-
Notifications
You must be signed in to change notification settings - Fork 907
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow deterministic Composite Resource Names #3120
Comments
I have a vague recollection that we did used to include the claim namespace at some point, but moved away from that. Perhaps because the resulting XR names were being truncated? |
Some more thoughts:
Proposal: Add a new field apiVersion: apiextensions.crossplane.io/v1
kind: CompositeResourceDefinition
metadata:
name: test.example.com
spec:
composite:
name:
# produces something like
# default.test-a909b.test
template: '{{ printf "%s.%s-%s.%s" .Claim.Namespace .Claim.Kind (sha1sum .Claim.GVK | abbrev 5) .Claim.Name }}' |
Can you elaborate on the problems caused by having a randomly generated XR name? Are you concerned about the actual external names of your resulting managed resources or something else? I think of claim -> XR as somewhat like deployment -> pod. When create a deployment multiple times the pods will also get different names. |
Yes, the problem is that multiple creations of the same claim with the same name leads to different resources being created. This leads to two main issues causing lot of headache for use:
Not only is this slow and requires a manual interaction for every claim, you cannot really use it with GitOps where you would commit all your claims and wait for ArgoCD to deploy everything.
But Pods are not directly referenced by other pods and do not create resources in an external system that have a different lifecycle. |
Can this issue be addressed by remembering to set
I think I'm almost following you here, but an example would help. It sounds like you're hoping to rely on deterministic XR names in order to allow the composed resources from one claim/XR to reference composed resources from another? |
You can. But only in cases where the external name derives from the name of the managed resource. This does not work if the external name is generated by the provider backend (such as subnets in AWS).
This is exactly what we want. In some cases we circumvent this by using label selectors. But in many others it doesn't. For example, creating a bucket via one composition and putting the bucket's name inside an IAM policy in another. There is no way of extracting the information automatically. You have to create the claims sequentially. BTW: I am aware that one could patch the composed name, for example by combining claim name and namespace. But you would have to do this for every resource (which is prone to errors) and you would end up with composed and composite having different names. |
I use atm the labels
in the patches to generate names and tags. I don't know if I oversee something with this approach, but it works so far. |
This would be absolutely useful to us. We have developed a composition that creates an AWS RDS instance and would like to be able to also create a |
Crossplane does not currently have enough maintainers to address every issue and pull request. This issue has been automatically marked as |
/fresh I'm currently facing this issue with a terraform Workspace resource, which is generating terraform workspace name based on the metadata.name or the external-name annotation of the resource. Both of them being overrided, the composite is generating duplicates each time the Workspace resource is regenerated (with a new generated name), which is obviously a problem |
/fresh
Same here, any news on this from the maintainers? |
If I create an S3 bucket, I get a random suffix. If I try to then reference that bucket on other resources, they do not get that same suffix. (The claim-name does work. Patching that is an alternative, but seems unnecessary.) metadata.name gets the random suffix only on the Bucket. If I then use metadata.name on a BucketPolicy, it can't find it, because the suffix is not there. The most egregious issue here though is the lack of documentation or configuration. If I want to create my own CRD, why of all things am I unable to configure random suffix generation? |
I believe there is a problem (or problems) to be solved here, but I'm not convinced deterministic XR names are the right solution. Generally our philosophy is:
There's a bunch of useful context in this issue. I'm tempted to re-open it, but I think it would be more useful to have an issue or issue(s) that lead with the problem we need to solve, not the proposed solution. |
I've raised a documentation issue to track this: crossplane/docs#432 |
What problem are you facing?
Crossplane composite resource names are generated by the kube API server through setting
generatedName
to<claim-name>-
. The server will append a random string as suffix to make the object's name unique:https://github.com/crossplane/crossplane/blob/master/internal/controller/apiextensions/claim/configurator.go#L134
Because of this randomness, creating the same claim multiple times will result in different composite names which makes migration tasks and traceability very difficult.
How could Crossplane help solve your problem?
Crossplane should offer a second, deterministic name generator.
For example, the generated name could be combination of the claim's name and namespace. The folks at loft-sh/vcluster do something similar. There the name is a combination of name, namespace and cluster name:
If the name is too long, it is trimmed:
To ensure backwards compatibility, the feature should be enabled via a feature flag, i.e.
--enable-deterministic-composite-names
.The text was updated successfully, but these errors were encountered: