pr review

Author: Eduard Agarici

api/v1beta1/common_types.go

@@ -222,6 +222,16 @@ type VolumeState struct {
 	CruiseControlOperationReference *corev1.LocalObjectReference `json:"cruiseControlOperationReference,omitempty"`
 }
 
+// CacheResizeState tracks the resize lifecycle of a tiered storage cache PVC for a given mount path.
+type CacheResizeState string
+
+const (
+	// CacheResizePendingDeletion indicates that the old cache PVC at this mount path is waiting
+	// to be deleted once the broker pod stops. A replacement PVC with the new desired size has
+	// already been created at the same mount path.
+	CacheResizePendingDeletion CacheResizeState = "pending-deletion"
+)
+
 // BrokerState holds information about broker state
 type BrokerState struct {
 	// RackAwarenessState holds info about rack awareness status
@@ -240,6 +250,9 @@ type BrokerState struct {
 	Image string `json:"image,omitempty"`
 	// Compressed data from broker configuration to restore broker pod in specific cases
 	ConfigurationBackup string `json:"configurationBackup,omitempty"`
+	// CacheVolumeStates tracks in-flight tiered storage cache PVC resize operations, keyed by mount path.
+	// An entry is present only while a resize is in progress; it is cleared once cleanup completes.
+	CacheVolumeStates map[string]CacheResizeState `json:"cacheVolumeStates,omitempty"`
 }
 
 const (

charts/kafka-operator/crds/kafkaclusters.yaml

@@ -23825,6 +23825,16 @@ spec:
                 additionalProperties:
                   description: BrokerState holds information about broker state
                   properties:
+                    cacheVolumeStates:
+                      additionalProperties:
+                        description: CacheResizeState tracks the resize lifecycle of
+                          a tiered storage cache PVC for a given mount path.
+                        type: string
+                      description: CacheVolumeStates tracks in-flight tiered storage
+                        cache PVC resize operations, keyed by mount path. An entry
+                        is present only while a resize is in progress; it is cleared
+                        once cleanup completes.
+                      type: object
                     configurationBackup:
                       description: Compressed data from broker configuration to restore
                         broker pod in specific cases

config/base/crds/kafka.banzaicloud.io_kafkaclusters.yaml

@@ -23825,6 +23825,16 @@ spec:
                 additionalProperties:
                   description: BrokerState holds information about broker state
                   properties:
+                    cacheVolumeStates:
+                      additionalProperties:
+                        description: CacheResizeState tracks the resize lifecycle of
+                          a tiered storage cache PVC for a given mount path.
+                        type: string
+                      description: CacheVolumeStates tracks in-flight tiered storage
+                        cache PVC resize operations, keyed by mount path. An entry
+                        is present only while a resize is in progress; it is cleared
+                        once cleanup completes.
+                      type: object
                     configurationBackup:
                       description: Compressed data from broker configuration to restore
                         broker pod in specific cases

docs/tiered-storage-pvc-resize.md

@@ -7,70 +7,95 @@ with the rolling upgrade machinery so only one broker is affected at a time.
 
 ---
 
-## Annotations
+## State tracking
 
-Two annotations are written on PVC objects to carry state across reconcile cycles.
-They survive reconciler restarts, making every step re-entrant.
+Resize state is stored in the `KafkaCluster` CR status under
+`status.brokersState[<brokerId>].cacheVolumeStates`, keyed by mount path.
+This keeps the KafkaCluster CR the single source of truth for all in-flight
+broker operations and avoids a second, parallel state store on PVC objects.
 
-| Annotation | Value | Written on | Meaning |
-|------------|-------|------------|---------|
-| `koperator.adobe.com/cache-resize-state` | `pending-deletion` | Old PVC | Being replaced; excluded from pod spec; deleted once broker pod stops |
-| `koperator.adobe.com/cache-resize-state` | `replacement` | New PVC | Replacement PVC; rolling upgrade must complete before annotations are stripped |
-| `koperator.adobe.com/replaces-pvc` | `<old-pvc-name>` | New PVC | Traceability — records which PVC is being replaced |
+| Field | Value | Meaning |
+|-------|-------|---------|
+| `status.brokersState[N].cacheVolumeStates[<mountPath>]` | `pending-deletion` | A resize is in flight for this mount path. The old PVC (larger size) is waiting to be deleted once the broker pod stops; the replacement PVC (desired smaller size) has already been created. |
+
+The entry is cleared once the old PVC has been deleted and the broker pod has
+restarted. An empty map means no resize is in progress.
+
+Two PVC annotations that describe what a PVC **is** (not operational state) are
+always present on cache PVCs:
+
+| Annotation | Value | Purpose |
+|------------|-------|---------|
+| `mountPath` | `<path>` | Used throughout reconcile logic to match PVCs to storage configs |
+| `tieredStorageCache` | `"true"` | Identifies cache PVCs for special handling: skipped from `log.dirs` and CC capacity config |
 
 ---
 
 ## Resize flow
 
 ### Cycle N — resize detected, pod running
 
-1. The old PVC is annotated `pending-deletion`.
-2. A replacement PVC with the new (smaller) size is created and annotated `replacement`. Provisioning starts immediately.
-3. The broker's `ConfigurationState` is set to `ConfigOutOfSync` to trigger a rolling restart via `handleRollingUpgrade`.
-4. `handleRollingUpgrade` evaluates health gates (replica health, concurrent restart limit, rack awareness). If all pass the broker pod is deleted and the cycle requeues. If any gate fails the state is preserved in PVC annotations and retried next cycle.
+1. `status.brokersState[N].cacheVolumeStates[<mountPath>]` is set to `pending-deletion`
+   in the KafkaCluster CR status. This is the durable record that a resize is in flight.
+2. A replacement PVC with the new (smaller) size is created. Provisioning starts immediately.
+3. The broker's `ConfigurationState` is set to `ConfigOutOfSync` to trigger a rolling restart
+   via `handleRollingUpgrade`.
+4. `handleRollingUpgrade` evaluates health gates (replica health, concurrent restart limit,
+   rack awareness). If all pass the broker pod is deleted and the cycle requeues. If any gate
+   fails the state persists in the CR and is retried next cycle.
 
 ### Cycle N+1 — pod is absent
 
-A pod is considered absent when it either does not exist or has a non-nil `DeletionTimestamp` (Terminating). Treating a Terminating pod as absent allows cleanup to start during the pod's Terminating window rather than waiting for it to fully disappear from etcd.
+A pod is considered absent when it either does not exist or has a non-nil
+`DeletionTimestamp` (Terminating). Treating a Terminating pod as absent allows
+cleanup to start during the pod's Terminating window rather than waiting for it
+to fully disappear from etcd.
 
-1. The pending-deletion PVC is deleted.
-2. A new broker pod is created referencing the replacement PVC. Because provisioning started in cycle N the PVC is likely already `Bound`, minimising startup latency.
+1. The old PVC (the one whose size differs from the desired size at that mount path)
+   is deleted.
+2. The `cacheVolumeStates` entry for that mount path is cleared from the CR status.
+3. A new broker pod is created referencing the replacement PVC. Because provisioning
+   started in cycle N the PVC is likely already `Bound`, minimising startup latency.
 
 ### Cycle N+2 — pod is present again
 
-The strip fires as soon as a non-Terminating pod exists for the broker and no pending-deletion PVC remains — the pod does not need to be fully Running.
-
-1. No pending-deletion PVC remains and the replacement PVC exists → resize is complete.
-2. The `cache-resize-state` and `replaces-pvc` annotations are stripped from the replacement PVC, which becomes an ordinary PVC from this point forward.
+1. No `cacheVolumeStates` entry remains for the mount path → resize is complete.
+2. The replacement PVC is now an ordinary cache PVC with no special state attached.
 
 ---
 
 ## Grow vs shrink
 
-A cache PVC **grow** takes the normal Kubernetes in-place expansion path: the PVC spec is updated with the larger size and Kubernetes expands the volume without a pod restart (requires `allowVolumeExpansion: true` on the StorageClass). No annotations are written and no rolling restart is triggered.
+A cache PVC **grow** takes the normal Kubernetes in-place expansion path: the PVC
+spec is updated with the larger size and Kubernetes expands the volume without a
+pod restart (requires `allowVolumeExpansion: true` on the StorageClass). No
+`cacheVolumeStates` entry is written and no rolling restart is triggered.
 
-A cache PVC **shrink** uses the delete-and-recreate flow described above. Shrinking is only supported for tiered storage cache volumes — regular Kafka log volumes reject any size decrease.
+A cache PVC **shrink** uses the delete-and-recreate flow described above.
+Shrinking is only supported for tiered storage cache volumes — regular Kafka log
+volumes reject any size decrease with an error.
 
 ---
 
 ## Properties of this design
 
 | Property | Value |
 |----------|-------|
-| State survives reconciler crash | Mostly — PVC annotations are durable in etcd; the one non-re-entrant window is between annotating the old PVC and creating the replacement, but `ConfigOutOfSync` set in that cycle persists in broker status so the rolling upgrade still proceeds |
-| Atomicity gap | Eliminated — new PVC is created before old is deleted |
-| Provisioning overlaps gate evaluation | Yes — new PVC created in cycle N, not N+1 |
-| Observable via kubectl | Yes — `kubectl get pvc -o yaml` shows resize state directly |
-| ConfigOutOfSync overloading | Reduced — `ConfigOutOfSync` still used, but the *reason* is legible in PVC annotations |
-| CC disk rebalance for cache PVCs | Fixed — tiered cache PVCs are explicitly excluded from `GracefulDiskRebalanceRequired` logic |
+| State survives reconciler crash | Yes — `cacheVolumeStates` is written to the KafkaCluster CR (etcd) before the replacement PVC is created; every step is re-entrant |
+| Single source of truth | Yes — all broker state (configuration, graceful actions, cache resize) lives in `status.brokersState` |
+| Atomicity gap | Eliminated — replacement PVC is created before old is deleted |
+| Provisioning overlaps gate evaluation | Yes — replacement PVC created in cycle N, not N+1 |
+| Observable via kubectl | Yes — `kubectl get kafkacluster <name> -o jsonpath='{.status.brokersState}'` shows resize state; an empty `cacheVolumeStates` means no resize is in progress |
+| CC disk rebalance for cache PVCs | Excluded — tiered cache PVCs are explicitly skipped from `GracefulDiskRebalanceRequired` and CC capacity config |
+| `log.dirs` for cache PVCs | Excluded — `generateStorageConfig` skips volumes with `TieredStorageCache: true` |
 
 ---
 
 ## Sequence diagram
 
 ```
 Cycle N  (pod UP, resize detected)
-  ├─ annotate old PVC: pending-deletion
+  ├─ set cacheVolumeStates[mountPath] = pending-deletion in CR status
   ├─ create replacement PVC (provisioning starts)
   ├─ set ConfigOutOfSync
   └─ handleRollingUpgrade
@@ -81,9 +106,10 @@ Cycle N+k  (pod UP, gates failing — any number of cycles)
   └─ ensure ConfigOutOfSync, requeue
 
 Cycle N+k+1  (pod ABSENT — gone or Terminating)
-  ├─ delete pending-deletion PVC
+  ├─ delete old PVC (identified as the PVC at mountPath whose size ≠ desired)
+  ├─ clear cacheVolumeStates[mountPath] from CR status
   └─ create new pod bound to replacement PVC
 
 Cycle N+k+2  (pod PRESENT — non-Terminating, not necessarily Running)
-  └─ strip annotations → replacement PVC becomes ordinary PVC
+  └─ cacheVolumeStates entry is absent → resize complete, no further action
 ```

pkg/k8sutil/status.go

@@ -174,6 +174,17 @@ func generateBrokerState(brokerIDs []string, cluster *banzaicloudv1beta1.KafkaCl
 		case banzaicloudv1beta1.KafkaVersion:
 			brokerState.Image = s.Image
 			brokerState.Version = s.Version
+		case map[string]banzaicloudv1beta1.CacheResizeState:
+			if brokerState.CacheVolumeStates == nil {
+				brokerState.CacheVolumeStates = make(map[string]banzaicloudv1beta1.CacheResizeState)
+			}
+			for mountPath, state := range s {
+				if state == "" {
+					delete(brokerState.CacheVolumeStates, mountPath)
+				} else {
+					brokerState.CacheVolumeStates[mountPath] = state
+				}
+			}
 		}
 		brokersState[brokerID] = brokerState
 	}

pkg/resources/kafka/configmap.go

@@ -411,6 +411,10 @@ func getMountPathsFromBrokerConfigMap(configMap *corev1.ConfigMap) ([]string, er
 func generateStorageConfig(sConfig []v1beta1.StorageConfig) []string {
 	mountPaths := make([]string, 0, len(sConfig))
 	for _, storage := range sConfig {
+		// Tiered storage cache volumes are not Kafka log dirs — exclude them from log.dirs.
+		if storage.TieredStorageCache {
+			continue
+		}
 		mountPaths = append(mountPaths, util.StorageConfigKafkaMountPath(storage.MountPath))
 	}
 	return mountPaths