chore: Increase coordinator temporary credentials lifetime (#694)

* chore: Increase coordinator temporary credentials lifetime

* changelog

* docs: Document lifetimes

Author: sbernauer

CHANGELOG.md

@@ -10,6 +10,11 @@ All notable changes to this project will be documented in this file.
   config property `requestedSecretLifetime`. This helps reduce frequent Pod restarts ([#676]).
 - Run a `containerdebug` process in the background of each Trino container to collect debugging information ([#687]).
 
+## Changed
+
+- Increased the default temporary secret lifetime for coordinators from 1 day to 15 days.
+  This is because Trino currently does not offer a HA setup for them, a restart kills all running queries ([#694]).
+
 ### Fixed
 
 - Fix OIDC endpoint construction in case the `rootPath` does have a trailing slash ([#673]).
@@ -21,6 +26,7 @@ All notable changes to this project will be documented in this file.
 [#673]: https://github.com/stackabletech/trino-operator/pull/673
 [#676]: https://github.com/stackabletech/trino-operator/pull/676
 [#687]: https://github.com/stackabletech/trino-operator/pull/687
+[#694]: https://github.com/stackabletech/trino-operator/pull/694
 
 ## [24.11.0] - 2024-11-18
 

deploy/helm/trino-operator/crds/crds.yaml

@@ -298,7 +298,10 @@ spec:
                           nullable: true
                           type: string
                         requestedSecretLifetime:
-                          description: Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.
+                          description: |-
+                            Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.
+
+                            Defaults to `15d` for coordinators (as currently a restart kills all running queries) and `1d` for workers.
                           nullable: true
                           type: string
                         resources:
@@ -571,7 +574,10 @@ spec:
                                 nullable: true
                                 type: string
                               requestedSecretLifetime:
-                                description: Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.
+                                description: |-
+                                  Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.
+
+                                  Defaults to `15d` for coordinators (as currently a restart kills all running queries) and `1d` for workers.
                                 nullable: true
                                 type: string
                               resources:
@@ -873,7 +879,10 @@ spec:
                           nullable: true
                           type: string
                         requestedSecretLifetime:
-                          description: Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.
+                          description: |-
+                            Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.
+
+                            Defaults to `15d` for coordinators (as currently a restart kills all running queries) and `1d` for workers.
                           nullable: true
                           type: string
                         resources:
@@ -1146,7 +1155,10 @@ spec:
                                 nullable: true
                                 type: string
                               requestedSecretLifetime:
-                                description: Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.
+                                description: |-
+                                  Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`. This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.
+
+                                  Defaults to `15d` for coordinators (as currently a restart kills all running queries) and `1d` for workers.
                                 nullable: true
                                 type: string
                               resources:

rust/crd/src/lib.rs

@@ -435,12 +435,14 @@ pub struct TrinoConfig {
 
     /// Request secret (currently only autoTls certificates) lifetime from the secret operator, e.g. `7d`, or `30d`.
     /// This can be shortened by the `maxCertificateLifetime` setting on the SecretClass issuing the TLS certificate.
+    ///
+    /// Defaults to `15d` for coordinators (as currently a restart kills all running queries)
+    /// and `1d` for workers.
     #[fragment_attrs(serde(default))]
     pub requested_secret_lifetime: Option<Duration>,
 }
 
 impl TrinoConfig {
-    const DEFAULT_SECRET_LIFETIME: Duration = Duration::from_days_unchecked(1);
     fn default_config(
         cluster_name: &str,
         role: &TrinoRole,
@@ -454,6 +456,13 @@ impl TrinoConfig {
             TrinoRole::Coordinator => DEFAULT_COORDINATOR_GRACEFUL_SHUTDOWN_TIMEOUT,
             TrinoRole::Worker => DEFAULT_WORKER_GRACEFUL_SHUTDOWN_TIMEOUT,
         };
+        let requested_secret_lifetime = match role {
+            // TODO: Once Trino supports a HA setup for coordinators we should decrease this!
+            // See https://github.com/stackabletech/trino-operator/issues/693
+            // and https://github.com/stackabletech/decisions/issues/38 for details
+            TrinoRole::Coordinator => Duration::from_days_unchecked(15),
+            TrinoRole::Worker => Duration::from_days_unchecked(1),
+        };
 
         TrinoConfigFragment {
             logging: product_logging::spec::default_logging(),
@@ -478,7 +487,7 @@ impl TrinoConfig {
             query_max_memory: None,
             query_max_memory_per_node: None,
             graceful_shutdown_timeout: Some(graceful_shutdown_timeout),
-            requested_secret_lifetime: Some(Self::DEFAULT_SECRET_LIFETIME),
+            requested_secret_lifetime: Some(requested_secret_lifetime),
         }
     }
 }