Server-side Apply! #347
Comments
|
/kind feature |
k8s-ci-robot
added
kind/feature
|
We also need to come up with a reasonable fallback approach, and detection. We should be able to do a dry-run patch to check if server-side apply is supported (there doesn't appear to be a more declarative way ATM). |
OpenAPI has a "route" section describing the end-points, you can check if PATCH for the specific type supports |
|
cool, that's way better. |
|
Will this need a client-side implementation to fall back to? A three way merge in a similar way to Kubectl does in K8s 1.13 and below? Is there any documentation on how Kubectl will fall back if the server-side apply isn't present? Should this be the behaviour that we try to mimic? |
|
kubectl right now is going to fall-back to client-side apply if the feature isn't enabled on the server, but I'm not sure that's a behavior we'll want to keep. I think it is different enough that they can't be blindly replaced. |
|
I think we may just have to explicitly fail if server-side apply is not available -- the chance for really subtle bugs may be too high. |
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
the
lifecycle/stale
|
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
lifecycle/rotten
|
/remove-lifecycle rotten |
k8s-ci-robot
added
lifecycle/frozen
|
Any movement on this? |
|
We're missing that PR and its extension that @mariantalla is working on. |
|
FWIW, basic support is in right now -- it looks like cl.Patch(ctx, obj, client.Apply, client.ForceOwnership, client.FieldOwner("my-controller"))but that's a bit less elegant than it could be |
|
That's not terrible. We could have a |
|
I'm thinking the eventual interface should not need the patch type, and should just keep the field manager in some internal state so that you don't have to type it every time. We can probably also default to forceownership. |
I think it's a great default, but needs to be overridable. |
|
basically: type Applier struct {
patcher client.Patcher
name string
}
func (a *Applier) Ensure(ctx context.Context, obj runtime.Object, opts ...client.PatchOption) error {
// put the default options first so that they can be overridden
opts = append([]client.PatchOption{client.ForceOwnership, client.FieldOwner(a.name)}, opts...)
return a.patcher.Patch(ctx, obj, client.Apply, opts...)
} |
|
Also, the "owner" is required, so I would surface that somehow. |
|
(that's why I have the |
|
Discussed offline, we're on the same page :-) |
if err := r.Client.Ensure(ctx, &grp.MyKind{
fieldA: "foo",
fieldB: "bar",
}); err != nil {
return ctrl.Result{}, err
}The big problem we have with that is that Server-Side Apply cares about the difference between fields set at zero-value and fields that are not set. I'm assuming this won't work :-/ |
|
/help Initially we want to focus on a non-breaking change for v0.5.x, in the future as we learn from use cases we can put in Client. |
|
@vincepri: Please ensure the request meets the requirements listed here. If this request no longer meets these requirements, the label can be removed In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
help wanted
|
/wg api-expression |
k8s-ci-robot
added
the
wg/api-expression
|
I met an error when I use Server-side Apply |
|
@DirectXMan12 How would you feel about closing this? I think it's been long enough that SSA is pretty broadly available so we could maybe just skip the client-side abstraction entirely. We can maybe close this and open more specific tickets for any lingering issues (controller-gen support for the new typed builders? better docs?) |
|
@coderanger do you mean that since SSA is broadly available, we should use Edit* link to slack for anyone interested: here |
|
@m1o1 This isn't a good place for user support, please ask in Slack. |
I would like to propose the implementation(1) the The signaure of the Apply method would be: The ApplyOption implementations would be DryRunAll, FieldOwner and ForceOwnership,as for the PatchOption. An Apply method would also be added to the @apelisse what's your opinion? (1) I would be happy to work on this implementation |
|
This could also borrow from client-go's Apply method I suppose. It actually directly accepts the |
Yes! Based on the discussion here I believe that it is important that an Apply method should not accept API My suggestion would be:
|
|
cc @Jefftree has started some work on this, but if someone wants to take over, happy to help. |
|
For the first point, there is an open PR to add applyconfiguration generation: kubernetes-sigs/controller-tools#536 For the second point, last time I checked there was no common interface that is implemented by all applyconfigurations and that would allow us to type things and make mistakes harder - Has that changed in the meantime? |
|
Summarizing the state of applyconfigurations in controller-tools: There is an open PR to add applyconfiguration generation to controller-tools: kubernetes-sigs/controller-tools#536 I don't think we want to move forward with this PR because it duplicates a lot of code found in the kubernetes client-go applyconfigurations and could lead to drift and extra burden on maintenance, please refer to this comment @JoelSpeed has put together an integration with using the upstream client-go generator for kubebuilder types, and I would heavily recommend that approach over merging the existing PR. I think there are still some things that need to be worked out like loading the openapi file, but the structure should be there. This solves step 1 in the proposal by @yhrn. Steps 2 and 3 should be much simpler once 1 is completed. I had a previous controller-runtime branch that showed a POC of how the new Apply interface would be implemented. #1365 I currently don't have the bandwidth to work on this, but would love for someone to take over and am available for guidance/collaboration. |
|
I opened kubernetes/kubernetes#118138 which we would need to have in order to be able to provide proper first-class support for SSA in controller-runtime. |
Server-side apply will be landing in 1.14 (code is merged 🎉 and all), so we should come up with a plan to support server-side apply.
Talking with @apelisse and @jennybuckley, it looks like the main constraints on server-side apply from a controller perspective are that you must set all the fields you care about when submitting an object, which is what we encourage anyway (declare the state of the world that you want to see, instead of just making changes).
This should ultimately (in many cases) allow people to write code like:
instead of using
CreateOrUpdate.It would be neat to call server-side apply from
CreateOrUpdate, but it's not clear to me that we can safely do so without violating an implicit contract -- if people have special logic that they do when fields aren't set (not a good pattern, but people almost certainly do it), it could break them. That being said, it's not clear to me that we explicitly write that as a contract anywhere.The text was updated successfully, but these errors were encountered: