPOINT") fi +if [[ ${STORAGE_DISABLE_SSL} == "true" ]]; then + args+=(-disable-ssl) +fi + +if [[ ${STORAGE_FORCE_PATH_STYLE} == "true" ]]; then + args+=(-force-path-style) +fi + for key in "${extensions[@]}"; do if [ -f "${PGDATA_EXTENSIONS}"/"${key}".installed ]; then echo "Extension ${key} already installed" diff --git a/cmd/extension-installer/main.go b/cmd/extension-installer/main.go index 5045e608eb..4275e49b3e 100644 --- a/cmd/extension-installer/main.go +++ b/cmd/extension-installer/main.go @@ -12,7 +12,7 @@ import ( func main() { var storageType, endpoint, region, bucket, key, extensionPath string - var install, uninstall bool + var install, uninstall, forcePathStyle, disableSSL bool flag.StringVar(&storageType, "type", "", "Storage type") flag.StringVar(&endpoint, "endpoint", "", "Storage endpoint") @@ -23,6 +23,8 @@ func main() { flag.BoolVar(&install, "install", false, "Install extension") flag.BoolVar(&uninstall, "uninstall", false, "Uninstall extension") + flag.BoolVar(&forcePathStyle, "force-path-style", false, "Force path style") + flag.BoolVar(&disableSSL, "disable-ssl", false, "Disable SSL") flag.Parse() if (install && uninstall) || (!install && !uninstall) { @@ -31,7 +33,7 @@ func main() { log.Printf("starting extension installer for %s/%s (%s) in %s", bucket, key, storageType, region) - storage := initStorage(extensions.StorageType(storageType), endpoint, bucket, region) + storage := initStorage(extensions.StorageType(storageType), endpoint, bucket, region, forcePathStyle, disableSSL) packageName := key + ".tar.gz" @@ -70,10 +72,10 @@ func main() { } } -func initStorage(storageType extensions.StorageType, endpoint, bucket, region string) extensions.ObjectGetter { +func initStorage(storageType extensions.StorageType, endpoint, bucket, region string, s3ForcePathStyle, disableSSL bool) extensions.ObjectGetter { switch storageType { case extensions.StorageTypeS3: - return extensions.NewS3(endpoint, region, bucket) + return extensions.NewS3(endpoint, region, bucket, s3ForcePathStyle, disableSSL) default: log.Fatalf("unknown storage type: %s", os.Getenv("STORAGE_TYPE")) } diff --git a/config/crd/bases/pgv2.percona.com_perconapgclusters.yaml b/config/crd/bases/pgv2.percona.com_perconapgclusters.yaml index a0dccc91bf..882ca6883d 100644 --- a/config/crd/bases/pgv2.percona.com_perconapgclusters.yaml +++ b/config/crd/bases/pgv2.percona.com_perconapgclusters.yaml @@ -8747,8 +8747,12 @@ spec: properties: bucket: type: string + disableSSL: + type: string endpoint: type: string + forcePathStyle: + type: string region: type: string secret: diff --git a/deploy/bundle.yaml b/deploy/bundle.yaml index 5ec0a7101f..ae21792b14 100644 --- a/deploy/bundle.yaml +++ b/deploy/bundle.yaml @@ -9044,8 +9044,12 @@ spec: properties: bucket: type: string + disableSSL: + type: string endpoint: type: string + forcePathStyle: + type: string region: type: string secret: diff --git a/deploy/cr.yaml b/deploy/cr.yaml index 5f4cffe8b3..a02a23da84 100644 --- a/deploy/cr.yaml +++ b/deploy/cr.yaml @@ -629,6 +629,8 @@ spec: # bucket: pg-extensions # region: eu-central-1 # endpoint: s3.eu-central-1.amazonaws.com +# forcePathStyle: false +# disableSSL: false # secret: # name: cluster1-extensions-secret # builtin: diff --git a/deploy/crd.yaml b/deploy/crd.yaml index 407ac4d2d9..9127130294 100644 --- a/deploy/crd.yaml +++ b/deploy/crd.yaml @@ -9044,8 +9044,12 @@ spec: properties: bucket: type: string + disableSSL: + type: string endpoint: type: string + forcePathStyle: + type: string region: type: string secret: diff --git a/deploy/cw-bundle.yaml b/deploy/cw-bundle.yaml index 0e0dc91efb..149df41fff 100644 --- a/deploy/cw-bundle.yaml +++ b/deploy/cw-bundle.yaml @@ -9044,8 +9044,12 @@ spec: properties: bucket: type: string + disableSSL: + type: string endpoint: type: string + forcePathStyle: + type: string region: type: string secret: diff --git a/percona/controller/pgcluster/controller.go b/percona/controller/pgcluster/controller.go index f3e0d03928..480570a6d1 100644 --- a/percona/controller/pgcluster/controller.go +++ b/percona/controller/pgcluster/controller.go @@ -806,17 +806,17 @@ func (r *PGClusterReconciler) reconcileCustomExtensions(ctx context.Context, cr for i := 0; i < len(cr.Spec.InstanceSets); i++ { set := &cr.Spec.InstanceSets[i] - set.InitContainers = append(set.InitContainers, extensions.ExtensionRelocatorContainer( + set.InitContainers = append(set.InitContainers, extensions.RelocatorContainer( cr, cr.PostgresImage(), cr.Spec.ImagePullPolicy, cr.Spec.PostgresVersion, )) - set.InitContainers = append(set.InitContainers, extensions.ExtensionInstallerContainer( + set.InitContainers = append(set.InitContainers, extensions.InstallerContainer( cr, cr.Spec.PostgresVersion, &cr.Spec.Extensions, strings.Join(extensionKeys, ","), cr.Spec.OpenShift, )) - set.VolumeMounts = append(set.VolumeMounts, extensions.ExtensionVolumeMounts(cr.Spec.PostgresVersion)...) + set.VolumeMounts = append(set.VolumeMounts, extensions.VolumeMounts(cr.Spec.PostgresVersion)...) } return nil } diff --git a/percona/controller/pgupgrade/controller.go b/percona/controller/pgupgrade/controller.go index 4a53ce64d6..1f82b929fc 100644 --- a/percona/controller/pgupgrade/controller.go +++ b/percona/controller/pgupgrade/controller.go @@ -180,11 +180,11 @@ func (r *PGUpgradeReconciler) createPGUpgrade(ctx context.Context, cluster *pgv2 extensionKeys = append(extensionKeys, key) } - pgUpgrade.Spec.InitContainers = append(pgUpgrade.Spec.InitContainers, extensions.ExtensionRelocatorContainer( + pgUpgrade.Spec.InitContainers = append(pgUpgrade.Spec.InitContainers, extensions.RelocatorContainer( cluster, *perconaPGUpgrade.Spec.Image, cluster.Spec.ImagePullPolicy, pgVersion, )) - pgUpgrade.Spec.InitContainers = append(pgUpgrade.Spec.InitContainers, extensions.ExtensionInstallerContainer( + pgUpgrade.Spec.InitContainers = append(pgUpgrade.Spec.InitContainers, extensions.InstallerContainer( cluster, pgVersion, &cluster.Spec.Extensions, @@ -194,7 +194,7 @@ func (r *PGUpgradeReconciler) createPGUpgrade(ctx context.Context, cluster *pgv2 } // we're only adding the volume mounts for target version since current volume mounts are already mounted - pgUpgrade.Spec.VolumeMounts = append(pgUpgrade.Spec.VolumeMounts, extensions.ExtensionVolumeMounts( + pgUpgrade.Spec.VolumeMounts = append(pgUpgrade.Spec.VolumeMounts, extensions.VolumeMounts( perconaPGUpgrade.Spec.ToPostgresVersion)..., ) diff --git a/percona/extensions/k8s.go b/percona/extensions/containers.go similarity index 66% rename from percona/extensions/k8s.go rename to percona/extensions/containers.go index 7cf5839ae5..48f6056d11 100644 --- a/percona/extensions/k8s.go +++ b/percona/extensions/containers.go @@ -13,16 +13,11 @@ func GetExtensionKey(pgMajor int, name, version string) string { return fmt.Sprintf("%s-pg%d-%s", name, pgMajor, version) } -// ExtensionRelocatorContainer returns a container that will relocate extensions from the base image (i.e. pg_stat_monitor, pg_audit) +// RelocatorContainer returns a container that will relocate extensions from the base image (i.e. pg_stat_monitor, pg_audit) // to the data directory so we don't lose them when user adds a custom extension. -func ExtensionRelocatorContainer(cr *pgv2.PerconaPGCluster, image string, imagePullPolicy corev1.PullPolicy, postgresVersion int) corev1.Container { - containerName := "extension-relocator" - if cr.CompareVersion("2.4.0") >= 0 { - containerName = fmt.Sprintf("extension-relocator-%d", postgresVersion) - } - +func RelocatorContainer(_ *pgv2.PerconaPGCluster, image string, imagePullPolicy corev1.PullPolicy, postgresVersion int) corev1.Container { return corev1.Container{ - Name: containerName, + Name: fmt.Sprintf("extension-relocator-%d", postgresVersion), Image: image, ImagePullPolicy: imagePullPolicy, Command: []string{"/usr/local/bin/relocate-extensions.sh"}, @@ -41,22 +36,17 @@ func ExtensionRelocatorContainer(cr *pgv2.PerconaPGCluster, image string, imageP } } -func ExtensionInstallerContainer(cr *pgv2.PerconaPGCluster, postgresVersion int, spec *pgv2.ExtensionsSpec, extensions string, openshift *bool) corev1.Container { +func InstallerContainer(cr *pgv2.PerconaPGCluster, postgresVersion int, spec *pgv2.ExtensionsSpec, extensions string, openshift *bool) corev1.Container { mounts := []corev1.VolumeMount{ { Name: "postgres-data", MountPath: "/pgdata", }, } - mounts = append(mounts, ExtensionVolumeMounts(postgresVersion)...) - - containerName := "extension-installer" - if cr.CompareVersion("2.4.0") >= 0 { - containerName = fmt.Sprintf("extension-installer-%d", postgresVersion) - } + mounts = append(mounts, VolumeMounts(postgresVersion)...) container := corev1.Container{ - Name: containerName, + Name: fmt.Sprintf("extension-installer-%d", postgresVersion), Image: spec.Image, ImagePullPolicy: spec.ImagePullPolicy, Command: []string{"/usr/local/bin/install-extensions.sh"}, @@ -100,6 +90,24 @@ func ExtensionInstallerContainer(cr *pgv2.PerconaPGCluster, postgresVersion int, VolumeMounts: mounts, } + if cr.CompareVersion("2.8.0") >= 0 { + // Check whether the configuration exists so that existing e2e tests + // that do not set these values are not affected. + if spec.Storage.DisableSSL != "" { + container.Env = append(container.Env, corev1.EnvVar{ + Name: "STORAGE_DISABLE_SSL", + Value: spec.Storage.DisableSSL, + }) + } + + if spec.Storage.ForcePathStyle != "" { + container.Env = append(container.Env, corev1.EnvVar{ + Name: "STORAGE_FORCE_PATH_STYLE", + Value: spec.Storage.ForcePathStyle, + }) + } + } + if openshift == nil || !*openshift { container.SecurityContext = &corev1.SecurityContext{ RunAsUser: func() *int64 { @@ -112,7 +120,7 @@ func ExtensionInstallerContainer(cr *pgv2.PerconaPGCluster, postgresVersion int, return container } -func ExtensionVolumeMounts(postgresVersion int) []corev1.VolumeMount { +func VolumeMounts(postgresVersion int) []corev1.VolumeMount { return []corev1.VolumeMount{ { Name: "postgres-data", diff --git a/percona/extensions/s3.go b/percona/extensions/s3.go index 0106a7f393..4c1d4ed376 100644 --- a/percona/extensions/s3.go +++ b/percona/extensions/s3.go @@ -15,8 +15,11 @@ type S3 struct { svc *s3.S3 } -func NewS3(endpoint, region, bucket string) *S3 { - cfg := aws.NewConfig().WithRegion(region) +func NewS3(endpoint, region, bucket string, s3ForcePathStyle, disableSSL bool) *S3 { + cfg := aws.NewConfig(). + WithRegion(region). + WithDisableSSL(disableSSL). + WithS3ForcePathStyle(s3ForcePathStyle) if endpoint != "" { cfg = cfg.WithEndpoint(endpoint) diff --git a/percona/extensions/storage.go b/percona/extensions/storage.go index 190aa3fb53..b3279fdf95 100644 --- a/percona/extensions/storage.go +++ b/percona/extensions/storage.go @@ -12,7 +12,5 @@ type ObjectGetter interface { type StorageType string const ( - StorageTypeS3 StorageType = "s3" - StorageTypeGCS StorageType = "gcs" - StorageTypeAzure StorageType = "azure" + StorageTypeS3 StorageType = "s3" ) diff --git a/pkg/apis/pgv2.percona.com/v2/perconapgcluster_types.go b/pkg/apis/pgv2.percona.com/v2/perconapgcluster_types.go index dd579c5d4d..46c937e70e 100644 --- a/pkg/apis/pgv2.percona.com/v2/perconapgcluster_types.go +++ b/pkg/apis/pgv2.percona.com/v2/perconapgcluster_types.go @@ -628,11 +628,13 @@ type CustomExtensionSpec struct { type CustomExtensionsStorageSpec struct { // +kubebuilder:validation:Enum={s3,gcs,azure} - Type string `json:"type,omitempty"` - Bucket string `json:"bucket,omitempty"` - Region string `json:"region,omitempty"` - Endpoint string `json:"endpoint,omitempty"` - Secret *corev1.SecretProjection `json:"secret,omitempty"` + Type string `json:"type,omitempty"` + Bucket string `json:"bucket,omitempty"` + Region string `json:"region,omitempty"` + Endpoint string `json:"endpoint,omitempty"` + ForcePathStyle string `json:"forcePathStyle,omitempty"` + DisableSSL string `json:"disableSSL,omitempty"` + Secret *corev1.SecretProjection `json:"secret,omitempty"` } type BuiltInExtensionsSpec struct {