Want to set publishNotReadyAddresses: true in statefulset's headless service permanenetly

pravega / zookeeper-operator

Kubernetes Operator for Zookeeper

Apache License 2.0

368 stars 206 forks source link

Want to set publishNotReadyAddresses: true in statefulset's headless service permanenetly #545

Open subhranil05 opened 1 year ago

subhranil05 commented 1 year ago

Description

I am using latest zookeeper-operator/zookeeper helm charts. Here I want to set publishNotReadyAddresses: true in headless service for zookeeper permanenetly. I'm using annotaions Service.spec.publishNotReadyAddresses: "true"in headless service through values file, but seems not doing the job, please let me know if any other way to do it

Importance

Zookeeper followers couldn't connect the leader, failing all the time with unknow host exception

Location

(Where is the piece of code, package, or document affected by this issue?)

Suggestions for an improvement

Option to update in spec of headless service with values file

subhranil05 commented 1 year ago

@AKamyshnikova @anishakj Mentioning your names as active contributor to this repo, thanks for the cooperating. Guys could you please guide me on this? its really urgent requirement for me I need to add publishNotReadyAddresses: true on spec section of headless service permanently

AKamyshnikova commented 1 year ago

@subhranil05 Hi! Creation of headless service is done here https://github.com/pravega/zookeeper-operator/blob/72bea545a73130c82b530e508a2a14daaa824435/pkg/zk/generators.go#L239

sys-liqian commented 1 year ago

add 'publishNotReadyAddresses: true' to headless svc may cause zk server is unable to join quorum after connection broken to other peers

subhranil05 commented 1 year ago

@sys-liqian without that there is failure for follower to join leader and timeout, any alternatives to fix this?

sys-liqian commented 1 year ago

@subhranil05 can you provide the zookeeper config from /data/conf/zoo.cfg please check your kubernetes default cluster domain, default is cluster.local

subhranil05 commented 1 year ago

@sys-liqian yeah domain is cluster.local and its correct for me here is the config I'm using

config:
    additionalConfig:
      portUnification: "false"
      secureClientPort: "2281"
      serverCnxnFactory: org.apache.zookeeper.server.NettyServerCnxnFactory
      ssl.quorum.hostnameVerification: "false"
      ssl.quorum.keyStore.location: /path/keystore.jks
      ssl.quorum.keyStore.password: <password>
      ssl.quorum.trustStore.location: /path/truststore.jks
      ssl.quorum.trustStore.password: <password>
      sslQuorum: "true"
    autoPurgePurgeInterval: 1
    autoPurgeSnapRetainCount: 3
    commitLogCount: 500
    globalOutstandingLimit: 1000
    initLimit: 10
    maxClientCnxns: 60
    maxSessionTimeout: 40000
    minSessionTimeout: 4000
    preAllocSize: 65536
    snapCount: 10000
    snapSizeLimitInKb: 4194304
    syncLimit: 5
    tickTime: 2000

subhranil05 commented 1 year ago

@sys-liqian I have another one to add, when implementing tls to zk quorum I'm using 2281 as secureclientport but how can I add this port permanently to zk-client-service. There is only one client port available now which is 2181 in client service. Can u help me also on this?

sys-liqian commented 1 year ago

@subhranil05 https://github.com/pravega/zookeeper-operator/blob/72bea545a73130c82b530e508a2a14daaa824435/pkg/zk/generators.go#L258 sorry, the latest release does not implement tls

subhranil05 commented 1 year ago

@sys-liqian with the above configuration my zookeeper quorum tls is working fine. Just need to add that new port to service. Are you planning for tls thing? Can I expect it little sooner?