From 4cca417967b4d2ac63fca71d78a6d1550c5edec9 Mon Sep 17 00:00:00 2001 From: Balthazar Rouberol Date: Wed, 17 Sep 2025 15:32:45 +0200 Subject: [PATCH] Allow the opensearch operator to watch multiple namespaces We keep the original `-watch-namespace` flag, to ensure backwards compatibility. We simply split the value over any comma, and populate the cache for each namespace in the csv. Note: Because the `watchNamespace` variable was being tested for emptiness _before_ `flag.Parse()` was being called, it was always empty, causing the operator to _always_ watch all namespaces in the cluster. This is no longer the case. Fixes #374 Signed-off-by: Balthazar Rouberol --- charts/opensearch-operator/Chart.yaml | 2 +- ...perator-controller-manager-deployment.yaml | 4 ++++ charts/opensearch-operator/values.yaml | 4 ++++ docs/userguide/main.md | 4 ++++ opensearch-operator/main.go | 23 +++++++++++-------- 5 files changed, 27 insertions(+), 10 deletions(-) diff --git a/charts/opensearch-operator/Chart.yaml b/charts/opensearch-operator/Chart.yaml index cdf5501e7..4ad21bfcf 100644 --- a/charts/opensearch-operator/Chart.yaml +++ b/charts/opensearch-operator/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the opensearch-operator chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 2.8.0 +version: 2.8.1 # This is the version number of the application being deployed (the operator). This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/opensearch-operator/templates/opensearch-operator-controller-manager-deployment.yaml b/charts/opensearch-operator/templates/opensearch-operator-controller-manager-deployment.yaml index 4b5cb194b..2eb1d1ff3 100755 --- a/charts/opensearch-operator/templates/opensearch-operator-controller-manager-deployment.yaml +++ b/charts/opensearch-operator/templates/opensearch-operator-controller-manager-deployment.yaml @@ -51,8 +51,12 @@ spec: - --metrics-bind-address=127.0.0.1:8080 - --leader-elect {{- if .Values.manager.watchNamespace }} + {{- if kindIs "slice" .Values.manager.watchNamespace }} + - --watch-namespace={{ .Values.manager.watchNamespace | join "," }} + {{- else }} - --watch-namespace={{ .Values.manager.watchNamespace }} {{- end }} + {{- end }} - --loglevel={{ .Values.manager.loglevel }} command: - /manager diff --git a/charts/opensearch-operator/values.yaml b/charts/opensearch-operator/values.yaml index 1ee839bbe..06cf4e676 100644 --- a/charts/opensearch-operator/values.yaml +++ b/charts/opensearch-operator/values.yaml @@ -63,6 +63,10 @@ manager: # If a watchNamespace is specified, the manager's cache will be restricted to # watch objects in the desired namespace. Defaults is to watch all namespaces. + # To watch multiple namespaces, separate them by commas, or define it as a list. + # Examples: + # watchNamespace: ns1,ns2 + # watchNamespace: [ns1, ns2] watchNamespace: # Install the Custom Resource Definitions with Helm diff --git a/docs/userguide/main.md b/docs/userguide/main.md index e744e14f4..b4faa84a0 100644 --- a/docs/userguide/main.md +++ b/docs/userguide/main.md @@ -92,6 +92,10 @@ manager: loglevel: info # If specified, the operator will be restricted to watch objects only in the desired namespace. Defaults is to watch all namespaces. + # To watch multiple namespaces, either separate their name via commas or define it as a list. + # Examples: + # watchNamespaces: 'ns1,ns2' + # watchNamespace: [ns1, ns2] watchNamespace: # Configure extra environment variables for the operator. You can also pull them from secrets or configmaps diff --git a/opensearch-operator/main.go b/opensearch-operator/main.go index a169a674e..79f954d88 100644 --- a/opensearch-operator/main.go +++ b/opensearch-operator/main.go @@ -20,10 +20,12 @@ import ( "flag" "fmt" "os" + "strconv" + "strings" + "sigs.k8s.io/controller-runtime/pkg/cache" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" "sigs.k8s.io/controller-runtime/pkg/webhook" - "strconv" "github.com/Opster/opensearch-k8s-operator/opensearch-operator/controllers" "go.uber.org/zap/zapcore" @@ -32,13 +34,14 @@ import ( // to ensure that exec-entrypoint and run can make use of them. _ "k8s.io/client-go/plugin/pkg/client/auth" + "net/http" + _ "net/http/pprof" + opsterv1 "github.com/Opster/opensearch-k8s-operator/opensearch-operator/api/v1" monitoring "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" - "net/http" - _ "net/http/pprof" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" @@ -68,15 +71,11 @@ func main() { "Enable leader election for controller manager. "+ "Enabling this will ensure there is only one active controller manager.") flag.StringVar(&watchNamespace, "watch-namespace", "", - "The namespace that controller manager is restricted to watch. If not set, default is to watch all namespaces.") + "The comma-separated list of namespaces that the controller manager is restricted to watch. If not set, default is to watch all namespaces.") flag.StringVar(&logLevel, "loglevel", "info", "The log level to use for the operator logs. Possible values: debug,info,warn,error") var cacheOpts cache.Options - if watchNamespace != "" { - cacheOpts.DefaultNamespaces = map[string]cache.Config{ - watchNamespace: {}, - } - } + opts := zap.Options{ Development: false, TimeEncoder: zapcore.ISO8601TimeEncoder, @@ -84,6 +83,12 @@ func main() { opts.BindFlags(flag.CommandLine) flag.Parse() + watchNamespaceList := strings.Split(watchNamespace, ",") + cacheOpts.DefaultNamespaces = make(map[string]cache.Config) + for _, watchNs := range watchNamespaceList { + cacheOpts.DefaultNamespaces[watchNs] = cache.Config{} + } + level, err := zapcore.ParseLevel(logLevel) if err != nil { fmt.Printf("Invalid log level '%s'. Leaving on info", logLevel)