New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[OCPCLOUD-1380] Add Placement Group options to AWS machine provider config #1091
[OCPCLOUD-1380] Add Placement Group options to AWS machine provider config #1091
Conversation
d1bbaa7
to
383fb55
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
641c952
to
e04688d
Compare
/test verify |
e04688d
to
e407135
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Two very small nits, otherwise LGTM
// +kubebuilder:printcolumn:name="Type",type="string",JSONPath=".spec.groupType",description="Placement Group Type" | ||
// +kubebuilder:printcolumn:name="Management",type="string",JSONPath=".spec.managementState",description="Management State" | ||
// +kubebuilder:printcolumn:name="Replicas",type="integer",JSONPath=".status.replicas",description="EC2 Replicas within the Placement Group" | ||
// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description=" AWSPlacementGroup age" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are a couple extra spaces here at the beginning of the description. Is there a specific reason (like some inlining) or is it a typo?
// Note the partition count of a placement group cannot be changed after creation. | ||
// If unset, AWS will provide a default partition count. | ||
// This default is currently 2. | ||
// Note: When using more than 2 partitions, placement.tenancy "dedicated" on Machines |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
small nit: Noticed placement.tenancy
is lowercase here but uppercase within the AWSPlacementGroupUnion
type. It'd be good to have them similar.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
perhaps we could make this a little clearer too, eg
// Note: When using more than 2 partitions, placement.tenancy "dedicated" on Machines | |
// Note: When using more than 2 partitions, the "dedicated" tenancy option on Machines |
e407135
to
875e760
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the review @damdo, have resolved both typos
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great!
/lgtm
875e760
to
827650e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
generally lgtm, i have one question and a suggestion
// Note the partition count of a placement group cannot be changed after creation. | ||
// If unset, AWS will provide a default partition count. | ||
// This default is currently 2. | ||
// Note: When using more than 2 partitions, placement.tenancy "dedicated" on Machines |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
perhaps we could make this a little clearer too, eg
// Note: When using more than 2 partitions, placement.tenancy "dedicated" on Machines | |
// Note: When using more than 2 partitions, the "dedicated" tenancy option on Machines |
@@ -0,0 +1,164 @@ | |||
package v1beta1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since we support upgrades on this and we know we'll never want to deal with migration of customer manifests, I think this is really v1.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good catch, I had actually said in the enhancement we would add this as V1 🤦
// to be managed by this CRD or whether it is user managed. | ||
// A managed placement group may be moved to unmanaged, however an unmanaged | ||
// group may not be moved back to managed. | ||
// +kubebuilder:default:=Managed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will we actually manage any of these and actively reconcile them? If so, this fine. If not, and you only want to support Unmanaged, I'm willing to allow Unmanaged only.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We are hoping to deliver a dev preview to a customer next week in which we will not manage the placement groups, however, before 4.11 ships we intend to implement the management. The customer wants us to have a declarative way to create/delete hundreds of placement groups and MachineSets so this will definitely be required
// A managed placement group may be moved to unmanaged, however an unmanaged | ||
// group may not be moved back to managed. | ||
// +kubebuilder:default:=Managed | ||
// +optional |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
required.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If I make this required, then the defaulting doesn't work, do you think it's worth making customers explicitly specify that this is Managed vs defaulting it for them?
ManagementState ManagementState `json:"managementState"` | ||
|
||
// CredentialsSecret is a reference to the secret with AWS credentials. Otherwise, defaults to permissions | ||
// provided by attached IAM role where the actuator is running. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
on openshift, where is the actuator and how can I tell its permissions?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the equivalent of the Machine IAM role, this is an AWSism primarily, I will update the comment to reflect that this will be the control plane Machine IAM role
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
// group may not be moved back to managed. | ||
// +kubebuilder:default:=Managed | ||
// +optional | ||
ManagementState ManagementState `json:"managementState"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
per slack, this and awsplacementgroupunion for a discriminated union distinct from credentialsSecret
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed, that makes sense, this is now pushed
|
||
type AWSPlacementGroupSpec struct { | ||
// AWSPlacementGroupManagementSpec defines the configuration for a managed or unmanaged placement group. | ||
AWSPlacementGroupManagementSpec `json:",inline"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you cannot have this inline because the credentialsSecret
isn't controlled by the the value of the managementstate.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought this was ok, there's an example doing the same (TopLevelUnion
) in the KEP, do you know what this would break/why this wouldn't work? Is it a UX thing rather than a technical issue?
AWSPlacementGroupManagementSpec `json:",inline"` | ||
|
||
// CredentialsSecret is a reference to the secret with AWS credentials. The secret must reside in the same namespace | ||
// as the AWSPlacementGroup resourec. Otherwise, the controller will leverage the EC2 instance assigned IAM Role, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typo: resource
// group may not be moved back to managed. | ||
// +kubebuilder:default:=Managed | ||
// +unionDiscriminator | ||
// +optional |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A user is already going to have to set the grouptype. I would make this required and not defaulted.
GroupType AWSPlacementGroupType `json:"groupType,omitempty"` | ||
|
||
// +optional | ||
Partition *AWSPartitionPlacement `json:"partition,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
missing godoc.
the remaining comments are minor, but required before merge. |
@deads2k This has now been updated, if you are happy with the changes, I'll squash and we can get this merged |
/lgtm |
fdd63b3
to
dfab187
Compare
Squashed the commits before merge, no other changes since last review This project is not part of the no-ff process, manually adding the appropriate labels /label docs-approved |
@JoelSpeed: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alexander-demichev, damdo, deads2k, elmiko, JoelSpeed The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This PR implements the API changes described in openshift/enhancements#995.
This adds options to allow the use of the placement group feature within AWS. Notably users will be able to specify a placement group name to use and, if the placement group doesn't exist, will be able to have it created based on the placement group type, and, if applicable, partition count.
I have included constants for the three different types of placement group type as we will use these for validation of the field within the controller.
Note this enhancement is targeted for 4.11, we are hoping to merge this shortly after master opens for development.