VPC: Create v2 path for new Infrastructure implementation #1858
Conversation
k8s-ci-robot
added
area/provider/ibmcloud
|
Hi @cjschaef. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
k8s-ci-robot
added
needs-ok-to-test
✅ Deploy Preview for kubernetes-sigs-cluster-api-ibmcloud ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
|
/ok-to-test |
|
@cjschaef: Cannot trigger testing until a trusted user reviews the PR and leaves an In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
cjschaef
force-pushed
the
vpc_v2_branching
branch
from
df3d98d
to
4ae8910
Compare
api/v1beta2/conditions_consts.go
Outdated
|
|
||
| // CreateVPCInfrastructureAnnotation is the name of an annotation that indicates if | ||
| // VPC infrastructure should be created as part of cluster creation. | ||
| CreateVPCInfrastructureAnnotation = "vpc.cluster.x-k8s.io/create-infra" |
There was a problem hiding this comment.
@cjschaef what will be used to differentiate v2 vs v1 code path. I think in VPC we create infra by default so this annotation might not be required. Are you planning to use this as a differentiator?
There was a problem hiding this comment.
Yes, I plan on using that and flagging off the NetworkSpec field in the Cluster resource for the v2 path.
There was a problem hiding this comment.
ok, If I understand correctly, in V2 path you are expecting NetworkSpec to be mandatory?
There was a problem hiding this comment.
That is correct. NetworkSpec is part of the new Infrastructure deployment support, and is required for that support.
There was a problem hiding this comment.
Got it thanks for the clarification,
May be we can get started with using that annotation if we can't find any alternative suitable name which matches for what we are doing but eventually we need to remove it as it may confuse the users because now also by default we create the resource.
There was a problem hiding this comment.
I could remove the annotation altogether, if we wish to start the so-called "v2" VPC support without requiring an annotation (rely only on using NetworkSpec to flag the new (v2) VPC support, creating all of the required Infrastructure.
I had expected that annotation was required in order to get CAPI to perform Infrastructure Creation/Management. But if we expect for our new (v2) support, CAPI will always be attempting to create/manage Infrastructure resources, I can drop that annotation completely.
There was a problem hiding this comment.
Another question, can CAPI be run within a cluster with only the Machine Controller running (not the Cluster/Infra Controller), so as to not attempt to reprovision Infrastructure post cluster creation/install? I had expected this annotation would help with that situation as well, to prevent additional churn by CAPI by continuing to monitor (or deleting) Infrastructure post cluster create.
There was a problem hiding this comment.
In PowerVS v1 flow we were not creating any infra rather using existing infra and expecting user to provide them. We introduced this annotation in for v2 to make sure we need to create infra and not expecting anything from user.
This is not true for VPC, in vpc v1 flow as well we create required resources so this annotation does imply anything. But for you to differentiate V2 path as you suggested its better to go with NetworkSpec. If user set NetworkSpec you can assume its V2 flow.
There was a problem hiding this comment.
Another question, can CAPI be run within a cluster with only the Machine Controller running (not the Cluster/Infra Controller), so as to not attempt to reprovision Infrastructure post cluster creation/install? I had expected this annotation would help with that situation as well, to prevent additional churn by CAPI by continuing to monitor (or deleting) Infrastructure post cluster create.
No this annotation is nothing to do with that, But to achieve what you are expecting capi provides annotation named [cluster.x-k8s.io/managed-by](https://github.com/Karthik-K-N/cluster-api/blob/e2bf2b7d108ecd51bf7b23bf50e2432e82d8f2fe/api/v1beta1/common_types.go#L154-L160) and our controllers are configured to use them here. But the controllers will be running but will ignore the objects with this annotations.
There was a problem hiding this comment.
Okay, thanks for the details, I will drop the annotation. and rely only on the NetworkSpec.
cjschaef
force-pushed
the
vpc_v2_branching
branch
from
4ae8910
to
9cdaddb
Compare
k8s-ci-robot
added
cncf-cla: no
|
Re-pushing to try to get CLA check to pass (no idea why it failed all of a sudden). |
cjschaef
force-pushed
the
vpc_v2_branching
branch
from
9cdaddb
to
37f9952
Compare
k8s-ci-robot
added
cncf-cla: yes
api/v1beta2/ibmvpccluster_types.go
Outdated
| // This can be different than the Resource Group containing the remaining cluster resources. | ||
| ResourceGroup *string `json:"resourceGroup,omitempty"` | ||
|
|
||
| // TODO(cjschaef): Complete spec definition (SecurityGroups, VPC) |
There was a problem hiding this comment.
Are you planning to add any more definition as a part of this PR or in subsequent PRs.
There was a problem hiding this comment.
Yes, I plan to add additional details in more functional PR's.
| } | ||
|
|
||
| // NewVPCClusterScope creates a new VPCClusterScope from the supplied parameters. | ||
| func NewVPCClusterScope(params VPCClusterScopeParams) (*VPCClusterScope, error) { |
There was a problem hiding this comment.
I am still not clear on how this will be invoked and embedded into existing flow, Do you mind adding that snippet of code to this PR. Also if possible we can move api definition to seperate PR if possible.
There was a problem hiding this comment.
It gets utilized here, in this new v2 path, which allows me to modify the Cluster resource without affecting the existing VPC (legacy) support:
https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/pull/1858/files#diff-647a58f1c11f771d3ec32c60c28c4b8b29442f9915129e16eeddb59120dcc7d8R140-R146
I can attempt to break up this PR, and maybe see if adding anything more for the new VPCClusterScope use that doesn't balloon the PR too much.
There was a problem hiding this comment.
It gets utilized here, in this new v2 path, which allows me to modify the Cluster resource without affecting the existing VPC (legacy) support:
I got that but where do you call reconcilerv2?, Something like you need to add a check to see whether vpcclusterspec.NetworkSpec is set or not, If not set go with v1 flow and if set go with new v2 flow?
If this is the case, now if you are expecting user to go with v2 flow say for IPI case but user misses to set networkspec now the controller by default with v1 flow which is not you are expecting and we cannot make networkspec mandatory also, So we dont have any way to add a validation for v2 flow. Its up-to user intelligence and documentation to go with v2 flow..
There was a problem hiding this comment.
Yes, that is my expectation, the burden is on the user to provide details in order to utilize the v2 flow.
The architecture deployment for the v2 flow is going to be drastically different than the existing deployment.
In order to achieve and configure this, the user will be on the hook to configure the Cluster resource properly.
There was a problem hiding this comment.
I got that but where do you call reconcilerv2?, Something like you need to add a check to see whether vpcclusterspec.NetworkSpec is set or not, If not set go with v1 flow and if set go with new v2 flow?
That is right here
https://github.com/kubernetes-sigs/cluster-api-provider-ibmcloud/pull/1858/files#diff-647a58f1c11f771d3ec32c60c28c4b8b29442f9915129e16eeddb59120dcc7d8R74-R77
Otherwise, it continues with the legacy (v1) flow
cjschaef
force-pushed
the
vpc_v2_branching
branch
from
37f9952
to
ee96c35
Compare
|
Rebased off API updates: #1875 Yes, I imagine some refactoring could be done to handle duplicate code, but the intention is to avoid interacting/modifying the existing VPC flow to simplify testing and support (I am not familiar with the expectations with the current VPC flow). Depending on whether we expect to deprecate and remove the current flow, in favor of the extended VPC support (v2). |
| @@ -71,6 +71,11 @@ func (r *IBMVPCClusterReconciler) Reconcile(ctx context.Context, req ctrl.Reques | |||
| return ctrl.Result{}, err | |||
| } | |||
|
|
|||
| // Determine whether the Cluster is designed for extended Infrastructure support, implemented in a separate path. | |||
| if ibmCluster.Spec.Network != nil { | |||
There was a problem hiding this comment.
this code block can above line 64 to avoid one extra Get call..
There was a problem hiding this comment.
I think this needs to be here, after the ibmCluster variable is defined and then populated via r.Get from the IBMVPCCluster resource on line 65-66.
cloud/scope/vpc_cluster.go
Outdated
| } | ||
|
|
||
| if params.IBMVPCCluster.Spec.Network == nil || params.IBMVPCCluster.Spec.Region == "" { | ||
| return nil, fmt.Errorf("error failed to generate vpc client as NetworkSpec info is nil") |
There was a problem hiding this comment.
if statement is checking for Region but it is not reported in the error, this may mislead the user..
There was a problem hiding this comment.
updated error info
cjschaef
force-pushed
the
vpc_v2_branching
branch
from
ee96c35
to
e3a02d5
Compare
k8s-ci-robot
removed
the
cncf-cla: yes
k8s-ci-robot
added
the
cncf-cla: no
Create a v2 path that will be used for the new Infrastructure implementation for VPC Clusters. All new functionality will be placed in these new v2 paths, based on the new Network field, to prevent breaking existing implementation.
|
Repushing to get CLA to pass. |
cjschaef
force-pushed
the
vpc_v2_branching
branch
from
e3a02d5
to
147250c
Compare
k8s-ci-robot
added
cncf-cla: yes
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cjschaef, mkumatag The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
Create a v2 path that will be used for the new Infrastructure implementation for VPC Clusters. All new functionality will be placed in these new v2 paths, based on the new NetworkSpec field, to prevent breaking existing implementation.
What this PR does / why we need it: adds new path to fully implement VPC Cluster Infrastructure support w/o breaking current functionality
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
/area provider/ibmcloud
Release note: