doc/proposals: adding helm operator proposal #658
Conversation
openshift-ci-robot
added
the
size/L
|
Just a general question/concern: |
doc/proposals/helm-operator.md
Outdated
| * Will contain a helper function to create a Helm client from `controller-runtime` manager. | ||
|
|
||
| * /operator-sdk/pkg/helm/controller | ||
| * Will contain the Helm controller. |
There was a problem hiding this comment.
Is the controller going to be exported? Or just an ‘Add’ method?
There was a problem hiding this comment.
Just an Add method that uses the exported HelmOperatorReconciler.
|
|
||
| #### Add | ||
|
|
||
| Add functionality will be updated to allow Helm operator developers to add new CRDs/CRs and to update the watches.yaml file for additional Helm charts. The command helps when a user wants to watch more than one CRD for their operator. |
There was a problem hiding this comment.
Is this is only for creating CRDs? I think you may just want to re-use the ansible operator stuff for just ‘add crd’.
There was a problem hiding this comment.
Ahh. I didn't see the add crd subcommand the first time around.
My initial thought was that app api would be operator type aware.
- For
go, it would do what it does now. - For
ansible, it would create the crds, update the watches file, and scaffold out anew roles/<Kind>Ansible role. - For
helmit would create the crds, update the watches file, and scaffold out a newhelm-charts/<Kind>Helm chart.
If that was the pattern, that could also potentially align how operator-sdk new works (i.e. --api-version and --kind would no longer be valid for a new operator of any type)
I was surprised when I ran operator-sdk add api in an ansible operator project and it spit out Go files.
There was a problem hiding this comment.
If someone wants to convert to a golang operator from an ansible operator, don't want to lock them in.
I also don't like calling this adding an API, IMO an API is what this does adds the go structures for the API. I would prefer to keep the CRD command as I think it is much more descriptive. When discussing the ansible operator, we never talk about adding API's or watching API's we discuss CRDs and CRs.
I also do not want new for ansible operator does not allow --api-version and --kind. This is really important to the ansible operator workflow.
There was a problem hiding this comment.
Yeah the command add api is only valid in the context of a Go operator.
We can use the command add crd here.
I was surprised when I ran operator-sdk add api in an ansible operator project and it spit out Go files.
We need to make sure to check not run the commands specific to the Go type only run in a Go operator project:
add apiadd controllergenerate k8s
I'll create an issue to fix this.
There was a problem hiding this comment.
@shawn-hurley Sounds good. Just wanted to make sure that was a conscious choice and not leftover from the pre-0.1.0 CLI.
So I'll update the proposal to specify that add crd will be used for the helm operator and that other add commands will be invalid.
What about the question of when to scaffold a new boilerplate role or chart? Only on new or also on add crd? Any opinions there?
There was a problem hiding this comment.
I don't think we scaffold a new role for add crd although it kind of makes sense that you would want to associate a new role/chart with a new type.
But then do we update watches.yaml file as well to point to the new chart/role?
And if we do couple it with the add crd command then we should ensure that it handles Go/Ansible/Helm project types differently.
The only downside is that this couples a bunch of different things to the add crd command.
There was a problem hiding this comment.
@hasbro17 Is there a use case for add crd that wouldn't involve other changes? Along those same lines, for a Go project, when would one use add crd and not add api?
If there is a use case for running add crd standalone, I can see how coupling it to these other things may not be desirable.
But to me, it seems like the user is always going to follow add crd up with other manual changes that will likely depend on the type of the operator. For ansible and helm, I think it's pretty likely users will be manually adding a new role/chart and updating watches.yaml.
If users are doing that manually, it increases the likelihood that they forget to change something somewhere or make a typo that causes their new CRD to fail in some way.
There was a problem hiding this comment.
@joelanford add crd was initially added for the Ansible project.
I don't think there was a use case for it in a Go project, since you almost always need the pkg/apis/... files to register the CRD type with the scheme so that the operator can actually watch or CRUD that type.
Maybe if you're dealing with unstructured types(like the ansible and helm operator do) then you don't need the api definition pkg/apis/.... But I don't think that's a common use case.
So yeah I think running add crd standalone isn't necessary for the Go project when we have add api.
So disregarding the Go project we could couple it with adding a role/chart and updating watches.yaml.
@shawn-hurley WDYT? Leave it up to the users. Couple it with add crd. Or a new subcommand.
| operator-sdk up local | ||
| ``` | ||
|
|
||
| This should use the known structure and the helm operator code to run the operator from this location. The existing code will need to be updated with a new operator type check for `helm` (in addition to existing `go` and `ansible` types). The command works by running the operator-sdk binary, which includes the Helm operator code, as the operator process. |
There was a problem hiding this comment.
Maybe this needs to be solved later, and that is fine, but how are we differentiating between ansible and helm?
There was a problem hiding this comment.
For helm at least, the immediately obvious option would be to check for the presence of the helm-charts directory in the project root.
|
|
||
| * This proposal assumes that a Helm Operator base image will be available for building Helm operator projects. What generates the Helm operator base image and what is the registry, image name, versioning, etc.? | ||
|
|
||
| * There is a moderate amount of complexity already related to how operator types are handled between the `go` and `ansible` types. With the addition of a third type, there may need to be a larger design proposal for operator types. For example, do we need to define an `Operator` interface that each of the operator types can implement for flag verification, scaffolding, project detection, etc.? |
There was a problem hiding this comment.
I do think there is complexity, I would prefer to keep the complexity as close to the surface. Something like a factory pattern which each up command(helm, go, ansible) have their own implementation and their own flags possibly?
I also would like to at least have an idea on what to do here in this proposal IMO just so we don’t live in a super complex world while we figure this out? Thoughts?
There was a problem hiding this comment.
@shawn-hurley Yeah that's pretty much what I was thinking. I'm not sure what the cleanest way to do that would be though.
Maybe we could do the operator type detection / --type flag parsing before passing things off to cobra and then have each operator type implement the cobra subcommand functions directly or pass the operator implementation to the subcommand functions?
There was a problem hiding this comment.
Maybe we could do the operator type detection / --type flag parsing before passing things off to cobra and then have each operator type implement the cobra subcommand functions directly or pass the operator implementation to the subcommand functions
This seems like we'll have implicit subcommands:
operator-sdk build --type=go==>operator-sdk go buildoperator-sdk build --type=ansible==>operator-sdk ansible build
This goes back to the question of what sub commands should be allowed in what types of projects, and how explicit should we be about specifying the type. #670
Some commands are common across different types(build, up local) whereas other sub commands only make sense for certain project types e.g Go(add api, generate k8s) Ansible/Helm(add crd). It gets a little confusing if we want to allow those exclusive commands across all types to allow migrating to a hybrid Go/Ansible Go/Helm operator.
One option is we stay with the existing convention of specifying the --type flag(or inferring from the project) for each subcommand so we can keep the commands consistent for all 3 types, and handle the logic for each type within the same sub command:
operator-sdk up local(infer the type) oroperator-sdk up local --type=<type>
This keeps all subcommands consistent, except we still have to specify the --type flag or infer that from the project. The downside is the ambiguity in what commands are allowed where.
Or we take a top down approach as @joelanford suggested (#670 (comment)) and put the operator type as the first root sub command:
operator-sdk go buildoperator-sdk ansible buildoperator-sdk helm build
The advantage of the type root subcommand is that there's no ambiguity on what commands run in what types of projects with differing arguments and flags.
The drawback is that it's a little verbose(redundant?) for commands that are (mostly)common in their behavior
e.g operator-sdk build.
Also if I end up with a hybrid operator do I run operator-sdk go build or operator-sdk ansible build?
There was a problem hiding this comment.
Great points. Maybe its a combination. I think we can categorize the CLI into three sets of commands.
-
Global commands where operator type does not need to be inferred:
completion,help, andnew
-
Commands that need to support possible hybrid operators and where the operator type(s) will need to be inferred:
up,build,test
-
Commands that apply to specific types:
- Go:
add api,add controller,generate - Ansible:
add crd - Helm: ?
- Go:
For 2., as @estroz mentioned (#670 (comment)), we can detect all of the types an operator has and be opinionated about which combinations we'll support, with helpful errors/warnings about non-supported combinations.
For 3., another option may be to keep add and generate as top-level commands, but then have type subcommands of those. So:
operator-sdk add go apioperator-sdk generate go k8soperator-sdk add ansible crd(or maybe even better,operator-sdk add ansible role)operator-sdk add helm crd(oradd helm chart)
There was a problem hiding this comment.
For 3., another option may be to keep add and generate as top-level commands, but then have type subcommands of those. So:
I was thinking of something along those lines as well. Would make things clear when you do operator-sdk add go --help as it would display all the subcommands.
That's a good question. @shawn-hurley since the base image We can keep a master or latest image that can be built nightly or as part of our CI. And version tags built for each release. |
Sounds good to me. I'd suggest the |
|
@joelanford Yeah you're right. And I'm fine with using the org @shawn-hurley We'll need to give write access for the |
* change `add api` to `add crd` * clarify that `helm-charts` directory will be used to detect that operator type is `helm` * add base image build and tag plan
…rify function vs. method
* Change `release.ReleaseManager` back to `release.Manager` * Improve description of `pkg/helm/controller` package * Clarifying flags and features of `add crd` subcommand * Clarifying that `test` command is not supproted * Clarifying `new` command flag requirements and support
joelanford
force-pushed
the
proposal-helm
branch
from
f89d3bf
to
aeb87e8
Compare
Description of the change:
Adding a proposal for the integration of the Helm operator into the SDK
Motivation for the change:
The Helm operator will give SDK users yet another tool to use to develop operators. Having Helm as an option will drive up adoption of the SDK and give users the ability to build operators with Helm, a tool many Kubernetes users already have proficiency with.