From 359792274c5517e0a65a08ca20a84511da3a68f2 Mon Sep 17 00:00:00 2001 From: Andrew Kenworthy Date: Fri, 12 Dec 2025 13:59:44 +0100 Subject: [PATCH 1/6] add permission to inspect (listener) custom resources for topology-provider --- deploy/helm/hdfs-operator/templates/roles.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/deploy/helm/hdfs-operator/templates/roles.yaml b/deploy/helm/hdfs-operator/templates/roles.yaml index 6d4583c7..87330fea 100644 --- a/deploy/helm/hdfs-operator/templates/roles.yaml +++ b/deploy/helm/hdfs-operator/templates/roles.yaml @@ -213,3 +213,10 @@ rules: verbs: - get - list + # needed to query the crd version (v1alpha1 etc.) before fetching listeners + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get From 4f037002200e2ee9c170c7a9c632abd0aa55781b Mon Sep 17 00:00:00 2001 From: Andrew Kenworthy Date: Wed, 17 Dec 2025 15:26:14 +0100 Subject: [PATCH 2/6] add permission for pod informer --- deploy/helm/hdfs-operator/templates/roles.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy/helm/hdfs-operator/templates/roles.yaml b/deploy/helm/hdfs-operator/templates/roles.yaml index 87330fea..dda8a961 100644 --- a/deploy/helm/hdfs-operator/templates/roles.yaml +++ b/deploy/helm/hdfs-operator/templates/roles.yaml @@ -206,6 +206,8 @@ rules: verbs: - get - list + # needed for pod informer + - watch - apiGroups: - listeners.stackable.tech resources: From ebf7ba3ed8e21d768441ee071285b212700dd43d Mon Sep 17 00:00:00 2001 From: Andrew Kenworthy Date: Wed, 17 Dec 2025 18:38:46 +0100 Subject: [PATCH 3/6] updated docs --- .../hdfs/pages/usage-guide/operations/rack-awareness.adoc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc b/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc index 057032d6..10187338 100644 --- a/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc +++ b/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc @@ -1,6 +1,6 @@ = HDFS Rack Awareness :rack-awareness-docs: https://hadoop.apache.org/docs/stable/hadoop-project-dist/hadoop-common/RackAwareness.html -:hdfs-topology-provider: https://github.com/stackabletech/hdfs-topology-provider +:hdfs-topology-provider: https://github.com/stackabletech/hdfs-utils/blob/main/src/main/java/tech/stackable/hadoop/StackableTopologyProvider.java {rack-awareness-docs}[Rack awareness] is a feature in Apache Hadoop that allows users to define a cluster's node topology. Hadoop uses that topology to distribute block replicas in a way that maximizes fault tolerance. @@ -35,3 +35,7 @@ This creates an internal topology label by combining the values of the `topology In order to enable gathering this information the Hadoop images contain the {hdfs-topology-provider}[hdfs-topology-provider] on the classpath, which can be configured to read labels from Kubernetes objects. The operator deploys ClusterRoles and ServicesAccounts with the relevant RBAC rules to allow the Hadoop Pod to access the necessary Kubernetes objects. +Topologies and other metadata such as Node- and Pod-IPs and endpoints are held in separate caches so that they can be refeshed independently of one another. +The {hdfs-topology-provider}[hdfs-topology-provider] is namespace-scoped and pods in the active namespace are watched so that changes can be propagated to the internal cache to minimise cache misses. + +NOTE: Rack awareness will not work on clusters such as `kind` or `k3s` that configure IP-masquerading differently to production-ready distributions. \ No newline at end of file From e2b515460d82c46202bb213f87095032a38e285a Mon Sep 17 00:00:00 2001 From: Andrew Kenworthy Date: Wed, 17 Dec 2025 18:47:02 +0100 Subject: [PATCH 4/6] changelog --- CHANGELOG.md | 6 ++++++ .../hdfs/pages/usage-guide/operations/rack-awareness.adoc | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 775a1bea..2a1858f5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file. ## [Unreleased] +### Added + +- Added permissions required by Topology Provider ([#738]). + +[#738]: https://github.com/stackabletech/hdfs-operator/pull/738 + ## [25.11.0] - 2025-11-07 ## [25.11.0-rc1] - 2025-11-06 diff --git a/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc b/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc index 10187338..671dc55d 100644 --- a/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc +++ b/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc @@ -38,4 +38,4 @@ The operator deploys ClusterRoles and ServicesAccounts with the relevant RBAC ru Topologies and other metadata such as Node- and Pod-IPs and endpoints are held in separate caches so that they can be refeshed independently of one another. The {hdfs-topology-provider}[hdfs-topology-provider] is namespace-scoped and pods in the active namespace are watched so that changes can be propagated to the internal cache to minimise cache misses. -NOTE: Rack awareness will not work on clusters such as `kind` or `k3s` that configure IP-masquerading differently to production-ready distributions. \ No newline at end of file +NOTE: Rack awareness will not work on clusters such as `kind` or `k3s` that configure IP-masquerading differently to production-ready distributions. From b6904a8c6ac2f0004b6b14e5d702f63a9b9b749b Mon Sep 17 00:00:00 2001 From: Andrew Kenworthy Date: Tue, 24 Feb 2026 17:55:50 +0100 Subject: [PATCH 5/6] minor doc change --- .../hdfs/pages/usage-guide/operations/rack-awareness.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc b/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc index 671dc55d..621e1e2e 100644 --- a/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc +++ b/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc @@ -38,4 +38,4 @@ The operator deploys ClusterRoles and ServicesAccounts with the relevant RBAC ru Topologies and other metadata such as Node- and Pod-IPs and endpoints are held in separate caches so that they can be refeshed independently of one another. The {hdfs-topology-provider}[hdfs-topology-provider] is namespace-scoped and pods in the active namespace are watched so that changes can be propagated to the internal cache to minimise cache misses. -NOTE: Rack awareness will not work on clusters such as `kind` or `k3s` that configure IP-masquerading differently to production-ready distributions. +NOTE: Rack awareness may not work as expected on clusters such as `kind` or `k3s` that configure IP-masquerading differently to production-ready distributions. From 838d7f1a1fe233b53102bb37024e63e467b01329 Mon Sep 17 00:00:00 2001 From: Andrew Kenworthy Date: Fri, 27 Feb 2026 10:29:42 +0100 Subject: [PATCH 6/6] make link specific to hdfs-utils release --- .../hdfs/pages/usage-guide/operations/rack-awareness.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc b/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc index 621e1e2e..87808e07 100644 --- a/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc +++ b/docs/modules/hdfs/pages/usage-guide/operations/rack-awareness.adoc @@ -1,6 +1,6 @@ = HDFS Rack Awareness :rack-awareness-docs: https://hadoop.apache.org/docs/stable/hadoop-project-dist/hadoop-common/RackAwareness.html -:hdfs-topology-provider: https://github.com/stackabletech/hdfs-utils/blob/main/src/main/java/tech/stackable/hadoop/StackableTopologyProvider.java +:hdfs-topology-provider: https://github.com/stackabletech/hdfs-utils/blob/v0.5.0/src/main/java/tech/stackable/hadoop/StackableTopologyProvider.java {rack-awareness-docs}[Rack awareness] is a feature in Apache Hadoop that allows users to define a cluster's node topology. Hadoop uses that topology to distribute block replicas in a way that maximizes fault tolerance.