feat(kuma-cp) delete zone #1348
Conversation
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
| @@ -52,7 +52,7 @@ func toZones(rlist system.ZoneOverviewResourceList) Zones { | |||
| for _, overview := range rlist.Items { | |||
| zones = append(zones, Zone{ | |||
| Name: overview.GetMeta().GetName(), | |||
| Active: overview.Spec.ZoneInsight.IsOnline(), | |||
| Active: overview.Spec.GetZoneInsight().IsOnline() && overview.Spec.GetZone().GetEnabled(), | |||
| }) | |||
| } | |||
| return zones | |||
There was a problem hiding this comment.
Is this API still used somewhere?
There was a problem hiding this comment.
If I get it right it is used here:
Is it correct?
There was a problem hiding this comment.
Checked the GUI code. Yeah, for some reason it is used. I was pretty sure we want to drop this in favor of insights.
I think we should have a column called enabled / disabled. Putting zone offline when we disable it is not exactly correct.
Let's keep it for now because I don't think it matters, but create a card for getting rid of this endpoint and changing the GUI
pkg/core/bootstrap/bootstrap.go
Outdated
| @@ -295,6 +296,10 @@ func initializeResourceManager(cfg kuma_cp.Config, builder *core_runtime.Builder | |||
| dpInsightManager := dataplaneinsight.NewDataplaneInsightManager(builder.ResourceStore(), builder.Config().Metrics.Dataplane) | |||
| customManagers[mesh.DataplaneInsightType] = dpInsightManager | |||
|
|
|||
| zoneValidater := zone.Validator{Store: builder.ResourceStore()} | |||
| if err := rm.Get(context.Background(), zone, store.GetByKey(util.ZoneTag(r), model.NoMesh)); err != nil { | ||
| kdsGlobalLog.Error(err, "failed to get zone", "zone", util.ZoneTag(r)) | ||
| // since there is no explicit "enabled: false" sync anyway | ||
| return true |
There was a problem hiding this comment.
shouldn't this be false if we cannot find the zone?
There was a problem hiding this comment.
Yeah, I think it can be false. I wasn't sure about ordering, what if there is no Zone when we build a Snapshot. But I see now that it's not cached or something and we build Snapshot from the scratch every time, so delay with Zone creation won't be a problem
There was a problem hiding this comment.
Discussed and decided to go with return true to avoid unneeded deletions
pkg/kds/store/sync.go
Outdated
| @@ -116,13 +125,29 @@ func (s *syncResourceStore) Sync(upstream model.ResourceList, fs ...SyncOptionFu | |||
| } | |||
| } | |||
|
|
|||
| zone := system.NewZoneResource() | |||
| if opts.Zone != "" { | |||
There was a problem hiding this comment.
in which case it can be ""?
Can we do the Get only when len(onCreate) > 0?
There was a problem hiding this comment.
It will be "" if you didn't pass Zone("some_zone") option to the Sync.
Yes, good point with checking len(onCreate) > 0
api/system/v1alpha1/zone.proto
Outdated
| message Zone { | ||
| // enable allows to turn the zone on/off and exclude the whole zone from | ||
| // balancing traffic on it | ||
| bool enabled = 1; |
There was a problem hiding this comment.
that's a breaking change. We could do a BoolWrapper and treat nil as true
There was a problem hiding this comment.
Add a card that for 1.1 we should change this to true by default
There was a problem hiding this comment.
Do you mean treat nil as false since 1.1?
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com> # Conflicts: # api/go.sum # pkg/plugins/resources/k8s/native/go.sum
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com>
* feat(kuma-cp) delete and disable zones * fix(kuma-cp) display disabled zones as 'offline' * fix(kuma-cp) fix `kumactl inspect zone` tests Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com> (cherry picked from commit 9d9ee96)
* feat(kuma-cp) delete and disable zones * fix(kuma-cp) display disabled zones as 'offline' * fix(kuma-cp) fix `kumactl inspect zone` tests Signed-off-by: Ilya Lobkov <ilya.lobkov@konghq.com> (cherry picked from commit 9d9ee96) Co-authored-by: Ilya Lobkov <ilya.lobkov@konghq.com>
Summary
Right now if someone is trying to delete
ZoneResourcein Global, all corresponding resources won't be gone. SoDataplanesandDataplaneInsightswill stuck in the cluster until you explicitly wipe them out.Also deleting
ZoneResourcewhile Remote Kuma CP in that zone is still alive, probably not a great idea. Since we create zone automatically there is the methodcreateOrUpdateZone, which will actually be triggered if someone deletesZoneResource. So the user's intention to delete a zone should ally with the actual Remote CP state. But at the same time, if we have networking issues between Remote CP and Global CP we shouldn't deleteZoneResourceautomatically, we should show this zone asoffline.So, in order to support these requirements current PR introduces new scenarios:
Delete zone
The user can't delete
ZoneResourcein Global while Remote CP is alive and connected. Current PR introduces validation for that:So the user has to shutdown Remote CP at first, and only then go and delete
ZoneResource.Also current PR adds ownership relation between synced resources and
ZoneResourcethat allows to cleanupDataplanesandDataplaneInsightsautomatically.Disable zone
There are might be situations when the user doesn't have access to Remote CP but there is a need to stop routing traffic to some specific zone. Current PR introduces a new field in
ZoneResources:Changing
enabled: falsewill allow the user to exclude the zone's ingress from all other zones, so traffic won't be directed to the disabled zone. The disabled zone is considered asoffline.Documentation
TBD