OSPRH-5904: Integration of the OpenStack CRs into the insights-operator #951
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
.../core.openstack.org/openstackcontrolplanes/openstack/openstack-galera-network-isolation.json
Outdated
Show resolved
Hide resolved
pkg/gatherers/clusterconfig/gather_openstack_dataplane_deployments.go
Outdated
Show resolved
Hide resolved
pkg/gatherers/clusterconfig/gather_openstack_dataplane_deployments_test.go
Outdated
Show resolved
Hide resolved
pkg/gatherers/clusterconfig/gather_openstack_dataplane_node_sets.go
Outdated
Show resolved
Hide resolved
| data.Object = anonymizeIpAddresses(data.Object) | ||
| data.Object = anonymizeFields(data.Object, fieldsToAnonymize) | ||
| data.Object = anonymizeCustomPathFields(data.Object, customFieldsToAnonymize) | ||
| data.Object = anonymizeStatusHostNames(data.Object) |
There was a problem hiding this comment.
each node object in the node set can have multiple hostnames assocrrated with it too.
there is a hostname subsection
https://github.com/openstack-k8s-operators/openstack-operator/blob/main/apis/core/v1beta1/openstackcontrolplane_types.go#L361-L370
the AnsibleOpts also contained sensitive info in general but that is a mapping filed with arbiary keys.
mouch of the value comes form processing those value but its harder to Anonymize in general.
at a minium we should be Anonymize ansibleHost
and any fixed ipes that exixits in the networks struct
https://github.com/openstack-k8s-operators/openstack-operator/blob/main/apis/core/v1beta1/openstackcontrolplane_types.go#L361-L370
There was a problem hiding this comment.
ansibleHost field added to be anonymized, fixed ips should be anonymized by the anonymizeIpAddresses() function. If not, please give me example of the CR where it is not anonymized, so I can fix it
openshift-merge-robot
added
the
needs-rebase
openshift-merge-robot
removed
the
needs-rebase
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
/retest |
1 similar comment
|
/retest |
pkg/gatherers/clusterconfig/gather_openstack_dataplane_node_sets.go
Outdated
Show resolved
Hide resolved
pkg/gatherers/clusterconfig/gather_openstack_dataplane_node_sets.go
Outdated
Show resolved
Hide resolved
| // so that its string representation is empty, it is easier to just | ||
| // put 'xxx' in that place | ||
| if len(fieldValueStr) == 0 { | ||
| data[fieldName] = "xxx" |
There was a problem hiding this comment.
It's not a blocker, but I don't understand this logic much. Why overwriting an empty string? It's not necessary, is it?
There was a problem hiding this comment.
So it seems if fieldValue is e.g. list of items or is of type map[string]interface{} then in L59 mapping fieldValueStr will be empty string and in such case, I want to simply put 'xxx' instead of try to go deeper and look into that other nested type and iterate over it's fields.
There was a problem hiding this comment.
OK you're right https://play.golang.com/p/5RrmRPcrTnT. I thought it would panic, but it's not the case. Putting the xxx still seems a bit unnecessary but OK. Thank you.
There was a problem hiding this comment.
It panics "only" when one return value is used for the "type casting", which make sense....and I didn't realize that.
| fieldAnonymized = false | ||
| for _, fieldToAnonymize := range fieldsToAnonymize { | ||
| if fieldName == fieldToAnonymize { | ||
| fieldValueStr, _ := fieldValue.(string) |
There was a problem hiding this comment.
Similar her. This can panic AFAIK
There was a problem hiding this comment.
I think that in this case it will be ok, because if fieldValue will be of type like list or map[string]interface{} then fieldValueStr will be empty string and that will be handled in the if condition in L63
There was a problem hiding this comment.
OK. Discussed in the thread below. Thanks.
pkg/gatherers/clusterconfig/gather_openstack_controlplanes_test.go
Outdated
Show resolved
Hide resolved
|
I was able to create only /approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: slawqo, tremes The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
tremes
changed the title
For now it will drop only 'metadata/annotations/kubectl.kubernetes.io/last-applied-configuration' but other fields can be added to that list too.
Control Plan of the Red Hat OpenStack starting from the version 18 (RHOSO 18) will be deployed using OpenShift operators as a set of OpenShift applications. Compute nodes will be deployed still as RHEL nodes and will be outside of the OpenShift cluster but all will be mangaged by the Dataplane-operator and only interface for OpenStack operators will be though the CRs: - OpenStackControlPlane CR for the control plane, - OpenStackDataplaneNodeSet and OpenStackDataplaneDeployment CRs for the compute nodes. This patch adds OpenStackDataplaneNodeSet CR to the insights-operator so that whole configuration of the OpenStack control plane may be gathered by the insights-operator and send to analysis to the Insights server. Co-Authored-By: Yatin Karel <ykarel@redhat.com> Related: #OSPRH-5904
Control Plan of the Red Hat OpenStack starting from the version 18 (RHOSO 18) will be deployed using OpenShift operators as a set of OpenShift applications. Compute nodes will be deployed still as RHEL nodes and will be outside of the OpenShift cluster but all will be mangaged by the Dataplane-operator and only interface for OpenStack operators will be though the CRs: - OpenStackControlPlane CR for the control plane, - OpenStackDataplaneNodeSet and OpenStackDataplaneDeployment CRs for the compute nodes. This patch adds OpenStackDataplaneDeployment CR to the insights-operator so that whole configuration of the OpenStack control plane may be gathered by the insights-operator and send to analysis to the Insights server. Co-Authored-By: Yatin Karel <ykarel@redhat.com> Related: #OSPRH-5904
Related: #OSPRH-5904
Red Hat's openstack-operator in addition to the OpenStackControlPlane and OpenStackDataPlane CRs uses also additonal CR 'openstackversions' which reports version of the openstack(s) deployed in the OCP cluster. This patch adds support for gathering also this CRs from the cluster if they exists. Related: #OSPRH-5904
|
Today I run locally insights-operator with those changes so if you want to see them, you can search for clusterID "f043c1f4-f148-4030-9f16-9d5c242d2c8c" |
|
/lgtm |
|
insights-operator-e2e-tests are failing, but this is a known failure. |
|
/retest |
|
/label qe-approved |
openshift-ci
bot
added
the
qe-approved
|
@slawqo: This pull request references OSPRH-5904 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.17.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/lgtm |
|
/test insights-operator-e2e-tests |
|
@karelyatin @slawqo the test failure is persistent. We need to override the test for now. |
|
The test failure is a known problem. We just need a new JIRA ticket to track it. cc @BaiyangZhou |
|
@tremes: Overrode contexts on behalf of tremes: ci/prow/insights-operator-e2e-tests In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@slawqo: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
[ART PR BUILD NOTIFIER] Distgit: ose-insights-operator |
|
[ART PR BUILD NOTIFIER] Distgit: ose-insights-operator |
Control Plan of the Red Hat OpenStack starting from the version 18 (RHOSO 18) will be deployed using OpenShift operators as a set of OpenShift applications. Compute nodes will be deployed still as RHEL nodes and will be outside of the OpenShift cluster but all will be mangaged by the Dataplane-operator and only interface for OpenStack operators will be though the CRs:
- OpenStackControlPlane CR for the control plane,
- OpenStackDataplaneNodeSet and OpenStackDataplaneDeployment CRs for the
compute nodes.
This PR adds those OpenStack CRs to the insights-operator so that whole configuration of the OpenStack control plane may be gathered by the insights-operator and send to analysis to the Insights server.
Categories
Sample Archive
docs/insights-archive-sample/customresources/core.openstack.org/openstackcontrolplanes/openstack/openstack-galera-network-isolation.jsondocs/insights-archive-sample/customresources/dataplane.openstack.org/openstackdataplanedeployments/openstack/edpm-deployment.jsondocs/insights-archive-sample/customresources/dataplane.openstack.org/openstackdataplanenodesets/openstack/openstack-edpm.jsonUnit Tests
pkg/gatherers/clusterconfig/gather_openstack_controlplanes_test.gopkg/gatherers/clusterconfig/gather_openstack_dataplane_deployments_test.gopkg/gatherers/clusterconfig/gather_openstack_dataplane_node_sets_test.goPrivacy
Anonymization functions are added and used while collecting OpenStack CRs. Anonymized data:
Changelog
No
Breaking Changes
No
References
https://issues.redhat.com/browse/OSPRH-5904
Additional Info
To test what data are collected by the insights-operator with those changes, OpenStack has to be deployed on top of the OpenShift cluster. The easiest way to do this is to use CRC OpenShift and install_yamls tool. Please follow the guide to deploy OpenStack Control Plane and OpenStackDataPlane CRs.