Bug 1880443: fix Openstack machinesets #1141
Conversation
joelddiaz
commented
Sep 17, 2020
joelddiaz
commented
- vendor in new installer with ability to provide our own OpenStack credentials fetching functions
- provide custom credentials fetching functions that use the contents of the ClusterDeployment's secret as the credentials source
- provide an empty (non-nil) list of Zones when creating MachinePools to MachineSets for OpenStack
openshift-ci-robot
added
the
do-not-merge/work-in-progress
openshift-ci-robot
added
the
approved
|
this depends on the changes in openshift/installer#4196 |
|
|
||
| "github.com/gophercloud/utils/openstack/clientconfig" |
There was a problem hiding this comment.
| "github.com/gophercloud/utils/openstack/clientconfig" | |
| "github.com/gophercloud/utils/openstack/clientconfig" |
|
|
||
| credsSecret := &corev1.Secret{} | ||
| if err := kubeClient.Get(context.TODO(), credsSecretKey, credsSecret); err != nil { | ||
| return nil, err |
There was a problem hiding this comment.
| return nil, err | |
| return nil, errors.Wrap(err, "failed to get OpenStack credentials") |
|
|
||
| cloudsYaml, ok := credsSecret.Data[constants.OpenStackCredentialsName] | ||
| if !ok { | ||
| return nil, errors.New("did not find credentials in the ClusterDeployment's secret") |
There was a problem hiding this comment.
| return nil, errors.New("did not find credentials in the ClusterDeployment's secret") | |
| return nil, errors.New("did not find credentials in the OpenStack credentials secret") |
| var clouds clientconfig.Clouds | ||
| if err := yaml.Unmarshal(cloudsYaml, &clouds); err != nil { |
There was a problem hiding this comment.
How stable is clientconfig.Clouds? Do you anticipate any issues with supporting older OpenShift versions that may use an older version of this type?
There was a problem hiding this comment.
This is a good question. Outside of this PR I've never dealt with this package before.
Now that you ask, I would worry not so much about versions of OpenShift but the version of OpenStack that this package will be making calls into. Is there someone more familiar with OpenStack that can perhaps answer this?
As far as OpenShift releases, older versions of the installer made you specify whether this "trunk" support was available, and now it is dynamic. And we mark the field as optional in Hive https://github.com/openshift/hive/blob/master/pkg/apis/hive/v1/openstack/platform.go#L19. This feels like we've just automated detection of what you previously had to specify.
| var secureClouds clientconfig.Clouds | ||
| return secureClouds.Clouds, nil |
There was a problem hiding this comment.
Isn't this just an nil map?
| var secureClouds clientconfig.Clouds | |
| return secureClouds.Clouds, nil | |
| return nil, nil |
| @@ -76,6 +76,7 @@ func (a *OpenStackActuator) GenerateMachineSets(cd *hivev1.ClusterDeployment, po | |||
| computePool := baseMachinePool(pool) | |||
| computePool.Platform.OpenStack = &installertypesosp.MachinePool{ | |||
| FlavorName: pool.Spec.Platform.OpenStack.Flavor, | |||
| Zones: []string{""}, | |||
There was a problem hiding this comment.
The commit message is not quite right. It states that Hive is providing "an empty (but non-nil) list of zones." However, Hive is actually providing a list with a single empty entry.
I also think it is worth a comment in the code to explain what is happening here.
| @@ -76,6 +76,7 @@ func (a *OpenStackActuator) GenerateMachineSets(cd *hivev1.ClusterDeployment, po | |||
| computePool := baseMachinePool(pool) | |||
| computePool.Platform.OpenStack = &installertypesosp.MachinePool{ | |||
| FlavorName: pool.Spec.Platform.OpenStack.Flavor, | |||
| Zones: []string{""}, | |||
There was a problem hiding this comment.
It looks like Hive needs to start supporting zones in MachinePools for OpenStack.
https://github.com/openshift/installer/blob/96579442a7526367e86cf916ec85089c18dfaf24/pkg/types/openstack/machinepool.go#L26-L29
There was a problem hiding this comment.
Agreed. Created a Jira card on our backlog.
|
Is there any chance that we can re-enable the unit test for the OpenStack actuator as part of this PR? Or are we still far away from that since we have no way of mocking out the call to OpenStack that is baked into the installer? |
joelddiaz
changed the title
openshift-ci-robot
added
the
bugzilla/severity-unspecified
|
@joelddiaz: This pull request references Bugzilla bug 1880443, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
bugzilla/invalid-bug
joelddiaz
force-pushed
the
openstack-machinesets
branch
2 times, most recently
from
c4f3120
to
a8da86e
Compare
Not yet. We would need more reworking of the installer repo to allow us to stub out the OpenStack client. |
openshift-ci-robot
added
the
needs-rebase
joelddiaz
force-pushed
the
openstack-machinesets
branch
from
a8da86e
to
3a85fb3
Compare
openshift-ci-robot
removed
the
needs-rebase
joelddiaz
force-pushed
the
openstack-machinesets
branch
from
3a85fb3
to
107fa0c
Compare
joelddiaz
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
|
/assign @staebler this PR pre-dates us explicitly assigning and CCing people... |
joelddiaz
force-pushed
the
openstack-machinesets
branch
from
107fa0c
to
f7de382
Compare
Use the new ability of the installer to provide OpenStack client options to allow use to provide the contents of the ClusterDeployment's credentials Secret as the "clouds.yaml" file.
The installer machineset generator will distribute all the replicas across the list of zones. If we do not provide a list of zones, we get back an empty list of machinesets. Follow what the installer does, and provide list of zones with exactly one member consisting of the empty string.
joelddiaz
force-pushed
the
openstack-machinesets
branch
from
f7de382
to
39bf33c
Compare
|
staebler's hive watch has ended.. |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dgoodwin, joelddiaz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/bugzilla refresh |
openshift-ci-robot
added
bugzilla/severity-medium
|
@joelddiaz: This pull request references Bugzilla bug 1880443, which is valid. 3 validation(s) were run on this bug
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
removed
the
bugzilla/invalid-bug
|
@joelddiaz: All pull requests linked via external trackers have merged: Bugzilla bug 1880443 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
