Add missing leader election configuration to the contoller manager

a-hilaly · a-hilaly · commit 6449e45b39b4 · 2023-07-17T22:01:42.000+01:00
ACK controllers use k8s-sigs/controller-runtime behind the scenes, which
support leader election. This feature is not properly working due to a
missing configuration `LeaderElectionNamespace` which is used by the
manager to create `k8s.io/coordination` Lease objects.

This patch sets the default `LeaderElectionNamespace` to `ack-system`
and adds the capability of enabling leader election using helm values.
diff --git a/templates/cmd/controller/main.go.tpl b/templates/cmd/controller/main.go.tpl
@@ -37,6 +37,10 @@ resources across service controller. */ -}}
 	"github.com/aws-controllers-k8s/{{ .ServicePackageName }}-controller/pkg/version"
 )
 
+const (
+	ackSystemNamespace = "ack-system"
+)
+
 var (
 	awsServiceAPIGroup      = "{{ .APIGroup }}"
 	awsServiceAlias	        = "{{ .ServicePackageName }}"
@@ -87,13 +91,14 @@ func main() {
 	}
 
 	mgr, err := ctrlrt.NewManager(ctrlrt.GetConfigOrDie(), ctrlrt.Options{
-		Scheme:			    scheme,
-		Port:			    port,
-		Host:			    host,
-		MetricsBindAddress: ackCfg.MetricsAddr,
-		LeaderElection:		ackCfg.EnableLeaderElection,
-		LeaderElectionID:   awsServiceAPIGroup,
-		Namespace:		    ackCfg.WatchNamespace,
+		Scheme:                  scheme,
+		Port:                    port,
+		Host:                    host,
+		MetricsBindAddress:      ackCfg.MetricsAddr,
+		LeaderElection:          ackCfg.EnableLeaderElection,
+		LeaderElectionID:        awsServiceAPIGroup,
+		Namespace:               ackCfg.WatchNamespace,
+		LeaderElectionNamespace: ackSystemNamespace,
 	})
 	if err != nil {
 		setupLog.Error(
diff --git a/templates/helm/templates/deployment.yaml b/templates/helm/templates/deployment.yaml
@@ -58,6 +58,8 @@ spec:
         - "$(ACK_WATCH_NAMESPACE)"
         - --deletion-policy
         - "$(DELETION_POLICY)"
+        - --enable-leader-election
+        - "$(ENABLE_LEADER_ELECTION)"
 {{- if gt .Values.reconcile.defaultResyncPeriod 0.0 }}
         - --reconcile-default-resync-seconds
         - "$(RECONCILE_DEFAULT_RESYNC_SECONDS)"
@@ -87,6 +89,8 @@ spec:
           value: {{ include "watch-namespace" . }}
         - name: DELETION_POLICY
           value: {{ .Values.deletionPolicy }}
+        - name: ENABLED_LEADER_ELECTION
+          value: {{ .Values.leaderElection.enabled | quote }}
         - name: ACK_ENABLE_DEVELOPMENT_LOGGING
           value: {{ .Values.log.enable_development_logging | quote }}
         - name: ACK_LOG_LEVEL
diff --git a/templates/helm/values.schema.json b/templates/helm/values.schema.json
@@ -231,6 +231,15 @@
       },
       "type": "object"
     },
+    "leaderElection": {
+      "description": "Parameter to configure the controller's leader election system.",
+      "properties": {
+        "enabled": {
+          "type": "boolean"
+        }
+      },
+      "type": "object"
+    },
     "serviceAccount": {
       "description": "ServiceAccount settings",
       "properties": {
diff --git a/templates/helm/values.yaml.tpl b/templates/helm/values.yaml.tpl
@@ -121,3 +121,7 @@ serviceAccount:
   name: {{ .ServiceAccountName }}
   annotations: {}
     # eks.amazonaws.com/role-arn: arn:aws:iam::AWS_ACCOUNT_ID:role/IAM_ROLE_NAME
+
+# leader election configurations
+leaderElection:
+  enabled: false
