From d96a4b9bcfaa6631ee91fa13d5fe76f4561624f9 Mon Sep 17 00:00:00 2001
From: kvalliyurnatt <135071014+kvalliyurnatt@users.noreply.github.com>
Date: Fri, 25 Oct 2024 14:35:47 -0400
Subject: [PATCH] Add old readiness probe related ENVs  (#8009)

* add readiness probe credentials unconditionally

(cherry picked from commit 41cae1573a7c20ba562894bbf0b7e3b34b929be2)
---
 .../nodespec/__snapshots__/podspec_test.snap  | 104 ++++++++++++++----
 .../elasticsearch/nodespec/defaults.go        |  39 +++----
 2 files changed, 102 insertions(+), 41 deletions(-)

diff --git a/pkg/controller/elasticsearch/nodespec/__snapshots__/podspec_test.snap b/pkg/controller/elasticsearch/nodespec/__snapshots__/podspec_test.snap
index 7818c8ca97..e8f343d8da 100755
--- a/pkg/controller/elasticsearch/nodespec/__snapshots__/podspec_test.snap
+++ b/pkg/controller/elasticsearch/nodespec/__snapshots__/podspec_test.snap
@@ -93,6 +93,10 @@
        }
       }
      },
+     {
+      "name": "HEADLESS_SERVICE_NAME",
+      "value": "name-es-nodeset-1"
+     },
      {
       "name": "PROBE_PASSWORD_PATH",
       "value": "/mnt/elastic-internal/pod-mounted-users/elastic-internal-probe"
@@ -105,10 +109,6 @@
       "name": "READINESS_PROBE_PROTOCOL",
       "value": "https"
      },
-     {
-      "name": "HEADLESS_SERVICE_NAME",
-      "value": "name-es-nodeset-1"
-     },
      {
       "name": "NSS_SDB_USE_CACHE",
       "value": "no"
@@ -288,6 +288,10 @@
       "name": "my-env",
       "value": "my-value"
      },
+     {
+      "name": "HEADLESS_SERVICE_NAME",
+      "value": "name-es-nodeset-1"
+     },
      {
       "name": "PROBE_PASSWORD_PATH",
       "value": "/mnt/elastic-internal/pod-mounted-users/elastic-internal-probe"
@@ -300,10 +304,6 @@
       "name": "READINESS_PROBE_PROTOCOL",
       "value": "https"
      },
-     {
-      "name": "HEADLESS_SERVICE_NAME",
-      "value": "name-es-nodeset-1"
-     },
      {
       "name": "NSS_SDB_USE_CACHE",
       "value": "no"
@@ -442,6 +442,10 @@
       "name": "my-env",
       "value": "my-value"
      },
+     {
+      "name": "HEADLESS_SERVICE_NAME",
+      "value": "name-es-nodeset-1"
+     },
      {
       "name": "PROBE_PASSWORD_PATH",
       "value": "/mnt/elastic-internal/pod-mounted-users/elastic-internal-probe"
@@ -454,10 +458,6 @@
       "name": "READINESS_PROBE_PROTOCOL",
       "value": "https"
      },
-     {
-      "name": "HEADLESS_SERVICE_NAME",
-      "value": "name-es-nodeset-1"
-     },
      {
       "name": "NSS_SDB_USE_CACHE",
       "value": "no"
@@ -598,6 +598,10 @@
       "name": "my-env",
       "value": "my-value"
      },
+     {
+      "name": "HEADLESS_SERVICE_NAME",
+      "value": "name-es-nodeset-1"
+     },
      {
       "name": "PROBE_PASSWORD_PATH",
       "value": "/mnt/elastic-internal/pod-mounted-users/elastic-internal-probe"
@@ -610,10 +614,6 @@
       "name": "READINESS_PROBE_PROTOCOL",
       "value": "https"
      },
-     {
-      "name": "HEADLESS_SERVICE_NAME",
-      "value": "name-es-nodeset-1"
-     },
      {
       "name": "NSS_SDB_USE_CACHE",
       "value": "no"
@@ -750,6 +750,10 @@
       "name": "my-env",
       "value": "my-value"
      },
+     {
+      "name": "HEADLESS_SERVICE_NAME",
+      "value": "name-es-nodeset-1"
+     },
      {
       "name": "PROBE_PASSWORD_PATH",
       "value": "/mnt/elastic-internal/pod-mounted-users/elastic-internal-probe"
@@ -762,10 +766,6 @@
       "name": "READINESS_PROBE_PROTOCOL",
       "value": "https"
      },
-     {
-      "name": "HEADLESS_SERVICE_NAME",
-      "value": "name-es-nodeset-1"
-     },
      {
       "name": "NSS_SDB_USE_CACHE",
       "value": "no"
@@ -1088,6 +1088,22 @@
      {
       "name": "HEADLESS_SERVICE_NAME",
       "value": "name-es-nodeset-1"
+     },
+     {
+      "name": "PROBE_PASSWORD_PATH",
+      "value": "/mnt/elastic-internal/pod-mounted-users/elastic-internal-probe"
+     },
+     {
+      "name": "PROBE_USERNAME",
+      "value": "elastic-internal-probe"
+     },
+     {
+      "name": "READINESS_PROBE_PROTOCOL",
+      "value": "https"
+     },
+     {
+      "name": "NSS_SDB_USE_CACHE",
+      "value": "no"
      }
     ],
     "image": "docker.elastic.co/elasticsearch/elasticsearch:8.14.0",
@@ -1273,6 +1289,22 @@
      {
       "name": "HEADLESS_SERVICE_NAME",
       "value": "name-es-nodeset-1"
+     },
+     {
+      "name": "PROBE_PASSWORD_PATH",
+      "value": "/mnt/elastic-internal/pod-mounted-users/elastic-internal-probe"
+     },
+     {
+      "name": "PROBE_USERNAME",
+      "value": "elastic-internal-probe"
+     },
+     {
+      "name": "READINESS_PROBE_PROTOCOL",
+      "value": "https"
+     },
+     {
+      "name": "NSS_SDB_USE_CACHE",
+      "value": "no"
      }
     ],
     "image": "docker.elastic.co/elasticsearch/elasticsearch:8.14.0",
@@ -1422,6 +1454,22 @@
      {
       "name": "HEADLESS_SERVICE_NAME",
       "value": "name-es-nodeset-1"
+     },
+     {
+      "name": "PROBE_PASSWORD_PATH",
+      "value": "/mnt/elastic-internal/pod-mounted-users/elastic-internal-probe"
+     },
+     {
+      "name": "PROBE_USERNAME",
+      "value": "elastic-internal-probe"
+     },
+     {
+      "name": "READINESS_PROBE_PROTOCOL",
+      "value": "https"
+     },
+     {
+      "name": "NSS_SDB_USE_CACHE",
+      "value": "no"
      }
     ],
     "image": "docker.elastic.co/elasticsearch/elasticsearch:8.14.0",
@@ -1564,6 +1612,22 @@
      {
       "name": "HEADLESS_SERVICE_NAME",
       "value": "name-es-nodeset-1"
+     },
+     {
+      "name": "PROBE_PASSWORD_PATH",
+      "value": "/mnt/elastic-internal/pod-mounted-users/elastic-internal-probe"
+     },
+     {
+      "name": "PROBE_USERNAME",
+      "value": "elastic-internal-probe"
+     },
+     {
+      "name": "READINESS_PROBE_PROTOCOL",
+      "value": "https"
+     },
+     {
+      "name": "NSS_SDB_USE_CACHE",
+      "value": "no"
      }
     ],
     "image": "docker.elastic.co/elasticsearch/elasticsearch:8.14.0",
diff --git a/pkg/controller/elasticsearch/nodespec/defaults.go b/pkg/controller/elasticsearch/nodespec/defaults.go
index a21c8ad4a5..4dd7cdaddd 100644
--- a/pkg/controller/elasticsearch/nodespec/defaults.go
+++ b/pkg/controller/elasticsearch/nodespec/defaults.go
@@ -12,7 +12,6 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
 	commonv1 "github.com/elastic/cloud-on-k8s/v2/pkg/apis/common/v1"
-	esv1 "github.com/elastic/cloud-on-k8s/v2/pkg/apis/elasticsearch/v1"
 	"github.com/elastic/cloud-on-k8s/v2/pkg/controller/common/defaults"
 	"github.com/elastic/cloud-on-k8s/v2/pkg/controller/common/version"
 	"github.com/elastic/cloud-on-k8s/v2/pkg/controller/elasticsearch/label"
@@ -47,28 +46,26 @@ var (
 func DefaultEnvVars(v version.Version, httpCfg commonv1.HTTPConfig, headlessServiceName string) []corev1.EnvVar {
 	vars := []corev1.EnvVar{
 		// needed in elasticsearch.yml
+		// We do not recommend overriding the default readiness probe on Elasticsearch 8.2.0 and later.
+		// ECK configures a socket based readiness probe using the Elasticsearch which is not influenced by the load on the Elasticsearch cluster.
+		// These settings are added only for backwards compatibility and will be removed in a future release.
 		{Name: settings.HeadlessServiceName, Value: headlessServiceName},
-	}
-	if v.LT(esv1.MinReadinessPortVersion) {
-		vars = []corev1.EnvVar{
-			{Name: settings.EnvProbePasswordPath, Value: path.Join(esvolume.PodMountedUsersSecretMountPath, user.ProbeUserName)},
-			{Name: settings.EnvProbeUsername, Value: user.ProbeUserName},
-			{Name: settings.EnvReadinessProbeProtocol, Value: httpCfg.Protocol()},
-			{Name: settings.HeadlessServiceName, Value: headlessServiceName},
+		{Name: settings.EnvProbePasswordPath, Value: path.Join(esvolume.PodMountedUsersSecretMountPath, user.ProbeUserName)},
+		{Name: settings.EnvProbeUsername, Value: user.ProbeUserName},
+		{Name: settings.EnvReadinessProbeProtocol, Value: httpCfg.Protocol()},
 
-			// Disable curl/libnss use of sqlite caching to avoid triggering an issue in linux/kubernetes
-			// where the kernel's dentry cache grows by 5mb every time curl is invoked. This cache usage
-			// is charged against the pod which created it. In our case, the elasticsearch nodes trigger
-			// this problem with the readinessProbe invoking curl.
-			//
-			// In production testing, no negative impact on curl's behavior is observed from this setting.
-			// This setting is primarily targeted at curl invocation in the readinessProbe.
-			// References:
-			//   https://github.com/elastic/cloud-on-k8s/issues/1581#issuecomment-525527334
-			//   https://github.com/elastic/cloud-on-k8s/issues/1635
-			//   https://issuetracker.google.com/issues/140577001
-			{Name: "NSS_SDB_USE_CACHE", Value: "no"},
-		}
+		// Disable curl/libnss use of sqlite caching to avoid triggering an issue in linux/kubernetes
+		// where the kernel's dentry cache grows by 5mb every time curl is invoked. This cache usage
+		// is charged against the pod which created it. In our case, the elasticsearch nodes trigger
+		// this problem with the readinessProbe invoking curl.
+		//
+		// In production testing, no negative impact on curl's behavior is observed from this setting.
+		// This setting is primarily targeted at curl invocation in the readinessProbe.
+		// References:
+		//   https://github.com/elastic/cloud-on-k8s/issues/1581#issuecomment-525527334
+		//   https://github.com/elastic/cloud-on-k8s/issues/1635
+		//   https://issuetracker.google.com/issues/140577001
+		{Name: "NSS_SDB_USE_CACHE", Value: "no"},
 	}
 	return defaults.ExtendPodDownwardEnvVars(vars...)
 }