-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] Admin and canary blast radius control #504
[WIP] Admin and canary blast radius control #504
Conversation
@sknot-rh I might be missing something obvious why template-based loading now for these components? Do you expect to change these templates dynamically at runtime? |
Template ConfigMap is going to be part of the Strimzi bundle. So for each Strimzi version, there will be adequate Admin/Canary versions. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comments regarding ST
systemtest/src/test/java/org/bf2/systemtest/integration/SmokeST.java
Outdated
Show resolved
Hide resolved
systemtest/src/test/java/org/bf2/systemtest/integration/AbstractST.java
Outdated
Show resolved
Hide resolved
IMO is half parameters can be made unique by |
writer.write(companionTemplates.getData().get(templateName)); | ||
writer.close(); | ||
|
||
DefaultOpenShiftClient dryOpenShiftClient = new DefaultOpenShiftClient(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that the templating we are using is not ok, because the Template
resource is specific to OpenShift as you here have to use a specific OpenShift client. The FSO has to work on vanilla Kubernetes as well. Did I misunderstand anything?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The client is doing the substition localy (processLocally
) so it is not really communicating with a server. I it just about converting template string to actual deployment.
From Template doc -
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please fix my comment
systemtest/src/main/java/org/bf2/systemtest/operator/FleetShardOperatorManager.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM from ST POV
|
||
@Override | ||
public void createOrUpdate(ManagedKafka managedKafka) { | ||
Deployment current = cachedDeployment(managedKafka); | ||
Deployment deployment = deploymentFrom(managedKafka, current); | ||
ConfigMap companionTemplates = configMapResource(kubernetesClient.getNamespace(), "companion-templates-config-map").get(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From my earlier question on where the templates are coming from, here it indicates that this configmap is part of same namespace as the FSO, and may be created as part of the operator deployment or created by someone else during the install. My question
- Where does this template originate from? and how it gets deployed as configmap in FSO namespace? you mentioned Strimzi but I did not find any references on quick search.
- What benefit does it give us using the template form? I see you still deploying a single deployment of either a canary or admin server.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the unclear explanation :( (there is also a epic brief you can read)
1.
Where does this template originate from?
We decided to use a Template to specify as much as possible configuration to Deployment. The main motivation is to use corresponding Admin/Canary images with the new Strimzi bundle. So if you upgrade Strimzi (new bundle will be used) the Admin/Canary deployments will be regenerated and the correct image used.
and how it gets deployed as ConfigMap in FSO namespace?
IIUC it will be part of the Strimzi bundle. So when the bundle is created, this ConfigMap should be created as well.
What benefit does it give us using the template form?
Admin/Canary is bonded to ManagedKafka resource and some configuration is different. For example name of the name of MK resource does affect `bootstrap-servers` address etc. So you use placeholders in Template to generate MK resource-related Admin/Canary deployments.
I see you still deploying a single deployment of either a canary or admin server.
Yeah, but each Admin/Canary deployment is specific to a MK resource, so the deployments are different.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry, I may be missed EpicBreif on it, if you can give link I will take a look.
So the new strimzi bundle will have the configmap with the image details backed into the deployment template and FSO need not to be changed every time there is a change to canary or admin servers. If there is a change then one needs to create a new Strimzi bundle for it. Is that accurate?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that is right. EB
private Map<String, String> buildParameters(ManagedKafka managedKafka) { | ||
List<Parameter> parameters = new ArrayList<>(); | ||
|
||
addParameter(parameters, "KAFKA_ADMIN_SERVER_APP", adminServerName(managedKafka)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe these prefixes like KAFKA_ADMIN
or CANRY_
are verbose? unless you trying to put different containers on single pod. They do not help with version-specific anyways if we are conceiving of multiple admin server deployments per pod
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the name of the placeholder, not ENV.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what I am going after is you can reduce the number of tokens overall to be set, if you make then not use prefixes, and reuse the properties. Like the name is used to distinguish an attribute, you can reuse name everywhere then defining a new one for each occurrence. But of course, you would need to update the bundle for this.
deployment.getSpec().getTemplate().getSpec().getContainers().get(0).getEnv().add(new EnvVarBuilder().withName("KAFKA_ADMIN_OAUTH_JWKS_ENDPOINT_URI").withValue(oauth.getJwksEndpointURI()).build()); | ||
deployment.getSpec().getTemplate().getSpec().getContainers().get(0).getEnv().add(new EnvVarBuilder().withName("KAFKA_ADMIN_OAUTH_VALID_ISSUER_URI").withValue(oauth.getValidIssuerEndpointURI()).build()); | ||
deployment.getSpec().getTemplate().getSpec().getContainers().get(0).getEnv().add(new EnvVarBuilder().withName("KAFKA_ADMIN_OAUTH_TOKEN_ENDPOINT_URI").withValue(oauth.getTokenEndpointURI()).build()); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Conditional code like this is where template processing falls down IMO, once you say you know the structure of the template you created a strong coupling between them and chances of breaking it during the runtime. Ideally, you shouldn't know what is in there, just text replace then deploy, but oh well!
operator/src/main/java/org/bf2/operator/operands/AdminServer.java
Outdated
Show resolved
Hide resolved
operator/src/main/java/org/bf2/operator/operands/AdminServer.java
Outdated
Show resolved
Hide resolved
operator/src/main/java/org/bf2/operator/operands/dev/DevelopmentAdminServer.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Stanislav Knot <[email protected]>
Signed-off-by: Stanislav Knot <[email protected]>
Signed-off-by: Stanislav Knot <[email protected]>
Signed-off-by: Stanislav Knot <[email protected]>
Signed-off-by: Stanislav Knot <[email protected]>
Signed-off-by: Stanislav Knot <[email protected]>
Signed-off-by: Stanislav Knot <[email protected]>
Signed-off-by: Stanislav Knot <[email protected]>
Signed-off-by: Stanislav Knot <[email protected]>
Signed-off-by: Stanislav Knot <[email protected]>
Closing in favor of #643 |
Use Templates from strimzi bundle to generate Admin/Canary Deployments