Add additional volume for postgres, v0

Author: benjaminjb

config/crd/bases/postgres-operator.crunchydata.com_postgresclusters.yaml

@@ -1184,6 +1184,10 @@ func (r *Reconciler) reconcileInstance(
 	if err == nil {
 		tablespaceVolumes, err = r.reconcileTablespaceVolumes(ctx, cluster, spec, instance, clusterVolumes)
 	}
+	if err == nil {
+		_, err = r.reconcileAdditionalVolumes(ctx,
+			cluster, spec.Volumes.Additional)
+	}
 	if err == nil {
 		postgres.InstancePod(
 			ctx, cluster, spec,
@@ -1254,6 +1258,11 @@ func (r *Reconciler) reconcileInstance(
 		addDevSHM(&instance.Spec.Template)
 	}
 
+	// mount additional volumes to the Postgres instance containers
+	if err == nil && spec.Volumes != nil && spec.Volumes.Additional != nil {
+		addAdditionalVolumes(&instance.Spec.Template, cluster, spec.Volumes.Additional)
+	}
+
 	if err == nil {
 		err = errors.WithStack(r.apply(ctx, instance))
 	}

internal/controller/postgrescluster/instance.go

@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"hash/fnv"
 	"io"
+	"slices"
 
 	batchv1 "k8s.io/api/batch/v1"
 	corev1 "k8s.io/api/core/v1"
@@ -16,6 +17,7 @@ import (
 
 	"github.com/crunchydata/postgres-operator/internal/initialize"
 	"github.com/crunchydata/postgres-operator/internal/naming"
+	"github.com/crunchydata/postgres-operator/pkg/apis/postgres-operator.crunchydata.com/v1beta1"
 )
 
 var tmpDirSizeLimit = resource.MustParse("16Mi")
@@ -285,3 +287,63 @@ func safeHash32(content func(w io.Writer) error) (string, error) {
 	}
 	return rand.SafeEncodeString(fmt.Sprint(hash.Sum32())), nil
 }
+
+// AdditionalVolumeMount returns the name and mount path of the additional volume.
+func AdditionalVolumeMount(cluster *v1beta1.PostgresCluster,
+	additionalVolume *v1beta1.AdditionalVolume) corev1.VolumeMount {
+
+	volumeName := naming.AdditionalVolume(cluster, additionalVolume).Name
+
+	return corev1.VolumeMount{
+		Name:      volumeName,
+		MountPath: "volumes" + "/" + additionalVolume.Name}
+}
+
+// addAdditionalVolumes adds additional volumes to the Postgres pod
+func addAdditionalVolumes(template *corev1.PodTemplateSpec,
+	inCluster *v1beta1.PostgresCluster,
+	additionalVolumes []*v1beta1.AdditionalVolume) {
+
+	for _, additionalVolume := range additionalVolumes {
+
+		additionalVolumeMount := AdditionalVolumeMount(
+			inCluster,
+			additionalVolume)
+
+		additionalVolumeSpec := corev1.Volume{
+			Name: additionalVolumeMount.Name,
+			VolumeSource: corev1.VolumeSource{
+				PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{
+					ClaimName: additionalVolumeMount.Name,
+					ReadOnly:  additionalVolume.ReadOnly,
+				},
+			},
+		}
+
+		for i := range template.Spec.Containers {
+			if len(additionalVolume.Containers) == 0 ||
+				slices.Contains(
+					additionalVolume.Containers,
+					template.Spec.Containers[i].Name) {
+				template.Spec.Containers[i].VolumeMounts = append(
+					template.Spec.Containers[i].VolumeMounts,
+					additionalVolumeMount)
+			}
+		}
+
+		for i := range template.Spec.InitContainers {
+			if len(additionalVolume.Containers) == 0 ||
+				slices.Contains(
+					additionalVolume.Containers,
+					template.Spec.InitContainers[i].Name) {
+				template.Spec.InitContainers[i].VolumeMounts = append(
+					template.Spec.InitContainers[i].VolumeMounts,
+					additionalVolumeMount)
+			}
+		}
+
+		template.Spec.Volumes = append(
+			template.Spec.Volumes,
+			additionalVolumeSpec)
+	}
+}

internal/controller/postgrescluster/util.go

@@ -906,3 +906,64 @@ func getPVCName(volumes []*corev1.PersistentVolumeClaim, selector labels.Selecto
 	}
 	return ""
 }
+
+// +kubebuilder:rbac:groups="",resources="persistentvolumeclaims",verbs={get}
+// +kubebuilder:rbac:groups="",resources="persistentvolumeclaims",verbs={create,delete,patch}
+
+// reconcileAdditionalVolumes writes the PersistentVolumeClaim for additional volumes.
+func (r *Reconciler) reconcileAdditionalVolumes(
+	ctx context.Context,
+	cluster *v1beta1.PostgresCluster,
+	additionalVolumes []*v1beta1.AdditionalVolume,
+	// instance *appsv1.StatefulSet,
+	// observed *Instance,
+) (additionalVolumePVCs []*corev1.PersistentVolumeClaim, err error) {
+
+	if additionalVolumes == nil || len(additionalVolumes) == 0 {
+		return
+	}
+
+	for _, additionalVolume := range additionalVolumes {
+		// If the user provides a PVC, we leave it alone here
+		// and use it to mount the volume
+		if additionalVolume.ClaimName != "" {
+			continue
+		}
+
+		// TODO: What labels do we want to add
+		labelMap := map[string]string{
+			naming.LabelCluster: cluster.Name,
+		}
+
+		pvc := &corev1.PersistentVolumeClaim{ObjectMeta: naming.AdditionalVolume(cluster, additionalVolume)}
+
+		pvc.SetGroupVersionKind(corev1.SchemeGroupVersion.WithKind("PersistentVolumeClaim"))
+
+		err = errors.WithStack(r.setControllerReference(cluster, pvc))
+
+		// TODO: Do we have other labels/annotation sources we want to merge?
+		pvc.Annotations = naming.Merge(
+			cluster.Spec.Metadata.GetAnnotationsOrNil())
+
+		pvc.Labels = naming.Merge(
+			cluster.Spec.Metadata.GetLabelsOrNil(),
+			labelMap,
+		)
+
+		pvc.Spec = additionalVolume.ClaimTemplate.AsPersistentVolumeClaimSpec()
+
+		if err == nil {
+			err = r.handlePersistentVolumeClaimError(cluster,
+				errors.WithStack(r.apply(ctx, pvc)))
+		}
+
+		if err != nil {
+			return nil, err
+		}
+
+		additionalVolumePVCs = append(additionalVolumePVCs, pvc)
+	}
+
+	return
+
+}

internal/controller/postgrescluster/volumes.go

@@ -350,6 +350,21 @@ func InstancePostgresWALVolume(instance *appsv1.StatefulSet) metav1.ObjectMeta {
 	}
 }
 
+// AdditionalVolume returns the ObjectMeta for the additional
+// volume for instance.
+func AdditionalVolume(cluster *v1beta1.PostgresCluster,
+	volume *v1beta1.AdditionalVolume) metav1.ObjectMeta {
+	// TODO: What's the name for the PVC if not given?
+	volumeName := volume.ClaimName
+	if volumeName == "" {
+		volumeName = cluster.GetName() + "-additional-something"
+	}
+	return metav1.ObjectMeta{
+		Namespace: cluster.GetNamespace(),
+		Name:      volumeName,
+	}
+}
+
 // MonitoringUserSecret returns ObjectMeta necessary to lookup the Secret
 // containing authentication credentials for monitoring tools.
 func MonitoringUserSecret(cluster *v1beta1.PostgresCluster) metav1.ObjectMeta {

internal/naming/names.go

@@ -534,6 +534,16 @@ type PostgresVolumesSpec struct {
 	// ---
 	// +optional
 	Temp *v1beta1.VolumeClaimSpec `json:"temp,omitempty"`
+
+	// TODO: Update when v1beta1 is worked out
+	// Additional volumes to add to the pod.
+	// ---
+	// +optional
+	// +listType=map
+	// +listMapKey=name
+	// +kubebuilder:validation:MaxItems=10
+	// // +kubebuilder:validation:items:XValidation:rule=`[has(self.claimName), has(self.claimTemplate)].filter(x, x == true).size() <= 1`,message=`can only have one of claimName, claimTemplate`
+	Additional []*v1beta1.AdditionalVolume `json:"additional,omitempty"`
 }
 
 type TablespaceVolume struct {

pkg/apis/postgres-operator.crunchydata.com/v1/postgrescluster_types.go

@@ -531,6 +531,48 @@ type PostgresVolumesSpec struct {
 	// ---
 	// +optional
 	Temp *VolumeClaimSpec `json:"temp,omitempty"`
+
+	// These CRD xvalidation rules were over the complexity budget
+	// so I turned them off -- what's wrong here
+	// Additional volumes to add to the pod.
+	// ---
+	// +optional
+	// +listType=map
+	// +listMapKey=name
+	// +kubebuilder:validation:MaxItems=10
+	// // +kubebuilder:validation:items:XValidation:rule=`[has(self.claimName), has(self.claimTemplate)].filter(x, x == true).size() <= 1`,message=`can only have one of claimName, claimTemplate`
+	Additional []*AdditionalVolume `json:"additional,omitempty"`
+}
+
+type AdditionalVolume struct {
+	// The name of the volume used for mounting path.
+	// Must be unique.
+	// ---
+	// +kubebuilder:validation:Required
+	// // +kubebuilder:validation:XValidation:rule=`self == oldSelf`,message="immutable"
+	Name string `json:"name,omitempty"`
+
+	// A reference to a preexisting PVC.
+	// ---
+	// +optional
+	// // +kubebuilder:validation:XValidation:rule=`self == oldSelf`,message="immutable"
+	ClaimName string `json:"claimName,omitempty"`
+
+	// A PVC request.
+	// ---
+	// +optional
+	ClaimTemplate *VolumeClaimSpec `json:"claimTemplate,omitempty"`
+
+	// The containers to attach this volume to.
+	// ---
+	// +optional
+	// +listType=set
+	Containers []string `json:"containers,omitempty"`
+
+	// Sets the write/read mode of the volume
+	// ---
+	// +optional
+	ReadOnly bool `json:"readOnly,omitempty"`
 }
 
 type TablespaceVolume struct {