Add optional loading from a config.d directory to kubectl. #38861
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
|
This change is |
k8s-github-robot
added
size/M
| return []string{} | ||
| } | ||
| if !stat.IsDir() { | ||
| glog.Warningf("Expected %s to be a directory", dir) |
There was a problem hiding this comment.
should we return []string{} now - I guess otherwise we'll print another error?
|
|
||
| return []string{o.GlobalFile} | ||
| result := []string{o.GlobalFile} | ||
| result = append(result, loadConfigDir(o.GlobalFile+".d")...) |
There was a problem hiding this comment.
This sets off a spidey sense for me... Should we have a separate field GlobalFileDir or similar? And then we would set it to RecommendedHomeFileDir in NewDefaultPathOptions?
| @@ -148,6 +149,29 @@ func NewDefaultClientConfigLoadingRules() *ClientConfigLoadingRules { | |||
| } | |||
| } | |||
|
|
|||
| func loadConfigDir(dir string) []string { | |||
| stat, err := os.Lstat(RecommendedHomeFileDir) | |||
There was a problem hiding this comment.
Perhaps skip if dir == "", although I'm not entirely sure how PathOptions is generally used.
| dir, err := ioutil.TempDir("", "") | ||
| if err != nil { | ||
| t.Errorf("unexpected error: %v", err) | ||
| t.FailNow() |
There was a problem hiding this comment.
Is this different from t.Fatalf?
There was a problem hiding this comment.
Nope, fixed. (here and elswehere)
|
cc @deads2k |
|
I think this is worthy of discussion before changing. We used to merge kubeconfig files and it was difficult for users. We've also talked about splitting the kubeconfig file to separate preferences. This pull looks like it just throws them all into a bucket, merges them, and hopes for the best. I suspect we'll end up with many unintended consequences. @kubernetes/sig-cli-misc @smarterclayton @liggitt @kubernetes/rh-ux |
|
I'd like a proposal and some design discussion before this goes any further. I see lots of folks who want to change kubeconfig, but no design docs. |
|
@deads2k @smarterclayton look at the issue requesting this: #38791 Basically the idea is to allow users to keep all of their clusters in disjoint files. I think allowing users to self-organize is going to be a better way forward than refactoring all of the merging code. And more importantly, this is no different than what you can already do via $ENVVARS, it's just making it easier and directory based. |
|
And fundamentally, this doesn't change kubeconfig. If you have an explicit kubeconfig file it still just uses that. I'd be ok with an exclusive approach too, that being: If I think this is a small, incremental, useful step that will help people better organize their kubeconfig files. |
|
@bgrant0607 this doesn't change any of the behaviors that are already built into kubectl. This is 100% equivalent to: KUBECONFIG=$(ls $HOME/.kube/config.d/*)
kubectl ...But it is more convenient. Since it's not a behavior change, I don't see the problem. It's quite possible that we should improve, change or update the merge policies, but they already exist This is basically putting the load on the user to ensure that the files are disjoint. But it will enable users to copy around different kubeconfig files for specific cluster between different users and have different users be able to have a different union of clusters for their own use without having to do the manual effort of merging/separating out the configs. Given that it doesn't introduce a new behavior, and that it is more convenient for this use case, I think that it is worth doing prior to any major refactor of config that is proposed for the future. Let's not let the perfect be the enemy of the good here. |
|
@bgrant0607 friendly new years ping on this. I believe it is worth doing, and @justinsb also is inclined to agree. |
|
cc @jlowdermilk |
|
Can we detect the full default case? I.e.:
I'd be ok with that. |
|
I would like to look at splitting out API token and certs into their own files, I'm not sure if this will complicate what @mikedanese and @jbeda wanted to do there. |
There was a problem hiding this comment.
Made a few comments. Will leave more detailed review to @deads2k.
Documentation in kubernetes.github.io will also need to be updated.
| } else { | ||
| chain = append(chain, RecommendedHomeFile) | ||
| chain = append(chain, loadConfigDir(RecommendedHomeFileDir)...) |
There was a problem hiding this comment.
It would be more user-friendly if users could also specify directories. If file => use it. If directory => expand to its files and use them.
| } | ||
| result := []string{} | ||
| for _, file := range files { | ||
| result = append(result, path.Join(dir, file.Name())) |
pkg/kubectl/cmd/config/config.go
Outdated
| @@ -44,7 +44,8 @@ func NewCmdConfig(pathOptions *clientcmd.PathOptions, out, errOut io.Writer) *co | |||
|
|
|||
| 1. If the --` + pathOptions.ExplicitFileFlag + ` flag is set, then only that file is loaded. The flag may only be set once and no merging takes place. | |||
| 2. If $` + pathOptions.EnvVar + ` environment variable is set, then it is used a list of paths (normal path delimitting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list. | |||
| 3. Otherwise, ` + path.Join("${HOME}", pathOptions.GlobalFileSubpath) + ` is used and no merging takes place.`), | |||
| 3. Otherwise, ` + path.Join("${HOME}", pathOptions.GlobalFileSubpath) + ` is used. | |||
| 4. If ` + path.Join("${HOME}", pathOptions.GlobalFileSubpath) + `.d exists, any files in that directory are also merged into the config.`), | |||
There was a problem hiding this comment.
The order of the files is significant, so please specify what the order is.
bgrant0607
added
release-note
pkg/kubectl/cmd/config/config.go
Outdated
| @@ -44,7 +44,8 @@ func NewCmdConfig(pathOptions *clientcmd.PathOptions, out, errOut io.Writer) *co | |||
|
|
|||
| 1. If the --` + pathOptions.ExplicitFileFlag + ` flag is set, then only that file is loaded. The flag may only be set once and no merging takes place. | |||
| 2. If $` + pathOptions.EnvVar + ` environment variable is set, then it is used a list of paths (normal path delimitting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list. | |||
| 3. Otherwise, ` + path.Join("${HOME}", pathOptions.GlobalFileSubpath) + ` is used and no merging takes place.`), | |||
| 3. Otherwise, ` + path.Join("${HOME}", pathOptions.GlobalFileSubpath) + ` is used. | |||
| 4. If ` + path.Join("${HOME}", pathOptions.GlobalFileSubpath) + `.d exists, any files in that directory are also merged into the config.`), | |||
There was a problem hiding this comment.
is step 4 exclusive to step 3 (or any of the other steps)?
There was a problem hiding this comment.
Clarified. (and yes)
k8s-github-robot
added
the
needs-rebase
brendandburns
force-pushed
the
config.d
branch
2 times, most recently
from
a29cbd3
to
53240ea
Compare
k8s-github-robot
removed
the
needs-rebase
|
A couple comments on precendence, then lgtm |
|
@k8s-bot test this |
|
@brendandburns PR needs rebase |
k8s-github-robot
added
the
needs-rebase
|
This PR hasn't been active in 90 days. Closing this PR. Please reopen if you would like to work towards merging this change, if/when the PR is ready for the next round of review. cc @brendandburns @deads2k @smarterclayton You can add 'keep-open' label to prevent this from happening again, or add a comment to keep it open another 90 days |
Super :( :( any chance we can revive this? |
|
@brendandburns: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Review comments from February still stand. |
|
@deads2k What does openshift do here? How does a user "add" a cluster? |
|
I'll throw out that Tectonic generates kubeconfigs from the Console that are scoped to just that cluster. It would be great UX to tells users to throw that in a config and voila they can switch to that context. Merging two configs together is possible of course, but it's complex and you end up staring at a huge |
I agree. Combining files in the same directory as this PR does is the equivalent of merging files together automatically... you have to make sure they are non-overlapping and coherent. |
|
cc @csbell |
k8s-ci-robot
added
lifecycle/frozen
|
Is this PR still active? There doesn't seem to be meaningful action in over 8 months. /remove-lifecycle frozen |
k8s-ci-robot
removed
the
lifecycle/frozen
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
the
lifecycle/stale
|
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
lifecycle/rotten
|
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Addresses #38791
@justinsb @kubernetes/sig-cli-misc @kubernetes/sig-cli-pr-reviews