javadev-a
diff --git a/‎glide.lock
Lines changed: 3 additions & 3 deletions b/‎glide.lock
Lines changed: 3 additions & 3 deletions
diff --git a/‎glide.yaml
Lines changed: 4 additions & 2 deletions b/‎glide.yaml
Lines changed: 4 additions & 2 deletions
diff --git a/‎manifests/configmap.yaml
Lines changed: 3 additions & 1 deletion b/‎manifests/configmap.yaml
Lines changed: 3 additions & 1 deletion
diff --git a/‎manifests/postgres-operator.yaml
Lines changed: 1 addition & 1 deletion b/‎manifests/postgres-operator.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎manifests/testpostgresql.yaml
Lines changed: 1 addition & 1 deletion b/‎manifests/testpostgresql.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/cluster/cluster.go
Lines changed: 47 additions & 9 deletions b/‎pkg/cluster/cluster.go
Lines changed: 47 additions & 9 deletions
diff --git a/‎pkg/cluster/k8sres.go
Lines changed: 44 additions & 0 deletions b/‎pkg/cluster/k8sres.go
Lines changed: 44 additions & 0 deletions
@@ -17,10 +17,8 @@ import:
   version: release-1.7
   subpackages:
   - pkg/api/errors
-  - pkg/api/meta
   - pkg/api/resource
   - pkg/apis/meta/v1
-  - pkg/fields
   - pkg/labels
   - pkg/runtime
   - pkg/runtime/schema
@@ -33,6 +31,10 @@ import:
   version: ^4.0.0
   subpackages:
   - kubernetes
+  - kubernetes/scheme
+  - kubernetes/typed/apps/v1beta1
+  - kubernetes/typed/core/v1
+  - kubernetes/typed/extensions/v1beta1
   - pkg/api
   - pkg/api/v1
   - pkg/apis/apps/v1beta1
 
@@ -12,7 +12,7 @@ data:
   dns_name_format: '{cluster}.{team}.staging.{hostedzone}'
   docker_image: registry.opensource.zalan.do/acid/spiloprivate-9.6:1.2-p4
   etcd_host: etcd-client.default.svc.cluster.local:2379
-  secret_name_template: '{username}.{clustername}.credentials.{tprkind}.{tprgroup}'
+  secret_name_template: '{username}.{cluster}.credentials.{tprkind}.{tprgroup}'
   infrastructure_roles_secret_name: postgresql-infrastructure-roles
   oauth_token_secret_name: postgresql-operator
   pam_configuration: |
@@ -37,3 +37,5 @@ data:
   ring_log_lines: "100"
   cluster_history_entries: "1000"
   pod_terminate_grace_period: 5m
+  pdb_name_format: "postgres-{cluster}-pdb"
+  eol_node_label: "eol:true"
@@ -12,7 +12,7 @@ spec:
       serviceAccountName: operator
       containers:
       - name: postgres-operator
-        image: pierone.example.com/acid/postgres-operator:0.1
+        image: pierone.stups.zalan.do/acid/postgres-operator:workerassgn
         imagePullPolicy: IfNotPresent
         env:
         - name: WATCH_NAMESPACE
 
@@ -2,7 +2,7 @@ apiVersion: "acid.zalan.do/v1"
 kind: postgresql
 
 metadata:
-  name: acid-testcluster
+  name: acid-testcluster17
 spec:
   teamId: "ACID"
   volume:
 
@@ -16,6 +16,7 @@ import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/client-go/pkg/api/v1"
 	"k8s.io/client-go/pkg/apis/apps/v1beta1"
+	policybeta1 "k8s.io/client-go/pkg/apis/policy/v1beta1"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/cache"
 
@@ -44,10 +45,11 @@ type Config struct {
 }
 
 type kubeResources struct {
-	Services    map[PostgresRole]*v1.Service
-	Endpoint    *v1.Endpoints
-	Secrets     map[types.UID]*v1.Secret
-	Statefulset *v1beta1.StatefulSet
+	Services            map[PostgresRole]*v1.Service
+	Endpoint            *v1.Endpoints
+	Secrets             map[types.UID]*v1.Secret
+	Statefulset         *v1beta1.StatefulSet
+	PodDisruptionBudget *policybeta1.PodDisruptionBudget
 	//Pods are treated separately
 	//PVCs are treated separately
 }
@@ -259,6 +261,12 @@ func (c *Cluster) Create() error {
 		}
 	}
 
+	pdb, err := c.createPodDisruptionBudget()
+	if err != nil {
+		return fmt.Errorf("could not create pod disruption budget: %v", err)
+	}
+	c.logger.Infof("pod disruption budget %q has been successfully created", util.NameFromMeta(pdb.ObjectMeta))
+
 	err = c.listResources()
 	if err != nil {
 		c.logger.Errorf("could not list resources: %v", err)
@@ -334,6 +342,12 @@ func (c *Cluster) compareStatefulSetWith(statefulSet *v1beta1.StatefulSet) *comp
 		needsRollUpdate = true
 		reasons = append(reasons, "new statefulset's terminationGracePeriodSeconds  doesn't match the current one")
 	}
+	if !reflect.DeepEqual(c.Statefulset.Spec.Template.Spec.Affinity, statefulSet.Spec.Template.Spec.Affinity) {
+		needsReplace = true
+		needsRollUpdate = true
+		reasons = append(reasons, "new statefulset's pod affinity doesn't match the current one")
+	}
+
 	// Some generated fields like creationTimestamp make it not possible to use DeepCompare on Spec.Template.ObjectMeta
 	if !reflect.DeepEqual(c.Statefulset.Spec.Template.Labels, statefulSet.Spec.Template.Labels) {
 		needsReplace = true
@@ -522,6 +536,15 @@ func (c *Cluster) Update(newSpec *spec.Postgresql) error {
 		c.logger.Infof("volumes have been updated successfully")
 	}
 
+	newPDB := c.generatePodDisruptionBudget()
+	if match, reason := c.samePDBWith(newPDB); !match {
+		c.logPDBChanges(c.PodDisruptionBudget, newPDB, true, reason)
+		if err := c.updatePodDisruptionBudget(newPDB); err != nil {
+			c.setStatus(spec.ClusterStatusUpdateFailed)
+			return fmt.Errorf("could not update pod disruption budget: %v", err)
+		}
+	}
+
 	c.setStatus(spec.ClusterStatusRunning)
 
 	return nil
@@ -555,6 +578,10 @@ func (c *Cluster) Delete() error {
 		}
 	}
 
+	if err := c.deletePodDisruptionBudget(); err != nil {
+		return fmt.Errorf("could not delete pod disruption budget: %v", err)
+	}
+
 	return nil
 }
 
@@ -690,11 +717,12 @@ func (c *Cluster) GetStatus() *spec.ClusterStatus {
 		Status:  c.Status,
 		Spec:    c.Spec,
 
-		MasterService:  c.GetServiceMaster(),
-		ReplicaService: c.GetServiceReplica(),
-		Endpoint:       c.GetEndpoint(),
-		StatefulSet:    c.GetStatefulSet(),
-		CurrentProcess: c.GetCurrentProcess(),
+		MasterService:       c.GetServiceMaster(),
+		ReplicaService:      c.GetServiceReplica(),
+		Endpoint:            c.GetEndpoint(),
+		StatefulSet:         c.GetStatefulSet(),
+		PodDisruptionBudget: c.GetPodDisruptionBudget(),
+		CurrentProcess:      c.GetCurrentProcess(),
 
 		Error: c.Error,
 	}
@@ -733,3 +761,13 @@ func (c *Cluster) ManualFailover(curMaster *v1.Pod, candidate spec.NamespacedNam
 
 	return nil
 }
+
+// Lock locks the cluster
+func (c *Cluster) Lock() {
+	c.mu.Lock()
+}
+
+// Unlock unlocks the cluster
+func (c *Cluster) Unlock() {
+	c.mu.Unlock()
+}
@@ -10,6 +10,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/intstr"
 	"k8s.io/client-go/pkg/api/v1"
 	"k8s.io/client-go/pkg/apis/apps/v1beta1"
+	policybeta1 "k8s.io/client-go/pkg/apis/policy/v1beta1"
 
 	"github.com/zalando-incubator/postgres-operator/pkg/spec"
 	"github.com/zalando-incubator/postgres-operator/pkg/util/constants"
@@ -67,6 +68,10 @@ func (c *Cluster) serviceName(role PostgresRole) string {
 	return name
 }
 
+func (c *Cluster) podDisruptionBudgetName() string {
+	return c.OpConfig.PDBNameFormat.Format("cluster", c.Spec.ClusterName)
+}
+
 func (c *Cluster) resourceRequirements(resources spec.Resources) (*v1.ResourceRequirements, error) {
 	var err error
 
@@ -226,6 +231,25 @@ PATRONI_INITDB_PARAMS:
 	return string(result)
 }
 
+func (c *Cluster) nodeAffinity() *v1.Affinity {
+	matchExpressions := make([]v1.NodeSelectorRequirement, 0)
+	for k, v := range c.OpConfig.EOLNodeLabel {
+		matchExpressions = append(matchExpressions, v1.NodeSelectorRequirement{
+			Key:      k,
+			Operator: v1.NodeSelectorOpNotIn,
+			Values:   []string{v},
+		})
+	}
+
+	return &v1.Affinity{
+		NodeAffinity: &v1.NodeAffinity{
+			RequiredDuringSchedulingIgnoredDuringExecution: &v1.NodeSelector{
+				NodeSelectorTerms: []v1.NodeSelectorTerm{{MatchExpressions: matchExpressions}},
+			},
+		},
+	}
+}
+
 func (c *Cluster) generatePodTemplate(resourceRequirements *v1.ResourceRequirements,
 	pgParameters *spec.PostgresqlParam,
 	patroniParameters *spec.Patroni,
@@ -347,6 +371,7 @@ func (c *Cluster) generatePodTemplate(resourceRequirements *v1.ResourceRequireme
 		ServiceAccountName:            c.OpConfig.ServiceAccountName,
 		TerminationGracePeriodSeconds: &terminateGracePeriodSeconds,
 		Containers:                    []v1.Container{container},
+		Affinity:                      c.nodeAffinity(),
 	}
 
 	template := v1.PodTemplateSpec{
@@ -573,6 +598,25 @@ func (c *Cluster) generateCloneEnvironment(description *spec.CloneDescription) [
 	return result
 }
 
+func (c *Cluster) generatePodDisruptionBudget() *policybeta1.PodDisruptionBudget {
+	minAvailable := intstr.FromInt(1)
+	matchLabels := c.OpConfig.ClusterLabels
+	matchLabels[c.OpConfig.ClusterNameLabel] = c.Name
+
+	return &policybeta1.PodDisruptionBudget{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      c.podDisruptionBudgetName(),
+			Namespace: c.Namespace,
+		},
+		Spec: policybeta1.PodDisruptionBudgetSpec{
+			MinAvailable: &minAvailable,
+			Selector: &metav1.LabelSelector{
+				MatchLabels: matchLabels,
+			},
+		},
+	}
+}
+
 // getClusterServiceConnectionParameters fetches cluster host name and port
 // TODO: perhaps we need to query the service (i.e. if non-standard port is used?)
 // TODO: handle clusters in different namespaces