#1148: Support updates to Instances #1289
Conversation
k8s-ci-robot
added
cncf-cla: yes
staebler
force-pushed
the
1148-instance-update
branch
from
67b0af6 to
3c50265
Compare
staebler
changed the title
|
|
staebler
force-pushed
the
1148-instance-update
branch
from
8f0b718 to
b927d37
Compare
|
@staebler rebase needed |
| // can be manually incremented by a user to manually trigger an update. This | ||
| // allows for parameters to be updated with any out-of-band changes that have | ||
| // been made to the secrets from which the parameters are sourced. | ||
| UpdateRequests int64 |
There was a problem hiding this comment.
if it's non-negative as the comment says, shall we use the uint64 type?
There was a problem hiding this comment.
Do not use unsigned integers, due to inconsistent support across languages and libraries. Just validate that the integer is non-negative if that's the case.
| allErrs = append(allErrs, internalValidateServiceInstanceUpdateAllowed(new, old)...) | ||
| allErrs = append(allErrs, internalValidateServiceInstance(new, false)...) | ||
|
|
||
| allErrs = append(allErrs, apivalidation.ValidateImmutableField(new.Spec.ExternalServiceClassName, old.Spec.ExternalServiceClassName, field.NewPath("spec").Child("externalServiceClassName"))...) |
There was a problem hiding this comment.
We also need to check that the plan hasn't changed if plan updates are not supported (ServiceClass.Spec.PlanUpdatable==false).
If it's costly to validate it there, we can check it before sending an update request to the broker.
There was a problem hiding this comment.
I am not sure about this, but it is my understanding that the validation should not be looking at other resources. The validation should only consider the resource being validated. There is an admission controller [1] that blocks updates to ExternalServicePlanName when the PlanUpdatable field of the service class is false.
There was a problem hiding this comment.
@staebler didn't know we have an admission controller for that. then there is no need for checking it again, of course.
| // Only send the plan ID if the plan name has changed from what the Broker has | ||
| if toUpdate.Status.ExternalProperties == nil || | ||
| toUpdate.Status.InProgressProperties.ExternalServicePlanName != toUpdate.Status.ExternalProperties.ExternalServicePlanName { | ||
| planID := servicePlan.Spec.ExternalID |
There was a problem hiding this comment.
We need to check the flag plan_updatable in ServiceClass.Spec.PlanUpdatable
There was a problem hiding this comment.
I don't think that this is the right place to check this. The change to the plan name has already been accepted by the API Server, given the state of the resources at that time. I don't think it is appropriate to ignore the accepted change to the plan name given the state of the resources at this time. We would need to do more than just not send the plan change to the Broker if that were the case. We would also need to somehow revert the plan change in the Spec of the ServiceInstance.
There was a problem hiding this comment.
There's an admission controller that forbids the plan update.
staebler
force-pushed
the
1148-instance-update
branch
from
b927d37 to
2221ffc
Compare
staebler
force-pushed
the
1148-instance-update
branch
3 times, most recently
from
fb6f623 to
e7f8c5d
Compare
|
This has nothing to do with your PR, nicely injected in there and from diffs easy to reason about. But, we really have to do some refactoring here, having a method that's several hundred lines intertwined with all kinds of different ifs sprinkled in all over makes it really really hard to digest what's going on. |
|
I am fully supportive of refactoring after all renames and functional
features are done :)
…On Wed, Oct 4, 2017 at 5:29 PM, Ville Aikas ***@***.***> wrote:
This has nothing to do with your PR, nicely injected in there and from
diffs easy to reason about. But, we really have to do some refactoring
here, having a method that's several hundred lines intertwined with all
kinds of different ifs sprinkled in all over makes it really really hard to
digest what's going on.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#1289 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAWXmACV3aCrF3TuuxZ0DyYQz2RzRRHLks5so_jPgaJpZM4PntDx>
.
|
|
yes, hence LGTM |
|
I also whole-heartedly support refactoring. |
| // Only send the plan ID if the plan name has changed from what the Broker has | ||
| if toUpdate.Status.ExternalProperties == nil || | ||
| toUpdate.Status.InProgressProperties.ExternalServicePlanName != toUpdate.Status.ExternalProperties.ExternalServicePlanName { | ||
| planID := servicePlan.Spec.ExternalID |
There was a problem hiding this comment.
There's an admission controller that forbids the plan update.
| errorProvisionCallFailedReason, | ||
| "ClusterServiceBroker returned a failure for provision call; operation will not be retried: "+s) | ||
| reason, | ||
| fmt.Sprintf("ClusterServiceBroker returned a failure for %v call; operation will not be retried: %v", provisionOrUpdateText, s)) | ||
|
|
||
| if shouldStartOrphanMitigation(httpErr.StatusCode) { |
There was a problem hiding this comment.
You should only do orphan mitigation here if you're provisioning, not if you're updating.
staebler
force-pushed
the
1148-instance-update
branch
from
e7f8c5d to
65ba455
Compare
| if !apiequality.Semantic.DeepEqual(oldServiceInstance.Spec, newServiceInstance.Spec) { | ||
| if utilfeature.DefaultFeatureGate.Enabled(scfeatures.OriginatingIdentity) { | ||
| setServiceInstanceUserInfo(newServiceInstance, ctx) | ||
| } | ||
| newServiceInstance.Generation = oldServiceInstance.Generation + 1 | ||
| setServiceInstanceReadyFalseCondition(newServiceInstance) |
There was a problem hiding this comment.
In a follow-up, we need to take this out. I'm sorry that I missed it earlier, but update should not affect the status of a resource. It's okay that the ready condition remains set after this - the controller will eventually unset it. Remember, the system is not transactional and only has to eventually converge on the right state.
|
LGTM but we need to correct the status setting in the API server in a follow-up. |
Closes #1148, #816, #748, #1062, and #1065.