-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] ✨ Add clusterctl changes for cross-ns CC ref #11395
base: main
Are you sure you want to change the base?
[WIP] ✨ Add clusterctl changes for cross-ns CC ref #11395
Conversation
This PR is currently missing an area label, which is used to identify the modified component when generating release notes. Area labels can be added by org members by writing Please see the labels list for possible areas. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
d92a5c2
to
7560e66
Compare
7560e66
to
09ce978
Compare
Renamed wip since it builds on a PR not yet merged |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Made first pass, I will get back to this when the PR it builds on top are merged
name: '${CLUSTER_NAME}' | ||
spec: | ||
topology: | ||
classNamespace: '${CLUSTER_CLASS_NAMESPACE}' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wondering if we can avoid creating a new template by changing cluster-with-topology.yaml so it uses empty string as a default value in case CLUSTER_CLASS_NAMESPACE is not set
test/e2e/cross-ns-quick-start.go
Outdated
// This test is meant to provide a first, fast signal to detect regression; it is recommended to use it as a PR blocker test. | ||
// NOTE: This test works with Clusters with and without ClusterClass. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Considering we are trying to keep PR-blocking duration as short as possible, and that the code paths touched by this change are limited and very specific to CC management, would it be possible to add this test on a PR only on demand + on periodic (once it is added to a PR, then it became blocking)
test/e2e/cross-ns-quick-start.go
Outdated
namespace, cancelWatches = framework.SetupSpecNamespace(ctx, specName, input.BootstrapClusterProxy, input.ArtifactFolder, input.PostNamespaceCreated) | ||
clusterNamespace, cancelWatchesCluster = framework.SetupSpecNamespace(ctx, specName, input.BootstrapClusterProxy, input.ArtifactFolder, input.PostNamespaceCreated) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about having the cluster in the spec namespace (as we usually do) and create a second namespace for the CC with a name equal to the first namespace + a "cluster-class" suffix; also we probably don't need watches in the CC namespace.
This way when we look at the test, most of the triage work will be consistent with what we usually do, and in case we need to look at the CC, it will be easy to find as it is because it is a namespace with the same root name as everything else
@@ -44,7 +46,7 @@ func addClusterClassIfMissing(ctx context.Context, template Template, clusterCla | |||
return template, nil | |||
} | |||
|
|||
clusterClassesTemplate, err := fetchMissingClusterClassTemplates(ctx, clusterClassClient, clusterClient, classes, targetNamespace, listVariablesOnly) | |||
clusterClassesTemplate, err := fetchMissingClusterClassTemplates(ctx, clusterClassClient, clusterClient, classes, listVariablesOnly) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just to check if I'm getting this right.
As of today, when we are deploying objects, clusterctl allows to override the namespace set into templates (use case: the user wants to deploy to namespace xyz instead of namespace original).
With this PR we are changing this behaviour, and always preserving the namespace from the template when we are adding the cluster class to the template being deployed (cc preserve: namespace original).
If this is correct, and if I'm not wrong, this change might break users that are deploying a Cluster with ClassNamespace empty, and are expecting that also the CC gets deployed in the target namespace xyz along side with the cluster.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It shouldn’t break these users, since regular process of overriding the namespace of the templated resources is still performed. This new field was never a part of this logic, and the SoT here is the template initially.
This change avoids problems in discovering the existence of the CC in the specified namespace, allowing to template only a Cluster
resource.
There is no support in clusterclt
to distinguish that some of the resources should go into A namespace, and some other into B, so this multi-namespace setup is intended to happen in a multiple passes.
- ClusterClass and referenced templates
- A cluster resource in a different namespace
- repeat 2 for any namespace without failures on
clusterctl
side, or any existing template modifications.
clusterInitialized: false, | ||
objs: []client.Object{}, | ||
targetNamespace: "ns1", | ||
clusterClassNamespace: "ns2", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we have a similar test when both namespaces are the same, and one where both are empty?
09ce978
to
2d4a64e
Compare
2d4a64e
to
c181e3e
Compare
c181e3e
to
e155375
Compare
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Co-authored-by: Christian Schlotter <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
Signed-off-by: Danil-Grigorev <[email protected]>
e155375
to
9b2cce5
Compare
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What this PR does / why we need it:
This PR allows
clusterctl
to create a template with a reference to CC located in a different namespace.This change allows to perform e2e tests in a multi-ns environment.
Added e2e tests to verify cluster-class quick-start scenario and runtime extension scenario in a cross-namespaced context.
The PR is built on top of:
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes #5673