New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MGMT-15704 Assisted service should create Day2 import CR for hub cluster. #5459
MGMT-15704 Assisted service should create Day2 import CR for hub cluster. #5459
Conversation
Skipping CI for Draft Pull Request. |
1060b2c
to
f01d801
Compare
Using ZTP in the commit message is incorrect, here you are referring to kube-api or the operator, have nothing to do with ZTP |
/assign @nmagnezi |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #5459 +/- ##
==========================================
- Coverage 67.74% 67.68% -0.06%
==========================================
Files 229 232 +3
Lines 33571 33968 +397
==========================================
+ Hits 22741 22992 +251
- Misses 8790 8929 +139
- Partials 2040 2047 +7
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add in the commit message why did you had to add permissions to specific resources
General comment about if else
usually it's cleaner to handle the error first, then you will not need the else in most cases
3d6c930
to
85f69f1
Compare
return false, err | ||
} | ||
if agentClusterInstall != nil { | ||
i.log.Infof("hubClusterDay2Importer: Found AgentClusterInstall for hub cluster, assuming that hub has been correctly registered for ZTP day 2 operations: %s", agentClusterInstall.Name) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are there any checks we can do here to ensure that cluster is actually healthy?
Also, why is ZTP mentioned here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure that this is possible at this stage.
The one thing we do perform is a check of the cluster-version history, which will show up as completed if the last update was applied.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i'm not sure which tests can be done in this case, domain resolution and valid kubeconfig, but if you are taking them from the cluster and even if they are invalid, what can be done?
return true, nil | ||
} | ||
|
||
func (i *LocalClusterImport) ImportLocalCluster() error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Few things about this function:
- It does to many things, which should be split to sub functions for both readability and tests.
- It can potentially fail in too many places (which is related to the first point, in part). I also think that for many things here it is worth to use multiErr to aggregate a much of the problems and reflect them to the user as early as possible.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1: Done
2: Done
8d0af57
to
eeca32d
Compare
9a2f924
to
23bc5d3
Compare
Fixed now
Fixed |
23bc5d3
to
f638b37
Compare
cmd/main.go
Outdated
@@ -205,6 +208,23 @@ func maxDuration(dur time.Duration, durations ...time.Duration) time.Duration { | |||
return ret | |||
} | |||
|
|||
func importLocalCluster(ctrlMgr manager.Manager, log *logrus.Logger) { | |||
if !Options.EnableLocalClusterImport { | |||
log.Debug("EnableLocalClusterImport disabled in options, skipping...") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can be info, it's not something periodic
cmd/main.go
Outdated
@@ -162,6 +163,8 @@ var Options struct { | |||
AllowConvergedFlow bool `envconfig:"ALLOW_CONVERGED_FLOW" default:"true"` | |||
PreprovisioningImageControllerConfig controllers.PreprovisioningImageControllerConfig | |||
BMACConfig controllers.BMACConfig | |||
EnableLocalClusterImport bool `envconfig:"ENABLE_LOCAL_CLUSTER_IMPORT" default:"true"` | |||
LocalClusterImportNamespace string `envconfig:"LOCAL_CLUSTER_IMPORT_NAMESPACE" defualt:"local-cluster"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please make sure with ACM/MCE that they are not using the same namespace
} | ||
|
||
func (o *LocalClusterImportOperations) CreateClusterImageSet(clusterImageSet *hivev1.ClusterImageSet) (*hivev1.ClusterImageSet, error) { | ||
err := o.cachedApiClient.Create(o.context, clusterImageSet) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what will happen is it's already exists?
same question to all the resources.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would fail to write the cluster image set and the old one would remain in place.
Not sure what the best thing to do is, on one hand, we could delete anything we find when performing this write, but seems to me that this would not be the smart choice until we have looked into the impact of the update ticket.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
until we handle upgrade it should be good enough
|
||
func (i *LocalClusterImport) ImportLocalCluster() error { | ||
|
||
shouldImportLocalCluster, err := i.shouldImportLocalCluster() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As we talked, this function can be removed and you will try to create all the objects and if they are already exist you will ignore them, using k8serrors.IsAlreadyExists(err)
to check the error
9210a94
to
7d5ff3d
Compare
} | ||
// Fetch the recently stored AgentClusterInstall so that we can obtain the UID | ||
aci, err := i.clusterImportOperations.GetAgentClusterInstall(i.localClusterNamespace, i.localClusterNamespace+"-cluster-install") | ||
if err != nil && !k8serrors.IsAlreadyExists(err) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
get cannot return already exist
agentClusterInstall.Namespace = i.localClusterNamespace | ||
agentClusterInstall.Name = i.localClusterNamespace + "-cluster-install" | ||
err := i.clusterImportOperations.CreateAgentClusterInstall(agentClusterInstall) | ||
if err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it can return already exist
} | ||
|
||
err = i.createNamespace(i.localClusterNamespace) | ||
if err != nil && !k8serrors.IsAlreadyExists(err) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
minor comment - you already handling already exist error inside createNamespace
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I actually changed this, I need to be able to mock this so I moved the handling of this stuff into import_local_cluster
|
||
if kubeConfigSecret != nil { | ||
err = i.createAdminKubeConfig(kubeConfigSecret) | ||
if err != nil && !k8serrors.IsAlreadyExists(err) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
minor comment - you already handling already exist error inside createAdminKubeConfig
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I actually changed this, I need to be able to mock this so I moved the handling of this stuff into import_local_cluster
7d5ff3d
to
8ee1b33
Compare
…ster. When using assisted-service in KubeAPI mode, we want to import the local cluster automatically, allowing it to be managed in a similar fashion to the spoke cluster. The intent is to allow the user to perform day2 operations on the local cluster, to allow the addition of workers and so on. Presently this is only possible via manual efforts and is not very customer friendly. This PR aims to resolve this by adding functionality to import the local cluster as described above.
8ee1b33
to
c2aabc3
Compare
/retest |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: filanov, paul-maidment The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@paul-maidment: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/cherry-pick release-ocm-2.8 |
@paul-maidment: #5459 failed to apply on top of branch "release-ocm-2.8":
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
…ster. (openshift#5459) When using assisted-service in KubeAPI mode, we want to import the local cluster automatically, allowing it to be managed in a similar fashion to the spoke cluster. The intent is to allow the user to perform day2 operations on the local cluster, to allow the addition of workers and so on. Presently this is only possible via manual efforts and is not very customer friendly. This PR aims to resolve this by adding functionality to import the local cluster as described above.
When using assisted-service in KubeAPI mode, we want to import the local cluster automatically, allowing it to be managed in a similar fashion to the spoke cluster.
The intent is to allow the user to perform day2 operations on the local cluster, to allow the addition of workers and so on.
Presently this is only possible via manual efforts and is not very customer friendly.
This PR aims to resolve this by adding functionality to import the local cluster as described above.
The behaviour during upgrade will be dealt with in another ticket.
List all the issues related to this PR
What environments does this code impact?
How was this code tested?
Checklist
docs
, README, etc)Reviewers Checklist