-
Notifications
You must be signed in to change notification settings - Fork 966
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature: Custom Resource #286
Conversation
What's the state of this branch? Is it still as described in OP (no updates)? I'm very excited as a potential user of something like this. Would you advise against attempting to use this branch for "real work"? |
This feels similar to #195, which resulted in a separate plugin being created: https://github.com/lawrencegripper/terraform-provider-kubernetes-yaml |
I was looking for initial feedback on naming conventions ETC, didn't hear anything so its been on the back burner for me. The branch needs tests and I need to work through the diff/update logic to conform to the JSONPatch format that the API expects. If I get some time tomorrow I can wrap up that last bit and it will be fully functional minus tests. |
@timthesinner any update on this? |
fe9345e
to
27b4536
Compare
Notes: - Created an ExtendedClientset allowing generic access to K8S REST client - Refactored all usage of the provider to the K8S interfaces - Added a dependency on "github.com/ghodss/yaml" - Handle create, update, delete for custom resources - Custom resource update state delta between K8S, TF, and Desired is handled through transient fields
a7f6ba6
to
c20293e
Compare
@yacut, @bukzor at this point create, edit, and delete are all working. Out of band changes to K8S are also handled with a custom diff routine. When I say handled, whatever is configured in the @alexsomesan As the primary on this feature for TF 0.12 could you take a look at this, I think I got a decent UX between TF/K8S/Desired states using a transient key in the state map. Resource state managementNote on the transient fields, these are added into the
Example workflow:After initial application of the terraform resource. It was manually edited in K8S, fields were added, deleted and modified. This resource is exclusively managed by terraform, those modifications will be replaced (and noted in the Edited resourceAfter I applied the TF configuration I manually updated the resource, this is the output of
Manage resource using TF (revert changes)After running
|
@timthesinner just tried running your branch :) but go into a "loop" Cause first it complained about Code looks like this
Then when I added namespace property I got Config:
|
@Tazer good find, I forgot to test generic resources in namespaces. I added the field to the metadata schema and updated the create logic to support custom resources that belong in a namespace. Please let me know if you run into any additional issues. |
@timthesinner tried some more today adding custom resources. Got into "unexpected EOF" my terraform resource
YAML file ( that I try to write with the kubernetes generic resource )
Maybe I'm doing something wrong? |
@Tazer it looks like your trying to create a CustomResourceDefinition on K8S and that's failing (error messages are not clean just yet)probably because that CRD already exists for you. The problem is coming from your kind/api_versions are:
But they should be (looking at your body, looks like your trying to make a ClusterIssuer)
|
@timthesinner think my files are correct and CRD's isn't existing. Cause I did run the code at first and got the "already exist" error , deleted the CRD and then got above error. So what I'm trying to do is to create the definition of a Clusterissuer so I can create Clusterussuers later. Basically it's from here: So cert-manager requires you to create CRD's before installing the helm chart. and what you need to create is in this file https://raw.githubusercontent.com/jetstack/cert-manager/release-0.6/deploy/manifests/00-crds.yaml ( It works fine when I run via kubectl ) |
@Tazer interesting, the problem wasn't in the TF you posted, I assume you have other CRD in your TF. I was able to get an EOF by applying the certificates CRD from the install guide. Specifically I was running into issues with the I fixed two problems in the latest commit:
Here is the TF that I was able to reproduce an EOF with
|
Cool @timthesinner, Trying some more, I get quite an interesting output. Cause just tried to rerun with the new version and got Even without a successful run, So I tried And did another run then I got the EOF error. and then I ran again and got So seems the "create" is working but something with the response? Is there a good way I can debug it a bit better? |
Can you put your TF (redacted and focused on just your generic resources) in a gist for me? You can run with |
@timthesinner here you go https://gist.github.com/Tazer/1b0d8b1ff0c99b2e7bbb35e770061756 Seems also that I'm getting another error on one of the resources:
Output:
Change
So seems it tries to verify that resource Guess it's this one |
@timthesinner @Tazer any update on this? |
The current status is that, Creating crds defination doesn't really work for me. ( Solved it by running kubectl via local exec for those) but works fine when creating crd resources. |
@timthesinner Are you still working on it? Do you need some help? |
Any update on this ? Any chance to see this merged ? |
Hi @timthesinner, Do you need some help? Tell me how can I help you? Cheers |
Is there an update on this? It would be great to have support for custom resource definitions, is there any support that can be provided on this PR to understand what work is left to do. |
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes Have you signed the CLA already but the status is still pending? Recheck it. |
Quick update here: the recently released v0.3.1 of the Kubernetes Alpha provider has quite usable support for CRDs. I would encourage everyone to give that a try a provide us with feedback. That would help us to graduate that provider to GA as soon as possible. |
Closing this as |
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Looking to get an assessment on where I am headed with this. Resource naming, constructs, ETC. The biggest architectural change is that I converted to using interfaces when interacting with K8S instead of a formal type. I needed to extend the base
kubernetes.Clientset
in order to enable a custom resource client.Resource state management
We need to handle state diff between K8S, TF, and Desired. This was accomplished by adding
transient
fields to the computedspec
field dynamically from a custom diff function. Take a look at the diff function here. Here are what each of the transient fields mean:transient-delete
is a field that will get removed (may have been added out of band)transient-add
is a field that will get added (may have been deleted out of band)transient-update
is a field that will get replaced (may have been modified out of band)Notes:
PATCH
options.path
is replace the key prefix with/spec/
and replace all.
with/
value
isspec[key - prefix]
op
is the prefix type (a constant)yaml
fieldyaml
to match will result in a delta to theyaml
field, but no update ops will be sent to K8S.I have been doing all my testing with a terraform that creates a
ClusterIssuer
using the yaml template below.#215