[WIP] Add apply logic to Dynamic client #228
Conversation
openshift-ci-robot
added
do-not-merge/work-in-progress
|
ping @willthames |
|
We probably need to be careful about what patch we send (this is probably obvious in the kubectl code) - we need to send a json patch to allow keys to be deleted as well as added - one of the drawbacks of the existing approach is the lack of ability to delete keys without using force, and force doesn't work with all kinds (e.g. force on a Service tends to cause a 422 even without a change) |
|
Also, should we make the lastAppliedConfiguration annotation configurable? I'd rather not use kubectl's annotation, but would agree with making it configurable so that users can choose kubectl's annotation if they wish |
doc/proposals/apply.md
Outdated
|
|
||
| ## Problem | ||
| Current merge/patch strategy in the Ansible modules is not sufficient for a variety of reasons. | ||
| 1. There is no way to remove a field from the Ansible module without doing a full replace |
There was a problem hiding this comment.
"There is no way to remove a field from a Kubernetes object using the Ansible module without doing a full replace of the object."
That's how I read it, but it wasn't clear. Suggest making the subject more clear.
doc/proposals/apply.md
Outdated
|
|
||
| The basic algorithm is as follows: | ||
|
|
||
| 1. `GET` the current object |
There was a problem hiding this comment.
I think it would be helpful if you kept the language consistent. My belief is that when you say "current object" (from 1), "existing one" (from 3), and "current state of the object" (from 5) you are referring to the same thing.
There was a problem hiding this comment.
Same thing with "new object" (from 3) and "desired definition" (from 4 + 5).
|
@djzager is the new phrasing more clear? |
Yes, the proper way to send a patch with deletions is to set the deleted field value to `null. This will definitely be included in any implementation of apply we move forward with.
It would be pretty trivial to make the annotation configurable (and I'm definitely in favor of it, no harm in allowing it), I'm curious about the opposition to overlapping with |
My opposition is that people shouldn't be using multiple tools to manage the same state. However, giving it some thought, my reasoning was that kubectl warns you if it doesn't have the lastAppliedConfiguration annotation, but of course using a different annotation wouldn't replace the kubectl one. Seeing two different lastAppliedConfigurations might at least warn users that two different tools are being used though Another reason is that we should be explicit about what tool is managing state, so that when viewing a resource, people don't wonder why there's a kubectl annotation when they don't use kubectl. |
Speaking strictly from the perspective of a potential user. I would be very surprised if I used |
I'd prefer to see us have compatibility with I do recognize that reusing the kubectl annotation feels a little strange and perhaps it could introduce a small amount of surprise/confusion to someone inspecting a resource who never used kubectl on it, yet I think defaulting to use same annotation would create a better user experience for most users. |
openshift-ci-robot
added
size/L
Ensure unchanged resources are returned as a k8s object rather than a string Ensure last_applied annotations aren't included in the diffs
Cope with resources without last_applied annotation, and add the annotation to such resources too
|
Two documents I found that describe the algorithm apply uses: It seems like these documents have a lot of information about merging with a schema (ie strategic merge patch), but obviously we can't do that. I'm hoping as I read more it will become clear to me how they've implemented apply for things like resources defined by CustomResourceDefinitions that have no associated OpenAPI schema. |
|
In the first document I found this statement for apply with no schema: "A possible degraded non-schema mode: replace list items instead of merging" - so I think we have the right approach there. |
|
Those documents aren't public but I've requested access. I've added some more test cases. Really keen to see more tests being added if anyone has any ideas. |
|
I'm going to go ahead and merge this so we can start testing it out, leaving this PR hanging isn't doing anyone any good |
5 participants
Currently just the proposal.
To view the rendered version: https://github.com/fabianvf/openshift-restclient-python/blob/apply/doc/proposals/apply.md