Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automount volumes #6698

Merged
merged 24 commits into from
Apr 18, 2023
Merged

Automount volumes #6698

merged 24 commits into from
Apr 18, 2023

Conversation

feloy
Copy link
Contributor

@feloy feloy commented Mar 29, 2023
edited
Loading

What type of PR is this:

/kind feature

What does this PR do / why we need it:

Which issue(s) this PR fixes:

Fixes partially #6549

PR acceptance criteria:

  • Unit test

  • Integration test

  • Documentation

How to test changes / Special notes to the reviewer:

@openshift-ci openshift-ci bot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. Required by Prow. kind/feature Categorizes issue as a feature request. For PRs, that means that the PR is the implementation labels Mar 29, 2023
@netlify
Copy link

netlify bot commented Mar 29, 2023
edited
Loading

Deploy Preview for odo-docusaurus-preview ready!

Name Link
🔨 Latest commit 8dd7ce5
🔍 Latest deploy log https://app.netlify.com/sites/odo-docusaurus-preview/deploys/6436943f9852bd00081fe50b
😎 Deploy Preview https://deploy-preview-6698--odo-docusaurus-preview.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.

@odo-robot
Copy link

odo-robot bot commented Mar 29, 2023
edited
Loading

OpenShift Unauthenticated Tests on commit d991a2f finished successfully.
View logs: TXT HTML

@odo-robot
Copy link

odo-robot bot commented Mar 29, 2023
edited
Loading

NoCluster Tests on commit d991a2f finished successfully.
View logs: TXT HTML

@odo-robot
Copy link

odo-robot bot commented Mar 29, 2023
edited
Loading

Unit Tests on commit d991a2f finished successfully.
View logs: TXT HTML

@odo-robot
Copy link

odo-robot bot commented Mar 29, 2023
edited
Loading

Validate Tests on commit d991a2f finished successfully.
View logs: TXT HTML

@odo-robot
Copy link

odo-robot bot commented Mar 29, 2023
edited
Loading

Windows Tests (OCP) on commit d991a2f finished with errors.
View logs: TXT HTML

@odo-robot
Copy link

odo-robot bot commented Mar 29, 2023
edited
Loading

OpenShift Tests on commit d991a2f finished successfully.
View logs: TXT HTML

@odo-robot
Copy link

odo-robot bot commented Mar 29, 2023
edited
Loading

Kubernetes Tests on commit d991a2f finished successfully.
View logs: TXT HTML

@odo-robot
Copy link

odo-robot bot commented Mar 29, 2023
edited
Loading

Kubernetes Docs Tests on commit 4317255 finished successfully.
View logs: TXT HTML

@feloy feloy force-pushed the feature-6549/automount-volumes branch from 845c439 to b0e01b6 Compare March 31, 2023 13:24
@feloy feloy requested review from rm3l and removed request for anandrkskd March 31, 2023 15:29
@feloy feloy changed the title [WIP] Automount volumes Automount volumes Mar 31, 2023
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. Required by Prow. label Mar 31, 2023
@feloy feloy force-pushed the feature-6549/automount-volumes branch from 51841d0 to 8234ce4 Compare March 31, 2023 16:43
@feloy
Copy link
Contributor Author

feloy commented Apr 3, 2023

/hold until consensus on label/annotation names

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. Required by Prow. label Apr 3, 2023
@valaparthvi
Copy link
Contributor

/hold cancel

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. Required by Prow. label Apr 11, 2023
@feloy
Copy link
Contributor Author

feloy commented Apr 11, 2023

/override windows-integration-test/Windows-test

[FAILED] [211.331 seconds]
E2E Test starting with non-empty Directory add Binding [It] should verify developer workflow of using binding as env in innerloop
/go/odo_1/tests/e2escenarios/e2e_test.go:337

@openshift-ci
Copy link

openshift-ci bot commented Apr 11, 2023

@feloy: Overrode contexts on behalf of feloy: windows-integration-test/Windows-test

In response to this:

/override windows-integration-test/Windows-test

[FAILED] [211.331 seconds]
E2E Test starting with non-empty Directory add Binding [It] should verify developer workflow of using binding as env in innerloop
/go/odo_1/tests/e2escenarios/e2e_test.go:337

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@feloy
Copy link
Contributor Author

feloy commented Apr 11, 2023

/override OpenShift-Integration-tests/OpenShift-Integration-tests

Errors on files test cleanup

[FAILED] [128.660 seconds]
odo devfile deploy command tests [AfterEach] deploying devfile with long-running exec when Automount volumes are present in the namespace should mount the volumes
  [AfterEach] C:/Users/Administrator.ANSIBLE-TEST-VS/3649/tests/integration/cmd_devfile_deploy_test.go:36
  [It] C:/Users/Administrator.ANSIBLE-TEST-VS/3649/tests/integration/cmd_devfile_deploy_test.go:663

@openshift-ci
Copy link

openshift-ci bot commented Apr 11, 2023

@feloy: Overrode contexts on behalf of feloy: OpenShift-Integration-tests/OpenShift-Integration-tests

In response to this:

/override OpenShift-Integration-tests/OpenShift-Integration-tests

Errors on files test cleanup

[FAILED] [128.660 seconds]
odo devfile deploy command tests [AfterEach] deploying devfile with long-running exec when Automount volumes are present in the namespace should mount the volumes
 [AfterEach] C:/Users/Administrator.ANSIBLE-TEST-VS/3649/tests/integration/cmd_devfile_deploy_test.go:36
 [It] C:/Users/Administrator.ANSIBLE-TEST-VS/3649/tests/integration/cmd_devfile_deploy_test.go:663

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@feloy
Copy link
Contributor Author

feloy commented Apr 11, 2023

/hold need to change labels / annotations

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. Required by Prow. label Apr 11, 2023
@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. Required by Prow. label Apr 12, 2023
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 3 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@feloy
Copy link
Contributor Author

feloy commented Apr 12, 2023

/unhold

I changed the labels /annotations with the new ones

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. Required by Prow. label Apr 12, 2023
@feloy feloy requested a review from rm3l April 12, 2023 14:53
rm3l
rm3l reviewed Apr 12, 2023
View reviewed changes
Copy link
Member

@rm3l rm3l left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but I quickly wanted to check how this would behave with Service Binding, which, I remembered might also alter the Pod spec to inject envFrom using a secret:

odo init --devfile nodejs --starter nodejs-starter --name automount-volumes-nodejs
odo add binding --service edb-cloud-native-postgresql.Cluster.postgresql.k8s.enterprisedb.io \
  --name automount-volumes-nodejs-edb-cloud-native-postgresql \
  --service-namespace shared-services \
  --bind-as-files=false

If I don't have any automounting configmap/secret, it works as expected:

$ kubectl get pod automount-volumes-nodejs-app-68d4c554b-kldjk -o yaml
[...]
    envFrom:                                                                                                                                                                                                        
    - secretRef:                                                                                                                                                                                                    
        name: automount-volumes-nodejs-edb-cloud-native-postgresql-fb57c24f

$ kubectl exec -it automount-volumes-nodejs-app-68d4c554b-kldjk -- /bin/sh -c 'env | grep CLUSTER | sort'
Alias tip: k exec -it automount-volumes-nodejs-app-68d4c554b-kldjk -- /bin/sh -c 'env | grep CLUSTER | sort'
CLUSTER_CA.CRT=-----BEGIN CERTIFICATE-----
CLUSTER_CA.KEY=-----BEGIN EC PRIVATE KEY-----
CLUSTER_CLUSTERIP=10.96.151.42
CLUSTER_DATABASE=app
CLUSTER_HOST=edb-cloud-native-postgresql-rw
CLUSTER_PASSWORD=3IxAlTt9AUeVNvPS1TVrptKCUxUMXWIkE37cQgq3orNfZcbKHX4JJOHV8pqD0xK6
CLUSTER_PGPASS=edb-cloud-native-postgresql-rw:5432:*:postgres:3IxAlTt9AUeVNvPS1TVrptKCUxUMXWIkE37cQgq3orNfZcbKHX4JJOHV8pqD0xK6
CLUSTER_PROVIDER=enterprisedb
CLUSTER_TLS.CRT=-----BEGIN CERTIFICATE-----
CLUSTER_TLS.KEY=-----BEGIN EC PRIVATE KEY-----
CLUSTER_TYPE=postgresql
CLUSTER_USERNAME=postgres

If I stop the previous Dev session and apply some automounting configmap/secret (I applied the resources you used in the tests of this PR), it looks like the environment variables expected from the ServiceBinding are no longer injected.

$ kubectl apply -f /path/to/odo/tests/examples/manifests/config-automount/
$ odo dev
$ kubectl get pod automount-volumes-nodejs-app-67f467566c-gjwxx -o yaml
[...]
    envFrom:                                                                                                                                                                                                        
    - secretRef:                                                                                                                                                                                                    
        name: automount-env-secret                                                                                                                                                                                  
    - configMapRef:                                                                                                                                                                                                 
        name: automount-env-configmap 

$ kubectl exec -it automount-volumes-nodejs-app-67f467566c-gjwxx -- /bin/sh -c 'env | grep CLUSTER | sort' 
$

Do you have the same issue? Or is that intended? Or I might have missed something too.

@rm3l rm3l self-requested a review April 12, 2023 16:16
@rm3l
Copy link
Member

rm3l commented Apr 12, 2023
edited
Loading

LGTM, but I quickly wanted to check how this would behave with Service Binding, which, I remembered might also alter the Pod spec to inject envFrom using a secret:

odo init --devfile nodejs --starter nodejs-starter --name automount-volumes-nodejs
odo add binding --service edb-cloud-native-postgresql.Cluster.postgresql.k8s.enterprisedb.io \
  --name automount-volumes-nodejs-edb-cloud-native-postgresql \
  --service-namespace shared-services \
  --bind-as-files=false

If I don't have any automounting configmap/secret, it works as expected:

$ kubectl get pod automount-volumes-nodejs-app-68d4c554b-kldjk -o yaml
[...]
    envFrom:                                                                                                                                                                                                        
    - secretRef:                                                                                                                                                                                                    
        name: automount-volumes-nodejs-edb-cloud-native-postgresql-fb57c24f

$ kubectl exec -it automount-volumes-nodejs-app-68d4c554b-kldjk -- /bin/sh -c 'env | grep CLUSTER | sort'
Alias tip: k exec -it automount-volumes-nodejs-app-68d4c554b-kldjk -- /bin/sh -c 'env | grep CLUSTER | sort'
CLUSTER_CA.CRT=-----BEGIN CERTIFICATE-----
CLUSTER_CA.KEY=-----BEGIN EC PRIVATE KEY-----
CLUSTER_CLUSTERIP=10.96.151.42
CLUSTER_DATABASE=app
CLUSTER_HOST=edb-cloud-native-postgresql-rw
CLUSTER_PASSWORD=3IxAlTt9AUeVNvPS1TVrptKCUxUMXWIkE37cQgq3orNfZcbKHX4JJOHV8pqD0xK6
CLUSTER_PGPASS=edb-cloud-native-postgresql-rw:5432:*:postgres:3IxAlTt9AUeVNvPS1TVrptKCUxUMXWIkE37cQgq3orNfZcbKHX4JJOHV8pqD0xK6
CLUSTER_PROVIDER=enterprisedb
CLUSTER_TLS.CRT=-----BEGIN CERTIFICATE-----
CLUSTER_TLS.KEY=-----BEGIN EC PRIVATE KEY-----
CLUSTER_TYPE=postgresql
CLUSTER_USERNAME=postgres

If I stop the previous Dev session and apply some automounting configmap/secret (I applied the resources you used in the tests of this PR), it looks like the environment variables expected from the ServiceBinding are no longer injected.

$ kubectl apply -f /path/to/odo/tests/examples/manifests/config-automount/
$ odo dev
$ kubectl get pod automount-volumes-nodejs-app-67f467566c-gjwxx -o yaml
[...]
    envFrom:                                                                                                                                                                                                        
    - secretRef:                                                                                                                                                                                                    
        name: automount-env-secret                                                                                                                                                                                  
    - configMapRef:                                                                                                                                                                                                 
        name: automount-env-configmap 

$ kubectl exec -it automount-volumes-nodejs-app-67f467566c-gjwxx -- /bin/sh -c 'env | grep CLUSTER | sort' 
$

Do you have the same issue? Or is that intended? Or I might have missed something too.

It works as expected when binding as files (bindAsFiles to true):

  • With no automounting configmaps/secrets:
  volumes:                                                                                                                                                                                                          
  - name: odo-projects                                                                                                                                                                                              
    persistentVolumeClaim:                                                                                                                                                                                          
      claimName: odo-projects-automount-volumes-nodejs-app                                                                                                                                                          
  - emptyDir: {}                                                                                                                                                                                                    
    name: odo-shared-data                                                                                                                                                                                           
  - name: automount-volumes-nodejs-edb-cloud-native-postgresql                                                                                                                                                      
    secret:                                                                                                                                                                                                         
      defaultMode: 420                                                                                                                                                                                              
      secretName: automount-volumes-nodejs-edb-cloud-native-postgresql-caf68dfb
  • With automounting configmaps/secrets:
volumes:
[...]
  - name: auto-secret-automount-mount-path-secret                                                                                                                                                                   
    secret:                                                                                                                                                                                                         
      defaultMode: 420                                                                                                                                                                                              
      secretName: automount-mount-path-secret                                                                                                                                                                       
  - name: auto-secret-automount-subpath-secret                                                                                                                                                                      
    secret:                                                                                                                                                                                                         
      defaultMode: 420                                                                                                                                                                                              
      secretName: automount-subpath-secret                                                                                                                                                                          
  - configMap:                                                                                                                                                                                                      
      defaultMode: 420                                                                                                                                                                                              
      name: automount-default-configmap                                                                                                                                                                             
    name: auto-cm-automount-default-configmap                                                                                                                                                                       
  - configMap:                                                                                                                                                                                                      
      defaultMode: 420                                                                                                                                                                                              
      name: automount-mount-path-configmap                                                                                                                                                                          
    name: auto-cm-automount-mount-path-configmap                                                                                                                                                                    
  - configMap:                                                                                                                                                                                                      
      defaultMode: 420                                                                                                                                                                                              
      name: automount-subpath-configmap                                                                                                                                                                             
    name: auto-cm-automount-subpath-configmap                                                                                                                                                                       
  - name: automount-volumes-nodejs-edb-cloud-native-postgresql                                                                                                                                                      
    secret:                                                                                                                                                                                                         
      defaultMode: 420                                                                                                                                                                                              
      secretName: automount-volumes-nodejs-edb-cloud-native-postgresql-caf68dfb 
[...]

@feloy
Copy link
Contributor Author

feloy commented Apr 17, 2023
edited
Loading

If I stop the previous Dev session and apply some automounting configmap/secret (I applied the resources you used in the tests of this PR), it looks like the environment variables expected from the ServiceBinding are no longer injected.

I'm pretty sure the service binding operator is using an Update command to set the envfrom field. Because of using Update and not Apply, the values set by the operator are overwritten by odo.

$ kubectl get deployments.apps automount-volumes-nodejs-app -o yaml --show-managed-fields
[...]
  managedFields:
  - apiVersion: apps/v1
    fieldsType: FieldsV1
    fieldsV1:
      f:spec:
        f:template:
          f:spec:
            f:containers:
              k:{"name":"runtime"}:
                f:envFrom: {}
    manager: manager
    operation: Update
    time: "2023-04-17T09:53:51Z"

@rm3l I think it would be better to create a separate issue to track this problem. I don't think I would be able to fix it as part of thir PR

@rm3l
Copy link
Member

rm3l commented Apr 17, 2023

If I stop the previous Dev session and apply some automounting configmap/secret (I applied the resources you used in the tests of this PR), it looks like the environment variables expected from the ServiceBinding are no longer injected.

I'm pretty sure the service binding operator is using an Update command to set the envfrom field. Because of using Update and not Apply, the values set by the operator are overwritten by odo.

Just to make sure I understand - is this an issue in odo or SBO ?

$ kubectl get deployments.apps automount-volumes-nodejs-app -o yaml --show-managed-fields
[...]
  managedFields:
  - apiVersion: apps/v1
    fieldsType: FieldsV1
    fieldsV1:
      f:spec:
        f:template:
          f:spec:
            f:containers:
              k:{"name":"runtime"}:
                f:envFrom: {}
    manager: manager
    operation: Update
    time: "2023-04-17T09:53:51Z"

@rm3l I think it would be better to create a separate issue to track this problem. I don't think I would be able to fix it as part of thir PR

Sure anyway - let's track this in a separate issue.
Thanks.

@feloy
Copy link
Contributor Author

feloy commented Apr 17, 2023

/override windows-integration-test/Windows-test

Flaky tests

@feloy
Copy link
Contributor Author

feloy commented Apr 17, 2023

If I stop the previous Dev session and apply some automounting configmap/secret (I applied the resources you used in the tests of this PR), it looks like the environment variables expected from the ServiceBinding are no longer injected.

I'm pretty sure the service binding operator is using an Update command to set the envfrom field. Because of using Update and not Apply, the values set by the operator are overwritten by odo.

Just to make sure I understand - is this an issue in odo or SBO ?

I think the problem is in SBO side, which should use Server-Side Apply insteof of an Update.

@rm3l
Copy link
Member

rm3l commented Apr 17, 2023

/lgtm

@feloy
Copy link
Contributor Author

feloy commented Apr 18, 2023

/override windows-integration-test/Windows-test

1 similar comment
@feloy
Copy link
Contributor Author

feloy commented Apr 18, 2023

/override windows-integration-test/Windows-test

@openshift-ci
Copy link

openshift-ci bot commented Apr 18, 2023

@feloy: Overrode contexts on behalf of feloy: windows-integration-test/Windows-test

In response to this:

/override windows-integration-test/Windows-test

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@rm3l
Copy link
Member

rm3l commented Apr 18, 2023

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. Required by Prow. label Apr 18, 2023
@openshift-merge-robot openshift-merge-robot merged commit 7a72134 into redhat-developer:main Apr 18, 2023
@rm3l rm3l mentioned this pull request Apr 18, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rm3l rm3l rm3l approved these changes

@valaparthvi valaparthvi Awaiting requested review from valaparthvi

Assignees

@rm3l rm3l

Labels
kind/feature Categorizes issue as a feature request. For PRs, that means that the PR is the implementation lgtm Indicates that a PR is ready to be merged. Required by Prow.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@feloy @valaparthvi @rm3l @openshift-merge-robot