diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/cr.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/cr.go index 3ae7ef115..ab2d48df5 100644 --- a/manageiq-operator/api/v1alpha1/helpers/miq-components/cr.go +++ b/manageiq-operator/api/v1alpha1/helpers/miq-components/cr.go @@ -298,6 +298,30 @@ func postgresqlSharedBuffers(cr *miqv1alpha1.ManageIQ) string { } } +func priorityHigh(cr *miqv1alpha1.ManageIQ) int32 { + if cr.Spec.PriorityHigh == nil { + return priorityMedium(cr) + 100 + } else { + return cr.Spec.PriorityHigh + } +} + +func priorityLow(cr *miqv1alpha1.ManageIQ, c *client.Client) int32 { + if cr.Spec.PriorityLow == nil { + return podPriorityClusterDefault(c) + } else { + return cr.Spec.PriorityLow + } +} + +func priorityMedium(cr *miqv1alpha1.ManageIQ) int32 { + if cr.Spec.PriorityMedium == nil { + return priorityLow(cr) + 100 + } else { + return cr.Spec.PriorityMedium + } +} + func serverGuid(cr *miqv1alpha1.ManageIQ, c *client.Client) string { if cr.Spec.ServerGuid == "" { if pod := orchestratorPod(*c); pod != nil { @@ -375,6 +399,9 @@ func ManageCR(cr *miqv1alpha1.ManageIQ, c *client.Client) (*miqv1alpha1.ManageIQ cr.Spec.PostgresqlImage = postgresqlImage(cr) cr.Spec.PostgresqlMaxConnections = postgresqlMaxConnections(cr) cr.Spec.PostgresqlSharedBuffers = postgresqlSharedBuffers(cr) + cr.Spec.PriorityLow = priorityLow(cr, *c) + cr.Spec.PriorityMedium = priorityMedium(cr) + cr.Spec.PriorityHigh = priorityHigh(cr) cr.Spec.ServerGuid = serverGuid(cr, c) cr.Spec.ZookeeperImage = zookeeperImage(cr) cr.Spec.ZookeeperVolumeCapacity = zookeeperVolumeCapacity(cr) diff --git a/manageiq-operator/api/v1alpha1/helpers/miq-components/util.go b/manageiq-operator/api/v1alpha1/helpers/miq-components/util.go index 12e93f341..c6e8e2368 100644 --- a/manageiq-operator/api/v1alpha1/helpers/miq-components/util.go +++ b/manageiq-operator/api/v1alpha1/helpers/miq-components/util.go @@ -190,3 +190,17 @@ func DefaultSecurityContext() *corev1.SecurityContext { return sc } + +func podPriorityClusterDefault(c client.Client) int32 { + varTrue := true + priorityClassList := &schedulingv1.PriorityClassList{} + c.List(context.TODO(), priorityClassList) + + for _, priorityClass := range priorityClassList.Items { + if priorityClass.ObjectMeta.Namespace == "" && priorityClass.GlobalDefault == varTrue { + return priorityClass.Value + } + } + + return 0 +} diff --git a/manageiq-operator/api/v1alpha1/manageiq_types.go b/manageiq-operator/api/v1alpha1/manageiq_types.go index e40be5c74..24a3460a0 100644 --- a/manageiq-operator/api/v1alpha1/manageiq_types.go +++ b/manageiq-operator/api/v1alpha1/manageiq_types.go @@ -313,6 +313,21 @@ type ManageIQSpec struct { // +optional PostgresqlSharedBuffers string `json:"postgresqlSharedBuffers,omitempty"` + // Priority Class High value (default: 200) + // +optional + // +kubebuilder:validation:Maximum=1000000000 + PriorityHigh int32 `json:"priorityHigh,omitempty"` + + // Priority Class Low value (default: 0) + // +optional + // +kubebuilder:validation:Maximum=999999800 + PriorityLow int32 `json:"priorityLow,omitempty"` + + // Priority Class Medium value (default: 100) + // +optional + // +kubebuilder:validation:Maximum=999999900 + PriorityMedium int32 `json:"priorityMedium,omitempty"` + // Server GUID (default: auto-generated) // +optional ServerGuid string `json:"serverGuid,omitempty"` @@ -430,6 +445,18 @@ func (m *ManageIQ) Validate() error { } } + if spec.PriorityLow != nil && spec.PriorityMedium != nil && spec.PriorityLow > spec.PriorityMedium{ + errs = append(errs, "PriorityMedium is less than PriorityLow") + } + + if spec.PriorityLow != nil && spec.PriorityHigh != nil && spec.PriorityLow > spec.PriorityHigh{ + errs = append(errs, "PriorityHigh is less than PriorityLow") + } + + if spec.PriorityMedium != nil && spec.PriorityHigh != nil && spec.PriorityMedium > spec.PriorityHigh{ + errs = append(errs, "PriorityHigh is less than PriorityMedium") + } + if len(errs) > 0 { err := fmt.Sprintf("validation failed for ManageIQ object: %s", strings.Join(errs, ", ")) return errors.New(err) diff --git a/manageiq-operator/config/crd/bases/manageiq.org_manageiqs.yaml b/manageiq-operator/config/crd/bases/manageiq.org_manageiqs.yaml index f6837ea08..69baf2c0f 100644 --- a/manageiq-operator/config/crd/bases/manageiq.org_manageiqs.yaml +++ b/manageiq-operator/config/crd/bases/manageiq.org_manageiqs.yaml @@ -283,6 +283,21 @@ spec: postgresqlSharedBuffers: description: 'PostgreSQL shared buffers setting (default: 1GB)' type: string + priorityHigh: + description: 'Priority Class High value (default: 200)' + format: int32 + maximum: 1000000000 + type: integer + priorityLow: + description: 'Priority Class Low value (default: 0)' + format: int32 + maximum: 999999800 + type: integer + priorityMedium: + description: 'Priority Class Medium value (default: 100)' + format: int32 + maximum: 999999900 + type: integer serverGuid: description: 'Server GUID (default: auto-generated)' type: string diff --git a/manageiq-operator/config/rbac/role.yaml b/manageiq-operator/config/rbac/role.yaml index ac97873df..c5c085d87 100644 --- a/manageiq-operator/config/rbac/role.yaml +++ b/manageiq-operator/config/rbac/role.yaml @@ -1,5 +1,22 @@ --- apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: manageiq-operator +rules: +- apiGroups: + - scheduling.k8s.io + resources: + - priorityclasses + verbs: + - create + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: manageiq-operator diff --git a/manageiq-operator/config/rbac/role_binding.yaml b/manageiq-operator/config/rbac/role_binding.yaml index 9393a38d8..b3f886f8a 100644 --- a/manageiq-operator/config/rbac/role_binding.yaml +++ b/manageiq-operator/config/rbac/role_binding.yaml @@ -1,3 +1,16 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: manageiq-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: manageiq-operator +subjects: +- kind: ServiceAccount + name: manageiq-operator +--- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: diff --git a/manageiq-operator/controllers/manageiq_controller.go b/manageiq-operator/controllers/manageiq_controller.go index c7bb4f87d..fea102412 100644 --- a/manageiq-operator/controllers/manageiq_controller.go +++ b/manageiq-operator/controllers/manageiq_controller.go @@ -61,6 +61,7 @@ type ManageIQReconciler struct { //+kubebuilder:rbac:namespace=changeme,groups=rbac.authorization.k8s.io,resources=rolebindings,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:namespace=changeme,groups=rbac.authorization.k8s.io,resources=roles,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:namespace=changeme,groups=route.openshift.io,resources=*,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=scheduling.k8s.io,resources=priorityclasses,verbs=get;list;watch;create;update;patch // Reconcile is part of the main kubernetes reconciliation loop which aims to // move the current state of the cluster closer to the desired state.