Replace tectonic-network-operator with cluster-network-operator #600
Conversation
openshift-ci-robot
added
do-not-merge/work-in-progress
squeed
force-pushed
the
network-operator
branch
from
54e15b8 to
be09f80
Compare
|
Okay, refactored a bit. This change is now somewhat broader in scope. I deprecated the badly-named Another open question is what the user should do when they change their cidrs. We actually will support expanding the service and cluster ip ranges. These changes will have to be propagated to their various consumers. |
squeed
force-pushed
the
network-operator
branch
from
be09f80 to
44c8d2f
Compare
InstallConfig is supposed to provide very simple options. Why expose |
Oh, it's so much muddier than that. First of all, the network-operator currently doesn't support rolling out any changes, and it probably won't for a while. So we can't support that. Also, we won't ever support changes for non-Openshift-maintained network plugins. I'd also just like to avoid network changes as much as possible. They're always risky, even when done correctly. Right now, the address configurations are read in to the installer, then split out in to the In the future, downstream consumers stop reading Even when we reach that ideal state, it's not clear how we should plumb through IP space configuration in the installer. Since IP blocks are general-case immutable, users do need to choose them correctly (or else!), so we need it to be part of even the happy-path configuration. However, any subsequent changes will presumably be made to the |
squeed
force-pushed
the
network-operator
branch
2 times, most recently
from
ee2ed91 to
c0d51ec
Compare
openshift-bot
added
the
needs-rebase
squeed
force-pushed
the
network-operator
branch
from
c0d51ec to
e9280b0
Compare
openshift-bot
removed
the
needs-rebase
|
Filed openshift/cluster-kube-apiserver-operator#106 to stop reading cidrs from the install-config. This is not a blocker. |
|
I had to refactor this slightly one more time: the network-operator was setting The alternative would be to special-casing the network-operator and running it on the bootstrap node. That seems uglier. |
squeed
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
squeed
force-pushed
the
network-operator
branch
from
e9280b0 to
37b8aca
Compare
squeed
changed the title
openshift-ci-robot
added
the
do-not-merge/work-in-progress
|
A few more things to work out:
|
| return errors.Wrapf(err, "Could not generate ClusterNetworkingConfig") | ||
| } | ||
|
|
||
| cluster := clusterv1a1.Cluster{ |
There was a problem hiding this comment.
To add some context: currently we need to create the cluster object because the actuator interface that we use for creating machines expects it to exist. However we don’t rely on it at all and we aim to convince upstream to have a clear separation between "machine api" and "cluster api" and decouple it from the actuator interface.
Eventually we might want to consider and approach that progressively moves the installer definition/infra into a cluster actuator driven by that object so this might be a kind of an starting point but that's way far from scope and we need to be aware that the “cluster api” is effectively a “machine api” atm for us
There was a problem hiding this comment.
Also I'm thinking this might be relevant for a 3.11 to 4.0 upgrade
There was a problem hiding this comment.
Gotcha. This is a bit of a bigger topic, then. Other operators need a way to discover the servicecidrs and clustercidrs for their own configuration. It's ugly to have every operator parsing out the install configuration. Let's meet up and talk about this. Note that pulling clustercidr / servicecidr from installconfig is a big problem for the apiserver-operator, see openshift/cluster-kube-apiserver-operator#/105
|
@lucab do you know why there is any relabeling going on? It sounds wrong for the pod to be relabeling the host filesystem. Or am I misunderstanding what the problem is. Thanks! |
openshift-bot
added
the
needs-rebase
squeed
force-pushed
the
network-operator
branch
from
85e39ad to
99f3229
Compare
openshift-bot
removed
the
needs-rebase
* Generate cluster-network-operator config from install-config * Refactor install-config to better reflect network config * remove tectonic-network-operator * Remove temporary kube-proxy and cvo override
This is to break an import loop between pkg/assets/machines and pkg/assets/manifests.
|
@squeed what if we had an init container run the loop to test? |
|
Getting closer. In the bad runs, the container processes are started with context |
|
@rhatdan Do you have any idea? Thanks. |
|
@lucab suggests removing |
|
Just waiting for the network operator changes to be picked up by the release, then we can retest. |
|
/retest |
squeed
force-pushed
the
network-operator
branch
from
99f3229 to
94ca64a
Compare
|
That seems to have been it. /hold cancel |
openshift-ci-robot
removed
the
do-not-merge/hold
|
All green. Just needs a lgtm. |
|
The PR is green and changes look fine. We can iterate on this. :yay: /lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abhinavdahiya, squeed The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
|
Might have discovered a bug though. If RunAsUser was causing |
This removes tectonic-network-operator and replaces it with the cluster-network-operator.
This won't work quite yet, because there is a bug in origin. But how we generate the configuration is up for review.
Network configuration is a funny beast. We basically can't change it once the cluster is up. However, there is a distinct "happy path" along with a large number of possible settings tweaks. So, right now this generates a sane network configuration from the installer network configuration.
We probably want to figure out a better way to do that at some point; the installer config doesn't capture even the full set of IP address options.