OLM - ci -test. Create cdi-olm-catalog to be able to deploy cdi via o… #862
Conversation
kubevirt-bot
added
the
release-note-none
annastopel
force-pushed
the
cdi-okd-ci
branch
3 times, most recently
from
d93679c
to
82c8167
Compare
There was a problem hiding this comment.
A few questions:
- Do we install the olm catalog container even on providers that do not use olm to install cdi?
- If we are using a provider that installs cdi with olm, and I am making a change to cdi, and I sync, will it immediately update cdi, or do I have to wait for olm to see that a new version is there before it updates.
cluster-sync/okd-4.1.0/provider.sh
Outdated
|
|
||
| function install_cdi { | ||
| #Install CDI via OLM | ||
| _kubectl create ns cdi |
There was a problem hiding this comment.
The CI will randomize the namespace this is installed in, so we should use the NAMESPACE variable for this. This also allows installation in a different namespace like the hco does.
Also this is a thought I am having. Why not make a separate install.sh. In that script define install_cdi_operator and install_cdi_olm, and wait_cdi_crd_installed. All of those are related operations. Also add an install_cdi that looks at a specific environment variable, and pick either install_cdi_olm or install_cdi_operator (default to operator if not specified). Then we can source that in ephemeral-provider.sh and the external provider.sh. Then in each provider set the environment variable to what we want.
We can prescribe what the environment variable value should be for our CI providers, and the user of the external provider can decide if their external cluster has olm or not. This gives us maximum flexibility.
There was a problem hiding this comment.
Curious, why does CI randomize the install namespace? I get randomized namespaces for creating objects during tests, but do we need randomized install namespaces? I'm just curious as all, I've wondered about that before so thought I'd ask .
There was a problem hiding this comment.
Its to stop lazy developers from hard coding the cdi namespace in their tests causing them to fail if someone installs cdi in a different namespace. The randomization is to catch the hard coded cdi namespace if a reviewer misses it.
There was a problem hiding this comment.
The CI will randomize the namespace this is installed in, so we should use the NAMESPACE variable for this. This also allows installation in a different namespace like the hco does.
Also this is a thought I am having. Why not make a separate install.sh. In that script define install_cdi_operator and install_cdi_olm, and wait_cdi_crd_installed. All of those are related operations. Also add an install_cdi that looks at a specific environment variable, and pick either install_cdi_olm or install_cdi_operator (default to operator if not specified). Then we can source that in ephemeral-provider.sh and the external provider.sh. Then in each provider set the environment variable to what we want.
We can prescribe what the environment variable value should be for our CI providers, and the user of the external provider can decide if their external cluster has olm or not. This gives us maximum flexibility.
Great idea! - see dedicated commit in the pr
cluster-sync/k8s-1.13.3/provider.sh
Outdated
| @@ -9,3 +9,9 @@ re='^-?[0-9]+$' | |||
| if ! [[ $num_nodes =~ $re ]] || [[ $num_nodes -lt 1 ]] ; then | |||
| num_nodes=1 | |||
| fi | |||
|
|
|||
| function install_cdi { | |||
There was a problem hiding this comment.
So we are not using OLM to install for k8s then? Just the OKD provider will have it (for now?) That is totally fine, but I would put the install_cdi function in the ephemeral-provider, and override it with the olm install in the OKD provider. That way we are not duplicating this line in the other providers.
There was a problem hiding this comment.
Good point. I added install_cdi to ephemeral provider and overrode it in okd4.1, however there is still code duplication in external provider script
|
Also travis appear unhappy about some missing file. |
cluster-sync/okd-4.1.0/provider.sh
Outdated
|
|
||
| function install_cdi { | ||
| #Install CDI via OLM | ||
| _kubectl create ns cdi |
There was a problem hiding this comment.
Curious, why does CI randomize the install namespace? I get randomized namespaces for creating objects during tests, but do we need randomized install namespaces? I'm just curious as all, I've wondered about that before so thought I'd ask .
| fi | ||
|
|
||
| # Need to set the DOCKER_PREFIX appropriately in the call to `make docker push`, otherwise make will just pass in the default `kubevirt` | ||
| QUAY_NAMESPACE=$QUAY_NAMESPACE DOCKER_PREFIX=$MANIFEST_REGISTRY PULL_POLICY=$(getTestPullPolicy) make manifests |
There was a problem hiding this comment.
Why the seperate QUAY_NAMESPACE? We could just set DOCKER_PREFIX=quay.io/xxxxx
This also brings back my earlier comment that we should probably change DOCKER_PREFIX to REGISTRY_NAME or something more general. This isn't your problem and shouldn't impact your patch but capturing the point here.
There was a problem hiding this comment.
QUAY_NAMESPACE is the namespace in quay where CDI OLM bundle is located. It is not necessarily equals to DOCKER_PREFIX
There was a problem hiding this comment.
I think Johns point is, that we either use Quay OR Docker but not both at the same time, so having two separate variables is sort of weird, it would make sense to have a 'REGISTRY_NAME' or something like instead of DOCKER_PREFIX and QUAY_NAMESPACE if they both serve the same purpose but for a different registry provider.
There was a problem hiding this comment.
I think Johns point is, that we either use Quay OR Docker but not both at the same time, so having two separate variables is sort of weird, it would make sense to have a 'REGISTRY_NAME' or something like instead of DOCKER_PREFIX and QUAY_NAMESPACE if they both serve the same purpose but for a different registry provider.
But we do utilize both dockerhub and quay - we push all cdi images to repo in dockerhub and OLM bundle to quay
There was a problem hiding this comment.
Sorry, my point was as @awels mentioned why both, I get that we do push to both, but we don't push to both in the same build iteration. So the idea I was getting at was use a single variable and set it appropriately for the build we're doing.
If you're doing parallel buld/push operations then it would make more sense to still use a single image registry variable but make it a list and just do build, then push to 'n' registries from the list. We should probably be doing something like that anyway if we're not already rather than run a seperate build/release process for each registry.
There was a problem hiding this comment.
As discussed we do need both DOCKER_PREFIX and QUAY_REPOSITORY variables in the same make manifests iteration. DOCKER_PREFIX for container images pushed to docker and QUAY related variables for olm manifests and bundle
cluster-sync/sync.sh
Outdated
| install_cdi | ||
|
|
||
| #wait cdi crd is installed with 120s timeout | ||
| wait_cdi_crd_installed 120 |
There was a problem hiding this comment.
Should probably make this a variable that can also be set via env variable.
There was a problem hiding this comment.
This is similar to timeout we have when waiting for CDI cr to be installed. This is utilized only during cluster-sync on kubevirtci, that is why I did not make variable out of it
There was a problem hiding this comment.
Well you just made it so this also works for when you cluster-sync to an external provider, and since we have little to no control over the external provider, it would be nice to give the external provider user as many knobs they can change to make it work for their cluster.
There was a problem hiding this comment.
This is similar to timeout we have when waiting for CDI cr to be installed. This is utilized only during cluster-sync on kubevirtci, that is why I did not make variable out of it
Fair enough, not a big deal fro me, I was justthinking if it was a declared var at the top of the script file it's easy to identify and bump up or down if we need to in the future, or more importantly if somebody ever says "Hey Griffith, what's the timeout duration for cluster-sync?". I can just open the file and "BOOM" it hits me right in the face. Your call though I certainly wouldn't hold this up any longer over it.
There was a problem hiding this comment.
Added Variable for CD_INSTALL_TIMEOUT
|
annastopel
force-pushed
the
cdi-okd-ci
branch
3 times, most recently
from
979fb8d
to
cf61ea2
Compare
| @@ -0,0 +1 @@ | |||
| CDI_INSTALL=${CDI_INSTALL_OPERATOR} | |||
There was a problem hiding this comment.
I don't think you need the install.sh files for the providers, you can put
CDI_INSTALL=${CDI_INSTALL_OPERATOR}In the provider.sh right before you source cluster-sync/ephemeral_provider.sh
| fi | ||
|
|
||
| # Need to set the DOCKER_PREFIX appropriately in the call to `make docker push`, otherwise make will just pass in the default `kubevirt` | ||
| QUAY_NAMESPACE=$QUAY_NAMESPACE DOCKER_PREFIX=$MANIFEST_REGISTRY PULL_POLICY=$(getTestPullPolicy) make manifests |
There was a problem hiding this comment.
I think Johns point is, that we either use Quay OR Docker but not both at the same time, so having two separate variables is sort of weird, it would make sense to have a 'REGISTRY_NAME' or something like instead of DOCKER_PREFIX and QUAY_NAMESPACE if they both serve the same purpose but for a different registry provider.
cluster-sync/sync.sh
Outdated
| install_cdi | ||
|
|
||
| #wait cdi crd is installed with 120s timeout | ||
| wait_cdi_crd_installed 120 |
There was a problem hiding this comment.
Well you just made it so this also works for when you cluster-sync to an external provider, and since we have little to no control over the external provider, it would be nice to give the external provider user as many knobs they can change to make it work for their cluster.
There was a problem hiding this comment.
There are a couple of comments/suggestions but I don't think any of them are really worth blocking this any longer. I'm happy to approve/lgtm in the morning with or without changes to it. We can always iterate on it in the future. Thanks for being patient, I should've gotten back to this a long time ago.
| @@ -0,0 +1,12 @@ | |||
| FROM quay.io/openshift/origin-operator-registry | |||
There was a problem hiding this comment.
Done - set to tag 4.2.0
hack/build/build-cdi-olm-catalog.sh
Outdated
|
|
||
| packBundles ${OLM_MANIFESTS_SRC_PATH} | ||
|
|
||
|
|
| displayName: KubeVirt CDI | ||
| publisher: Red Hat | ||
|
|
||
|
|
| displayName: KubeVirt CDI | ||
| publisher: Red Hat | ||
|
|
||
|
|
|
ci test please |
1 similar comment
|
ci test please |
kubevirt-bot
added
the
needs-rebase
…lm in ci. This is due to okd 4.1.
* Add make tagret docker-olm-catalog
* Add build-olm-catalog script that builds tree expected by operator-registry.
* add catalogsource manifest to deploy operator registry per provider
* os
* k8s
* update olm documentation with opertor-registry deployment
* cluster-sync/install.sh - contains all supported installation techniques
and a install_cdi method that derives the technique based on CDI_INSTALL variable
- operator manifests
- OLM manifests
* per provider there is cluster-sync/${PROVIDER}/install.sh that has the settting for CDI_INSTALL
for specific provider
* default technique is CDI installation via operator
* support case when olm bundle contains more than one crd version
kubevirt-bot
removed
the
needs-rebase
|
ci test please |
|
ci test please |
|
/lgtm |
|
I'd like to get a clean CI run before merging, let's see how it goes. |
|
ci test please |
…lm in ci. This is due to okd 4.1.
Add make tagret docker-olm-catalog
Add build-olm-catalog script that builds tree expected by operator-registry.
add catalogsource manifest to deploy operator registry per provider
update olm documentation with opertor-registry deployment
What this PR does / why we need it:
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
This pr enforces CDI installation via OLM on okd-4.1.0 in cdi ci.
This is accomplished by deploying via CatalogSource that points to operator-registry container image that holds cdi OLM manifests.
Release note: