Tweak Statefulset. (#6)

pkg/apis/audit/types.go

@@ -1,6 +1,7 @@
 package audit
 
 import (
+	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -22,7 +23,10 @@ type AuditConfig struct {
 
 	// Persistence contains options about the persistent volume used for buffering the audit data
 	// on the filesystem.
-	Persistence *AuditPersistence
+	Persistence AuditPersistence
+
+	// Replicas are the amount of replicas used for the buffering audit pods.
+	Replicas *int32
 
 	// WebhookMode allows to select which auditing mode - batching or blocking - should be used.
 	WebhookMode AuditWebhookMode
@@ -33,7 +37,7 @@ type AuditConfig struct {
 
 type AuditPersistence struct {
 	// Size is the size of the PVC to be used for each replica of the statefulset.
-	Size *string
+	Size *resource.Quantity
 
 	// StorageClassName is the name of the storage class to be used for the PVC. If empty, the default
 	// storage class is used.
@@ -62,15 +66,15 @@ type AuditBackendClusterForwarding struct {
 	Enabled bool
 
 	// FilesystemBufferSize is the maximum disk space for the fluent-bit file sytem buffer.
-	FilesystemBufferSize string
+	FilesystemBufferSize *string
 }
 
 type AuditBackendSplunk struct {
 	// Enabled allows to turn this backend on.
 	Enabled bool
 
 	// FilesystemBufferSize is the maximum disk space for the fluent-bit file sytem buffer.
-	FilesystemBufferSize string
+	FilesystemBufferSize *string
 
 	// Index is the splunk index that should be used.
 	Index string

pkg/apis/audit/v1alpha1/defaults.go

@@ -1,9 +1,57 @@
 package v1alpha1
 
 import (
+	"github.com/metal-stack/metal-lib/pkg/pointer"
+	"k8s.io/apimachinery/pkg/api/resource"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
 func addDefaultingFuncs(scheme *runtime.Scheme) error {
 	return RegisterDefaults(scheme)
 }
+
+// SetDefaults_AuditPersistence sets the defaults for the AuditPersistence configuration
+func SetDefaults_AuditPersistence(persistence *AuditPersistence) {
+	if persistence.Size == nil {
+		defaultCacheSize := resource.MustParse("1Gi")
+		persistence.Size = &defaultCacheSize
+	}
+}
+
+// SetDefaults_AuditConfig sets the defaults for the AuditConfig configuration
+func SetDefaults_AuditConfig(a *AuditConfig) {
+	if a.Replicas == nil {
+		a.Replicas = pointer.Pointer(int32(2))
+	}
+
+	defaultBackends(a.Backends)
+}
+
+func defaultBackends(backends *AuditBackends) {
+	if backends == nil {
+		return
+	}
+
+	defaultBackendClusterForwarding(backends.ClusterForwarding)
+	defaultBackendSplunk(backends.Splunk)
+}
+
+func defaultBackendClusterForwarding(backend *AuditBackendClusterForwarding) {
+	if backend == nil {
+		return
+	}
+
+	if backend.FilesystemBufferSize == nil {
+		backend.FilesystemBufferSize = pointer.Pointer("900M")
+	}
+}
+
+func defaultBackendSplunk(backend *AuditBackendSplunk) {
+	if backend == nil {
+		return
+	}
+
+	if backend.FilesystemBufferSize == nil {
+		backend.FilesystemBufferSize = pointer.Pointer("900M")
+	}
+}

pkg/apis/audit/v1alpha1/types.go

@@ -1,6 +1,7 @@
 package v1alpha1
 
 import (
+	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -30,33 +31,43 @@ type AuditConfig struct {
 
 	// Persistence contains options about the persistent volume used for buffering the audit data
 	// on the filesystem.
-	Persistence *AuditPersistence `json:"persistence,omitempty"`
+	Persistence AuditPersistence `json:"persistence"`
+
+	// Replicas are the amount of replicas used for the buffering audit pods.
+	// +optional
+	Replicas *int32 `json:"replicas,omitempty"`
 
 	// WebhookMode allows to select which auditing mode - batching or blocking - should be used.
-	WebhookMode AuditWebhookMode `json:"webhookMode,omitempty"`
+	WebhookMode AuditWebhookMode `json:"webhookMode"`
 
 	// Backends contains the settings for the various backends.
+	// +optional
 	Backends *AuditBackends `json:"backends,omitempty"`
 }
 
 type AuditPersistence struct {
 	// Size is the size of the PVC to be used for each replica of the statefulset.
-	Size *string `json:"size,omitempty"`
+	// +optional
+	Size *resource.Quantity `json:"size,omitempty"`
 
 	// StorageClassName is the name of the storage class to be used for the PVC. If empty, the default
 	// storage class is used.
+	// +optional
 	StorageClassName *string `json:"storageClassName,omitempty"`
 }
 
 type AuditBackends struct {
 	// Log outputs the log data on stdout of the webhook pod. It is mainly intended for debugging / testing purposes.
+	// +optional
 	Log *AuditBackendLog `json:"log,omitempty"`
 
 	// ClusterForwarding will forward the audit data to a pod in the shoot where they are printed to stdout and can be
 	// picked up by the log collecting solution of the cluster operator's choice.
+	// +optional
 	ClusterForwarding *AuditBackendClusterForwarding `json:"clusterForwarding,omitempty"`
 
 	// Splunk will forward the audit data to a splunk HEC endpoint.
+	// +optional
 	Splunk *AuditBackendSplunk `json:"splunk,omitempty"`
 
 	// Possible backends that would be helpful as well:
@@ -77,14 +88,14 @@ type AuditBackendClusterForwarding struct {
 	Enabled bool `json:"enabled"`
 
 	// FilesystemBufferSize is the maximum disk space for the fluent-bit file sytem buffer.
-	FilesystemBufferSize string `json:"bufferSize,omitempty"`
+	FilesystemBufferSize *string `json:"bufferSize,omitempty"`
 }
 type AuditBackendSplunk struct {
 	// Enabled allows to turn this backend on.
 	Enabled bool `json:"enabled"`
 
 	// FilesystemBufferSize is the maximum disk space for the fluent-bit file sytem buffer.
-	FilesystemBufferSize string `json:"bufferSize,omitempty"`
+	FilesystemBufferSize *string `json:"bufferSize,omitempty"`
 
 	// Index is the splunk index that should be used.
 	Index string `json:"index"`