[OCPCLOUD-1380] Add Placement Group options to AWS machine provider config #1091
Conversation
JoelSpeed
force-pushed
the
mapi-aws-placement-groups
branch
2 times, most recently
from
d1bbaa7
to
383fb55
Compare
JoelSpeed
force-pushed
the
mapi-aws-placement-groups
branch
5 times, most recently
from
641c952
to
e04688d
Compare
|
/test verify |
JoelSpeed
force-pushed
the
mapi-aws-placement-groups
branch
from
e04688d
to
e407135
Compare
| // +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".spec.groupType",description="Placement Group Type" | ||
| // +kubebuilder:printcolumn:name="Management",type="string",JSONPath=".spec.managementState",description="Management State" | ||
| // +kubebuilder:printcolumn:name="Replicas",type="integer",JSONPath=".status.replicas",description="EC2 Replicas within the Placement Group" | ||
| // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description=" AWSPlacementGroup age" |
There was a problem hiding this comment.
There are a couple extra spaces here at the beginning of the description. Is there a specific reason (like some inlining) or is it a typo?
| // Note the partition count of a placement group cannot be changed after creation. | ||
| // If unset, AWS will provide a default partition count. | ||
| // This default is currently 2. | ||
| // Note: When using more than 2 partitions, placement.tenancy "dedicated" on Machines |
There was a problem hiding this comment.
small nit: Noticed placement.tenancy is lowercase here but uppercase within the AWSPlacementGroupUnion type. It'd be good to have them similar.
There was a problem hiding this comment.
perhaps we could make this a little clearer too, eg
| // Note: When using more than 2 partitions, placement.tenancy "dedicated" on Machines | |
| // Note: When using more than 2 partitions, the "dedicated" tenancy option on Machines |
JoelSpeed
force-pushed
the
mapi-aws-placement-groups
branch
from
e407135
to
875e760
Compare
JoelSpeed
force-pushed
the
mapi-aws-placement-groups
branch
from
875e760
to
827650e
Compare
| // Note the partition count of a placement group cannot be changed after creation. | ||
| // If unset, AWS will provide a default partition count. | ||
| // This default is currently 2. | ||
| // Note: When using more than 2 partitions, placement.tenancy "dedicated" on Machines |
There was a problem hiding this comment.
perhaps we could make this a little clearer too, eg
| // Note: When using more than 2 partitions, placement.tenancy "dedicated" on Machines | |
| // Note: When using more than 2 partitions, the "dedicated" tenancy option on Machines |
| @@ -0,0 +1,164 @@ | |||
| package v1beta1 | |||
There was a problem hiding this comment.
Since we support upgrades on this and we know we'll never want to deal with migration of customer manifests, I think this is really v1.
There was a problem hiding this comment.
Good catch, I had actually said in the enhancement we would add this as V1 🤦
| // to be managed by this CRD or whether it is user managed. | ||
| // A managed placement group may be moved to unmanaged, however an unmanaged | ||
| // group may not be moved back to managed. | ||
| // +kubebuilder:default:=Managed |
There was a problem hiding this comment.
Will we actually manage any of these and actively reconcile them? If so, this fine. If not, and you only want to support Unmanaged, I'm willing to allow Unmanaged only.
There was a problem hiding this comment.
We are hoping to deliver a dev preview to a customer next week in which we will not manage the placement groups, however, before 4.11 ships we intend to implement the management. The customer wants us to have a declarative way to create/delete hundreds of placement groups and MachineSets so this will definitely be required
| // A managed placement group may be moved to unmanaged, however an unmanaged | ||
| // group may not be moved back to managed. | ||
| // +kubebuilder:default:=Managed | ||
| // +optional |
There was a problem hiding this comment.
If I make this required, then the defaulting doesn't work, do you think it's worth making customers explicitly specify that this is Managed vs defaulting it for them?
| ManagementState ManagementState `json:"managementState"` | ||
|
|
||
| // CredentialsSecret is a reference to the secret with AWS credentials. Otherwise, defaults to permissions | ||
| // provided by attached IAM role where the actuator is running. |
There was a problem hiding this comment.
on openshift, where is the actuator and how can I tell its permissions?
There was a problem hiding this comment.
This is the equivalent of the Machine IAM role, this is an AWSism primarily, I will update the comment to reflect that this will be the control plane Machine IAM role
| // group may not be moved back to managed. | ||
| // +kubebuilder:default:=Managed | ||
| // +optional | ||
| ManagementState ManagementState `json:"managementState"` |
There was a problem hiding this comment.
per slack, this and awsplacementgroupunion for a discriminated union distinct from credentialsSecret
There was a problem hiding this comment.
Agreed, that makes sense, this is now pushed
|
|
||
| type AWSPlacementGroupSpec struct { | ||
| // AWSPlacementGroupManagementSpec defines the configuration for a managed or unmanaged placement group. | ||
| AWSPlacementGroupManagementSpec `json:",inline"` |
There was a problem hiding this comment.
you cannot have this inline because the credentialsSecret isn't controlled by the the value of the managementstate.
There was a problem hiding this comment.
I thought this was ok, there's an example doing the same (TopLevelUnion) in the KEP, do you know what this would break/why this wouldn't work? Is it a UX thing rather than a technical issue?
| AWSPlacementGroupManagementSpec `json:",inline"` | ||
|
|
||
| // CredentialsSecret is a reference to the secret with AWS credentials. The secret must reside in the same namespace | ||
| // as the AWSPlacementGroup resourec. Otherwise, the controller will leverage the EC2 instance assigned IAM Role, |
| // group may not be moved back to managed. | ||
| // +kubebuilder:default:=Managed | ||
| // +unionDiscriminator | ||
| // +optional |
There was a problem hiding this comment.
A user is already going to have to set the grouptype. I would make this required and not defaulted.
| GroupType AWSPlacementGroupType `json:"groupType,omitempty"` | ||
|
|
||
| // +optional | ||
| Partition *AWSPartitionPlacement `json:"partition,omitempty"` |
|
the remaining comments are minor, but required before merge. |
|
@deads2k This has now been updated, if you are happy with the changes, I'll squash and we can get this merged |
|
/lgtm |
openshift-ci
bot
added
lgtm
JoelSpeed
force-pushed
the
mapi-aws-placement-groups
branch
from
fdd63b3
to
dfab187
Compare
|
Squashed the commits before merge, no other changes since last review This project is not part of the no-ff process, manually adding the appropriate labels /label docs-approved |
openshift-ci
bot
added
docs-approved
|
@JoelSpeed: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alexander-demichev, damdo, deads2k, elmiko, JoelSpeed The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This PR implements the API changes described in openshift/enhancements#995.
This adds options to allow the use of the placement group feature within AWS. Notably users will be able to specify a placement group name to use and, if the placement group doesn't exist, will be able to have it created based on the placement group type, and, if applicable, partition count.
I have included constants for the three different types of placement group type as we will use these for validation of the field within the controller.
Note this enhancement is targeted for 4.11, we are hoping to merge this shortly after master opens for development.